[lolli_pop]

Jeg har en trojaner på min PC i System32 filer. Jeg har AVG men bare lurte på hvordan du blir kvitt den fra AVG som når jeg klikker slette, tror jeg det bare sletter fra hvelv til neste skanne når det er funnet igjen.

[thingie2]

Virker som at du trenger å gjøre mer enn bare å prøve å slette med AVG, prøv å ta en titt på denne tråden.

[lolli_pop]

Ok, takk. Jeg vil kjøre kapre Denne morgen:)

[evilfantasy]

Kjør alle de skanner og post loggene. HijackThis vanligvis ikke er nok.

[lolli_pop]

Jeg har kjørt SUPERAntiSpyware og fikk logg. Jeg kjørte AVG gang og det kom opp med seks steder som Trojan har infisert.

Dette er SUPERAntiSpyware logg:

SUPERAntiSpyware Scan Log
http://www.superantispyware.com

Generated 10/26/2008 at 08:30

Application Version: 4.21.1004

Core Rules Database Version: 3609
Trace Rules Database Version: 1595

Scan type: Complete Scan
Total Scan Time: 00:59:08

Minne eks skannet: 430
Minne trusler oppdages: 0
Registerelementene skannet: 4950
Registerverdi trusler oppdages: 0
Fil eks skannet: 73876
Fil trusler oppdages: 77

Trojan.Unknown Origin
C: \ WINDOWS \ mslagent \ 2_mslagent.dll
C: \ WINDOWS \ mslagent \ mslagent.exe
C: \ WINDOWS \ mslagent \ uninstall.exe
C: \ WINDOWS \ mslagent
C: \ WINDOWS \ system32 \ SMP \ msrc.exe
C: \ WINDOWS \ system32 \ SMP

Adware.INetDelivery
C: \ Programfiler \ inet Delivery \ inetdl.exe
C: \ Programfiler \ inet Delivery \ intdel.exe
C: \ Programfiler \ inet Delivery
C: \ Programfiler \ akl \ akl.dll
C: \ Programfiler \ akl \ akl.exe
C: \ Programfiler \ akl \ uninstall.exe
C: \ Programfiler \ akl \ unsetup.exe
C: \ Programfiler \ akl

Trojan.Fake-Drop/Gen
C: \ WINDOWS \ system32 \ VBSYS2.DLL
C: \ WINDOWS \ system32 \ AWTOOLB.DLL
C: \ WINDOWS \ system32 \ SYSREQ.EXE
C: \ WINDOWS \ system32 \ WINWGPX.EXE
C: \ WINDOWS \ system32 \ BDN.COM
C: \ WINDOWS \ system32 \ MSSECU.EXE
C: \ WINDOWS \ system32 \ VCATCHPI.DLL
C: \ WINDOWS \ system32 \ AKTTZN.EXE
C: \ WINDOWS \ system32 \ WINSYSTEM.EXE
C: \ WINDOWS \ system32 \ NEWSD32.EXE
C: \ WINDOWS \ system32 \ EMESX.DLL
C: \ WINDOWS \ system32 \ RUNDL1.EXE
C: \ WINDOWS \ system32 \ ANTICIPATOR.DLL
C: \ WINDOWS \ system32 \ THUN.DLL
C: \ WINDOWS \ system32 \ THUN32.DLL
C: \ WINDOWS \ system32 \ MSVCHOST.EXE
C: \ WINDOWS \ system32 \ REGC64.DLL
C: \ WINDOWS \ system32 \ REGM64.DLL
C: \ WINDOWS \ system32 \ SSVCHOST.COM
C: \ WINDOWS \ system32 \ SSVCHOST.EXE
C: \ WINDOWS \ system32 \ Temp # 01.EXE
C: \ WINDOWS \ system32 \ MSGP.EXE
C: \ WINDOWS \ system32 \ MTR2.EXE
C: \ WINDOWS \ system32 \ H @ TKEYSH @ @ K. DLL
C: \ WINDOWS \ system32 \ NETODE.EXE
C: \ WINDOWS \ system32 \ MEDUP012.DLL
C: \ WINDOWS \ system32 \ MEDUP020.DLL
C: \ WINDOWS \ system32 \ SSURF022.DLL
C: \ WINDOWS \ system32 \ MSNBHO.DLL
C: \ WINDOWS \ system32 \ BSVA-EGIHSG52.EXE
C: \ WINDOWS \ system32 \ PS1.EXE
C: \ WINDOWS \ system32 \ HXIWLGPM.DAT
C: \ WINDOWS \ system32 \ HXIWLGPM.EXE
C: \ WINDOWS \ system32 \ TAACK.DAT
C: \ WINDOWS \ system32 \ TAACK.EXE
C: \ WINDOWS \ system32 \ MWIN32.EXE
C: \ WINDOWS \ system32 \ VBIEWER.OCX
C: \ WINDOWS \ system32 \ HOPROXY.DLL
C: \ WINDOWS \ system32 \ WINLOGONPC.EXE
C: \ WINDOWS \ BDN.COM
C: \ WINDOWS \ MSSECU.EXE
C: \ WINDOWS \ WINSYSTEM.EXE
C: \ WINDOWS \ ITUNESMUSIC.EXE
C: \ WINDOWS \ A. BAT
C: \ WINDOWS \ BASE64.TMP
C: \ WINDOWS \ FVPROTECT.EXE
C: \ WINDOWS \ USERCONFIG9X.DLL
C: \ WINDOWS \ ZIP1.TMP
C: \ WINDOWS \ ZIP2.TMP
C: \ WINDOWS \ ZIP3.TMP
C: \ WINDOWS \ ZIPPED.TMP

