mindre egenkapital

Magazine
Go Back   Computer Juice > Computer Software > Virus, spionprogrammer og sikkerhet
Reload this Page

Iexplore.exe virus igjen!

Registrer Site Spy Member List Donate Søke Dagens innlegg Marker forumene som lest Forum Rules

Register


 Default 

Iexplore.exe virus igjen!




Reply
Side 1 av 2 1 2
 
Thread Tools
  #1  
Old 10 oktober 2008, 19:08
New Member Group
  
Default Iexplore.exe virus igjen!

Hei Jeg tror jeg har også iexplore viruset og har prøvd mange forskjellige programmer til å bli kvitt det, men ingenting fungerer! Jeg har sett at nettstedet ditt er å hjelpe mange ppl så kanskje jeg også? Her er min kapre denne loggen:


Logfile of Trend Micro HijackThis v2.0.2
Scan lagret 1:01:32 PM, on 11/10/2008
Plattform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16705)
Boot mode: Normal
Kjører prosesser:
C: \ WINDOWS \ System32 \ smss.exe
C: \ WINDOWS \ system32 \ Winlogon.exe
C: \ WINDOWS \ system32 \ Services.exe
C: \ WINDOWS \ system32 \ Lsass.exe
C: \ WINDOWS \ system32 \ Ati2evxx.exe
C: \ WINDOWS \ system32 \ Svchost.exe
C: \ WINDOWS \ system32 \ Svchost.exe
C: \ WINDOWS \ system32 \ Ati2evxx.exe
C: \ WINDOWS \ system32 \ ZoneLabs \ vsmon.exe
C: \ WINDOWS \ Explorer.exe
C: \ WINDOWS \ system32 \ Spoolsv.exe
C: \ WINDOWS \ system32 \ acs.exe
C: \ Programfiler \ Fellesfiler \ Apple \ Mobile Device Support \ bin \ AppleMobileDeviceService.exe
C: \ progra ~ 1 \ Grisoft \ AVG7 \ avgamsvr.exe
C: \ progra ~ 1 \ Grisoft \ AVG7 \ avgupsvc.exe
C: \ Programfiler \ Bonjour \ mDNSResponder.exe
C: \ WINDOWS \ system32 \ Svchost.exe
C: \ WINDOWS \ SYSTEM \ hpsysdrv.exe
C: \ Programfiler \ ATI Technologies \ ATI Control Panel \ atiptaxx.exe
C: \ WINDOWS \ ALCXMNTR.EXE
C: \ Programfiler \ TP-LINK \ TWCU \ TWCU.exe
C: \ HP \ KBD \ KBD.EXE
C: \ Programfiler \ iTunes \ iTunesHelper.exe
C: \ Programfiler \ HP \ HP Software Update \ HPWuSchd2.exe
C: \ progra ~ 1 \ Grisoft \ AVG7 \ avgcc.exe
C: \ Programfiler \ Zone Labs \ ZoneAlarm \ zlclient.exe
C: \ WINDOWS \ system32 \ Ctfmon.exe
C: \ Programfiler \ Nikon \ PictureProject \ NkbMonitor.exe
C: \ Programfiler \ Internet Explorer \ IEXPLORE.EXE
C: \ Programfiler \ iPod \ bin \ iPodService.exe
C: \ Programfiler \ Internet Explorer \ iexplore.exe
C: \ Programfiler \ Fellesfiler \ Microsoft Shared \ Windows Live \ WLLoginProxy.exe
C: \ Programfiler \ Internet Explorer \ IEXPLORE.EXE
C: \ WINDOWS \ system32 \ taskmgr.exe
C: \ Programfiler \ Trend Micro \ HijackThis \ HijackThis.exe
R1 - HKCU \ Software \ Microsoft \ Internet Explorer \ Main, Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TY...rio&pf=desktop
R1 - HKCU \ Software \ Microsoft \ Internet Explorer \ Main, Default_Search_URL = http://ie.redirect.hp.com/svs/rdr?TY...rio&pf=desktop
R1 - HKCU \ Software \ Microsoft \ Internet Explorer \ Main, Search Bar = http://ie.redirect.hp.com/svs/rdr?TY...rio&pf=desktop
R1 - HKCU \ Software \ Microsoft \ Internet Explorer \ Main, Search Page = http://ie.redirect.hp.com/svs/rdr?TY...rio&pf=desktop
R1 - HKLM \ Software \ Microsoft \ Internet Explorer \ Main, Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM \ Software \ Microsoft \ Internet Explorer \ Main, Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM \ Software \ Microsoft \ Internet Explorer \ Main, Search Bar = http://ie.redirect.hp.com/svs/rdr?TY...rio&pf=desktop
R1 - HKLM \ Software \ Microsoft \ Internet Explorer \ Main, Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM \ Software \ Microsoft \ Internet Explorer \ Main, Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM \ Software \ Microsoft \ Internet Explorer \ Search, SearchAssistant = http://ie.redirect.hp.com/svs/rdr?TY...rio&pf=desktop
R1 - HKCU \ Software \ Microsoft \ Internet Connection Wizard, ShellNext = http://www.limewire.com/inclient/?st...ows + XP & osv = 5.1
R1 - HKCU \ Software \ Microsoft \ Windows \ CurrentVersion \ Int ernet Settings, ProxyOverride = *. local
O2 - BHO: Adobe PDF Reader Link Helper - (06849E9F-C8D7-4D59-B87D-784B7D6BE0B3) - C: \ Programfiler \ Adobe \ Acrobat 7.0 \ ActiveX \ AcroIEHelper.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - (3CA2F312-6F6E-4B53-A66E-4E65E497C8C0) - C: \ Programfiler \ AVG \ AVG8 \ avgssie.dll (fil mangler)
O2 - BHO: Malicious Scripts Scanner - (55EA1964-F5E4-4D6A-B9B2-125B37655FCB) - C: \ Documents and Settings \ All Users \ Application Data \ Prevx \ pxbho.dll
O2 - BHO: SSVHelper Class - (761497BB-D6F0-462C-B6EB-D4DAF1D92D43) - C: \ Programfiler \ Java \ jre1.6.0_07 \ bin \ ssv.dll
O2 - BHO: (no name) - (7E853D72-626A-48EC-A868-BA8D5E23E045) - (no file)
O2 - BHO: Windows Live Sign-in Helper - (9030D464-4C02-4ABF-8ECC-5164760863C6) - C: \ Programfiler \ Fellesfiler \ Microsoft Shared \ Windows Live \ WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - (AA58ED58-01DD-4d91-8333-CF10577473F7) - c: \ Programfiler \ Google \ googletoolbar1.dll
O2 - BHO: ZoneAlarm Spy Blocker BHO - (F0D4B231-DA4B-4daf-81E4-DFEE4931A4AA) - C: \ Programfiler \ ZoneAlarmSB \ bar \ 1.bin \ SPYBLOCK.DLL
O3 - Toolbar: & Google - (2318C2B1-4965-11D4-9B18-009027A5CD4F) - c: \ Programfiler \ Google \ googletoolbar1.dll
O3 - Toolbar: ZoneAlarm Spy Blocker - (F0D4B239-DA4B-4daf-81E4-DFEE4931A4AA) - C: \ Programfiler \ ZoneAlarmSB \ bar \ 1.bin \ SPYBLOCK.DLL
O4 - HKLM \ .. \ Run: [IMJPMIG8.1] "C: \ WINDOWS \ IME \ imjp8_1 \ IMJPMIG.EXE" / Skjem bort / RemAdvDef / Migration32
O4 - HKLM \ .. \ Run: [MSPY2002] C: \ WINDOWS \ system32 \ IME \ PINTLGNT \ ImScInst.exe / SYNC
O4 - HKLM \ .. \ Run: [PHIME2002ASync] C: \ WINDOWS \ system32 \ IME \ TINTLGNT \ TINTSETP.EXE / SYNC
O4 - HKLM \ .. \ Run: [PHIME2002A] C: \ WINDOWS \ system32 \ IME \ TINTLGNT \ TINTSETP.EXE / IMEName
O4 - HKLM \ .. \ Run: [hpsysdrv] c: \ WINDOWS \ SYSTEM \ hpsysdrv.exe
O4 - HKLM \ .. \ Run: [ATIPTA] C: \ Programfiler \ ATI Technologies \ ATI Control Panel \ atiptaxx.exe
O4 - HKLM \ .. \ Run: [Recguard] C: \ WINDOWS \ SMINST \ RECGUARD.EXE
O4 - HKLM \ .. \ Run: [AlcxMonitor] ALCXMNTR.EXE
O4 - HKLM \ .. \ Run: [TWCU] "C: \ Programfiler \ TP-LINK \ TWCU \ TWCU.exe"-nogui
O4 - HKLM \ .. \ Run: [KBD] C: \ HP \ KBD \ KBD.EXE
O4 - HKLM \ .. \ Run: [EPSON Stylus CX3700 Series] C: \ WINDOWS \ system32 \ Spool \ drivers \ W32X86 \ 3 \ E_FATIA CP.EXE / F "C: \ Windows \ Temp \ E_SC4.tmp" / EF "HKLM"
O4 - HKLM \ .. \ Run: [iTunesHelper] "C: \ Programfiler \ iTunes \ iTunesHelper.exe"
O4 - HKLM \ .. \ Run: [NeroFilterCheck] C: \ WINDOWS \ system32 \ NeroCheck.exe
O4 - HKLM \ .. \ Run: [HP Software Update] C: \ Programfiler \ HP \ HP Software Update \ HPWuSchd2.exe
O4 - HKLM \ .. \ Run: [AVG7_CC] C: \ progra ~ 1 \ Grisoft \ AVG7 \ avgcc.exe / STARTUP
O4 - HKLM \ .. \ Run: [Flagg eier Live Grim] C: \ Documents and Settings \ All Users \ Application Data \ Software regelen flagg eier \ First obj.exe
O4 - HKLM \ .. \ Run: [PrevxOne] "C: \ Programfiler \ Prevx2 \ PXConsole.exe"
O4 - HKLM \ .. \ Run: [ZoneAlarm Client] "C: \ Programfiler \ Zone Labs \ ZoneAlarm \ zlclient.exe"
O4 - HKCU \ .. \ Run: [MODE REAL] C: \ DOCUME ~ 1 \ Compaq ~ 1 \ PROGRAMMER ~ 1 \ SOAPLI ~ 1 \ ATOM DASH.exe
O4 - HKCU \ .. \ Run: [Ctfmon.exe] C: \ WINDOWS \ system32 \ Ctfmon.exe
O4 - HKUS \ S-1-5-19 \ .. \ Run: [AVG7_Run] C: \ progra ~ 1 \ Grisoft \ AVG7 \ avgw.exe / RunOnce (User 'LOCAL SERVICE')
O4 - HKUS \ S-1-5-20 \ .. \ Run: [AVG7_Run] C: \ progra ~ 1 \ Grisoft \ AVG7 \ avgw.exe / RunOnce (User 'NETWORK SERVICE')
O4 - HKUS \ S-1-5-18 \ .. \ Run: [AVG7_Run] C: \ progra ~ 1 \ Grisoft \ AVG7 \ avgw.exe / RunOnce (User 'SYSTEM')
O4 - HKUS \. DEFAULT \ .. \ Run: [AVG7_Run] C: \ progra ~ 1 \ Grisoft \ AVG7 \ avgw.exe / RunOnce (User 'Default user')
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C: \ Programfiler \ Adobe \ Acrobat 7.0 \ Reader \ reader_sl.exe
O4 - Global Startup: NkbMonitor.exe.lnk = C: \ Programfiler \ Nikon \ PictureProject \ NkbMonitor.exe
O8 - Extra sammenheng menyelement: & Clean spor - C: \ Program Files \ DAP \ Privacy Package \ dapcleanerie.htm
O8 - Extra sammenheng menyelement: & Download med & DAP - C: \ Program Files \ DAP \ dapextie.htm
O8 - Extra sammenheng menyelement: & Google Search - res: / / C: \ Programfiler \ Google \ GoogleToolbar1.dll/cmsearch.html
O8 - Extra sammenheng menyelement: Bakoverkoblinger - res: / / C: \ Programfiler \ Google \ GoogleToolbar1.dll/cmbacklinks.html
O8 - Extra sammenheng menyelement: Hurtigbufret side - res: / / C: \ Programfiler \ Google \ GoogleToolbar1.dll/cmcache.html
O8 - Extra sammenheng menyelement: Download & alle med DAP - C: \ Program Files \ DAP \ dapextie2.htm
O8 - Extra sammenheng menyelement: E & ksporter til Microsoft Excel - res: / / c: \ progra ~ 1 \ micros ~ 3 \ Office12 \ EXCEL.EXE/3000
O8 - Extra sammenheng menyelement: Lignende sider - res: / / C: \ Programfiler \ Google \ GoogleToolbar1.dll/cmsimilar.html
O8 - Extra sammenheng menyelement: Oversett til engelsk - res: / / C: \ Programfiler \ Google \ GoogleToolbar1.dll/cmtrans.html
O9 - Extra knappen: (no name) - (08B0E5C0-4FCB-11CF-AAA5-00401C608501) - C: \ Programfiler \ Java \ jre1.6.0_07 \ bin \ ssv.dll
O9 - Extra "Verktøy" MENUITEM: Sun Java Console - (08B0E5C0-4FCB-11CF-AAA5-00401C608501) - C: \ Programfiler \ Java \ jre1.6.0_07 \ bin \ ssv.dll
O9 - Extra knappen: Research - (92780B25-18CC-41C8-B9BE-3C9C571A8263) - C: \ progra ~ 1 \ micros ~ 3 \ Office12 \ REFIEBAR.DLL
O9 - Extra knappen: (no name) - (B205A35E-1FC4-4CE3-818B-899DBBB3388C) - C: \ Programfiler \ Fellesfiler \ Microsoft Shared \ Encarta Search Bar \ ENCSBAR.DLL
O9 - Extra knappen: Connection Help - (E2D4D26B-0180-43a4-B05F-462D6D54C789) - C: \ WINDOWS \ PCHealth \ HELPCTR \ leverandører \ CN = Hewlett-Packard, L = Cupertino, S = Ca, C = US \ IEButton \ support.htm
O9 - Extra "Verktøy" MENUITEM: Connection Help - (E2D4D26B-0180-43a4-B05F-462D6D54C789) - C: \ WINDOWS \ PCHealth \ HELPCTR \ leverandører \ CN = Hewlett-Packard, L = Cupertino, S = Ca, C = USA \ IEButton \ support.htm
O9 - Extra knappen: (no name) - (e2e2dd38-d088-4134-82b7-f2ba38496583) - C: \ WINDOWS \ Network Diagnostic \ xpnetdiag.exe
O9 - Extra "Verktøy" MENUITEM: @ xpsp3res.dll, -20001 - (e2e2dd38-d088-4134-82b7-f2ba38496583) - C: \ WINDOWS \ Network Diagnostic \ xpnetdiag.exe
O9 - Extra knappen: Messenger - (FB5F1910-F110-11d2-BB9E-00C04F795683) - C: \ Programfiler \ Messenger \ msmsgs.exe
O9 - Extra "Verktøy" MENUITEM: Windows Messenger - (FB5F1910-F110-11d2-BB9E-00C04F795683) - C: \ Programfiler \ Messenger \ msmsgs.exe
O16 - DPF: (0CCA191D-13A6-4E29-B746-314DEE697D83) (Facebook Photo Uploader 5) -- http://upload.facebook.com/controls/...oUploader5.cab
O16 - DPF: (4F1E5B1A-2A80-42CA-8532-2D05CB959537) (MSN Photo Upload Tool) -- http://gfx2.hotmail.com/mail/w3/pr01...s/MSNPUpld.cab
O16 - DPF: (96EEC7FF-106A-47F3-90D6-B4BB754AA40E) (Poli Betal Online) -- https: / / autxn.paywithpoli.com / ewcust...iPayOnline.cab
O23 - Service: TP-LINK Configuration Service (ACS) - Unknown owner - C: \ WINDOWS \ system32 \ acs.exe
O23 - Service: Apple Mobile Device - Apple, Inc. - C: \ Programfiler \ Fellesfiler \ Apple \ Mobile Device Support \ bin \ AppleMobileDeviceService.exe
O23 - Service: ATI Hurtigtast Poller - ATI Technologies Inc. - C: \ WINDOWS \ system32 \ Ati2evxx.exe
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - Grisoft, sro - C: \ progra ~ 1 \ Grisoft \ AVG7 \ avgamsvr.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - Grisoft, sro - C: \ progra ~ 1 \ Grisoft \ AVG7 \ avgupsvc.exe
O23 - Service: Bonjour Service - Apple Inc. - C: \ Programfiler \ Bonjour \ mDNSResponder.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C: \ Programfiler \ Fellesfiler \ InstallShield \ Driver \ 11 \ Intel 32 \ IDriverT.exe
O23 - Service: iPod Service - Apple Inc. - C: \ Programfiler \ iPod \ bin \ iPodService.exe
O23 - Service: PREVXAgent - Prevx - C: \ Programfiler \ Prevx2 \ PXAgent.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C: \ WINDOWS \ system32 \ ZoneLabs \ vsmon.exe
--
End of file - 10831 bytes
  #2  
Old 10 oktober 2008, 23:12
Moderator Group
  
