Just nu i M3-nätverket
Jump to content

Facebookvirus?


kajje

Recommended Posts

Jag var dum nog att ta emot ett mail på facebook för ett tag sen, och sedan dess har datorn inte varit densamma. Jag har försökt allt en nybörjare kan göra, dvs systemåterställning, provat x antal virusprogram. Just nu har jag avast antivirusprogram som lägger virus i karantän, delvis en trojansk häst. Men problemet återstår. Det som händer är att det med jämna mellanrum dyker upp en webbsida via Internet explorer (jag använder google chrome). Detta är mycket störande, någon som kan hjälpa mig, möjligtvis? =S

Link to comment
Share on other sites

Kan du klistra in en logg från Avast där det framgår vilka filer och mappar det gäller?

 

Vi kan se vad DDS visar till att börja med. Spara DDS på Skrivbordet.

http://download.bleepingcomputer.com/sUBs/dds.scr

 

Starta programmet genom att dubbelklicka på det.

Tryck Yes/Ja om frågan om Optional Scan dyker upp.

I ditt svar klistrar du in loggen DSS.txt. Medan du bifogar Attach.txt som en fil.

Link to comment
Share on other sites

Mycket tacksam för ditt snabba svar. Dock har jag problem att öppna filen du skickade, google chrome säger att den inte kan hitta sidan, och firefox likaså. Dessutom verkar det inte funka att klistra in logg från avast men jag kan ju skriva av det jag ser och hoppas att det är till hjälp..?

 

Namn

dToaFAHcMybgV775VnWiBd(1).pdf

Ursprunglig plats

C:/Users/Marcus/Appdata/Local/MicrosoftWindows/Temporary internet files/Content.IE5/4OSKDBNE

Virus

JS:Pdfka-UL (Expl)

 

Namn

eee449(1).htm

Ursprunglig plats

C:/Users/Marcus/Appdata/Local/MicrosoftWindows/Temporary internet files/Content.IE5/4OSKDBNE

Virus

JS:Downloader-GR (Trj)

 

Namn

mscjm.exe

Ursprunglig plats

C:/Users/Marcus/Appdata/Roaming/MSA

Virus

Win32:Malware-gen

 

Namn

nUzNsUO2IyDLvmORd(1).pdf

Ursprunglig plats

C:/Users/Marcus/Appdata/Local/MicrosoftWindows/Temporary internet files/Content.IE5/DR1MI1WD

Virus

JS:Pdfka-UL (Expl

 

Namn

upgrade(1).cab

Ursprunglig plats

C:/Windows/system32/config/Systemprofile/appdata/Local/MicrosoftWindows/Temporary internet files/Content.IE5/1KDY03ZD

Virus

Win32:Adware-gen (Adw)

 

 

 

Kanske lite omständigt men värt ett försök!

Link to comment
Share on other sites

Fyra är delar av webbsidor så du har besökt en eller flera webbsidor som innehåller delar som (försöker) installera skadliga program i datorn.

 

Verkar som att du är infekterad av något som stoppar vissa webbplatser. Märkt något av det tidigare?

Se om följande fungerar:

Spara OTL på Skrivbordet.

http://oldtimer.geekstogo.com/OTL.exe

Stäng alla program.

Kör OTL (i Vista högerklicka och Kör som administratör).

Under Output högt upp så välj Minimal Output.

Bocka för LOP Check och Purity Check.

Tryck på Run Scan och låt programmet köra ostört.

 

När det är klart så skapas två loggfiler på Skrivbordet, OTL.txt och Extras.txt. I ditt svar klistrar du in loggen OTL.txt. Medan du bifogar Extras.txt som en fil.

Link to comment
Share on other sites

Typiskt nog så funkar inte det heller. Det går tydligen inte att hitta den filen. Det va mig ett jävla virus.

Link to comment
Share on other sites

Jag klistrar in loggarna så att det är lätt att söka på det som står i och lätt att senare gå tillbaks och jämföra.

 

 

DDS (Ver_10-03-17.01) - NTFSx86

Run by Marcus at 15:06:12,13 on 2010-06-28

Internet Explorer: 7.0.6000.16982 BrowserJavaVersion: 1.6.0_16

Microsoft® Windows Vista™ Home Premium 6.0.6000.0.1252.46.1053.18.1014.132 [GMT 2:00]

 

AV: avast! Antivirus *On-access scanning enabled* (Outdated) {7591DB91-41F0-48A3-B128-1A293FD8233D}

SP: Spyware Doctor *disabled* (Updated) {1C3EDD79-273E-46ac-99F8-EFA9E7CBC301}

SP: Windows Defender *enabled* (Outdated) {D68DDC3A-831F-4FAE-9E44-DA132C1ACF46}

SP: avast! Antivirus *enabled* (Outdated) {7591DB91-41F0-48A3-B128-1A293FD8233D}

 

============== Running Processes ===============

 

