odri1

Medlemmer
  • Innholdsteller

    17
  • Ble med

  • Besøkte siden sist


Nettsamfunnsomdømme

0 ProPoeng

Om odri1

  • Rang
    Nyansatt

Min datamaskin

  • Operativsystem Windows 8

Profile Information

  • Fullt navn Odd Arne G. Risdal
  • Kjønn Mann

odri1 sin aktivitet

  1. odri1 la til et innlegg i et emne fareit.gen!j - Trenger hjelp snarest   

    Alt funker som normalt, så da er jo alt bra

    Takk igjen for hjelp.
    • 0
  2. odri1 la til et innlegg i et emne fareit.gen!j - Trenger hjelp snarest   

    Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 13:17:45, on 01.11.2013 Platform: Unknown Windows (WinNT 6.02.1008) MSIE: Internet Explorer v11.0 (11.00.9600.16384) Boot mode: Normal Running processes: C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe C:\Program Files\Microsoft Office 15\Root\VFS\ProgramFilesCommonX86\Microsoft Shared\OFFICE15\CSISYNCCLIENT.EXE C:\Program Files\Microsoft Office 15\Root\Office15\MsoSync.exe C:\Users\Odd Arne\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe C:\Program Files (x86)\Adobe\Reader 11.0\Reader\Reader_sl.exe C:\Users\Odd Arne\Desktop\Trend Micro\HiJackThis\HiJackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141 R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = F2 - REG:system.ini: UserInit=userinit.exe, O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office 15\root\Office15\URLREDIR.DLL O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" O4 - HKLM\..\Run: [Razer Synapse] "C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe" O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe" O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" O4 - HKCU\..\Run: [skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun O4 - HKCU\..\Run: [spotify Web Helper] "C:\Users\Odd Arne\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe" O4 - HKCU\..\Run: [spotify] "C:\Users\Odd Arne\AppData\Roaming\Spotify\spotify.exe" /uri spotify:autostart O4 - HKCU\..\Run: [skyDrive] "C:\Users\Odd Arne\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe" /background O4 - Startup: Dropbox.lnk = C:\Users\Odd Arne\AppData\Roaming\Dropbox\bin\Dropbox.exe O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\Program Files\Microsoft Office 15\Root\Office15\EXCEL.EXE/3000 O8 - Extra context menu item: Se&nd to OneNote - res://C:\Program Files\Microsoft Office 15\Root\Office15\ONBttnIE.dll/105 O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office 15\root\Office15\ONBttnIE.dll O9 - Extra 'Tools' menuitem: Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office 15\root\Office15\ONBttnIE.dll O9 - Extra button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office 15\root\Office15\ONBttnIELinkedNotes.dll O9 - Extra 'Tools' menuitem: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office 15\root\Office15\ONBttnIELinkedNotes.dll O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O18 - Protocol: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\WINDOWS\System32\alg.exe (file missing) O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe O23 - Service: Bonjour-tjeneste (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\WINDOWS\System32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\WINDOWS\system32\fxssvc.exe (file missing) O23 - Service: Google-oppdatering-tjenesten (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: Google-oppdatering-tjenesten (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\WINDOWS\system32\IEEtwCollector.exe (file missing) O23 - Service: iPod-tjeneste (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing) O23 - Service: MBAMScheduler - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\WINDOWS\System32\msdtc.exe (file missing) O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing) O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\WINDOWS\system32\nvvsvc.exe (file missing) O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\WINDOWS\system32\locator.exe (file missing) O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\WINDOWS\System32\snmptrap.exe (file missing) O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\WINDOWS\System32\spoolsv.exe (file missing) O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\WINDOWS\system32\sppsvc.exe (file missing) O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\WINDOWS\system32\UI0Detect.exe (file missing) O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\WINDOWS\System32\vds.exe (file missing) O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\WINDOWS\system32\vssvc.exe (file missing) O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\WINDOWS\system32\wbengine.exe (file missing) O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:\Program Files (x86)\Windows Defender\NisSrv.exe (file missing) O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing) O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\WmiApSrv.exe (file missing) O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing) -- End of file - 9099 bytes
    • 0
  3. odri1 la til et innlegg i et emne fareit.gen!j - Trenger hjelp snarest   

    jeg fjernet alt, men dette var vel loggen før jeg hadde gjort det.