Default Iexplore.exe virus igjen!

Laste ned Løp S & D by Eric_71 og lagre den på skrivebordet.
Løp S & D vil bare kjøre på Windows XP og Windows Vista

Deaktivere din antivirus og antimalware programmer slik at de ikke forstyrrer driften av Løp S & D.
Å se hvordan du deaktiverer sikkerhetsprogrammer besøke denne opplæringen:
Slik midlertidig deaktivert Anti-virus, brannmur og anti-malware-programmer
  • Dobbeltklikk Løp S & D.exe
  • Velg språk ved å skrive av den tilsvarende bokstav, og trykk Enter
  • Klikk OK på informative vindu
  • Type 1Å velge Alternativ 1 (Søk) og trykk Enter
  • Vente til slutten av skanningen
  • En rapport vil bli generert, legge til innholdet i den i neste svaret.
En kopi av rapporten finner du på denne adressen:% systemdrive% \ lopR.txt i de fleste tilfeller C: \lopR.txt
__________________
  #3  
Old 11 oktober 2008, 00:15
New Member Group
  
Default Iexplore.exe virus igjen!

Her er resultatene fra løp S & D søk:



-------------------- \ \ Løp S & D 4.2.4-5 XP / Vista
Microsoft Windows XP Home Edition (v5.1.2600) Service Pack 3
X86-basert PC (Uniprocessor Gratis: AMD Sempron (tm) Processor 3200 +)
BIOS: Phoenix - Award BIOS v6.00PG
Bruker: Compaq_Owner (Administrator)
Boot: Normal oppstart
Antivirus: AVG 7.5.524 7.5.524 (ikke aktivert)
Brannmur: ZoneAlarm Firewall 7.0.483.000 (ikke aktivert)
C: \ (lokal disk) - NTFS - Totalt: 68 Go Free: 10 Go
D: \ (lokal disk) - FAT32 - Totalt: 5 Go Free: 1 Go
E: \ (CD eller DVD)
F: \ (CD eller DVD)
G: \ (USB)
H: \ (USB)
I: \ (USB)
J: \ (USB)
"C: \ Løp SD" (Maj: 02-10-2008 | 23:42)
Alternativ: [1] (lør 11/10/2008 | 18:11)