C:\Windows\system32\wininit.exe

C:\Windows\system32\lsm.exe

C:\Windows\system32\svchost.exe -k DcomLaunch

C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe

C:\Windows\system32\svchost.exe -k rpcss

C:\Windows\System32\svchost.exe -k secsvcs

C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted

C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted

C:\Windows\system32\svchost.exe -k netsvcs

C:\Windows\system32\SLsvc.exe

C:\Windows\system32\svchost.exe -k LocalService

C:\Windows\system32\svchost.exe -k NetworkService

C:\Program Files\Alwil Software\Avast5\AvastSvc.exe

C:\Windows\System32\spoolsv.exe

C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork

C:\Windows\system32\Dwm.exe

C:\Windows\Explorer.EXE

C:\Windows\system32\taskeng.exe

C:\Users\Marcus\AppData\Local\Temp\Yvr.exe

C:\Users\Marcus\AppData\Local\Temp\Yvq.exe

C:\Program Files\Windows Defender\MSASCui.exe

C:\Windows\RtHDVCpl.exe

C:\Program Files\TOSHIBA\Power Saver\TPwrMain.exe

C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe

C:\Windows\system32\agrsmsvc.exe

C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe

C:\Program Files\Bonjour\mDNSResponder.exe

C:\Windows\system32\svchost.exe -k captcha

C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe

C:\Windows\system32\svchost.exe -k tapisrvs

C:\Program Files\com hem security\backweb\8910145\program\fsbwsys.exe

C:\PROGRA~1\MYWEBS~1\bar\1.bin\mwssvc.exe

C:\Windows\System32\svchost.exe -k HPZ12

C:\Windows\System32\svchost.exe -k HPZ12

C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted

C:\Program Files\Spyware Doctor\pctsAuxs.exe

C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe

C:\Windows\system32\svchost.exe -k imgsvc

C:\Windows\system32\TODDSrv.exe

C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe

c:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe

C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe

C:\Windows\System32\svchost.exe -k WerSvcGroup

C:\Windows\system32\SearchIndexer.exe

C:\Windows\system32\WUDFHost.exe

C:\Program Files\TOSHIBA\Utilities\KeNotify.exe

C:\Program Files\TOSHIBA\ConfigFree\NDSTray.exe

C:\Windows\System32\igfxpers.exe

C:\Program Files\Apoint2K\Apoint.exe

C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe

C:\Program Files\iTunes\iTunesHelper.exe

C:\Program Files\MyWebSearch\bar\1.bin\M3SRCHMN.EXE

C:\Program Files\MyWebSearch\bar\1.bin\MWSOEMON.EXE

C:\Program Files\Spyware Doctor\pctsTray.exe

C:\Program Files\Alwil Software\Avast5\AvastUI.exe

C:\Program Files\Windows Live\Messenger\msnmsgr.exe

C:\Windows\ehome\ehtray.exe

C:\Windows\System32\rundll32.exe

C:\Windows\System32\rundll32.exe

C:\Users\Marcus\AppData\Roaming\MSA\mscj.exe

C:\Windows\System32\rundll32.exe

C:\Users\Marcus\AppData\Roaming\MSA\mscj.exe

C:\Program Files\Windows Media Player\wmpnscfg.exe

C:\Windows\ehome\ehmsas.exe

C:\Windows\System32\rundll32.exe

C:\Program Files\Windows Media Player\wmpnetwk.exe

C:\Program Files\Apoint2K\ApMsgFwd.exe

C:\Program Files\Common Files\AltrixSoft\HDDInfoService\HDDSvc.exe

C:\Program Files\TOSHIBA\ConfigFree\CFSwMgr.exe

C:\Program Files\Internet Explorer\IEUser.exe

C:\Program Files\Apoint2K\Apntex.exe

C:\Windows\system32\conime.exe

C:\Program Files\iPod\bin\iPodService.exe

C:\Program Files\3\3Connect\AutoUpdateSrv.exe

C:\Program Files\3\3Connect\wilog.exe

C:\Windows\system32\SearchProtocolHost.exe

C:\Program Files\Windows Live\Toolbar\wltuser.exe

C:\Users\Marcus\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Windows\system32\taskeng.exe

C:\Users\Marcus\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Windows\system32\wuauclt.exe

C:\Users\Marcus\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Program Files\Windows Live\Contacts\wlcomm.exe

C:\Windows\system32\SearchFilterHost.exe

C:\Program Files\Internet Explorer\iexplore.exe

C:\Users\Marcus\Downloads\dds.scr

C:\Windows\system32\wbem\wmiprvse.exe

 

============== Pseudo HJT Report ===============

 

uSearch Page = hxxp://g.msn.se/0SESVSE/SAOS01?FORM=TOOLBR

uStart Page = hxxp://home.mywebsearch.com/index.jhtml?n=77C09F4F&ptnrS=ZVfox000&ptb=SZy7wJ1AKQTVmaOSdqGxNw

uSearch Bar = hxxp://g.msn.se/0SESVSE/SAOS01?FORM=TOOLBR

uSearchURL,(Default) = hxxp://g.msn.se/0SESVSE/SAOS01?FORM=TOOLBR

uURLSearchHooks: N/A: {00a6faf6-072e-44cf-8957-5838f569a31d} - c:\program files\mywebsearch\bar\1.bin\MWSSRCAS.DLL

BHO: MyWebSearch Search Assistant BHO: {00a6faf1-072e-44cf-8957-5838f569a31d} - c:\program files\mywebsearch\bar\1.bin\MWSSRCAS.DLL

BHO: Adobe PDF Reader Link Helper: {06849e9f-c8d7-4d59-b87d-784b7d6be0b3} - c:\program files\adobe\acrobat 7.0\activex\AcroIEHelper.dll

BHO: mwsBar BHO: {07b18ea1-a523-4961-b6bb-170de4475cca} - c:\program files\mywebsearch\bar\1.bin\MWSBAR.DLL

BHO: Search Helper: {6ebf7485-159f-4bff-a14f-b9e3aac4465b} - c:\program files\microsoft\search enhancement pack\search helper\SEPsearchhelperie.dll

BHO: Groove GFS Browser Helper: {72853161-30c5-4d22-b7f9-0bbc1d38a37e} - c:\program files\microsoft office\office12\GrooveShellExtensions.dll

BHO: Windows Live inloggningshjälpen: {9030d464-4c02-4abf-8ecc-5164760863c6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll

BHO: Java™ Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll

BHO: Windows Live Toolbar Helper: {e15a8dc0-8516-42a1-81ea-dc94ec1acf10} - c:\program files\windows live\toolbar\wltcore.dll

TB: &Windows Live Toolbar: {21fa44ef-376d-4d53-9b0f-8a89d3229068} - c:\program files\windows live\toolbar\wltcore.dll

TB: My Web Search: {07b18ea9-a523-4961-b6bb-170de4475cca} - c:\program files\mywebsearch\bar\1.bin\MWSBAR.DLL

TB: {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - No File

TB: {D4027C7F-154A-4066-A1AD-4243D8127440} - No File

uRun: [MsnMsgr] "c:\program files\windows live\messenger\MsnMsgr.Exe" /background

uRun: [ehTray.exe] c:\windows\ehome\ehTray.exe

uRun: [DAEMON Tools Lite] "c:\program files\daemon tools lite\daemon.exe"

uRun: [MyWebSearch Email Plugin] c:\progra~1\mywebs~1\bar\1.bin\mwsoemon.exe

uRun: [Azjaq] rundll32 "c:\users\marcus\appdata\roaming\msacm32S.dll",OVRPRHDNSM

uRun: [Halo2] rundll32.exe c:\users\marcus\appdata\local\temp\sshnas21.dll,Beep16

uRun: [M5T8QL3YW3] c:\users\marcus\appdata\local\temp\Yvr.exe

uRun: [mscj.exe] c:\users\marcus\appdata\roaming\msa\mscj.exe

uRun: [mscjm.exe] c:\users\marcus\appdata\roaming\msa\mscjm.exe

uRun: [avinvwrmulti] rundll32.exe "c:\users\marcus\appdata\local\avinvwrmulti\avinvwrmulti.dll", DllInit

uRun: [mscjm] c:\users\marcus\appdata\roaming\msa\mscjm.exe

uRun: [mscj] c:\users\marcus\appdata\roaming\msa\mscj.exe

uRun: [WMPNSCFG] c:\program files\windows media player\WMPNSCFG.exe

uRun: [Google Update] "c:\users\marcus\appdata\local\google\update\GoogleUpdate.exe" /c

mRun: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide

mRun: [RtHDVCpl] RtHDVCpl.exe

mRun: [TPwrMain] %ProgramFiles%\TOSHIBA\Power Saver\TPwrMain.EXE

mRun: [HSON] %ProgramFiles%\TOSHIBA\TBS\HSON.exe

mRun: [smoothView] %ProgramFiles%\Toshiba\SmoothView\SmoothView.exe

mRun: [00TCrdMain] %ProgramFiles%\TOSHIBA\FlashCards\TCrdMain.exe

mRun: [KeNotify] c:\program files\toshiba\utilities\KeNotify.exe

mRun: [HWSetup] c:\program files\toshiba\utilities\HWSetup.exe hwSetUP

mRun: [sVPWUTIL] c:\program files\toshiba\utilities\SVPWUTIL.exe SVPwUTIL

mRun: [NDSTray.exe] NDSTray.exe

mRun: [topi] c:\program files\toshiba\toshiba online product information\topi.exe -startup