Dpcproxy
C: \ WINDOWS \ system32 \ DPCPROXY.EXE

Unclassified.Unknown Origin / System
C: \ WINDOWS \ system32 \ PSOF1.EXE

Adware.Pacer D
C: \ WINDOWS \ system32 \ PSOFT1.EXE

Trojan.Dluca-I
C: \ WINDOWS \ system32 \ SNCNTR.EXE

Adware.Vundo-Variant / J
C: \ WINDOWS \ QRBGLTOS.DLL

Trojan.Net-MSV/VPS-Variant
C: \ WINDOWS \ GRFXBANOMOK.DLL

Adware.180solutions/Seekmo/Zango
C: \ Documents and Settings \ GUEST \ Skrivebord \ setup.exe

Adware.Tracking Cookie
C: \ Documents and Settings \ Gjest \ Cookies \ gjest @ DoubleClick [2]. Txt
C: \ Documents and Settings \ Gjest \ Cookies \ gjest @ serverer-sys [2]. Txt
C: \ Documents and Settings \ Gjest \ Cookies \ gjest @ atdmt [2]. Txt
C: \ Documents and Settings \ Gjest \ Cookies \ gjest @ TradeDoubler [2]. Txt
C: \ Documents and Settings \ Gjest \ Cookies \ guest@bs.serving-sys [2]. Txt

[lolli_pop]

MalwareByres Log:

Malwarebytes' Anti-Malware 1.30
Database versjon: 1324
Windows 5.1.2600 Service Pack 2

26/10/2008 23:09:02
mbam-log-2008-10-26 (23-09-02). txt

Scan type: Quick Scan
Objekter skannet: 52045
Tid brukt: 4 minutt (er), 36 sekund (er)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registernøkler Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 1
Files Infected: 1

Memory Processes Infected:
(Ingen skadelige eks oppdaget)

Memory Modules Infected:
(Ingen skadelige eks oppdaget)

Registernøkler Infected:
(Ingen skadelige eks oppdaget)

Registry Values Infected:
(Ingen skadelige eks oppdaget)

Registry Data Items Infected:
(Ingen skadelige eks oppdaget)

Folders Infected:
C: \ Documents and Settings \ Gjest \ Lokale innstillinger \ Temp \ ac8zt2 (Trojan.FakeAlert) ->

Karantene og slettet.

Files Infected:
C: \ WINDOWS \ egsf.exe (Trojan.FakeAlert) -> karantene og slettet.

[evilfantasy]

Trenger HijackThis logg nå

[lolli_pop]

Sitat:

Originally Posted by jamesjon

NOD32 er det beste for trojaneren.

Care å utvide?

[evilfantasy]

Bare fortsett med innlegg loggene hvis du trenger hjelp.