    Nå ser den slik ut:

    Malwarebytes Anti-Malware (Prøveversjon) 1.75.0.1300 www.malwarebytes.org Databaseversjon: v2013.10.31.08 Windows 8 x64 NTFS Internet Explorer 11.0.9600.16384 Odd Arne :: ODDARNE-PC [administrator] Beskyttelse: Aktivert 01.11.2013 12:49:41 mbam-log-2013-11-01 (12-49-41).txt Skanntype: Hurtigsøk Aktiverte skanningsinnstillinger: Minne | Oppstart | Register | Filsystem | Heuristikk/Ekstra | Heuristikk/Shuriken | PUP | PUM Deaktiverte skanninnstillinger: P2P Objekter skannet: 239570 Tid tilbakelagt: 4 minutt(er), 26 sekund(er) Minneprosesser oppdaget: 0 (Ingen skadelige objekter funnet) Minnemoduler oppdaget: 0 (Ingen skadelige objekter funnet) Registernøkler oppdaget: 0 (Ingen skadelige objekter funnet) Registerverdier oppdaget: 0 (Ingen skadelige objekter funnet) Registerfiler oppdaget: 0 (Ingen skadelige objekter funnet) Mapper oppdaget: 0 (Ingen skadelige objekter funnet) Filer oppdaget 0 (Ingen skadelige objekter funnet) (klar)
    • 0
  4. odri1 la til et innlegg i et emne fareit.gen!j - Trenger hjelp snarest   

    Malwarebytes Anti-Malware (Prøveversjon) 1.75.0.1300 www.malwarebytes.org Databaseversjon: v2013.10.31.08 Windows 8 x64 NTFS Internet Explorer 11.0.9600.16384 Odd Arne :: ODDARNE-PC [administrator] Beskyttelse: Aktivert 01.11.2013 00:19:37 MBAM-log-2013-11-01 (00-23-27).txt Skanntype: Hurtigsøk Aktiverte skanningsinnstillinger: Minne | Oppstart | Register | Filsystem | Heuristikk/Ekstra | Heuristikk/Shuriken | PUP | PUM Deaktiverte skanninnstillinger: P2P Objekter skannet: 238728 Tid tilbakelagt: 3 minutt(er), 33 sekund(er) Minneprosesser oppdaget: 0 (Ingen skadelige objekter funnet) Minnemoduler oppdaget: 0 (Ingen skadelige objekter funnet) Registernøkler oppdaget: 0 (Ingen skadelige objekter funnet) Registerverdier oppdaget: 2 HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run|AS2014 (Malware.Packer.OMG) -> Data: C:\ProgramData\allXDrpn\allXDrpn.exe -> Ingen tiltak tatt. HKCU\Control Panel\don't load|wscui.cpl (Hijack.SecurityCenter) -> Data: No -> Ingen tiltak tatt. Registerfiler oppdaget: 0 (Ingen skadelige objekter funnet) Mapper oppdaget: 0 (Ingen skadelige objekter funnet) Filer oppdaget 2 C:\ProgramData\allXDrpn\allXDrpn.exe (Malware.Packer.OMG) -> Ingen tiltak tatt. C:\ProgramData\YTD Video Downloader\ytd_installer.exe (PUP.Optional.Spigot.A) -> Ingen tiltak tatt. (klar)
    • 0
  5. odri1 la til et emne i Logger til analyse   

    fareit.gen!j - Trenger hjelp snarest
    Har blitt angrepet av virus/trojan for andre gang i år.