mRun: [NvSvc] RUNDLL32.EXE c:\windows\system32\nvsvc.dll,nvsvcStart

mRun: [NvCplDaemon] RUNDLL32.EXE c:\windows\system32\NvCpl.dll,NvStartup

mRun: [NvMediaCenter] RUNDLL32.EXE c:\windows\system32\NvMcTray.dll,NvTaskbarInit

mRun: [igfxTray] c:\windows\system32\igfxtray.exe

mRun: [HotKeysCmds] c:\windows\system32\hkcmd.exe

mRun: [Persistence] c:\windows\system32\igfxpers.exe

mRun: [Apoint] c:\program files\apoint2k\Apoint.exe

mRun: [Toshiba Registration] c:\program files\toshiba\registration\ToshibaRegistration.exe

mRun: [GrooveMonitor] "c:\program files\microsoft office\office12\GrooveMonitor.exe"

mRun: [QuickTime Task] "c:\program files\quicktime\QTTask.exe" -atboottime

mRun: [iTunesHelper] "c:\program files\itunes\iTunesHelper.exe"

mRun: [sysfbtray] c:\windows\bill103.exe

mRun: [My Web Search Bar Search Scope Monitor] "c:\progra~1\mywebs~1\bar\1.bin\m3SrchMn.exe" /m=2 /w /h

mRun: [MyWebSearch Email Plugin] c:\progra~1\mywebs~1\bar\1.bin\mwsoemon.exe

mRun: [iSTray] "c:\program files\spyware doctor\pctsTray.exe"

mRun: [HDInspector.exe] c:\program files\hard drive inspector\HDInspector.exe

mRun: [avast5] c:\progra~1\alwils~1\avast5\avastUI.exe /nogui

StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\bankid~1.lnk - c:\program files\personal\bin\Personal.exe

StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\comhem~1.lnk - c:\program files\com hem security\backweb\8910145\program\fspex.exe

IE: &Search - http://edits.mywebsearch.com/toolbaredits/menusearch.jhtml?s=100000346&p=ZVfox000&si=&a=SZy7wJ1AKQTVmaOSdqGxNw&n=2010051412

IE: E&xportera till Microsoft Excel - c:\progra~1\micros~3\office12\EXCEL.EXE/3000

IE: {C08CAF1D-C0A3-40D5-9970-06D067EAC017} - http://www.webtip.ch/cgi-bin/toshiba/tracker_url.pl?SW

IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - c:\program files\windows live\writer\WriterBrowserExtension.dll

IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\progra~1\micros~3\office12\ONBttnIE.dll

IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~3\office12\REFIEBAR.DLL

DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_16-windows-i586.cab

DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} - hxxp://fpdownload.macromedia.com/get/flashplayer/current/polarbear/ultrashim.cab

DPF: {CAFEEFAC-0016-0000-0016-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_16-windows-i586.cab

DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_16-windows-i586.cab

DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab

TCP: {7681FD3E-7E8C-4A2D-B0E0-73D6B601AB78} = 80.251.201.177 80.251.201.178

Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - c:\program files\microsoft office\office12\GrooveSystemServices.dll

Notify: igfxcui - igfxdev.dll

SEH: Groove GFS Stub Execution Hook: {b5a7f190-dda6-4420-b3ba-52453494e6cd} - c:\program files\microsoft office\office12\GrooveShellExtensions.dll

 

================= FIREFOX ===================

 

FF - ProfilePath - c:\users\marcus\appdata\roaming\mozilla\firefox\profiles\5sdh7ofp.default\

FF - prefs.js: browser.search.selectedEngine - MyWebSearch

FF - prefs.js: browser.startup.homepage - hxxp://www.google.se/

FF - prefs.js: keyword.URL - hxxp://search.mywebsearch.com/mywebsearch/GGmain.jhtml?id=ZVfox000&ptb=SZy7wJ1AKQTVmaOSdqGxNw&psa=&ind=2010051412&ptnrS=ZVfox000&si=&st=kwd&n=77cef354&searchfor=

FF - prefs.js: network.proxy.type - 2

FF - plugin: c:\program files\microsoft\office live\npOLW.dll

FF - plugin: c:\program files\mywebsearch\bar\1.bin\NPMYWEBS.DLL

FF - plugin: c:\program files\personal\bin\np_prsnl.dll

FF - plugin: c:\program files\windows live\photo gallery\NPWLPG.dll

FF - plugin: c:\users\marcus\appdata\local\google\update\1.2.183.23\npGoogleOneClick8.dll

FF - plugin: c:\users\marcus\appdata\roaming\facebook\npfbplugin_1_0_3.dll

FF - plugin: c:\users\marcus\appdata\roaming\mozilla\firefox\profiles\5sdh7ofp.default\extensions\{e2883e8f-472f-4fb0-9522-ac9bf37916a7}\plugins\np_gp.dll

FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\microsoft.net\framework\v3.5\windows presentation foundation\dotnetassistantextension\

FF - HiddenExtension: Java Console: No Registry Reference - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0016-ABCDEFFEDCBA}

 

---- FIREFOX POLICIES ----

c:\program files\mozilla firefox\greprefs\all.js - pref("browser.visited_color", "#551A8B");

c:\program files\mozilla firefox\defaults\pref\firefox-l10n.js - pref("browser.fixup.alternate.suffix", ".se");

c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("browser.videoFeeds.handler", "ask");

 

============= SERVICES / DRIVERS ===============

 

R1 apto6ko;VSSShellExt AFD IPSEC Lookup AutoCompleted Kernel Standard;c:\windows\system32\drivers\imapioko.sys [2006-1-23 32768]

R1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [2010-6-9 162640]

R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [2010-6-9 19024]

R2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [2010-6-9 51792]

S3 fssfltr;FssFltr;c:\windows\system32\drivers\fssfltr.sys [2010-1-1 54632]

 

=============== Created Last 30 ================

 

2010-06-09 14:45:36 51792 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys

2010-06-01 12:28:29 0 d-----w- c:\programdata\AltrixSoft

2010-06-01 12:27:55 0 d-----w- c:\program files\Hard Drive Inspector

2010-06-01 12:27:49 0 d-----w- c:\program files\common files\AltrixSoft

2010-05-31 21:48:03 7383 ----a-w- c:\windows\system32\drivers\pctplsg.cat

2010-05-31 21:48:03 70408 ----a-w- c:\windows\system32\drivers\pctplsg.sys

2010-05-31 21:47:41 0 d-----w- c:\program files\common files\PC Tools

2010-05-31 21:47:40 0 d-----w- c:\users\marcus\appdata\roaming\PC Tools

2010-05-31 21:47:40 0 d-----w- c:\programdata\PC Tools

2010-05-31 21:47:40 0 d-----w- c:\program files\Spyware Doctor

2010-05-31 21:46:14 0 d---a-w- c:\programdata\TEMP

2010-05-30 19:47:40 65536 --sha-w- c:\users\marcus\ntuser.dat{a0949960-6c20-11df-badf-99ccbfff6035}.TM.blf