-------------------- \ \ Listing mapper i PROGRAMMER ~ 1
[11/10/2008 | 04:05] C: \ DOCUME ~ 1 \ ALLUSE ~ 1 \ PROGRAMMER ~ 1 \ <DIR> Adobe
[03/10/2007 | 01:28] C: \ DOCUME ~ 1 \ ALLUSE ~ 1 \ PROGRAMMER ~ 1 \ <DIR> Apple
[12/09/2005 | 09:27] C: \ DOCUME ~ 1 \ ALLUSE ~ 1 \ PROGRAMMER ~ 1 \ <DIR> Apple Computer
[28/08/2007 | 04:28] C: \ DOCUME ~ 1 \ ALLUSE ~ 1 \ PROGRAMMER ~ 1 \ <DIR> Autodesk
[03/09/2008 | 10:46] C: \ DOCUME ~ 1 \ ALLUSE ~ 1 \ PROGRAMMER ~ 1 \ <DIR> Avg7
[10/06/2008 | 12:37] C: \ DOCUME ~ 1 \ ALLUSE ~ 1 \ PROGRAMMER ~ 1 \ <DIR> Avg8
[02/07/2006 | 01:52] C: \ DOCUME ~ 1 \ ALLUSE ~ 1 \ PROGRAMMER ~ 1 \ <DIR> DVD Shrink
[15/07/2006 | 12:35] C: \ DOCUME ~ 1 \ ALLUSE ~ 1 \ PROGRAMMER ~ 1 \ <DIR> EnterNHelp
[27/03/2007 | 10:25] C: \ DOCUME ~ 1 \ ALLUSE ~ 1 \ PROGRAMMER ~ 1 \ <DIR> Google
[18/08/2008 | 07:44] C: \ DOCUME ~ 1 \ ALLUSE ~ 1 \ PROGRAMMER ~ 1 \ <DIR> Grisoft
[23/10/2007 | 12:15] C: \ DOCUME ~ 1 \ ALLUSE ~ 1 \ PROGRAMMER ~ 1 \ <DIR> Installasjoner
[12/09/2005 | 09:21] C: \ DOCUME ~ 1 \ ALLUSE ~ 1 \ PROGRAMMER ~ 1 \ <DIR> InstallShield
[11/10/2008 | 12:29] C: \ DOCUME ~ 1 \ ALLUSE ~ 1 \ PROGRAMMER ~ 1 \ <DIR> MailFrontier
[18/08/2008 | 04:05] C: \ DOCUME ~ 1 \ ALLUSE ~ 1 \ PROGRAMMER ~ 1 \ <DIR> Microsoft
[10/09/2008 | 07:07] C: \ DOCUME ~ 1 \ ALLUSE ~ 1 \ PROGRAMMER ~ 1 \ <DIR> Microsoft Help
[10/09/2007 | 04:25] C: \ DOCUME ~ 1 \ ALLUSE ~ 1 \ PROGRAMMER ~ 1 \ <DIR> Nero
[11/10/2008 | 03:51] C: \ DOCUME ~ 1 \ ALLUSE ~ 1 \ PROGRAMMER ~ 1 \ <DIR> NOS
[21/05/2008 | 12:55] C: \ DOCUME ~ 1 \ ALLUSE ~ 1 \ PROGRAMMER ~ 1 \ <DIR> PC Drivers Headquarters
[12/09/2005 | 09:27] C: \ DOCUME ~ 1 \ ALLUSE ~ 1 \ PROGRAMMER ~ 1 \ <DIR> QuickTime
[24/11/2007 | 02:56] C: \ DOCUME ~ 1 \ ALLUSE ~ 1 \ PROGRAMMER ~ 1 \ <DIR> Real
[12/09/2005 | 09:04] C: \ DOCUME ~ 1 \ ALLUSE ~ 1 \ PROGRAMMER ~ 1 \ <DIR> SBSI
[02.02.2008 | 05:17] C: \ DOCUME ~ 1 \ ALLUSE ~ 1 \ PROGRAMMER ~ 1 \ <DIR> Seagate
[09/10/2008 | 11:53] C: \ DOCUME ~ 1 \ ALLUSE ~ 1 \ PROGRAMMER ~ 1 \ <DIR> Software regelen flagg eier
[01/11/2006 | 01:13] C: \ DOCUME ~ 1 \ ALLUSE ~ 1 \ PROGRAMMER ~ 1 \ <DIR> Sophos
[14/09/2008 | 02:08] C: \ DOCUME ~ 1 \ ALLUSE ~ 1 \ PROGRAMMER ~ 1 \ <DIR> Spybot - Search & Destroy
[19/05/2008 | 07:41] C: \ DOCUME ~ 1 \ ALLUSE ~ 1 \ PROGRAMMER ~ 1 \ <DIR> Symantec
[11/10/2008 | 06:00] C: \ DOCUME ~ 1 \ ALLUSE ~ 1 \ PROGRAMMER ~ 1 \ <DIR> TEMP
[15/02/2006 | 01:11] C: \ DOCUME ~ 1 \ ALLUSE ~ 1 \ PROGRAMMER ~ 1 \ <DIR> UDL
[15/07/2006 | 12:35] C: \ DOCUME ~ 1 \ ALLUSE ~ 1 \ PROGRAMMER ~ 1 \ <DIR> Ultima_T15
[08/04/2006 | 02:27] C: \ DOCUME ~ 1 \ ALLUSE ~ 1 \ PROGRAMMER ~ 1 \ <DIR> Windows Genuine Advantage
[22/06/2008 | 11:01] C: \ DOCUME ~ 1 \ ALLUSE ~ 1 \ PROGRAMMER ~ 1 \ <DIR> WLInstaller
[17.03.2008 | 09:32] C: \ DOCUME ~ 1 \ Compaq ~ 1 \ PROGRAMMER ~ 1 \ <DIR> Adobe
[11/10/2008 | 03:55] C: \ DOCUME ~ 1 \ Compaq ~ 1 \ PROGRAMMER ~ 1 \ <DIR> AdobeUM
[13/09/2007 | 05:26] C: \ DOCUME ~ 1 \ Compaq ~ 1 \ PROGRAMMER ~ 1 \ <DIR> Ahead
[13/06/2008 | 07:29] C: \ DOCUME ~ 1 \ Compaq ~ 1 \ PROGRAMMER ~ 1 \ <DIR> Apple Computer
[02/10/2007 | 12:55] C: \ DOCUME ~ 1 \ Compaq ~ 1 \ PROGRAMMER ~ 1 \ <DIR> ArcSoft
[18/06/2006 | 11:34] C: \ DOCUME ~ 1 \ Compaq ~ 1 \ PROGRAMMER ~ 1 \ <DIR> Atari
[21/05/2007 | 07:47] C: \ DOCUME ~ 1 \ Compaq ~ 1 \ PROGRAMMER ~ 1 \ <DIR> Autodesk
[11/10/2008 | 11:11] C: \ DOCUME ~ 1 \ Compaq ~ 1 \ PROGRAMMER ~ 1 \ <DIR> AVG7
[19/05/2008 | 02:40] C: \ DOCUME ~ 1 \ Compaq ~ 1 \ PROGRAMMER ~ 1 \ <DIR> AVGTOOLBAR
[08/10/2008 | 01:29] C: \ DOCUME ~ 1 \ Compaq ~ 1 \ PROGRAMMER ~ 1 \ <DIR> BitTorrent
[21/05/2007 | 12:09] C: \ DOCUME ~ 1 \ Compaq ~ 1 \ PROGRAMMER ~ 1 \ <DIR> Command & Conquer 3 Tiberium Wars
[01/09/2006 | 08:52] C: \ DOCUME ~ 1 \ Compaq ~ 1 \ PROGRAMMER ~ 1 \ <DIR> Datalayer
[28/05/2007 | 02:25] C: \ DOCUME ~ 1 \ Compaq ~ 1 \ PROGRAMMER ~ 1 \ <DIR> dvdcss
[13/08/2007 | 03:00] C: \ DOCUME ~ 1 \ Compaq ~ 1 \ PROGRAMMER ~ 1 \ <DIR> EPSON
[03/05/2007 | 02:12] C: \ DOCUME ~ 1 \ Compaq ~ 1 \ PROGRAMMER ~ 1 \ <DIR> Google
[07/09/2006 | 02:08] C: \ DOCUME ~ 1 \ Compaq ~ 1 \ PROGRAMMER ~ 1 \ <DIR> Hjelp
[26/06/2008 | 12:16] C: \ DOCUME ~ 1 \ Compaq ~ 1 \ PROGRAMMER ~ 1 \ <DIR> HPQ
[16/12/2004 | 04:22] C: \ DOCUME ~ 1 \ Compaq ~ 1 \ PROGRAMMER ~ 1 \ <DIR> Identities
[19/02/2006 | 05:44] C: \ DOCUME ~ 1 \ Compaq ~ 1 \ PROGRAMMER ~ 1 \ <DIR> InterVideo
[23/04/2008 | 11:49] C: \ DOCUME ~ 1 \ Compaq ~ 1 \ PROGRAMMER ~ 1 \ <DIR> iWin
[03/05/2008 | 03:20] C: \ DOCUME ~ 1 \ Compaq ~ 1 \ PROGRAMMER ~ 1 \ <DIR> Joost
[28/01/2006 | 03:15] C: \ DOCUME ~ 1 \ Compaq ~ 1 \ PROGRAMMER ~ 1 \ <DIR> Leadertech
[13/09/2008 | 08:45] C: \ DOCUME ~ 1 \ Compaq ~ 1 \ PROGRAMMER ~ 1 \ <DIR> LimeWire
[14/02/2006 | 05:22] C: \ DOCUME ~ 1 \ Compaq ~ 1 \ PROGRAMMER ~ 1 \ <DIR> Macromedia
[24/11/2007 | 03:04] C: \ DOCUME ~ 1 \ Compaq ~ 1 \ PROGRAMMER ~ 1 \ <DIR> Media Player Classic
[19/05/2008 | 06:44] C: \ DOCUME ~ 1 \ Compaq ~ 1 \ PROGRAMMER ~ 1 \ <DIR> Microsoft
[09/04/2008 | 06:13] C: \ DOCUME ~ 1 \ Compaq ~ 1 \ PROGRAMMER ~ 1 \ <DIR> Mozilla
[15/07/2006 | 12:31] C: \ DOCUME ~ 1 \ Compaq ~ 1 \ PROGRAMMER ~ 1 \ <DIR> Nikon
[01/09/2006 | 08:52] C: \ DOCUME ~ 1 \ Compaq ~ 1 \ PROGRAMMER ~ 1 \ <DIR> Nokia
[01/09/2006 | 08:54] C: \ DOCUME ~ 1 \ Compaq ~ 1 \ PROGRAMMER ~ 1 \ <DIR> Nokia Multimedia Player
[01/09/2006 | 08:41] C: \ DOCUME ~ 1 \ Compaq ~ 1 \ PROGRAMMER ~ 1 \ <DIR> PC Suite
[19/05/2008 | 07:32] C: \ DOCUME ~ 1 \ Compaq ~ 1 \ PROGRAMMER ~ 1 \ <DIR> Real
[12/09/2005 | 09:30] C: \ DOCUME ~ 1 \ Compaq ~ 1 \ PROGRAMMER ~ 1 \ <DIR> SampleView
[21/05/2007 | 12:07] C: \ DOCUME ~ 1 \ Compaq ~ 1 \ PROGRAMMER ~ 1 \ <DIR> SecuROM
[09/10/2008 | 11:54] C: \ DOCUME ~ 1 \ Compaq ~ 1 \ PROGRAMMER ~ 1 \ <DIR> såpe ligger kjærlighet
[28/01/2006 | 03:16] C: \ DOCUME ~ 1 \ Compaq ~ 1 \ PROGRAMMER ~ 1 \ <DIR> Sonic
[23/04/2008 | 11:45] C: \ DOCUME ~ 1 \ Compaq ~ 1 \ PROGRAMMER ~ 1 \ <DIR> SpinTop
[14/09/2008 | 06:04] C: \ DOCUME ~ 1 \ Compaq ~ 1 \ PROGRAMMER ~ 1 \ <DIR> SPORE
[15/04/2008 | 05:04] C: \ DOCUME ~ 1 \ Compaq ~ 1 \ PROGRAMMER ~ 1 \ <DIR> Spybot - Search & Destroy
[14/02/2006 | 05:49] C: \ DOCUME ~ 1 \ Compaq ~ 1 \ PROGRAMMER ~ 1 \ <DIR> søndag
[12/09/2005 | 09:41] C: \ DOCUME ~ 1 \ Compaq ~ 1 \ PROGRAMMER ~ 1 \ <DIR> Symantec
[16/04/2008 | 06:42] C: \ DOCUME ~ 1 \ Compaq ~ 1 \ PROGRAMMER ~ 1 \ <DIR> U3
[26/05/2008 | 11:14] C: \ DOCUME ~ 1 \ Compaq ~ 1 \ PROGRAMMER ~ 1 \ <DIR> uTorrent
[27/05/2006 | 09:46] C: \ DOCUME ~ 1 \ Compaq ~ 1 \ PROGRAMMER ~ 1 \ <DIR> VLC
[20/05/2008 | 10:26] C: \ DOCUME ~ 1 \ Compaq ~ 1 \ PROGRAMMER ~ 1 \ <DIR> WinBatch
[12/09/2005 | 09:27] C: \ DOCUME ~ 1 \ DEFAUL ~ 1 \ PROGRAMMER ~ 1 \ <DIR> Apple Computer
[16/12/2004 | 04:22] C: \ DOCUME ~ 1 \ DEFAUL ~ 1 \ PROGRAMMER ~ 1 \ <DIR> Identities
[12/09/2005 | 09:51] C: \ DOCUME ~ 1 \ DEFAUL ~ 1 \ PROGRAMMER ~ 1 \ <DIR> Microsoft
[12/09/2005 | 09:21] C: \ DOCUME ~ 1 \ DEFAUL ~ 1 \ PROGRAMMER ~ 1 \ <DIR> Real
[12/09/2005 | 09:30] C: \ DOCUME ~ 1 \ DEFAUL ~ 1 \ PROGRAMMER ~ 1 \ <DIR> SampleView
[12/09/2005 | 09:41] C: \ DOCUME ~ 1 \ DEFAUL ~ 1 \ PROGRAMMER ~ 1 \ <DIR> Symantec
[18/08/2008 | 07:44] C: \ DOCUME ~ 1 \ LOCALS ~ 1 \ PROGRAMMER ~ 1 \ <DIR> AVG7
[18/08/2008 | 07:44] C: \ DOCUME ~ 1 \ LOCALS ~ 1 \ PROGRAMMER ~ 1 \ <DIR> Microsoft
[18/08/2008 | 07:44] C: \ DOCUME ~ 1 \ NETWOR ~ 1 \ PROGRAMMER ~ 1 \ <DIR> Microsoft