[lolli_pop]

Logfile of Trend Micro HijackThis v2.0.2
Scan lagret 23:01:07, on 27/10/2008
Plattform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16735)
Boot mode: Normal

Kjører prosesser:
C: \ WINDOWS \ System32 \ smss.exe
C: \ WINDOWS \ system32 \ Winlogon.exe
C: \ WINDOWS \ system32 \ Services.exe
C: \ WINDOWS \ system32 \ Lsass.exe
C: \ WINDOWS \ system32 \ Svchost.exe
C: \ WINDOWS \ system32 \ Svchost.exe
C: \ WINDOWS \ system32 \ Spoolsv.exe
C: \ Programfiler \ Fellesfiler \ Apple \ Mobile Device Support \ bin \ AppleMobileDeviceService.exe
C: \ progra ~ 1 \ AVG \ AVG8 \ avgwdsvc.exe
C: \ Programfiler \ WIDCOMM \ Bluetooth Software \ bin \ btwdins.exe
C: \ Programfiler \ Java \ jre6 \ bin \ jqs.exe
C: \ WINDOWS \ system32 \ Svchost.exe
C: \ WINDOWS \ Explorer.exe
C: \ progra ~ 1 \ AVG \ AVG8 \ avgrsx.exe
C: \ Program Files \ Cyberlink \ PowerDVD \ PDVDServ.exe
C: \ WINDOWS \ SOUNDMAN.EXE
C: \ Acer \ Styrke Technology \ eRecovery \ Monitor.exe
C: \ Programfiler \ Java \ jre6 \ bin \ jusched.exe
C: \ Programfiler \ BroadJump \ Client Foundation \ CFD.exe
C: \ Programfiler \ Virgin Broadband \ rådgiver \ Broadbandadvisor.exe
C: \ Programfiler \ TextBridge Pro Millennium \ Bin \ InstantAccess.exe
C: \ Programfiler \ Fellesfiler \ Real \ Update_OB \ realsched.exe
C: \ Programfiler \ iTunes \ iTunesHelper.exe
C: \ progra ~ 1 \ AVG \ AVG8 \ avgtray.exe
C: \ WINDOWS \ sm56hlpr.exe
C: \ Programfiler \ Google \ GoogleToolbarNotifier \ GoogleToolbarNo tifier.exe
C: \ WINDOWS \ system32 \ Ctfmon.exe
C: \ WINDOWS \ system32 \ sistray.exe
C: \ Programfiler \ WIDCOMM \ Bluetooth Software \ BTTray.exe
C: \ Programfiler \ Ulead Systems \ Ulead Photo Express 3.0 SE \ CalCheck.exe
C: \ Programfiler \ iPod \ bin \ iPodService.exe
C: \ Programfiler \ Trust \ Easy Webscan 19200 \ ScanPanel \ ScnPanel.exe
C: \ Programfiler \ FinePixViewerS \ QuickDCF2.exe
C: \ progra ~ 1 \ WIDCOMM \ BLUETO ~ 1 \ BTSTAC ~ 1.EXE
C: \ WINDOWS \ system32 \ wuauclt.exe
C: \ Program Files \ HijackThis \ Analyse.exe.exe