2010-05-30 19:47:40 524288 --sha-w- c:\users\marcus\ntuser.dat{a0949960-6c20-11df-badf-99ccbfff6035}.TMContainer00000000000000000002.regtrans-ms

2010-05-30 19:47:40 524288 --sha-w- c:\users\marcus\ntuser.dat{a0949960-6c20-11df-badf-99ccbfff6035}.TMContainer00000000000000000001.regtrans-ms

2010-05-29 15:51:48 0 d-----w- c:\users\marcus\appdata\roaming\MSA

 

==================== Find3M ====================

 

2010-05-31 19:47:34 81514 ----a-w- c:\windows\system32\perfc01D.dat

2010-05-31 19:47:34 472414 ----a-w- c:\windows\system32\perfh01D.dat

2010-05-28 16:17:05 157696 --sha-r- c:\users\marcus\appdata\roaming\msacm32S.dll

2010-05-14 14:44:27 32768 ----a-w- c:\windows\system32\f3PSSavr.scr

2010-05-13 17:10:11 51200 ----a-w- c:\windows\inf\infpub.dat

2010-05-13 17:10:10 86016 ----a-w- c:\windows\inf\infstor.dat

2010-05-13 17:10:09 143360 ----a-w- c:\windows\inf\infstrng.dat

2010-05-09 14:10:44 1136 ----a-w- c:\users\marcus\appdata\roaming\wklnhst.dat

2008-12-11 10:02:39 174 --sha-w- c:\program files\desktop.ini

2008-06-12 09:31:50 665600 ----a-w- c:\windows\inf\drvindex.dat

2006-11-21 05:00:30 35978 ----a-w- c:\windows\inf\perflib\041d\perfd.dat

2006-11-21 05:00:30 35978 ----a-w- c:\windows\inf\perflib\041d\perfc.dat

2006-11-21 05:00:30 290490 ----a-w- c:\windows\inf\perflib\041d\perfi.dat

2006-11-21 05:00:30 290490 ----a-w- c:\windows\inf\perflib\041d\perfh.dat

2006-11-02 09:20:21 287440 ----a-w- c:\windows\inf\perflib\0000\perfi.dat

2006-11-02 09:20:21 287440 ----a-w- c:\windows\inf\perflib\0000\perfh.dat

2006-11-02 09:20:19 30674 ----a-w- c:\windows\inf\perflib\0000\perfd.dat

2006-11-02 09:20:19 30674 ----a-w- c:\windows\inf\perflib\0000\perfc.dat

2010-03-09 05:17:57 16384 --sha-w- c:\windows\serviceprofiles\localservice\appdata\local\temp\cookies\index.dat

2010-03-09 05:17:57 16384 --sha-w- c:\windows\serviceprofiles\localservice\appdata\local\temp\history\history.ie5\index.dat

2010-03-09 05:17:57 32768 --sha-w- c:\windows\serviceprofiles\localservice\appdata\local\temp\temporary internet files\content.ie5\index.dat

2010-03-15 12:42:46 16384 --sha-w- c:\windows\temp\cookies\index.dat

2010-03-15 12:42:46 32768 --sha-w- c:\windows\temp\history\history.ie5\index.dat

2010-03-15 12:42:46 32768 --sha-w- c:\windows\temp\temporary internet files\content.ie5\index.dat

 

============= FINISH: 15:11:42,50 ===============

 

 

UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.

IF REQUESTED, ZIP IT UP & ATTACH IT

 

DDS (Ver_10-03-17.01)

 

Microsoft® Windows Vista™ Home Premium

Boot Device: \Device\HarddiskVolume2

Install Date: 2007-08-05 13:47:47

System Uptime: 2010-06-28 14:54:45 (1 hours ago)

 

Motherboard: TOSHIBA | | ISKAE

Processor: Intel® Core™ Duo CPU T2350 @ 1.86GHz | U2E1 | 1862/mhz

 

==== Disk Partitions =========================

 

C: is FIXED (NTFS) - 56 GiB total, 10,191 GiB free.

D: is CDROM ()

E: is FIXED (NTFS) - 54 GiB total, 54,339 GiB free.

F: is CDROM ()

G: is CDROM (CDFS)

H: is Removable

I: is Removable

 

==== Disabled Device Manager Items =============

 

Class GUID: {4d36e972-e325-11ce-bfc1-08002be10318}

Description: Microsoft 6to4 Adapter

Device ID: ROOT\*6TO4MP\0015

Manufacturer: Microsoft

Name: 6TO4 Adapter

PNP Device ID: ROOT\*6TO4MP\0015

Service: tunnel

 

Class GUID: {4d36e972-e325-11ce-bfc1-08002be10318}

Description: Microsoft 6to4 Adapter

Device ID: ROOT\*6TO4MP\0022

Manufacturer: Microsoft

Name: 6TO4 Adapter

PNP Device ID: ROOT\*6TO4MP\0022

Service: tunnel

 

Class GUID: {4d36e972-e325-11ce-bfc1-08002be10318}

Description: Microsoft 6to4 Adapter

Device ID: ROOT\*6TO4MP\0029

Manufacturer: Microsoft

Name: 6TO4 Adapter

PNP Device ID: ROOT\*6TO4MP\0029

Service: tunnel

 

Class GUID: {4d36e972-e325-11ce-bfc1-08002be10318}

Description: Microsoft 6to4 Adapter

Device ID: ROOT\*6TO4MP\0030

Manufacturer: Microsoft

Name: 6TO4 Adapter

PNP Device ID: ROOT\*6TO4MP\0030

Service: tunnel

 

Class GUID: {4d36e972-e325-11ce-bfc1-08002be10318}

Description: Microsoft ISATAP Adapter

Device ID: ROOT\*ISATAP\0008

Manufacturer: Microsoft

Name: isatap.{31D0B158-A20C-4758-8D3B-1D5587FF1E26}

PNP Device ID: ROOT\*ISATAP\0008

Service: tunnel

 

==== Installed Programs ======================

 

 

32 Bit HP CIO Components Installer

3Connect

Adobe Flash Player 10 ActiveX

Adobe Flash Player 10 Plugin

Adobe Reader 7.0.9 - Svenska

ALPS Touch Pad Driver

Apple Mobile Device Support

Apple Software Update

avast! Free Antivirus

BankID säkerhetsprogram 4.10.4

Bluetooth Stack for Windows by Toshiba

Bonjour

CD/DVD Drive Acoustic Silencer

com hem security

DJ_AIO_06_F2400_SW_Min

DNSkarmslackare Screen Saver

DVD MovieFactory for TOSHIBA

Facebook Plug-In

Feedidentifiering (Windows Live Toolbar)

Google Chrome

Google Earth

Hard Drive Inspector Professional 3.80 build # 352

Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)

Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)