-------------------- \ \ Planlagte oppgaver som ligger i C: \ WINDOWS \ Tasks
[11/10/2008 06:00 PM] [- ah -----] C: \ WINDOWS \ oppgaver \ A396018B9185B27B.job
[11/10/2008 06:11 PM] [- en ------] C: \ WINDOWS \ oppgaver \ Symantec NetDetect.job
[11/10/2008 05:00 PM] [- en ------] C: \ WINDOWS \ oppgaver \ RegCure Program Check.job
[28/08/2008 04:00 AM] [- en ------] C: \ WINDOWS \ oppgaver \ RegCure.job
[11/10/2008 04:07 PM] [- ah -----] C: \ WINDOWS \ oppgaver \ SA.DAT
[05/08/2004 05:00 AM] [-rah -----] C: \ WINDOWS \ oppgaver \ Desktop.ini
(A396018B9185B27B.job) = (c: \ DOCUME ~ 1 \ Compaq ~ 1 \ PROGRAMMER ~ 1 \ soapli ~ 1 \ Axisgreatex tra.exe)
-------------------- \ \ Listing mapper i C: \ Program Files
[27/07/2008 | 05:02] C: \ Programfiler \ <DIR> Activision
[11/10/2008 | 04:05] C: \ Programfiler \ <DIR> Adobe
[15/06/2008 | 12:20] C: \ Programfiler \ <DIR> Ahead
[20/05/2007 | 11:20] C: \ Programfiler \ <DIR> Alcohol Soft
[03/06/2008 | 09:01] C: \ Programfiler \ <DIR> Apple Software Update
[15/07/2006 | 12:27] C: \ Programfiler \ <DIR> ArcSoft
[12/09/2005 | 09:13] C: \ Programfiler \ <DIR> ATI Technologies
[21/05/2007 | 07:36] C: \ Programfiler \ <DIR> Autodesk
[27/05/2008 | 04:42] C: \ Programfiler \ <DIR> AVG
[20/06/2008 | 04:54] C: \ Programfiler \ <DIR> BitTorrent
[11/10/2008 | 04:05] C: \ Programfiler \ <DIR> Common Files
[24/11/2004 | 01:06] C: \ Programfiler \ <DIR> ComPlus Applications
[21/05/2008 | 12:51] C: \ Programfiler \ <DIR> DAP
[08/11/2006 | 02:07] C: \ Programfiler \ <DIR> DivX
[30/09/2008 | 09:12] C: \ Programfiler \ <DIR> DominateGame
[21/05/2007 | 10:35] C: \ Programfiler \ <DIR> Drug Lord 2
[18/08/2008 | 03:56] C: \ Programfiler \ <DIR> D-Tools
[08/11/2006 | 12:56] C: \ Programfiler \ <DIR> DVD Shrink
[19/05/2008 | 07:12] C: \ Programfiler \ <DIR> Easy Internet signup
[14/09/2008 | 06:02] C: \ Programfiler \ <DIR> Electronic Arts
[15/02/2006 | 01:11] C: \ Programfiler \ <DIR> Epson
[26/05/2008 | 11:15] C: \ Programfiler \ <DIR> eToro
[30/09/2008 | 09:12] C: \ Programfiler \ <DIR> EV Nova
[13/11/2006 | 09:39] C: \ Programfiler \ <DIR> FLVPlayer
[26/06/2008 | 12:13] C: \ Programfiler \ <DIR> GameSpy Arcade
[12/09/2005 | 09:37] C: \ Programfiler \ <DIR> Google
[27/11/2006 | 10:19] C: \ Programfiler \ <DIR> Graph
[08/11/2007 | 06:44] C: \ Programfiler \ <DIR> Griffin Technology
[18/08/2008 | 07:44] C: \ Programfiler \ <DIR> Grisoft
[27/03/2006 | 09:17] C: \ Programfiler \ <DIR> GustoSoft
[29/09/2008 | 04:41] C: \ Programfiler \ <DIR> HP
[05/12/2007 | 01:09] C: \ Programfiler \ <DIR> Infogrames Interaktiv
[14/09/2008 | 06:03] C: \ Programfiler \ <DIR> InstallShield Installasjonsinformasjon
[17/08/2008 | 09:45] C: \ Programfiler \ <DIR> Internet Explorer
[12/09/2005 | 09:23] C: \ Programfiler \ <DIR> InterVideo
[03/06/2008 | 09:04] C: \ Programfiler \ <DIR> iPod
[14/02/2006 | 05:20] C: \ Programfiler \ <DIR> iPrimus
[03/06/2008 | 09:05] C: \ Programfiler \ <DIR> iTunes
[30/09/2008 | 08:51] C: \ Programfiler \ <DIR> Java
[14/09/2008 | 05:43] C: \ Programfiler \ <DIR> John Deere American Farmer Deluxe
[09/04/2008 | 06:13] C: \ Programfiler \ <DIR> Joost
[24/11/2007 | 02:56] C: \ Programfiler \ <DIR> K-Lite Codec Pack
[20/03/2008 | 05:13] C: \ Programfiler \ <DIR> LimeWire
[31/08/2008 | 05:28] C: \ Programfiler \ <DIR> Maxis
[18/08/2008 | 02:14] C: \ Programfiler \ <DIR> Messenger
[15/05/2007 | 11:48] C: \ Programfiler \ <DIR> Microsoft CAPICOM 2.1.0.2
[12/09/2005 | 09:19] C: \ Programfiler \ <DIR> Microsoft Encarta
[16/12/2004 | 04:23] C: \ Programfiler \ <DIR> Microsoft FrontPage
[26/06/2008 | 12:17] C: \ Programfiler \ <DIR> Microsoft Games
[12/09/2005 | 09:25] C: \ Programfiler \ <DIR> Microsoft Money 2005
[29/06/2008 | 10:10] C: \ Programfiler \ <DIR> Microsoft Office
[15/02/2006 | 12:29] C: \ Programfiler \ <DIR> Microsoft Visual Studio
[03/06/2008 | 03:51] C: \ Programfiler \ <DIR> Microsoft Works
[14/02/2008 | 10:22] C: \ Programfiler \ <DIR> Microsoft.NET
[14/03/2008 | 09:22] C: \ Programfiler \ <DIR> MindArk
[18/08/2008 | 02:11] C: \ Programfiler \ <DIR> Movie Maker
[11/10/2008 | 11:09] C: \ Programfiler \ <DIR> Mozilla Firefox
[16/12/2004 | 04:23] C: \ Programfiler \ <DIR> MSN
[16/12/2004 | 04:23] C: \ Programfiler \ <DIR> MSN Gaming Zone
[18/10/2006 | 01:19] C: \ Programfiler \ <DIR> MSXML 4.0
[02.02.2008 | 05:16] C: \ Programfiler \ <DIR> MSXML 6.0
[10/09/2007 | 04:25] C: \ Programfiler \ <DIR> Nero
[18/08/2008 | 02:10] C: \ Programfiler \ <DIR> NetMeeting
[15/07/2006 | 12:30] C: \ Programfiler \ <DIR> Nikon
[11/10/2008 | 03:51] C: \ Programfiler \ <DIR> NOS
[15/02/2006 | 12:42] C: \ Programfiler \ <DIR> OfficeUpdate11
[14/09/2008 | 02:59] C: \ Programfiler \ <DIR> Online Services
[18/08/2008 | 02:10] C: \ Programfiler \ <DIR> Outlook Express
[26/06/2007 | 09:29] C: \ Programfiler \ <DIR> PartyGaming
[12/09/2005 | 09:34] C: \ Programfiler \ <DIR> PC-Doctor for DOS
[17/06/2007 | 08:43] C: \ Programfiler \ <DIR> PokerRoom.com
[31/05/2007 | 01:55] C: \ Programfiler \ <DIR> PokerStars
[03/06/2008 | 09:04] C: \ Programfiler \ <DIR> QuickTime
[21/04/2008 | 08:30] C: \ Programfiler \ <DIR> RegCure
[02.02.2008 | 05:17] C: \ Programfiler \ <DIR> Seagate
[23/04/2008 | 01:20] C: \ Programfiler \ <DIR> Sean O'Connor's Windows Games
[24/07/2008 | 06:08] C: \ Programfiler \ <DIR> Sega
[18/08/2008 | 03:56] C: \ Programfiler \ <DIR> Sierra Entertainment
[08.02.2007 | 11:24] C: \ Programfiler \ <DIR> SLD Codec Pack
[09/10/2008 | 11:53] C: \ Programfiler \ <DIR> såpe ligger kjærlighet
[14/03/2008 | 06:16] C: \ Programfiler \ <DIR> Sophos
[15/04/2008 | 09:22] C: \ Programfiler \ <DIR> Spybot - Search & Destroy
[24/11/2007 | 02:59] C: \ Programfiler \ <DIR> StrongDC + +
[19/05/2008 | 07:41] C: \ Programfiler \ <DIR> Symantec
[13/09/2008 | 10:03] C: \ Programfiler \ <DIR> TeaTimer (Spybot - Search & Destroy)
[14/02/2006 | 05:39] C: \ Programfiler \ <DIR> Telstra
[19/06/2007 | 09:45] C: \ Programfiler \ <DIR> TexasCalculatem
[30/05/2008 | 01:43] C: \ Programfiler \ <DIR> Theorica DivX ;-) Codecs
[29/02/2008 | 06:25] C: \ Programfiler \ <DIR> TP-LINK
[11/10/2008 | 12:33] C: \ Programfiler \ <DIR> Trend Micro
[03/04/2008 | 12:17] C: \ Programfiler \ <DIR> Trymedia
[24/11/2004 | 01:07] C: \ Programfiler \ <DIR> Uninstall Information
[27/05/2006 | 08:19] C: \ Programfiler \ <DIR> Videolan
[10/09/2008 | 01:44] C: \ Programfiler \ <DIR> VUGames
[11/10/2008 | 05:57] C: \ Programfiler \ <DIR> Warcraft III
[05/06/2008 | 01:07] C: \ Programfiler \ <DIR> Weatherzone Tracker
[13/09/2006 | 12:25] C: \ Programfiler \ <DIR> WinAVI VideoConverter
[14/03/2008 | 06:35] C: \ Programfiler \ <DIR> Windows Live
[10.10.2007 | 11:18] C: \ Programfiler \ <DIR> Windows Media Connect 2
[25/08/2008 | 06:37] C: \ Programfiler \ <DIR> Windows Media Player
[14/09/2008 | 02:59] C: \ Programfiler \ <DIR> Windows NT
[03/10/2007 | 03:00] C: \ Programfiler \ <DIR> Windows XP Fun Pack
[24/11/2004 | 01:07] C: \ Programfiler \ <DIR> WindowsUpdate
[14/09/2008 | 05:41] C: \ Programfiler \ <DIR> WinRAR
[16/12/2004 | 04:24] C: \ Programfiler \ <DIR> xerox
[11/10/2008 | 12:29] C: \ Programfiler \ <DIR> Zone Labs
[11/10/2008 | 12:31] C: \ Programfiler \ <DIR> ZoneAlarmSB
-------------------- \ \ Listing mapper i C: \ Program Files \ Common Files
[11/10/2008 | 04:05] C: \ Programfiler \ Fellesfiler \ <DIR> Adobe
[11/10/2008 | 04:05] C: \ Programfiler \ Fellesfiler \ <DIR> Adobe AIR
[10/09/2007 | 04:28] C: \ Programfiler \ Fellesfiler \ <DIR> Ahead
[03/10/2007 | 01:28] C: \ Programfiler \ Fellesfiler \ <DIR> Apple
[28/08/2007 | 04:28] C: \ Programfiler \ Fellesfiler \ <DIR> Autodesk Shared
[03/06/2008 | 03:50] C: \ Programfiler \ Fellesfiler \ <DIR> DESIGNER
[12/09/2005 | 09:27] C: \ Programfiler \ Fellesfiler \ <DIR> InstallShield
[12/09/2005 | 09:06] C: \ Programfiler \ Fellesfiler \ <DIR> Java
[19/05/2008 | 07:25] C: \ Programfiler \ Fellesfiler \ <DIR> Microsoft Shared
[16/12/2004 | 04:23] C: \ Programfiler \ Fellesfiler \ <DIR> MSSoap
[15/07/2006 | 12:30] C: \ Programfiler \ Fellesfiler \ <DIR> muvee Technologies
[15/07/2006 | 12:31] C: \ Programfiler \ Fellesfiler \ <DIR> Nikon
[16/12/2004 | 04:23] C: \ Programfiler \ Fellesfiler \ <DIR> ODBC
[19/05/2008 | 07:32] C: \ Programfiler \ Fellesfiler \ <DIR> Real
[20/05/2008 | 11:24] C: \ Programfiler \ Fellesfiler \ <DIR> Services
[16/12/2004 | 04:23] C: \ Programfiler \ Fellesfiler \ <DIR> SpeechEngines
[19/05/2008 | 07:41] C: \ Programfiler \ Fellesfiler \ <DIR> Symantec Shared
[18/08/2008 | 02:10] C: \ Programfiler \ Fellesfiler \ <DIR> System
[11/03/2007 | 11:10] C: \ Programfiler \ Fellesfiler \ <DIR> Thraex Software
[14/03/2008 | 06:34] C: \ Programfiler \ Fellesfiler \ <DIR> WindowsLiveInstaller
-------------------- \ \ Prosess
(41 Processes)
IEXPLORE.EXE ~ [PID: 2612]
IEXPLORE.EXE ~ [PID: 2640]
iexplore.exe ~ [PID: 3160]
IEXPLORE.EXE ~ [PID: 2940]
-------------------- \ \ Søker med S_Lop
C: \ DOCUME ~ 1 \ Compaq ~ 1 \ LOCALS ~ 1 \ Temp \ bis9A.exe
C: \ DOCUME ~ 1 \ Compaq ~ 1 \ PROGRAMMER ~ 1 \ SOAPLI ~ 1
C: \ DOCUME ~ 1 \ Compaq ~ 1 \ PROGRAMMER ~ 1 \ SOAPLI ~ 1 \ ATOM DASH.exe
C: \ DOCUME ~ 1 \ Compaq ~ 1 \ PROGRAMMER ~ 1 \ SOAPLI ~ 1 \ Axis stor extra.exe
C: \ DOCUME ~ 1 \ Compaq ~ 1 \ PROGRAMMER ~ 1 \ SOAPLI ~ 1 \ ilouimpk.ex e
C: \ DOCUME ~ 1 \ Compaq ~ 1 \ PROGRAMMER ~ 1 \ SOAPLI ~ 1 \ jvuyskje.ex e
C: \ DOCUME ~ 1 \ Compaq ~ 1 \ PROGRAMMER ~ 1 \ SOAPLI ~ 1 \ lfbsabiw.ex e