R0 - HKCU \ Software \ Microsoft \ Internet Explorer \ Main, Start Page = http://www.google.co.uk/
R1 - HKLM \ Software \ Microsoft \ Internet Explorer \ Main, Default_Page_URL = http://global.acer.com
R1 - HKLM \ Software \ Microsoft \ Internet Explorer \ Main, Search Bar = http://us.rd.yahoo.com/customize/ie/...ch/search.html
R0 - HKLM \ Software \ Microsoft \ Internet Explorer \ Main, Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU \ Software \ Microsoft \ Windows \ CurrentVersion \ Int ernet Settings, ProxyOverride = *. local
O2 - BHO: AcroIEHlprObj Class - (06849E9F-C8D7-4D59-B87D-784B7D6BE0B3) - C: \ Programfiler \ Adobe \ Acrobat 7.0 \ ActiveX \ AcroIEHelper.dll
O2 - BHO: StumbleUpon Launcher - (145B29F4-A56B-4b90-BBAC-45784EBEBBB7) - C: \ Programfiler \ StumbleUpon \ StumbleUponIEBar.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - (3CA2F312-6F6E-4B53-A66E-4E65E497C8C0) - C: \ Programfiler \ AVG \ AVG8 \ avgssie.dll
O2 - BHO: Java (tm) Plug-In SSV Helper - (761497BB-D6F0-462C-B6EB-D4DAF1D92D43) - C: \ Programfiler \ Java \ jre6 \ bin \ ssv.dll
O2 - BHO: Windows Live Sign-in Helper - (9030D464-4C02-4ABF-8ECC-5164760863C6) - C: \ Programfiler \ Fellesfiler \ Microsoft Shared \ Windows Live \ WindowsLiveLogin.dll
O2 - BHO: AVG Security Toolbar - (A057A204-BACC-4D26-9990-79A187E2698E) - c: \ progra ~ 1 \ AVG \ AVG8 \ AVGTOO ~ 1.DLL
O2 - BHO: Google Toolbar Helper - (AA58ED58-01DD-4d91-8333-CF10577473F7) - c: \ Programfiler \ Google \ googletoolbar1.dll
O2 - BHO: Google Toolbar Notifier BHO - (AF69DE43-7D58-4638-B6FA-CE66B5AD205D) - C: \ Programfiler \ Google \ GoogleToolbarNotifier \ 3.1.807.1746 \ sw g.dll
O2 - BHO: Java (tm) Plug-in 2 SSV Helper - (DBC80044-A445-435b-BC74-9C25C1C588A9) - C: \ Programfiler \ Java \ jre6 \ bin \ jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - (E7E6F031-17CE-4C07-BC86-EABFE594F69C) - C: \ Programfiler \ Java \ jre6 \ lib \ distribuere \ jqs \ ie \ jqs_plugin.dll
O2 - BHO: EpsonToolBandKicker Class - (E99421FB-68DD-40F0-B4AC-B7027CAE2F1A) - C: \ Programfiler \ EPSON \ EPSON Web-To-Page \ EPSON Web-To-Page.dll
O3 - Toolbar: & Google - (2318C2B1-4965-11D4-9B18-009027A5CD4F) - c: \ Programfiler \ Google \ googletoolbar1.dll
O3 - Toolbar: EPSON Web-To-Page - (EE5D279F-081B-4404-994D-C6B60AAEBA6D) - C: \ Programfiler \ EPSON \ EPSON Web-To-Page \ EPSON Web-To-Page.dll
O3 - Toolbar: StumbleUpon Toolbar - (5093EB4C-3E93-40AB-9266-B607BA87BDC8) - C: \ Programfiler \ StumbleUpon \ StumbleUponIEBar.dll
O3 - Toolbar: AVG Security Toolbar - (A057A204-BACC-4D26-9990-79A187E2698E) - c: \ progra ~ 1 \ AVG \ AVG8 \ AVGTOO ~ 1.DLL
O4 - HKLM \ .. \ Run: [LaunchApp] Alaunch
O4 - HKLM \ .. \ Run: [ntiMUI] C: \ Programfiler \ NewTech Infosystems \ NTI CD & DVD-Maker 7 \ ntiMUI.exe
O4 - HKLM \ .. \ Run: [RemoteControl] "C: \ Program Files \ Cyberlink \ PowerDVD \ PDVDServ.exe"
O4 - HKLM \ .. \ Run: [IMJPMIG8.1] "C: \ WINDOWS \ IME \ imjp8_1 \ IMJPMIG.EXE" / Skjem bort / RemAdvDef / Migration32
O4 - HKLM \ .. \ Run: [MSPY2002] C: \ WINDOWS \ system32 \ IME \ PINTLGNT \ ImScInst.exe / SYNC
O4 - HKLM \ .. \ Run: [PHIME2002ASync] C: \ WINDOWS \ system32 \ IME \ TINTLGNT \ TINTSETP.EXE / SYNC
O4 - HKLM \ .. \ Run: [PHIME2002A] C: \ WINDOWS \ system32 \ IME \ TINTLGNT \ TINTSETP.EXE / IMEName