HP Deskjet F2400 All-In-One Driver 13.0 Rel .6

Huawei modem

Intel® Graphics Media Accelerator Driver

iTunes

Java™ 6 Update 16

Junk Mail filter update

Microsoft .NET Framework 3.5 Language Pack SP1 - sve

Microsoft .NET Framework 3.5 SP1

Microsoft Application Error Reporting

Microsoft Choice Guard

Microsoft Office 2007 Service Pack 2 (SP2)

Microsoft Office Access MUI (Swedish) 2007

Microsoft Office Enterprise 2007

Microsoft Office Excel 2007 Help Uppdatering (KB963678)

Microsoft Office Excel MUI (Swedish) 2007

Microsoft Office Groove MUI (Swedish) 2007

Microsoft Office InfoPath MUI (Swedish) 2007

Microsoft Office Live Add-in 1.3

Microsoft Office OneNote MUI (Swedish) 2007

Microsoft Office Outlook MUI (Swedish) 2007

Microsoft Office Powerpoint 2007 Help Uppdatering (KB963669)

Microsoft Office PowerPoint MUI (Swedish) 2007

Microsoft Office Proof (English) 2007

Microsoft Office Proof (Finnish) 2007

Microsoft Office Proof (German) 2007

Microsoft Office Proof (Swedish) 2007

Microsoft Office Proofing (Swedish) 2007

Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)

Microsoft Office Publisher MUI (Swedish) 2007

Microsoft Office Shared MUI (Swedish) 2007

Microsoft Office Word 2007 Help Uppdatering (KB963665)

Microsoft Office Word MUI (Swedish) 2007

Microsoft Search Enhancement Pack

Microsoft Silverlight

Microsoft SQL Server 2005 Compact Edition [ENU]

Microsoft Sync Framework Runtime Native v1.0 (x86)

Microsoft Sync Framework Services Native v1.0 (x86)

Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053

Microsoft Visual C++ 2005 Redistributable

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148

Microsoft Works

Microsoft XML Parser

Mobile Connect

Mozilla Firefox (3.0.19)

MSVCRT

MSXML 4.0 SP2 (KB927978)

MSXML 4.0 SP2 (KB936181)

MSXML 4.0 SP2 (KB941833)

MSXML 4.0 SP2 (KB954430)

MSXML 4.0 SP2 (KB973688)

My Web Search (IWON)

NVIDIA Drivers

OpenOffice.org Installer 1.0

PC Connectivity Solution

QuickTime

Realtek 8169 PCI, 8168 and 8101E PCIe Ethernet Network Card Driver for Windows Vista

Realtek High Definition Audio Driver

Scan

Security Update for 2007 Microsoft Office System (KB969559)

Security Update for 2007 Microsoft Office System (KB978380)

Security Update for CAPICOM (KB931906)

Security Update for Microsoft Office Excel 2007 (KB978382)

Security Update for Microsoft Office Outlook 2007 (KB972363)

Security Update for Microsoft Office PowerPoint 2007 (KB957789)

Security Update for Microsoft Office Publisher 2007 (KB969693)

Security Update for Microsoft Office system 2007 (972581)

Security Update for Microsoft Office system 2007 (KB969613)

Security Update for Microsoft Office system 2007 (KB974234)

Security Update for Microsoft Office Visio Viewer 2007 (KB973709)

Security Update for Windows Media Encoder (KB954156)

Smarta menyer (Windows Live Toolbar)

Spotify

Språkpaket för Microsoft .NET Framework 3.5 SP 1 - sve

Spyware Doctor 7.0

Texas Instruments PCIxx21/x515/xx12 drivers.

TIPCI

Toolbox

TOSHIBA Administratörslösenord

TOSHIBA Assist

TOSHIBA ConfigFree

TOSHIBA Disc Creator

TOSHIBA Extended Tiles for Windows Mobility Center

TOSHIBA Flash Cards Support Utility

TOSHIBA Hardware Setup

Toshiba Online Product Information

TOSHIBA SD Memory Utilities

TOSHIBA Software Modem

TOSHIBA Supervisor Password

TOSHIBA Value Added Package

TOSHIBAs maskinvaruinstallningar

Update for 2007 Microsoft Office System (KB967642)

Update for 2007 Microsoft Office System (KB977724)

Update for Microsoft .NET Framework 3.5 SP1 (KB963707)

Update for Microsoft Office InfoPath 2007 (KB976416)

Update for Microsoft Office Word 2007 (KB974561)

Update for Outlook 2007 Junk Email Filter (kb979895)

Utility Common Driver

Windows Live Communications Platform

Windows Live Essentials

Windows Live Family Safety

Windows Live inloggningsassistenten

Windows Live Mail

Windows Live Messenger

Windows Live Movie Maker

Windows Live OneCare safety scanner

Windows Live Photo Gallery

Windows Live Sync

Windows Live Toolbar

Windows Live Upload Tool

Windows Live Writer

Windows Media Encoder 9 Series

WinDVD for TOSHIBA

WinRAR archiver

 

==== End Of File ===========================

Link to comment
Share on other sites

Avinstallera My Web Search (IWON)

 

Spara RKill av Grinler på Skrivbordet. Ladda ner det från den första av dessa länkar:

http://download.bleepingcomputer.com/grinler/rkill.com

http://download.bleepingcomputer.com/grinler/rkill.pif

http://download.bleepingcomputer.com/grinler/rkill.scr

http://download.bleepingcomputer.com/grinler/rkill.exe

 

Starta Rkill (i Vista och Windows 7 genom att högerklicka på filen och välj Kör som administratör om det valet finns).

Det blir ett svart fönster/ruta en stund om programmet lyckades köra. I så fall kör Rkill ytterligare två gånger.

 

Om det inte blev något svart fönster/ruta så ta bort den RKill-varianten och upprepa med nästa RKill.

 

Om du får ett meddelande om att RKill är skadligt så bry dig inte om det. Det är det skadliga programmen som inte vill bli stoppat. Lämna kvar varningen på skärmen och kör RKill en gång till.

 

Ladda ner Malwarebytes Anti-Malware (MBAM) från en av dessa länkar:

http://www.malwarebytes.org/mbam-download.php

http://majorgeeks.com/downloadget.php?id=5756&file=15&evp=693ee0b20204960edfd909666f809b26

http://dw.com.com/redir?edId=3&siteId=4&oId=3000-8022_4-10804572&ontId=8022_4&spi=b4a0904e0f02b40bf2ae9ce030ef5c99&lop=link&tag=tdw_dltext&ltype=dl_dlnow&pid=11375988&mfgId=6290020&merId=6290020&pguid=XI3P-goPjFwAACI-g4wAAAA4&destUrl=http%3A%2F%2Fdownload.cnet.com%2F3001-8022_4-10804572.html%3Fspi%3Db4a0904e0f02b40bf2ae9ce030ef5c99

http://fileforum.betanews.com/detail/Malwarebytes-AntiMalware/1186760019/1

 

Dubbelklicka på mbam-setup för att installera programmet.