-------------------- \ \ Søker etter Løp Files - Mapper
C: \ DOCUME ~ 1 \ ALLUSE ~ 1 \ PROGRAMMER ~ 1 \ Software regelen flagg eier
C: \ DOCUME ~ 1 \ ALLUSE ~ 1 \ PROGRAMMER ~ 1 \ Software regelen flagg eier \ First obj.exe
C: \ DOCUME ~ 1 \ ALLUSE ~ 1 \ PROGRAMMER ~ 1 \ Software regelen flagg eier \ Skip proc.exe
C: \ DOCUME ~ 1 \ Compaq ~ 1 \ PROGRAMMER ~ 1 \ soapli ~ 1
C: \ DOCUME ~ 1 \ Compaq ~ 1 \ PROGRAMMER ~ 1 \ soapli ~ 1 \ ATOM DASH.exe
C: \ DOCUME ~ 1 \ Compaq ~ 1 \ PROGRAMMER ~ 1 \ soapli ~ 1 \ Axis stor extra.exe
C: \ DOCUME ~ 1 \ Compaq ~ 1 \ PROGRAMMER ~ 1 \ soapli ~ 1 \ ilouimpk.ex e
C: \ DOCUME ~ 1 \ Compaq ~ 1 \ PROGRAMMER ~ 1 \ soapli ~ 1 \ jvuyskje.ex e
C: \ DOCUME ~ 1 \ Compaq ~ 1 \ PROGRAMMER ~ 1 \ soapli ~ 1 \ lfbsabiw.ex e
C: \ Programfiler \ soapli ~ 1
C: \ DOCUME ~ 1 \ Compaq ~ 1 \ LOCALS ~ 1 \ Temp \ TorrentSpeeder. zip
C: \ DOCUME ~ 1 \ Compaq ~ 1 \ Cookies \ compaq_owner @ adultfri endfinder [1]. Txt
C: \ DOCUME ~ 1 \ Compaq ~ 1 \ Cookies \ compaq_owner @ advertis ing [2]. Txt
C: \ DOCUME ~ 1 \ Compaq ~ 1 \ Cookies \ compaq_owner @ Ero-reklame [1]. Txt
C: \ DOCUME ~ 1 \ Compaq ~ 1 \ Cookies \ compaq_owner@adopt.eu roclick [2]. Txt
C: \ DOCUME ~ 1 \ Compaq ~ 1 \ Cookies \ compaq_owner @ partypok er [1]. Txt
C: \ DOCUME ~ 1 \ Compaq ~ 1 \ Cookies \ compaq_owner @ 888 [2]. Txt
C: \ WINDOWS \ Tasks \ A396018B9185B27B.job

-------------------- \ \ Søker i registeret
[HKEY_CURRENT_USER \ Software \ Microsoft \ Windows \ Curre ntVersion \ Uninstall \ Hold wma ref]
"DisplayName" = "Cid Hjelp"
"UninstallString" = "C: \ \ DOCUME ~ 1 \ \ Compaq ~ 1 \ \ PROGRAMMER ~ 1 \ \ SOAPLI ~ 1 \ \ ATOM DASH.exe-uninstall"
[HKEY_CURRENT_USER \ Software \ Microsoft \ Windows \ Curre ntVersion \ Run]
"MODUS REAL" = "C: \ \ DOCUME ~ 1 \ \ Compaq ~ 1 \ \ PROGRAMMER ~ 1 \ \ SOAPLI ~ 1 \ \ ATOM DASH.exe"
"MODUS REAL" = "C: \ \ DOCUME ~ 1 \ \ Compaq ~ 1 \ \ PROGRAMMER ~ 1 \ \ SOAPLI ~ 1 \ \ ATOM DASH.exe"
[HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ Windows \ Curr entVersion \ Run]
"Flagg eier Live Grim" = "C: \ \ Documents and Settings \ \ All Users \ \ Application Data \ \ Software regelen flagg eier \ \ First obj.exe"
-------------------- \ \ Checking Hosts-filen
Vertsfilen CLEAN

-------------------- \ \ Søking etter skjulte filer med CatchMe

CatchMe 0.3.1353 W2K/XP/Vista - rootkit / skjulemodus malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-10-11 18:12:47
Windows 5.1.2600 Service Pack 3 NTFS
skanning skjulte prosesser ...
skanning skjulte filer ...
skanning er fullført
skjulte prosesser: 0
skjulte filer: 0

-------------------- \ \ Søker etter andre infeksjoner
-------------------- \ \ Sprekker & Keygens ..
C: \ DOCUME ~ 1 \ Compaq ~ 1 \ Lokale innstillinger \ Temp \ rar $ EX02.922 \ Crack
C: \ DOCUME ~ 1 \ Compaq ~ 1 \ Lokale innstillinger \ Temp \ rar $ EX02.922 \ Crack \ rld-spor.exe
C: \ DOCUME ~ 1 \ Compaq ~ 1 \ Lokale innstillinger \ Temp \ rar $ EX02.922 \ Crack \ SporeApp.exe
C: \ DOCUME ~ 1 \ Compaq ~ 1 \ Recent \ Spore.GENERIC_KEYGEN-FFF.lnk

[F: 343] [D: 29] -> C: \ DOCUME ~ 1 \ Compaq ~ 1 \ LOCALS ~ 1 \ Temp
[F: 200] [D: 0] -> C: \ DOCUME ~ 1 \ Compaq ~ 1 \ Cookies
[F: 18285] [D: 24] -> C: \ DOCUME ~ 1 \ Compaq ~ 1 \ LOCALS ~ 1 \ TEMPOR ~ 1 \ Content.IE5
1 - "C: \ Løp SD \ LopR_1.txt" - lørdag 11/10/2008 | 18:07 - Alternativ: [1]
2 - "C: \ Løp SD \ LopR_2.txt" - lørdag 11/10/2008 | 18:14 - Alternativ: [1]
-------------------- \ \ Scan fullført 18:14:22
  #4  
Old 11 oktober 2008, 22:29
Moderator Group
  
Default Iexplore.exe virus igjen!