    "fareit.gen!j" er funnet i Windows Defender, og klarer ikke å fjerne dette. Kommer også opp popups med falske antivirus program på skrivebordet.

    Kjører Windows 8.

    Har lest såpass at viruset er alvorlig, så hadde vært fint om noen kunne veilede meg til å fjerne det riktig.

    • 8 svar
    • visninger
  6. odri1 la til et innlegg i et emne "AMD Skjermdriver sluttet å svare, og er blitt gjenopprettet"   

    Lastet ned noe "catalyst control center" som skulle installere noe. Fikk da opp loggen:




    <?xml version="1.0"?> <?xml-stylesheet type="text/xsl" href="Report.xml.xsl"?> <monetreport xmlns:dt="urn:schemas-microsoft-com:datatypes"> <general> <cmdline>-UI </cmdline> <time>05/10/13 14:20:13</time> <action>install</action> <download></download> </general> <dcm> <primary> <name>AMD Radeon Graphics Processor</name> <manufacture>Advanced Micro Devices, Inc.</manufacture> <chiptype></chiptype> <chipid>0x9440</chipid> <vendorid>0x1002</vendorid> <ssid>0x2267</ssid> <ssvid>0x1787</ssvid> <classcode>0x030000</classcode> <revisionid>0x00</revisionid> </primary> <device> <name></name> <manufacture>Advanced Micro Devices, Inc.</manufacture> <chiptype></chiptype> <chipid>0xaa30</chipid> <vendorid>0x1002</vendorid> <ssid>0xaa30</ssid> <ssvid>0x1787</ssvid> <classcode>0x040300</classcode> <revisionid>0x00</revisionid> </device> </dcm> <exist> </exist> <install> <package> <description>AMD Catalyst Installasjonsbehandler</description> <result>Succeed</result> <version>8.0.877.0</version> <size>20 </size> </package> <package> <description>AMD APP SDK Runtime</description> <result>Succeed</result> <version>10.0.937.2</version> <size>90 </size> </package> <package> <description>AMD-skjermdriver</description> <result>Succeed</result> <version>8.970.100.7000</version> <size>90 </size> </package> <package> <description>Microsoft Visual C++ 2010 Redistributable 64bit</description> <result>Succeed</result> <version>10.0.30319</version> <size>9 </size> </package> <package> <description>AMD Accelerated Video Transcoding</description> <result>Succeed</result> <version>12.5.100.21116</version> <size>3 </size> </package> <package> <description>AMD dra og slipp-omkoding</description> <result>Succeed</result> <version>2.00.0000</version> <size>1 </size> </package> <package> <description>AMD Media Foundation dekodere</description> <result>Succeed</result> <version>1.0.71116.1554</version> <size>1 </size> </package> <package> <description>Catalyst Control Center</description> <result>Succeed</result> <version>2012.1116.1515.27190</version> <size>150 </size> </package> </install> <uninstall> </uninstall> <downloaded> </downloaded> <resource> <hwinfo>Informasjon om maskinvare</hwinfo> <existpkg>Eksisterende pakker</existpkg> <pkg2inst>Pakker for installering</pkg2inst> <pkg2uninst>Pakker for avinstallering</pkg2uninst> <otherdev>Andre enheter som er funnet</otherdev> <errmsg>Feilmeldinger</errmsg> <name>Navn</name> <manufacture>Produsent</manufacture> <chiptype>Brikketype</chiptype> <chipid>Enhets-ID</chipid> <otherhw>Annen maskinvare</otherhw> <download>Last ned pakker</download> <succeed>Fullført</succeed> <fail>Mislyktes</fail> <vendorid>Leverandør-ID</vendorid> <classcode>Klassekode</classcode> <revisionid>Utgave-ID</revisionid> <ssid>Delsystem-ID</ssid> <ssvid>ID for leverandør av delsystem</ssvid> <header1>Catalyst™ installasjonsbehandling</header1> <header2>Installasjonsrapport</header2> <finalstatus>Sluttstatus:</finalstatus> <versionofitem>Objektversjon:</versionofitem> <size>Størrelse:</size> <bytes>MB</bytes> </resource> </monetreport>