 

Se till i slutet av installationen att det är bockar för:

Uppdatera Malwarebytes' Anti-Malware

Starta Malwarebytes' Anti-Malware

Tryck på Slutför

Om det finns någon uppdatering så kommer den att laddas ner och installeras.

 

När programmet startar så välj "Utför snabb skanning" och tryck på Skanna.

Skanningen tar ett tag.

När den är klar så tryck på OK och sedan "Visa resultat".

Bocka för allt och tryck sedan Ta bort markerade.

När borttagningen är klar så öppnar Anteckningar med en logg.

 

Eventuellt så kommer det upp en begäran om att starta om datorn (Restart). I så fall gör det.

Om det blir ett felmeddelande Error loading... efter omstarten så starta om datorn än en gång.

Om programmet inte kommer igång efter omstarten så starta det.

 

Om loggen inte kommer upp själv i Anteckningar så hittar du loggen på fliken Loggar i MBAM.

Kopiera loggen och klistra in den i ditt svar.

Link to comment
Share on other sites

Stötte tyvärr på ännu en återvändsgränd. När jag ska spara Rkill-filen på skrivbordet säger datorn att jag inte har behörighet att göra det, kontakta administratören (som självfallet är jag, har inte ens konfigurerat ett gästkonto). Provade att spara filen i dokumentmapp men det var inte heller tillåtet. Söker jag på hemsidan bleepingcomuputer hittas den inte. Är det jag som gör något tokigt eller är det viruset som blockar även detta?

Link to comment
Share on other sites

Hej,

ja det är mycket troligt att viruset stänger ute webbsidor som t.ex Bleepingcomputer och andra kända antivirus sidor.

Även att det vägrar att installera program med kända namn.

Du har tillgång till en annan dator? I så fall spara ned Rkill på den, döp om det till t.ex. explorer, iexplore, och prova att installera det från ett USB minne på skrivbordet.

Mvh

Mats H

Link to comment
Share on other sites

Man kan också döpa om filen i samband med att man bestämmer i vilken mapp den ska sparas.

Link to comment
Share on other sites

Provade att spara den i downloads och byta namn på filen men det funkar ändå inte, eftersom datorn "inte kan läsa källfilen".

Link to comment
Share on other sites

Starta om datorn i felsäkert läge (tryck F8 upprepade gånger under uppstarten och välj felsäkert läge i menyn) och pröva där med olika RKill-varianter. Även om ingen av dem fungerar så fortsätt med MBAM i felsäkert läge.

Link to comment
Share on other sites

Sådär, då var man tillbaka till verkligheten.

Har nu laddat ner Rkill på ett usbminne och kört det tre gånger. Nästa problem - lyckas ej med nästa steg - att ladda ner MBAM eftersom datorn ej tillåter mig att besöka de länkar du angivit...

Link to comment
Share on other sites

Kör RKill några gånger så fort du har startat om datorn i fortsättningen.

 

Du kan hämta MBAM på http://www.sendspace.com/file/2ja3zj

Byt helst namn på filen när du sparar den i datorn, t ex till kajjemb, om det blir problem att köra programmet pröva med att byta namn till explorer eller iexplore. Starta datorn i felsäkert läge innan du installerar MBAM. Du kan börja med att skanna datorn medan du är kvar i felsäkert läge men starta sedan datorn i normalt läge innan du uppdaterar MBAM och skannar en gång till. Klistra in båda loggarna.

Link to comment
Share on other sites

This log file is located at C:\rkill.log.

Please post this only if requested to by the person helping you.

Otherwise you can close this log when you wish.

Ran as Marcus on 2010-07-04 at 13:50:10.

 

 

Processes terminated by Rkill or while it was running:

 

 

C:\Program Files\Hard Drive Inspector\HDInspector.exe

C:\Windows\system32\DllHost.exe

C:\Windows\system32\DllHost.exe

 

 

Rkill completed on 2010-07-04 at 13:50:20.

Link to comment
Share on other sites

Malwarebytes' Anti-Malware 1.46

www.malwarebytes.org

 

Databasversion: 4052

 

Windows 6.0.6000 (Safe Mode)

Internet Explorer 7.0.6000.16982

 

2010-07-04 13:42:21

mbam-log-2010-07-04 (13-42-21).txt

 

Skanningstyp: Fullständig skanning (C:\|E:\|)

Antal skannade objekt: 260145

Förfluten tid: 1 timme(ar), 18 minut(er), 0 sekund(er)

 

Infekterade minnesprocesser: 0

Infekterade minnesmoduler: 0

Infekterade registernycklar: 35

Infekterade registervärden: 9

Infekterade registerdataposter: 0

Infekterade mappar: 38

Infekterade filer: 157

 

Infekterade minnesprocesser:

(Inga illasinnade poster hittades)

 

Infekterade minnesmoduler:

(Inga illasinnade poster hittades)

 

Infekterade registernycklar:

HKEY_CLASSES_ROOT\Interface\{2e9937fc-cf2f-4f56-af54-5a6a3dd375cc} (Adware.MyWebSearch) -> No action taken.

HKEY_CLASSES_ROOT\Interface\{741de825-a6f0-4497-9aa6-8023cf9b0fff} (Adware.MyWebSearch) -> No action taken.

HKEY_CLASSES_ROOT\Interface\{cf54be1c-9359-4395-8533-1657cf209cfe} (Adware.MyWebSearch) -> No action taken.

HKEY_CLASSES_ROOT\CLSID\{147a976f-eee1-4377-8ea7-4716e4cdd239} (Adware.MyWebSearch) -> No action taken.

HKEY_CLASSES_ROOT\Typelib\{d518921a-4a03-425e-9873-b9a71756821e} (Adware.MyWebSearch) -> No action taken.

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{56256a51-b582-467e-b8d4-7786eda79ae0} (Trojan.Vundo) -> No action taken.

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{00a6faf1-072e-44cf-8957-5838f569a31d} (Adware.MyWebSearch) -> No action taken.

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{07b18ea1-a523-4961-b6bb-170de4475cca} (Adware.MyWebSearch) -> No action taken.

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{07b18ea9-a523-4961-b6bb-170de4475cca} (Adware.MyWebSearch) -> No action taken.

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{07b18eab-a523-4961-b6bb-170de4475cca} (Adware.MyWebSearch) -> No action taken.

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{59c7fc09-1c83-4648-b3e6-003d2bbc7481} (Adware.MyWebSearch) -> No action taken.

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{68af847f-6e91-45dd-9b68-d6a12c30e5d7} (Adware.MyWebSearch) -> No action taken.

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{9170b96c-28d4-4626-8358-27e6caeef907} (Adware.MyWebSearch) -> No action taken.

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{d1a71fa0-ff48-48dd-9b6d-7a13a3e42127} (Adware.MyWebSearch) -> No action taken.

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{ddb1968e-ead6-40fd-8dae-ff14757f60c7} (Adware.MyWebSearch) -> No action taken.

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{f138d901-86f0-4383-99b6-9cdd406036da} (Adware.MyWebSearch) -> No action taken.

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{56256a51-b582-467e-b8d4-7786eda79ae0} (Trojan.Vundo) -> No action taken.