Last ned NoLop til skrivebordet ditt. NoLop.exe
  • Lukk programmer du har publisert siden en omstart er nødvendig
  • Dobbeltklikk NoLop.exe å kjøre den
  • Neste Klikk: Search and Destroy
    • Maskinen vil nå bli skannet på infiserte filer
  • Når skanningen er fullført, hvis smittet, blir du bedt om å starte på nytt
  • Klikk OK
  • Nå klikker: Reboot
  • En melding skal popup fra NoLop. Hvis ikke, dobbeltklikker du programmet på nytt og det vil finish.
  • Post innholdet i C: \ NoLop.log i neste svaret.
Merk: Hvis du mottar en feilmelding, "mscomctl.ocx eller en av avhengigheter er ikke korrekt registrert, kan du laste ned mscomctl.ocx til System32 deretter kjøre programmet.

Også kjøre en ny HijackThis skanner og post loggen.
__________________
  #5  
Old 11 oktober 2008, 22:46
New Member Group
  
Default Iexplore.exe virus igjen!

Ok her er loggene:

Nolop


NoLop! Logg av Skate_Punk_21

Fix kjører fra: C: \ Documents and Settings \ Compaq_Owner \ Desktop
[12/10/2008]
[4:33:52 PM]

--- Smitte Files Found/Removed---
C: \ WINDOWS \ oppgaver \ A396018B9185B27B.job

Begynnelsen fjerning ...
Start ...
Fjerne Løp's Leftover filer / mapper ...
Redigere registret ...
** Fix Complete! **

--- Listing AppData sub directories ---

C: \ Documents and Settings \ All Users \ Application Data \ Adobe
C: \ Documents and Settings \ All Users \ Application Data \ Apple
C: \ Documents and Settings \ All Users \ Application Data \ Apple Computer
C: \ Documents and Settings \ All Users \ Application Data \ Autodesk
C: \ Documents and Settings \ All Users \ Application Data \ Avg7
C: \ Documents and Settings \ All Users \ Application Data \ Avg8 - EMPTY Directory
C: \ Documents and Settings \ All Users \ Application Data \ Dvd Shrink
C: \ Documents and Settings \ All Users \ Application Data \ Enternhelp
C: \ Documents and Settings \ All Users \ Application Data \ Google
C: \ Documents and Settings \ All Users \ Application Data \ Grisoft
C: \ Documents and Settings \ All Users \ Application Data \ Installations
C: \ Documents and Settings \ All Users \ Application Data \ InstallShield
C: \ Documents and Settings \ All Users \ Application Data \ Mailfrontier - EMPTY Directory
C: \ Documents and Settings \ All Users \ Application Data \ Microsoft
C: \ Documents and Settings \ All Users \ Application Data \ Microsoft Help
C: \ Documents and Settings \ All Users \ Application Data \ Nero
C: \ Documents and Settings \ All Users \ Application Data \ Nos
C: \ Documents and Settings \ All Users \ Application Data \ Pc Drivers Headquarters
C: \ Documents and Settings \ All Users \ Application Data \ Quicktime
C: \ Documents and Settings \ All Users \ Application Data \ Real - EMPTY Directory
C: \ Documents and Settings \ All Users \ Application Data \ Sbsi
C: \ Documents and Settings \ All Users \ Application Data \ Seagate
C: \ Documents and Settings \ All Users \ Application Data \ Software Regel Flag eier
C: \ Documents and Settings \ All Users \ Application Data \ Sophos
C: \ Documents and Settings \ All Users \ Application Data \ Spybot - Search & Destroy
C: \ Documents and Settings \ All Users \ Application Data \ Symantec
C: \ Documents and Settings \ All Users \ Application Data \ Temp - EMPTY Directory
C: \ Documents and Settings \ All Users \ Application Data \ Udl
C: \ Documents and Settings \ All Users \ Application Data \ Ultima_t15
C: \ Documents and Settings \ All Users \ Application Data \ Windows Genuine Advantage
C: \ Documents and Settings \ All Users \ Application Data \ Wlinstaller
C: \ Documents and Settings \ Compaq_owner \ Application Data \ Adobe
C: \ Documents and Settings \ Compaq_owner \ Application Data \ Adobeum
C: \ Documents and Settings \ Compaq_owner \ Application Data \ Ahead
C: \ Documents and Settings \ Compaq_owner \ Application Data \ Apple Computer
C: \ Documents and Settings \ Compaq_owner \ Application Data \ ArcSoft
C: \ Documents and Settings \ Compaq_owner \ Application Data \ Atari
C: \ Documents and Settings \ Compaq_owner \ Application Data \ Autodesk
C: \ Documents and Settings \ Compaq_owner \ Application Data \ Avg7
C: \ Documents and Settings \ Compaq_owner \ Application Data \ Avgtoolbar
C: \ Documents and Settings \ Compaq_owner \ Application Data \ Bittorrent
C: \ Documents and Settings \ Compaq_owner \ Application Data \ Command & Conquer 3 Tiberium Wars
C: \ Documents and Settings \ Compaq_owner \ Application Data \ Datalayer
C: \ Documents and Settings \ Compaq_owner \ Application Data \ Dvdcss
C: \ Documents and Settings \ Compaq_owner \ Application Data \ Epson
C: \ Documents and Settings \ Compaq_owner \ Application Data \ Google
C: \ Documents and Settings \ Compaq_owner \ Application Data \ Hjelp - EMPTY Directory
C: \ Documents and Settings \ Compaq_owner \ Application Data \ Hpq
C: \ Documents and Settings \ Compaq_owner \ Application Data \ Identities
C: \ Documents and Settings \ Compaq_owner \ Application Data \ Intervideo
C: \ Documents and Settings \ Compaq_owner \ Application Data \ Iwin
C: \ Documents and Settings \ Compaq_owner \ Application Data \ Joost
C: \ Documents and Settings \ Compaq_owner \ Application Data \ Leadertech
C: \ Documents and Settings \ Compaq_owner \ Application Data \ LimeWire
C: \ Documents and Settings \ Compaq_owner \ Application Data \ Macromedia
C: \ Documents and Settings \ Compaq_owner \ Application Data \ Media Player Classic
C: \ Documents and Settings \ Compaq_owner \ Application Data \ Microsoft
C: \ Documents and Settings \ Compaq_owner \ Application Data \ Mozilla
C: \ Documents and Settings \ Compaq_owner \ Application Data \ Nikon
C: \ Documents and Settings \ Compaq_owner \ Application Data \ Nokia
C: \ Documents and Settings \ Compaq_owner \ Application Data \ Nokia Multimedia Player
C: \ Documents and Settings \ Compaq_owner \ Programdata \ PC Suite
C: \ Documents and Settings \ Compaq_owner \ Application Data \ Real
C: \ Documents and Settings \ Compaq_owner \ Application Data \ Sampleview - EMPTY Directory
C: \ Documents and Settings \ Compaq_owner \ Application Data \ Securom
C: \ Documents and Settings \ Compaq_owner \ Application Data \ såpe Lies Love
C: \ Documents and Settings \ Compaq_owner \ Application Data \ Sonic
C: \ Documents and Settings \ Compaq_owner \ Application Data \ Spintop
C: \ Documents and Settings \ Compaq_owner \ Application Data \ Spore
C: \ Documents and Settings \ Compaq_owner \ Application Data \ Spybot - Search & Destroy
C: \ Documents and Settings \ Compaq_owner \ Application Data \ søndag
C: \ Documents and Settings \ Compaq_owner \ Application Data \ Symantec - EMPTY Directory
C: \ Documents and Settings \ Compaq_owner \ Application Data \ U3
C: \ Documents and Settings \ Compaq_owner \ Application Data \ Utorrent
C: \ Documents and Settings \ Compaq_owner \ Application Data \ VLC
C: \ Documents and Settings \ Compaq_owner \ Application Data \ Winbatch
C: \ Documents and Settings \ Default User \ Application Data \ Apple Computer
C: \ Documents and Settings \ Default User \ Application Data \ Identities
C: \ Documents and Settings \ Default User \ Application Data \ Microsoft
C: \ Documents and Settings \ Default User \ Application Data \ Real
C: \ Documents and Settings \ Default User \ Application Data \ Sampleview - EMPTY Directory
C: \ Documents and Settings \ Default User \ Application Data \ Symantec - EMPTY Directory
C: \ Documents and Settings \ Localservice \ Application Data \ Avg7 - EMPTY Directory
C: \ Documents and Settings \ Localservice \ Application Data \ Microsoft
C: \ Documents and Settings \ NetworkService \ Application Data \ Microsoft


Hijackthis:


Logfile of Trend Micro HijackThis v2.0.2
Scan lagret 4:44:14 PM, on 12/10/2008
Plattform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16705)
Boot mode: Normal

Kjører prosesser:
C: \ WINDOWS \ System32 \ smss.exe
C: \ WINDOWS \ system32 \ Winlogon.exe
C: \ WINDOWS \ system32 \ Services.exe
C: \ WINDOWS \ system32 \ Lsass.exe
C: \ WINDOWS \ system32 \ Ati2evxx.exe
C: \ WINDOWS \ system32 \ Svchost.exe
C: \ WINDOWS \ system32 \ Svchost.exe
C: \ WINDOWS \ system32 \ Ati2evxx.exe
C: \ WINDOWS \ Explorer.exe
C: \ WINDOWS \ system32 \ Spoolsv.exe
C: \ WINDOWS \ system32 \ acs.exe
C: \ Programfiler \ Fellesfiler \ Apple \ Mobile Device Support \ bin \ AppleMobileDeviceService.exe
C: \ progra ~ 1 \ Grisoft \ AVG7 \ avgamsvr.exe
C: \ progra ~ 1 \ Grisoft \ AVG7 \ avgupsvc.exe
C: \ WINDOWS \ system32 \ Svchost.exe
C: \ WINDOWS \ system32 \ wuauclt.exe
C: \ WINDOWS \ SYSTEM \ hpsysdrv.exe
C: \ Programfiler \ ATI Technologies \ ATI Control Panel \ atiptaxx.exe
C: \ WINDOWS \ ALCXMNTR.EXE
C: \ Programfiler \ TP-LINK \ TWCU \ TWCU.exe
C: \ HP \ KBD \ KBD.EXE
C: \ Programfiler \ iTunes \ iTunesHelper.exe
C: \ Programfiler \ HP \ HP Software Update \ HPWuSchd2.exe
C: \ progra ~ 1 \ Grisoft \ AVG7 \ avgcc.exe
C: \ Programfiler \ Adobe \ Reader 9.0 \ Reader \ Reader_sl.exe
C: \ Programfiler \ Internet Explorer \ IEXPLORE.EXE
C: \ WINDOWS \ system32 \ Ctfmon.exe
C: \ Programfiler \ Internet Explorer \ IEXPLORE.EXE
C: \ Programfiler \ Nikon \ PictureProject \ NkbMonitor.exe
C: \ Programfiler \ iPod \ bin \ iPodService.exe
C: \ Programfiler \ Trend Micro \ HijackThis \ HijackThis.exe