O4 - HKLM \ .. \ Run: [SiSPower] rundll32.exe SiSPower.dll, ModeAgent
O4 - HKLM \ .. \ Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM \ .. \ Run: [eRecoveryService] C: \ Acer \ Styrke Technology \ eRecovery \ Monitor.exe
O4 - HKLM \ .. \ Run: [SunJavaUpdateSched] "C: \ Programfiler \ Java \ jre6 \ bin \ jusched.exe"
O4 - HKLM \ .. \ Run: [BJCFD] C: \ Programfiler \ BroadJump \ Client Foundation \ CFD.exe
O4 - HKLM \ .. \ Run: [Broadbandadvisor.exe] "C: \ Programfiler \ Virgin Broadband \ rådgiver \ Broadbandadvisor.exe" / AutoRun
O4 - HKLM \ .. \ Run: [InstantAccess] C: \ Programfiler \ TextBridge Pro Millennium \ Bin \ InstantAccess.exe / t
O4 - HKLM \ .. \ Run: [TkBellExe] "C: \ Programfiler \ Fellesfiler \ Real \ Update_OB \ realsched.exe"-osboot
O4 - HKLM \ .. \ Run: [QuickTime Task] "C: \ Programfiler \ QuickTime \ qttask.exe"-atboottime
O4 - HKLM \ .. \ Run: [iTunesHelper] "C: \ Programfiler \ iTunes \ iTunesHelper.exe"
O4 - HKLM \ .. \ Run: [AVG8_TRAY] C: \ progra ~ 1 \ AVG \ AVG8 \ avgtray.exe
O4 - HKLM \ .. \ Run: [SMSERIAL] sm56hlpr.exe
O4 - HKCU \ .. \ Run: [MsnMsgr] "C: \ Programfiler \ MSN Messenger \ MsnMsgr.Exe" / background
O4 - HKCU \ .. \ Run: [swg] C: \ Programfiler \ Google \ GoogleToolbarNotifier \ GoogleToolbarNo tifier.exe
O4 - HKCU \ .. \ Run: [Ctfmon.exe] C: \ WINDOWS \ system32 \ Ctfmon.exe
O4 - HKUS \ S-1-5-18 \ .. \ Run: [Ctfmon.exe] C: \ WINDOWS \ system32 \ Ctfmon.exe (User 'SYSTEM')
O4 - HKUS \. DEFAULT \ .. \ Run: [Ctfmon.exe] C: \ WINDOWS \ system32 \ Ctfmon.exe (User 'Default user')
O4 - Startup: Comet Screensaver.lnk = C: \ Programfiler \ Comet Screensaver \ Comet Screensaver.exe
O4 - Startup: IMVU.lnk = C: \ Programfiler \ IMVU \ IMVUClient.exe
O4 - Startup: Tilbehør
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C: \ Programfiler \ Adobe \ Acrobat 7.0 \ Reader \ reader_sl.exe
O4 - Global Startup: Utility Tray.lnk = C: \ WINDOWS \ system32 \ sistray.exe
O4 - Global Startup: Bluetooth.lnk =?
O4 - Global Startup: Ulead Photo Express 3.0 SE Kalender Checker.lnk = C: \ Programfiler \ Ulead Systems \ Ulead Photo Express 3.0 SE \ CalCheck.exe
O4 - Global Startup: ScanPanel.lnk = C: \ Programfiler \ Trust \ Easy Webscan 19200 \ ScanPanel \ ScnPanel.exe
O4 - Global Startup: Exif Launcher S.lnk =?
O4 - Global Startup: Adobe Gamma Loader.lnk = C: \ Programfiler \ Fellesfiler \ Adobe \ Calibration \ Adobe Gamma Loader.exe
O8 - Extra sammenheng menyelement: Legg til Windows & Live Favorites -- http://favorites.live.com/quickadd.aspx
O8 - Extra sammenheng menyelement: E & ksporter til Microsoft Excel - res: / / c: \ progra ~ 1 \ micros ~ 2 \ Office11 \ EXCEL.EXE/3000
O8 - Extra sammenheng menyelement: Send til & Bluetooth - C: \ Programfiler \ Belkin \ Bluetooth Software \ btsendto_ie_ctx.htm
O8 - Extra sammenheng menyelement: Send til & Bluetooth-enhet ... - C: \ Programfiler \ WIDCOMM \ Bluetooth Software \ btsendto_ie_ctx.htm
O8 - Extra sammenheng menyelement: StumbleUpon PhotoBlog It! - Res: / / StumbleUponIEBar.dll / blogimage
O9 - Extra knappen: StumbleUpon - (75C9223A-409A-4795-A3CA-08DE6B075B4B) - C: \ Programfiler \ StumbleUpon \ StumbleUponIEBar.dll
O9 - Extra knappen: Research - (92780B25-18CC-41C8-B9BE-3C9C571A8263) - C: \ progra ~ 1 \ micros ~ 2 \ Office11 \ REFIEBAR.DLL