    Sier dette deg noe?
    • 0
  7. odri1 la til et innlegg i et emne "AMD Skjermdriver sluttet å svare, og er blitt gjenopprettet"   

    "Den beste driverprogramvaren for enheten er allerede installert"

    "Driverprogramvaren for enheten er oppdatert"

    "ati radeon hd 4800 series (microsoft corporation - wddm v1.1"
    • 0
  8. odri1 la til et emne i PC-hjelp   

    "AMD Skjermdriver sluttet å svare, og er blitt gjenopprettet"
    Får denne feilmeldingen hele tiden. Skjermen flasher noen ganger før den slår seg av.

    Noen som kan hjelpe med å fikse dette problemet, og veilede?
    • 5 svar
    • visninger
  9. odri1 la til et innlegg i et emne Alureon - Hvordan bli kvitt fortest mulig?   

    Har nå dukket opp et nytt problem på pcen. Hver gang jeg spiller Football Manager (sikkert andre spill også) så går skjermen i svart, og blinker. Feilmeldingen som kommer opp er "Skjermdriveren har slutten å svare, og er blitt gjennopprettet - "Skjermdriveren AMD driver sluttet å svare, og er blitt gjennopprettet".

    Er kun i spill dette problemet kommer.
    • 0
  10. odri1 la til et innlegg i et emne Alureon - Hvordan bli kvitt fortest mulig?   

    "searchsettings.exe eller "ApplicationUpdated.exe" fant jeg ikke.


    Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 23:16:50, on 14.02.2013 Platform: Unknown Windows (WinNT 6.02.1008) MSIE: Internet Explorer v10.0 (10.00.9200.16482) Boot mode: Normal Running processes: C:\Users\Odd Arne\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE C:\Program Files (x86)\iTunes\iTunesHelper.exe C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe C:\PROGRA~2\MICROS~2\Office14\WINWORD.EXE C:\Windows\SysWOW64\prevhost.exe C:\Users\Odd Arne\Downloads\HijackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://sol.no/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141 R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = F2 - REG:system.ini: UserInit=userinit.exe O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~2\Office14\URLREDIR.DLL O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe" O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" O4 - HKCU\..\Run: [steam] "C:\Program Files (x86)\Steam\steam.exe" -silent O4 - HKCU\..\Run: [spotify Web Helper] "C:\Users\Odd Arne\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe" O4 - HKCU\..\Run: [spotify] "C:\Users\Odd Arne\AppData\Roaming\Spotify\spotify.exe" /uri spotify:autostart O4 - Startup: OneNote 2010 Screen Clipper and Launcher.lnk = C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~2\MICROS~2\Office14\EXCEL.EXE/3000 O8 - Extra context menu item: Se&nd to OneNote - res://C:\PROGRA~2\MICROS~2\Office14\ONBttnIE.dll/105 O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll O9 - Extra 'Tools' menuitem: Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll O9 - Extra button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll O9 - Extra 'Tools' menuitem: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\WINDOWS\System32\alg.exe (file missing) O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe O23 - Service: Bonjour-tjeneste (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\WINDOWS\System32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\WINDOWS\system32\fxssvc.exe (file missing) O23 - Service: Google-oppdatering-tjenesten (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: Google-oppdatering-tjenesten (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: iPod-tjeneste (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing) O23 - Service: MBAMScheduler - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\WINDOWS\System32\msdtc.exe (file missing) O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\WINDOWS\system32\locator.exe (file missing) O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\WINDOWS\System32\snmptrap.exe (file missing) O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\WINDOWS\System32\spoolsv.exe (file missing) O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\WINDOWS\system32\sppsvc.exe (file missing) O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\WINDOWS\system32\UI0Detect.exe (file missing) O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\WINDOWS\System32\vds.exe (file missing) O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\WINDOWS\system32\vssvc.exe (file missing) O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\WINDOWS\system32\wbengine.exe (file missing) O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing) O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\WmiApSrv.exe (file missing) O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing) -- End of file - 7759 bytes
    • 0
  11. odri1 la til et innlegg i et emne Alureon - Hvordan bli kvitt fortest mulig?   