R1 - HKCU \ Software \ Microsoft \ Internet Explorer \ Main, Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TY...rio&pf=desktop
R1 - HKCU \ Software \ Microsoft \ Internet Explorer \ Main, Default_Search_URL = http://ie.redirect.hp.com/svs/rdr?TY...rio&pf=desktop
R1 - HKCU \ Software \ Microsoft \ Internet Explorer \ Main, Search Page = http://ie.redirect.hp.com/svs/rdr?TY...rio&pf=desktop
R0 - HKCU \ Software \ Microsoft \ Internet Explorer \ Main, Start Page =
R1 - HKLM \ Software \ Microsoft \ Internet Explorer \ Main, Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM \ Software \ Microsoft \ Internet Explorer \ Main, Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM \ Software \ Microsoft \ Internet Explorer \ Main, Search Bar = http://ie.redirect.hp.com/svs/rdr?TY...rio&pf=desktop
R1 - HKLM \ Software \ Microsoft \ Internet Explorer \ Main, Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM \ Software \ Microsoft \ Internet Explorer \ Main, Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM \ Software \ Microsoft \ Internet Explorer \ Search, SearchAssistant = http://ie.redirect.hp.com/svs/rdr?TY...rio&pf=desktop
R1 - HKCU \ Software \ Microsoft \ Internet Connection Wizard, ShellNext = http://www.limewire.com/inclient/?st...ows + XP & osv = 5.1
O2 - BHO: AcroIEHelperStub - (18DF081C-E8AD-4283-A596-FA578C2EBDC3) - C: \ Programfiler \ Fellesfiler \ Adobe \ Acrobat \ ActiveX \ AcroIEHelperShim.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - (3CA2F312-6F6E-4B53-A66E-4E65E497C8C0) - C: \ Programfiler \ AVG \ AVG8 \ avgssie.dll (fil mangler)
O2 - BHO: SSVHelper Class - (761497BB-D6F0-462C-B6EB-D4DAF1D92D43) - C: \ Programfiler \ Java \ jre1.6.0_07 \ bin \ ssv.dll
O2 - BHO: (no name) - (7E853D72-626A-48EC-A868-BA8D5E23E045) - (no file)
O2 - BHO: Windows Live Sign-in Helper - (9030D464-4C02-4ABF-8ECC-5164760863C6) - C: \ Programfiler \ Fellesfiler \ Microsoft Shared \ Windows Live \ WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - (AA58ED58-01DD-4d91-8333-CF10577473F7) - c: \ Programfiler \ Google \ googletoolbar1.dll
O2 - BHO: ZoneAlarm Spy Blocker BHO - (F0D4B231-DA4B-4daf-81E4-DFEE4931A4AA) - C: \ Programfiler \ ZoneAlarmSB \ bar \ 1.bin \ SPYBLOCK.DLL
O3 - Toolbar: & Google - (2318C2B1-4965-11D4-9B18-009027A5CD4F) - c: \ Programfiler \ Google \ googletoolbar1.dll
O3 - Toolbar: ZoneAlarm Spy Blocker - (F0D4B239-DA4B-4daf-81E4-DFEE4931A4AA) - C: \ Programfiler \ ZoneAlarmSB \ bar \ 1.bin \ SPYBLOCK.DLL
O4 - HKLM \ .. \ Run: [IMJPMIG8.1] "C: \ WINDOWS \ IME \ imjp8_1 \ IMJPMIG.EXE" / Skjem bort / RemAdvDef / Migration32
O4 - HKLM \ .. \ Run: [MSPY2002] C: \ WINDOWS \ system32 \ IME \ PINTLGNT \ ImScInst.exe / SYNC
O4 - HKLM \ .. \ Run: [PHIME2002ASync] C: \ WINDOWS \ system32 \ IME \ TINTLGNT \ TINTSETP.EXE / SYNC
O4 - HKLM \ .. \ Run: [PHIME2002A] C: \ WINDOWS \ system32 \ IME \ TINTLGNT \ TINTSETP.EXE / IMEName
O4 - HKLM \ .. \ Run: [hpsysdrv] c: \ WINDOWS \ SYSTEM \ hpsysdrv.exe
O4 - HKLM \ .. \ Run: [ATIPTA] C: \ Programfiler \ ATI Technologies \ ATI Control Panel \ atiptaxx.exe
O4 - HKLM \ .. \ Run: [Recguard] C: \ WINDOWS \ SMINST \ RECGUARD.EXE
O4 - HKLM \ .. \ Run: [AlcxMonitor] ALCXMNTR.EXE
O4 - HKLM \ .. \ Run: [TWCU] "C: \ Programfiler \ TP-LINK \ TWCU \ TWCU.exe"-nogui
O4 - HKLM \ .. \ Run: [KBD] C: \ HP \ KBD \ KBD.EXE
O4 - HKLM \ .. \ Run: [EPSON Stylus CX3700 Series] C: \ WINDOWS \ system32 \ Spool \ drivers \ W32X86 \ 3 \ E_FATIA CP.EXE / F "C: \ Windows \ Temp \ E_SC4.tmp" / EF "HKLM"
O4 - HKLM \ .. \ Run: [iTunesHelper] "C: \ Programfiler \ iTunes \ iTunesHelper.exe"
O4 - HKLM \ .. \ Run: [NeroFilterCheck] C: \ WINDOWS \ system32 \ NeroCheck.exe
O4 - HKLM \ .. \ Run: [HP Software Update] C: \ Programfiler \ HP \ HP Software Update \ HPWuSchd2.exe
O4 - HKLM \ .. \ Run: [AVG7_CC] C: \ progra ~ 1 \ Grisoft \ AVG7 \ avgcc.exe / STARTUP
O4 - HKLM \ .. \ Run: [Flagg eier Live Grim] C: \ Documents and Settings \ All Users \ Application Data \ Software regelen flagg eier \ First obj.exe
O4 - HKLM \ .. \ Run: [ZoneAlarm Client] "C: \ Programfiler \ Zone Labs \ ZoneAlarm \ zlclient.exe"
O4 - HKLM \ .. \ Run: [Adobe Reader Speed Launcher] "C: \ Programfiler \ Adobe \ Reader 9.0 \ Reader \ Reader_sl.exe"
O4 - HKLM \ .. \ Run: [QuickTime Task] "C: \ Programfiler \ QuickTime \ qttask.exe"-atboottime
O4 - HKCU \ .. \ Run: [MODE REAL] C: \ DOCUME ~ 1 \ Compaq ~ 1 \ PROGRAMMER ~ 1 \ SOAPLI ~ 1 \ ATOM DASH.exe
O4 - HKCU \ .. \ Run: [Ctfmon.exe] C: \ WINDOWS \ system32 \ Ctfmon.exe
O4 - HKCU \ .. \ Run: [updateMgr] "C: \ Programfiler \ Adobe \ Acrobat 7.0 \ Reader \ AdobeUpdateManager.exe" AcRdB7_1_0-reboot 1
O4 - HKUS \ S-1-5-19 \ .. \ Run: [AVG7_Run] C: \ progra ~ 1 \ Grisoft \ AVG7 \ avgw.exe / RunOnce (User 'LOCAL SERVICE')
O4 - HKUS \ S-1-5-20 \ .. \ Run: [AVG7_Run] C: \ progra ~ 1 \ Grisoft \ AVG7 \ avgw.exe / RunOnce (User 'NETWORK SERVICE')
O4 - HKUS \ S-1-5-18 \ .. \ Run: [AVG7_Run] C: \ progra ~ 1 \ Grisoft \ AVG7 \ avgw.exe / RunOnce (User 'SYSTEM')
O4 - HKUS \. DEFAULT \ .. \ Run: [AVG7_Run] C: \ progra ~ 1 \ Grisoft \ AVG7 \ avgw.exe / RunOnce (User 'Default user')
O4 - Global Startup: NkbMonitor.exe.lnk = C: \ Programfiler \ Nikon \ PictureProject \ NkbMonitor.exe
O8 - Extra sammenheng menyelement: & Clean spor - C: \ Program Files \ DAP \ Privacy Package \ dapcleanerie.htm
O8 - Extra sammenheng menyelement: & Download med & DAP - C: \ Program Files \ DAP \ dapextie.htm
O8 - Extra sammenheng menyelement: & Google Search - res: / / C: \ Programfiler \ Google \ GoogleToolbar1.dll/cmsearch.html
O8 - Extra sammenheng menyelement: Bakoverkoblinger - res: / / C: \ Programfiler \ Google \ GoogleToolbar1.dll/cmbacklinks.html
O8 - Extra sammenheng menyelement: Hurtigbufret side - res: / / C: \ Programfiler \ Google \ GoogleToolbar1.dll/cmcache.html
O8 - Extra sammenheng menyelement: Download & alle med DAP - C: \ Program Files \ DAP \ dapextie2.htm
O8 - Extra sammenheng menyelement: E & ksporter til Microsoft Excel - res: / / c: \ progra ~ 1 \ micros ~ 3 \ Office12 \ EXCEL.EXE/3000
O8 - Extra sammenheng menyelement: Lignende sider - res: / / C: \ Programfiler \ Google \ GoogleToolbar1.dll/cmsimilar.html
O8 - Extra sammenheng menyelement: Oversett til engelsk - res: / / C: \ Programfiler \ Google \ GoogleToolbar1.dll/cmtrans.html
O9 - Extra knappen: (no name) - (08B0E5C0-4FCB-11CF-AAA5-00401C608501) - C: \ Programfiler \ Java \ jre1.6.0_07 \ bin \ ssv.dll
O9 - Extra "Verktøy" MENUITEM: Sun Java Console - (08B0E5C0-4FCB-11CF-AAA5-00401C608501) - C: \ Programfiler \ Java \ jre1.6.0_07 \ bin \ ssv.dll
O9 - Extra knappen: Research - (92780B25-18CC-41C8-B9BE-3C9C571A8263) - C: \ progra ~ 1 \ micros ~ 3 \ Office12 \ REFIEBAR.DLL
O9 - Extra knappen: (no name) - (B205A35E-1FC4-4CE3-818B-899DBBB3388C) - C: \ Programfiler \ Fellesfiler \ Microsoft Shared \ Encarta Search Bar \ ENCSBAR.DLL
O9 - Extra knappen: Connection Help - (E2D4D26B-0180-43a4-B05F-462D6D54C789) - C: \ WINDOWS \ PCHealth \ HELPCTR \ leverandører \ CN = Hewlett-Packard, L = Cupertino, S = Ca, C = US \ IEButton \ support.htm
O9 - Extra "Verktøy" MENUITEM: Connection Help - (E2D4D26B-0180-43a4-B05F-462D6D54C789) - C: \ WINDOWS \ PCHealth \ HELPCTR \ leverandører \ CN = Hewlett-Packard, L = Cupertino, S = Ca, C = USA \ IEButton \ support.htm
O9 - Extra knappen: (no name) - (e2e2dd38-d088-4134-82b7-f2ba38496583) - C: \ WINDOWS \ Network Diagnostic \ xpnetdiag.exe
O9 - Extra "Verktøy" MENUITEM: @ xpsp3res.dll, -20001 - (e2e2dd38-d088-4134-82b7-f2ba38496583) - C: \ WINDOWS \ Network Diagnostic \ xpnetdiag.exe
O9 - Extra knappen: Messenger - (FB5F1910-F110-11d2-BB9E-00C04F795683) - C: \ Programfiler \ Messenger \ msmsgs.exe
O9 - Extra "Verktøy" MENUITEM: Windows Messenger - (FB5F1910-F110-11d2-BB9E-00C04F795683) - C: \ Programfiler \ Messenger \ msmsgs.exe
O16 - DPF: (0CCA191D-13A6-4E29-B746-314DEE697D83) (Facebook Photo Uploader 5) -- http://upload.facebook.com/controls/...oUploader5.cab
O16 - DPF: (4F1E5B1A-2A80-42CA-8532-2D05CB959537) (MSN Photo Upload Tool) -- http://gfx2.hotmail.com/mail/w3/pr01...s/MSNPUpld.cab
O16 - DPF: (96EEC7FF-106A-47F3-90D6-B4BB754AA40E) (Poli Betal Online) -- https: / / autxn.paywithpoli.com / ewcust...iPayOnline.cab
O16 - DPF: (CF40ACC5-E1BB-4AFF-AC72-04C2F616BCA7) (get_atlcom klasse) -- http://wwwimages.adobe.com/www.adobe...bat/nos/gp.cab
O23 - Service: TP-LINK Configuration Service (ACS) - Unknown owner - C: \ WINDOWS \ system32 \ acs.exe
O23 - Service: Apple Mobile Device - Apple, Inc. - C: \ Programfiler \ Fellesfiler \ Apple \ Mobile Device Support \ bin \ AppleMobileDeviceService.exe
O23 - Service: ATI Hurtigtast Poller - ATI Technologies Inc. - C: \ WINDOWS \ system32 \ Ati2evxx.exe
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - Grisoft, sro - C: \ progra ~ 1 \ Grisoft \ AVG7 \ avgamsvr.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - Grisoft, sro - C: \ progra ~ 1 \ Grisoft \ AVG7 \ avgupsvc.exe
O23 - Service: getPlus (R) Helper - NOS Microsystems Ltd - C: \ Program Files \ NOS \ bin \ getPlus_HelperSvc.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C: \ Programfiler \ Fellesfiler \ InstallShield \ Driver \ 11 \ Intel 32 \ IDriverT.exe
O23 - Service: iPod Service - Apple Inc. - C: \ Programfiler \ iPod \ bin \ iPodService.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C: \ WINDOWS \ system32 \ ZoneLabs \ vsmon.exe