O9 - Extra-knappen: @ btrez.dll, -4015 - (CCA281CA-C863-46ef-9331-5C8D4460577F) - C: \ Programfiler \ WIDCOMM \ Bluetooth Software \ btsendto_ie.htm
O9 - Extra "Verktøy" MENUITEM: @ btrez.dll, -12650 - (CCA281CA-C863-46ef-9331-5C8D4460577F) - C: \ Programfiler \ WIDCOMM \ Bluetooth Software \ btsendto_ie.htm
O9 - Extra knappen: (no name) - (e2e2dd38-d088-4134-82b7-f2ba38496583) - C: \ WINDOWS \ Network Diagnostic \ xpnetdiag.exe
O9 - Extra "Verktøy" MENUITEM: @ xpsp3res.dll, -20001 - (e2e2dd38-d088-4134-82b7-f2ba38496583) - C: \ WINDOWS \ Network Diagnostic \ xpnetdiag.exe
O9 - Extra knappen: Messenger - (FB5F1910-F110-11d2-BB9E-00C04F795683) - C: \ Programfiler \ Messenger \ msmsgs.exe
O9 - Extra "Verktøy" MENUITEM: Windows Messenger - (FB5F1910-F110-11d2-BB9E-00C04F795683) - C: \ Programfiler \ Messenger \ msmsgs.exe
O16 - DPF: (20A60F0D-9AFA-4515-A0FD-83BD84642501) (Checkers Klassifikasjon) -- http://messenger.zone.msn.com/binary...r.cab56986.cab
O16 - DPF: (30528230-99f7-4bb4-88d8-fa1d4f56a2ab) (YInstStarter klasse) - C: \ Programfiler \ Yahoo! \ Common \ yinsthelper.dll
O16 - DPF: (48DD0448-9209-4F81-9F6D-D83562940134) (MySpace Uploader Control) -- http://lads.myspace.com/upload/MySpaceUploader1006.cab
O16 - DPF: (4F1E5B1A-2A80-42CA-8532-2D05CB959537) (MSN Photo Upload Tool) -- http://gfx1.hotmail.com/mail/w2/resources/MSNPUpld.cab
O16 - DPF: (5C051655-FCD5-4969-9182-770EA5AA5565) (Solitaire Showdown klasse) -- http://messenger.zone.msn.com/binary...n.cab56986.cab
O16 - DPF: (5D6F45B3-9043-443D-A792-115447494D24) (UnoCtrl klasse) -- http://messenger.zone.msn.com/EN-GB/.../GAME_UNO1.cab
O16 - DPF: (6414512B-B978-451D-A0D8-FCFDF33E833C) (WUWebControl Klassifikasjon) -- http://update.microsoft.com/windowsu...?1177956484625
O16 - DPF: (C3F79A2B-B9B4-4A66-B012-3EE46475B072) (MessengerStatsClient Klassifikasjon) -- http://messenger.zone.msn.com/binary...t.cab56907.cab
O16 - DPF: (F5A7706B-B9C0-4C89-A715-7A0C6B05DD48) (Minesweeper Flags klasse) -- http://messenger.zone.msn.com/binary...r.cab56986.cab
O18 - Protocol: linkscanner - (F274614C-63F8-47D5-A4D1-FBDDE494F8D1) - C: \ Programfiler \ AVG \ AVG8 \ avgpp.dll
O20 - AppInit_DLLs: avgrsstx.dll
O20 - Winlogon Notify:! SASWinLogon - C: \ Programfiler \ SUPERAntiSpyware \ SASWINLO.dll
O23 - Service: Apple Mobile Device - Apple, Inc. - C: \ Programfiler \ Fellesfiler \ Apple \ Mobile Device Support \ bin \ AppleMobileDeviceService.exe
O23 - Service: AVG8 Watchdog (avg8wd) - AVG Technologies CZ, sro - C: \ progra ~ 1 \ AVG \ AVG8 \ avgwdsvc.exe
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C: \ Programfiler \ WIDCOMM \ Bluetooth Software \ bin \ btwdins.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd - C: \ Programfiler \ Fellesfiler \ Macrovision Shared \ FLEXnet Publisher \ FNPLicensingService.exe
O23 - Service: Google Updater Service (gusvc) - Google - C: \ Programfiler \ Google \ Common \ Google Updater \ GoogleUpdaterService.exe
O23 - Service: iPod Service - Apple Inc. - C: \ Programfiler \ iPod \ bin \ iPodService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C: \ Programfiler \ Java \ jre6 \ bin \ jqs.exe

--
End of file - 11086 bytes


Jeg tror trojan (e) har kom fra søsteren min nedlasting av spill for henne telefonen, jeg er ikke sikker, men de er infiserer gjenopprette nå.