    Får ingen varsler fra defender nå, tusen takk for all hjelp!

    Bør jeg skaffe meg et nytt virusprogram, i så fall hvilket?
    • 0
  12. odri1 la til et innlegg i et emne Alureon - Hvordan bli kvitt fortest mulig?   

    aswMBR version 0.9.9.1707 Copyright© 2011 AVAST Software Run date: 2013-02-09 00:49:51 ----------------------------- 00:49:51.261 OS Version: Windows x64 6.2.9200 00:49:51.261 Number of processors: 2 586 0x170A 00:49:51.262 ComputerName: ODDARNE-PC UserName: Odd Arne 00:49:53.264 Initialize success 00:49:58.554 AVAST engine defs: 13020800 00:50:15.763 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP2T0L0-2 00:50:15.763 Disk 0 Vendor: WDC_WD6400AAKS-22A7B0 01.03B01 Size: 610480MB BusType: 3 00:50:15.778 Disk 0 MBR read successfully 00:50:15.778 Disk 0 MBR scan 00:50:15.778 Disk 0 Windows 7 default MBR code 00:50:15.794 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 306314 MB offset 2048 00:50:15.809 Disk 0 Partition 2 00 07 HPFS/NTFS NTFS 304163 MB offset 627333120 00:50:15.872 Disk 0 scanning C:\WINDOWS\system32\drivers 00:50:31.643 Service scanning 00:50:44.467 Modules scanning 00:50:44.467 Disk 0 trace - called modules: 00:50:44.482 ntoskrnl.exe CLASSPNP.SYS disk.sys ACPI.sys ataport.SYS intelide.sys hal.dll PCIIDEX.SYS atapi.sys 00:50:44.498 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa8004bee060] 00:50:44.498 3 CLASSPNP.SYS[fffff880012028aa] -> nt!IofCallDriver -> [0xfffffa80046a8520] 00:50:44.498 5 ACPI.sys[fffff8800100ca91] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP2T0L0-2[0xfffffa80046aa600] 00:50:45.964 AVAST engine scan C:\WINDOWS 00:51:09.115 AVAST engine scan C:\WINDOWS\system32 00:56:24.367 AVAST engine scan C:\WINDOWS\system32\drivers 00:57:00.918 AVAST engine scan C:\Users\Odd Arne 01:04:22.044 AVAST engine scan C:\ProgramData 01:04:57.113 Scan finished successfully 01:06:23.990 Disk 0 MBR has been saved successfully to "C:\Users\Odd Arne\Desktop\virus\MBR.dat" 01:06:23.990 The log file has been saved successfully to "C:\Users\Odd Arne\Desktop\virus\aswMBR.txt"
    • 0
  13. odri1 la til et innlegg i et emne Alureon - Hvordan bli kvitt fortest mulig?   

    http://www.sendspace.com/file/flbw47 - linken til fila.