--
End of file - 10505 bytes
  #6  
Old 11 oktober 2008, 22:53
Moderator Group
  
Default Iexplore.exe virus igjen!

Åpne HijackThis og velg Gjør et søk.

Sett et merke ved siden av følgende oppføringer: (hvis det)
  • O4 - HKLM \ .. \ Run: [AlcxMonitor] ALCXMNTR.EXE
  • O4 - HKLM \ .. \ Run: [Flagg eier Live Grim] C: \ Documents and Settings \ All Users \ Application Data \ Software regelen flagg eier \ First obj.exe
  • O4 - HKCU \ .. \ Run: [MODE REAL] C: \ DOCUME ~ 1 \ Compaq ~ 1 \ PROGRAMMER ~ 1 \ SOAPLI ~ 1 \ ATOM DASH.exe
Viktig: Lukk alle vinduer unntatt HijackThis og klikk Fix kontrolleres.

Avslutt HijackThis.

----------

Merk: nedenstående instruksjoner ble laget spesielt for denne brukeren. Hvis du ikke bruker, IKKE Følg disse skiltene fordi de kan ødelegge hjemkomsten til systemet

Gå til Start> Kjør og skriver Notepad.exe deretter OK

Kopier og lim inn nedenfor i Notepad og lagre som fixme.reg til ditt Desktop

Code:
REGEDIT4 [HKEY_LOCAL_MACHINE \ Software \ Microsoft \ Windows \ CurrentVersion \ Run] "AlcxMonitor" =- "Flagg eier Live Grim" =- [HKEY_CURRENT_USER \ Software \ Microsoft \ Windows \ CurrentVersion \ Policies \ Explorer \ Run] "MODE REAL" =-
Finn fixme.reg på skrivebordet og dobbeltklikk på den. Svar Ja når du blir bedt om å fusjonere med Registry.

Kontroller at du fortelle meg hvis du mottar en suksess beskjed om å legge det over til registret. Hvis du ikke blir en suksess melding, det fungerte ikke.

Slett fixme.reg fra Desktop.

Start maskinen på nytt

----------

Laste ned CCleaner Slim og lagre det til skrivebordet ditt.
Når filen er lagret, gå til skrivebordet og dobbeltklikk på ccsetupxxx_slim.exe
Følg instruksjonene for å installere programmet.
Fullfør installasjonen deretter:
  • Dobbeltklikk CCleaner snarvei på skrivebordet for å starte programmet.
  • Klikk på Valg blokken til venstre, velg deretter Cookies.
    • Under Cookies til SlettMarkerer alle cookies du vil beholde permanent
    • Klikk høyrepilen > å flytte dem til Cookies til å vinduet.
  • Gå inn Valg > Avansert unsjekk Bare slette filer i Windows Temp mapper eldre enn 48 timer
  • Klikk Cleaner til venstre, deretter Kjør Cleaner til høyre for å kjøre programmet.
  • Viktig: Kontroller at ALL webleservinduer er lukket før du velger Kjør Cleaner
  • Forsiktig: Det anbefales ikke at du bruker "Register"-funksjonen med mindre du er veldig kjent med registret.
  • Avslutt CCleaner etter at det har fullført sin prosess.

----------

Laste ned Malwarebytes' Anti-Malware (MBAM)
  • Dobbeltklikk mbam-setup.exe og følger instruksjonene for å installere programmet.
  • Ved utgangen, må du passe på et merke plasseres ved siden av det følgende:
    • Oppdater Malwarebytes' Anti-Malware
    • Launch Malwarebytes' Anti-Malware
  • Deretter klikker du Fullfør.
  • Hvis en oppdatering er funnet, vil laste ned og installere den nyeste versjonen.
  • Når programmet er lastet, velger du Utføre rask skanning, Og klikk Scan.
  • Når skanningen er fullført, klikker du OK, Deretter Vis resultater å vise resultater.
  • Pass på at alt er sjekket, og klikk Fjern valgte.
  • Når desinfeksjon er ferdig, en logg åpnes i Notepad, og du kan bli bedt om å starte. (Se Extra Note)
  • Loggen lagres automatisk ved MBAM og kan vises ved å klikke Logger kategorien i MBAM.
  • Kopier og lim inn hele rapporten i neste svaret.

Ekstra Merk: Hvis MBAM finner en fil som er vanskelig å fjerne, vil du bli presentert med 1 av 2 ledetekster, klikk OK for å enten og la MBAM fortsette med desinfeksjon prosessen, hvis du blir bedt om å starte datamaskinen på nytt, kan du gjøre det umiddelbart.
__________________
  #7  
Old 11 oktober 2008, 23:26
New Member Group
  
Default Iexplore.exe virus igjen!

Jeg fikk suksess melding fra fixme.reg fil og her er MBAM logg:


Malwarebytes' Anti-Malware 1.28
Database versjon: 1259
Windows 5.1.2600 Service Pack 3

12/10/2008 5:24:27 PM
mbam-log-2008-10-12 (17-24-27). txt

Scan type: Quick Scan
Objekter skannet: 45849
Tid brukt: 2 minutt (er), 43 sekund (er)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registernøkler Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 0

Memory Processes Infected:
(Ingen skadelige eks oppdaget)

Memory Modules Infected:
(Ingen skadelige eks oppdaget)

Registernøkler Infected:
(Ingen skadelige eks oppdaget)

Registry Values Infected:
(Ingen skadelige eks oppdaget)

Registry Data Items Infected:
(Ingen skadelige eks oppdaget)

Folders Infected:
(Ingen skadelige eks oppdaget)

Files Infected:
(Ingen skadelige eks oppdaget)
  #8  
Old 11 oktober 2008, 23:29
Moderator Group
  
Default Iexplore.exe virus igjen!

Hvordan er alt nå?
__________________
  #9  
Old 11 oktober 2008, 23:33
New Member Group
  
Default Iexplore.exe virus igjen!

Kjører raskere i Oppgavebehandling i prosesser iexplore.exe er fortsatt der og når jeg avslutter den det kommer tilbake. For ca 5 minutter den bruker nesten 99% CPU så etter en stund den synker ned til 0, men mem bruksstatistikk holder opp rundt 100.000 K.
  #10  
Old 12 oktober 2008, 11:41
Moderator Group
  
Default Iexplore.exe virus igjen!

Last ned ComboFix av ubåter fra én av de nedenfor koblinger. Pass på at toppen lagre det til Desktop.

Link # 1
Link # 2

** Merk: Det er viktig at det er lagret direkte til skrivebordet ditt

Lukk alle åpne weblesere. (Firefox, Internet Explorer, osv.) før du starter ComboFix.

Midlertidig deaktivere din antivirus, Og eventuelle antispyware sanntid beskyttelse før utføre en skanning. Klikk denne koblingen å se en liste over sikkerhetsprogrammer som skal være deaktivert og hvordan du deaktiverer dem.

Dobbeltklikk combofix.exe og følg instruksjonene.
Når du er ferdig ComboFix vil produsere en logg for deg.
Poste ComboFix logg og en ny HijackThis log i neste svaret.

Viktig: Ikke mouseclick ComboFix's vinduet mens den kjører. Det kan føre til stall.

Husk å aktivere din antivirus og antispyware beskyttelse når ComboFix er fullført.
__________________
Reply
Side 1 av 2 1 2

Register

Hugseliste

Lignende Tråder
Tråd Tråd startet Forum Svar Siste innlegg
Iexplore.exe virus? Vennligst hjelp! tharp68 Virus, spionprogrammer og sikkerhet 8 7 januar 2009 16:33
Mulig iexplore.exe viruset .... sipper Virus, spionprogrammer og sikkerhet 7 3 desember 2008 22:23
Re: iexplore.exe virus mpenney Virus, spionprogrammer og sikkerhet 6 3 nov 2008 14:11
Iexplore.exe viruset .... behage hjelpe! zm741 Virus, spionprogrammer og sikkerhet 29 24. sep 2008 21:57
Iexplore.exe virus kfarns00 Virus, spionprogrammer og sikkerhet 9 4 desember 2007 14:26
Thread Tools



Arabic Bulgarian Chinese (Simplified) Chinese (Traditional) Croatian Czech Danish Dutch English Finnish French German Greek Hebrew Hungarian Italian Japanese Korean Latvian Lithuanian Norwegian Polish Portuguese Romanian Russian Serbian Slovak Spanish Swedish Thai Turkish Ukrainian

Copyright © 2006 - 2009 Computer Juice.
Kontakt -- Personvern -- Sitemap -- Topp

Powered by vBulletin ® Copyright © 2000 - 2009 Jelsoft Enterprises Ltd SEO by vBSEO © 2009, gjennomgå webområdet, Inc.