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\captcha (Worm.KoobFace) -> No action taken.

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\cpqoko6 (Worm.KoobFace) -> No action taken.

HKEY_CLASSES_ROOT\TypeLib\{dabf362d-d442-4402-9208-ca9ed70dd01e} (Adware.Advantage) -> No action taken.

HKEY_CLASSES_ROOT\Interface\{5ac3a9ef-c0f8-41d4-b4e2-b7cebb794151} (Adware.Advantage) -> No action taken.

HKEY_CLASSES_ROOT\Interface\{862def42-89aa-49fa-ae1f-8a84b1b08a17} (Adware.Advantage) -> No action taken.

HKEY_CLASSES_ROOT\Interface\{f6e4845d-1d13-4bc0-942d-b9191524cc48} (Adware.Advantage) -> No action taken.

HKEY_CLASSES_ROOT\CLSID\{602d9049-b4ac-4a25-bf75-a9b54d747cba} (Adware.Advantage) -> No action taken.

HKEY_CURRENT_USER\SOFTWARE\advantage (Adware.Vomba) -> No action taken.

HKEY_CURRENT_USER\SOFTWARE\MyWebSearch (Adware.MyWebSearch) -> No action taken.

HKEY_CURRENT_USER\SOFTWARE\XML (Trojan.FakeAlert) -> No action taken.

HKEY_LOCAL_MACHINE\SOFTWARE\FocusInteractive (Adware.MyWebSearch) -> No action taken.

HKEY_LOCAL_MACHINE\SOFTWARE\Fun Web Products (Adware.MyWebSearch) -> No action taken.

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\RunDll32Policy\f3ScrCtr.dll (Adware.MyWebSearch) -> No action taken.

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Multimedia\WMPlayer\Schemes\f3pss (Adware.MyWebSearch) -> No action taken.

HKEY_LOCAL_MACHINE\SOFTWARE\MyWebSearch (Adware.MyWebSearch) -> No action taken.

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Handle (Malware.Trace) -> No action taken.

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\apto6ko (Worm.KoobFace) -> No action taken.

HKEY_CURRENT_USER\SOFTWARE\QZAIB7KITK (Trojan.FakeAlert) -> No action taken.

 

Infekterade registervärden:

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\mscj.exe (Backdoor.Bot) -> No action taken.

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\mscj (Backdoor.Bot) -> No action taken.

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\sysfbtray (Worm.KoobFace) -> No action taken.

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\tapisrvs (Worm.KoobFace) -> No action taken.

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\mscjm.exe (Trojan.FakeAlert) -> No action taken.

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\halo2 (Trojan.Downloader) -> No action taken.

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\azjaq (Trojan.Agent) -> No action taken.

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\avinvwrmulti (Adware.Agent.N) -> No action taken.

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\captcha (Worm.KoobFace) -> No action taken.

 

Infekterade registerdataposter:

(Inga illasinnade poster hittades)

 

Infekterade mappar:

C:\Program Files\Advantage (Adware.Advantage) -> No action taken.

C:\Program Files\DoubleD (Adware.DoubleD) -> No action taken.

C:\Program Files\DoubleD\GamingHarbor Toolbar (Adware.DoubleD) -> No action taken.

C:\Program Files\DoubleD\GamingHarbor Toolbar\4.2.5.24020 (Adware.DoubleD) -> No action taken.

C:\Program Files\DoubleD\GamingHarbor Toolbar\4.2.5.24020\Cache (Adware.DoubleD) -> No action taken.

C:\Program Files\DoubleD\GamingHarbor Toolbar\4.2.5.24020\Data (Adware.DoubleD) -> No action taken.

C:\Program Files\DoubleD\GamingHarbor Toolbar\4.2.5.24020\FFToolbar (Adware.DoubleD) -> No action taken.

C:\Program Files\DoubleD\GamingHarbor Toolbar\4.2.5.24020\FFToolbar\chrome (Adware.DoubleD) -> No action taken.

C:\Program Files\DoubleD\GamingHarbor Toolbar\4.2.5.24020\FFToolbar\chrome\locale (Adware.DoubleD) -> No action taken.

C:\Program Files\DoubleD\GamingHarbor Toolbar\4.2.5.24020\FFToolbar\chrome\locale\en-US (Adware.DoubleD) -> No action taken.

C:\Program Files\DoubleD\GamingHarbor Toolbar\4.2.5.24020\FFToolbar\components (Adware.DoubleD) -> No action taken.

C:\Program Files\DoubleD\GamingHarbor Toolbar\4.2.5.24020\FFToolbar\searchplugins (Adware.DoubleD) -> No action taken.

C:\Program Files\DoubleD\GamingHarbor Toolbar\4.2.5.24020\Icons (Adware.DoubleD) -> No action taken.

C:\Program Files\DoubleD\GamingHarbor Toolbar\4.2.5.24020\Skins (Adware.DoubleD) -> No action taken.

C:\Program Files\FunWebProducts (Adware.MyWebSearch) -> No action taken.

C:\Program Files\FunWebProducts\ScreenSaver (Adware.MyWebSearch) -> No action taken.

C:\Program Files\FunWebProducts\ScreenSaver\Images (Adware.MyWebSearch) -> No action taken.

C:\Program Files\Internet Saving Optimizer (Adware.DoubleD) -> No action taken.

C:\Program Files\Internet Saving Optimizer\3.8.1.4690 (Adware.DoubleD) -> No action taken.

C:\Program Files\Internet Saving Optimizer\3.8.1.4690\Data (Adware.DoubleD) -> No action taken.

C:\Program Files\Internet Saving Optimizer\3.8.1.4690\FF (Adware.DoubleD) -> No action taken.

C:\Program Files\Internet Saving Optimizer\3.8.1.4690\FF\chrome (Adware.DoubleD) -> No action taken.

C:\Program Files\Internet Saving Optimizer\3.8.1.4690\FF\chrome\content (Adware.DoubleD) -> No action taken.

C:\Program Files\Internet Saving Optimizer\3.8.1.4690\FF\components (Adware.DoubleD) -> No action taken.

C:\Program Files\Media Access Startup (Adware.DoubleD) -> No action taken.

C:\Program Files\Media Access Startup\2.0.0.1050 (Adware.DoubleD) -> No action taken.

C:\Program Files\Media Access Startup\2.0.0.1050\Data (Adware.DoubleD) -> No action taken.

C:\Program Files\Media Access Startup\2.0.0.1050\FF (Adware.DoubleD) -> No action taken.

C:\Program Files\Media Access Startup\2.0.0.1050\FF\chrome (Adware.DoubleD) -> No action taken.

C:\Program Files\Media Access Startup\2.0.0.1050\FF\chrome\content (Adware.DoubleD) -> No action taken.

C:\Program Files\Media Access Startup\2.0.0.1050\FF\components (Adware.DoubleD) -> No action taken.

C:\Program Files\MyWebSearch (Adware.MyWebSearch) -> No action taken.

C:\Program Files\MyWebSearch\bar (Adware.MyWebSearch) -> No action taken.