    Loggen:

    aswMBR version 0.9.9.1707 Copyright© 2011 AVAST Software Run date: 2013-02-08 13:51:57 ----------------------------- 13:51:57.564 OS Version: Windows x64 6.2.9200 13:51:57.564 Number of processors: 2 586 0x170A 13:51:57.580 ComputerName: ODDARNE-PC UserName: Odd Arne 13:51:58.547 Initialize success 13:52:03.788 AVAST engine defs: 13020800 13:52:12.119 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP2T0L0-2 13:52:12.119 Disk 0 Vendor: WDC_WD6400AAKS-22A7B0 01.03B01 Size: 610480MB BusType: 3 13:52:12.134 Disk 0 MBR read successfully 13:52:12.134 Disk 0 MBR scan 13:52:12.150 Disk 0 Windows 7 default MBR code 13:52:12.150 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 306314 MB offset 2048 13:52:12.181 Disk 0 Partition 2 00 07 HPFS/NTFS NTFS 304163 MB offset 627333120 13:52:12.197 Disk 0 Partition 3 00 17 Hidd HPFS/NTFS NTFS 1 MB offset 1250260992 13:52:12.197 Disk 0 Partition 3 **INFECTED** MBR:Alureon-K [Rtk] 13:52:12.197 Disk 0 MBR [sST] **ROOTKIT** 13:52:12.213 Disk 0 trace - called modules: 13:52:12.213 ntoskrnl.exe CLASSPNP.SYS disk.sys ACPI.sys ataport.SYS intelide.sys hal.dll PCIIDEX.SYS atapi.sys 13:52:12.213 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa8004bee060] 13:52:12.213 3 CLASSPNP.SYS[fffff880012028aa] -> nt!IofCallDriver -> [0xfffffa80046a8520] 13:52:12.228 5 ACPI.sys[fffff8800100ca91] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP2T0L0-2[0xfffffa80046aa600] 13:52:13.273 AVAST engine scan C:\WINDOWS 13:52:14.787 AVAST engine scan C:\WINDOWS\system32 13:54:16.862 AVAST engine scan C:\WINDOWS\system32\drivers 13:54:24.818 AVAST engine scan C:\Users\Odd Arne 13:56:09.105 Disk 0 MBR has been saved successfully to "C:\Users\Odd Arne\Desktop\MBR.dat" 13:56:09.105 The log file has been saved successfully to "C:\Users\Odd Arne\Desktop\aswMBR.txt"
    • 0
  14. odri1 la til et innlegg i et emne Alureon - Hvordan bli kvitt fortest mulig?   

    Er dette alt?




    Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 14:18:08, on 07.02.2013 Platform: Unknown Windows (WinNT 6.02.1008) MSIE: Internet Explorer v10.0 (10.00.9200.16453) Boot mode: Normal Running processes: C:\Program Files (x86)\Steam\Steam.exe C:\Users\Odd Arne\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Users\Odd Arne\AppData\Roaming\Spotify\spotify.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe C:\Program Files (x86)\iTunes\iTunesHelper.exe C:\Program Files (x86)\Common Files\Spigot\Search Settings\SearchSettings.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Windows\SysWOW64\prevhost.exe C:\Users\Odd Arne\Downloads\HijackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://sol.no/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141 R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = R3 - URLSearchHook: YTD Toolbar - {F3FEE66E-E034-436a-86E4-9690573BEE8A} - C:\Program Files (x86)\YTD Toolbar\IE\6.7\ytdToolbarIE.dll F2 - REG:system.ini: UserInit=userinit.exe O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~2\Office14\URLREDIR.DLL O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll O2 - BHO: YTD Toolbar - {F3FEE66E-E034-436a-86E4-9690573BEE8A} - C:\Program Files (x86)\YTD Toolbar\IE\6.7\ytdToolbarIE.dll O3 - Toolbar: YTD Toolbar - {F3FEE66E-E034-436a-86E4-9690573BEE8A} - C:\Program Files (x86)\YTD Toolbar\IE\6.7\ytdToolbarIE.dll O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe" O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" O4 - HKLM\..\Run: [searchSettings] "C:\Program Files (x86)\Common Files\Spigot\Search Settings\SearchSettings.exe" O4 - HKLM\..\RunOnce: [Malwarebytes Anti-Malware] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe /install /silent O4 - HKCU\..\Run: [steam] "C:\Program Files (x86)\Steam\steam.exe" -silent O4 - HKCU\..\Run: [spotify Web Helper] "C:\Users\Odd Arne\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe" O4 - HKCU\..\Run: [spotify] "C:\Users\Odd Arne\AppData\Roaming\Spotify\spotify.exe" /uri spotify:autostart O4 - Startup: OneNote 2010 Screen Clipper and Launcher.lnk = C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~2\MICROS~2\Office14\EXCEL.EXE/3000 O8 - Extra context menu item: Se&nd to OneNote - res://C:\PROGRA~2\MICROS~2\Office14\ONBttnIE.dll/105 O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll O9 - Extra 'Tools' menuitem: Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll O9 - Extra button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll O9 - Extra 'Tools' menuitem: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\WINDOWS\System32\alg.exe (file missing) O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe O23 - Service: Application Updater - Spigot, Inc. - C:\Program Files (x86)\Application Updater\ApplicationUpdater.exe O23 - Service: Bonjour-tjeneste (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\WINDOWS\System32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\WINDOWS\system32\fxssvc.exe (file missing) O23 - Service: Google-oppdatering-tjenesten (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: Google-oppdatering-tjenesten (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: iPod-tjeneste (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing) O23 - Service: MBAMScheduler - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\WINDOWS\System32\msdtc.exe (file missing) O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\WINDOWS\system32\locator.exe (file missing) O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\WINDOWS\System32\snmptrap.exe (file missing) O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\WINDOWS\System32\spoolsv.exe (file missing) O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\WINDOWS\system32\sppsvc.exe (file missing) O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\WINDOWS\system32\UI0Detect.exe (file missing) O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\WINDOWS\System32\vds.exe (file missing) O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\WINDOWS\system32\vssvc.exe (file missing) O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\WINDOWS\system32\wbengine.exe (file missing) O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing) O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\WmiApSrv.exe (file missing) O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing) -- End of file - 9195 bytes -------- Defender oppdager den bare, trykker på fjerne, og den må restartes. Men viruset dukker alltid opp igjen. Fikk et varsel for lenge siden, men gjorde aldri noe med det. Så det har potensielt vært der en liten stund. Eneste problemet jeg har er problemer med DNS, få plutselig ikke lastet sider. Må ta ut og inn nettkablen.
    • 0
  15. odri1 la til et innlegg i et emne Alureon - Hvordan bli kvitt fortest mulig?   

    Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 14:18:08, on 07.02.2013 Platform: Unknown Windows (WinNT 6.02.1008) MSIE: Internet Explorer v10.0 (10.00.9200.16453) Boot mode: Normal Running processes: C:\Program Files (x86)\Steam\Steam.exe C:\Users\Odd Arne\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Users\Odd Arne\AppData\Roaming\Spotify\spotify.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe C:\Program Files (x86)\iTunes\iTunesHelper.exe C:\Program Files (x86)\Common Files\Spigot\Search Settings\SearchSettings.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Windows\SysWOW64\prevhost.exe C:\Users\Odd Arne\Downloads\HijackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://sol.no/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141 R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = R3 - URLSearchHook: YTD Toolbar - {F3FEE66E-E034-436a-86E4-9690573BEE8A} - C:\Program Files (x86)\YTD Toolbar\IE\6.7\ytdToolbarIE.dll F2 - REG:system.ini: UserInit=userinit.exe O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~2\Office14\URLREDIR.DLL O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll O2 - BHO: YTD Toolbar - {F3FEE66E-E034-436a-86E4-9690573BEE8A} - C:\Program Files (x86)\YTD Toolbar\IE\6.7\ytdToolbarIE.dll O3 - Toolbar: YTD Toolbar - {F3FEE66E-E034-436a-86E4-9690573BEE8A} - C:\Program Files (x86)\YTD Toolbar\IE\6.7\ytdToolbarIE.dll O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe" O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
    • 0