C:\Program Files\MyWebSearch\bar\History (Adware.MyWebSearch) -> No action taken.

C:\Program Files\MyWebSearch\bar\Settings (Adware.MyWebSearch) -> No action taken.

C:\Program Files\System Search Dispatcher (Adware.DoubleD) -> No action taken.

C:\Program Files\System Search Dispatcher\1.4.3.1040 (Adware.DoubleD) -> No action taken.

C:\Program Files\System Search Dispatcher\1.4.3.1040\Data (Adware.DoubleD) -> No action taken.

 

Infekterade filer:

C:\Users\Marcus\AppData\Roaming\MSA\mscj.exe (Backdoor.Bot) -> No action taken.

c:\Windows\bill103.exe (Worm.KoobFace) -> No action taken.

C:\Users\Marcus\AppData\Local\rdr_1269090991.exe (Worm.KoobFace) -> No action taken.

C:\Users\Marcus\AppData\Local\rdr_1269140328.exe (Worm.KoobFace) -> No action taken.

C:\Users\Marcus\AppData\Local\rdr_1269140668.exe (Worm.KoobFace) -> No action taken.

C:\Users\Marcus\AppData\Local\rdr_1269162922.exe (Worm.KoobFace) -> No action taken.

C:\Users\Marcus\AppData\Local\rdr_1269163249.exe (Worm.KoobFace) -> No action taken.

C:\Users\Marcus\AppData\Local\rdr_1269251752.exe (Worm.KoobFace) -> No action taken.

C:\Users\Marcus\AppData\Local\rdr_1269252085.exe (Worm.KoobFace) -> No action taken.

C:\Users\Marcus\AppData\Local\rdr_1269283641.exe (Worm.KoobFace) -> No action taken.

C:\Users\Marcus\AppData\Local\rdr_1269283997.exe (Worm.KoobFace) -> No action taken.

C:\Users\Marcus\AppData\Local\rdr_1269430406.exe (Worm.KoobFace) -> No action taken.

C:\Users\Marcus\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\23FB5XU3\loader[10].exe (Worm.Koobface) -> No action taken.

C:\Users\Marcus\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\23FB5XU3\loader[1].exe (Trojan.Downloader) -> No action taken.

C:\Users\Marcus\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\23FB5XU3\loader[2].exe (Trojan.Agent) -> No action taken.

C:\Users\Marcus\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\23FB5XU3\loader[3].exe (Worm.Koobface) -> No action taken.

C:\Users\Marcus\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\23FB5XU3\loader[4].exe (Worm.Koobface) -> No action taken.

C:\Users\Marcus\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\23FB5XU3\loader[5].exe (Worm.Koobface) -> No action taken.

C:\Users\Marcus\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\23FB5XU3\loader[6].exe (Trojan.Dropper) -> No action taken.

C:\Users\Marcus\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\23FB5XU3\loader[7].exe (Worm.KoobFace) -> No action taken.

C:\Users\Marcus\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\23FB5XU3\loader[8].exe (Trojan.Agent) -> No action taken.

C:\Users\Marcus\Downloads\IWONGlobalSetup2.3.67.1.SA.HP.ZVfox000.exe (Adware.MyWebSearch) -> No action taken.

C:\Users\Marcus\Downloads\packupdate_build106_231(4).exe (Trojan.Downloader) -> No action taken.

C:\Users\Marcus\Downloads\packupdate_build106_231(5).exe (Trojan.Downloader) -> No action taken.

C:\Users\Marcus\Downloads\packupdate_build106_231.exe (Trojan.Downloader) -> No action taken.

C:\Windows\System32\captcha.dll (Worm.KoobFace) -> No action taken.

C:\Windows\System32\erokosvc.dll (Worm.KoobFace) -> No action taken.

C:\Windows\System32\drivers\imapioko.sys (Worm.KoobFace) -> No action taken.

C:\Program Files\Advantage\AdVantage.db (Adware.Advantage) -> No action taken.

C:\Program Files\Advantage\AdVantage.htm (Adware.Advantage) -> No action taken.

C:\Program Files\Advantage\AdVUninst.exe (Adware.Advantage) -> No action taken.

C:\Program Files\Advantage\ffext.mod (Adware.Advantage) -> No action taken.

C:\Program Files\Advantage\TR.dll (Adware.Advantage) -> No action taken.

C:\Program Files\Advantage\user.db (Adware.Advantage) -> No action taken.

C:\Program Files\DoubleD\GamingHarbor Toolbar\4.2.5.24020\Cache\248d6576afce4ee94af42d7350131106.gif (Adware.DoubleD) -> No action taken.

C:\Program Files\DoubleD\GamingHarbor Toolbar\4.2.5.24020\Cache\24a70fb875fab686b6b3c217612bc07c.gif (Adware.DoubleD) -> No action taken.

C:\Program Files\DoubleD\GamingHarbor Toolbar\4.2.5.24020\Cache\2afcf6f3f2e19cc42d7f72f3b18b26ef.gif (Adware.DoubleD) -> No action taken.

C:\Program Files\DoubleD\GamingHarbor Toolbar\4.2.5.24020\Cache\50bffa6936b3e661971a58e3c8bdf4cb.gif (Adware.DoubleD) -> No action taken.

C:\Program Files\DoubleD\GamingHarbor Toolbar\4.2.5.24020\Cache\default1.dat (Adware.DoubleD) -> No action taken.

C:\Program Files\DoubleD\GamingHarbor Toolbar\4.2.5.24020\Cache\loading.dat (Adware.DoubleD) -> No action taken.

C:\Program Files\DoubleD\GamingHarbor Toolbar\4.2.5.24020\Cache\loading.gif (Adware.DoubleD) -> No action taken.

C:\Program Files\DoubleD\GamingHarbor Toolbar\4.2.5.24020\Data\Module_Cursor.mx (Adware.DoubleD) -> No action taken.

C:\Program Files\DoubleD\GamingHarbor Toolbar\4.2.5.24020\Data\Module_DailyVideo.mx (Adware.DoubleD) -> No action taken.

C:\Program Files\DoubleD\GamingHarbor Toolbar\4.2.5.24020\Data\Module_Game.mx (Adware.DoubleD) -> No action taken.

C:\Program Files\DoubleD\GamingHarbor Toolbar\4.2.5.24020\Data\Module_Glitter.mx (Adware.DoubleD) -> No action taken.

C:\Program Files\DoubleD\GamingHarbor Toolbar\4.2.5.24020\Data\Module_Logo.mx (Adware.DoubleD) -> No action taken.

C:\Program Files\DoubleD\GamingHarbor Toolbar\4.2.5.24020\Data\Module_Option.mx (Adware.DoubleD) -> No action taken.

C:\Program Files\DoubleD\GamingHarbor Toolbar\4.2.5.24020\Data\Module_Recipe.mx (Adware.DoubleD) -> No action taken.

C:\Program Files\DoubleD\GamingHarbor Toolbar\4.2.5.24020\Data\Module_Ringtone.mx (Adware.DoubleD) -> No action taken.

C:\Program Files\DoubleD\GamingHarbor Toolbar\4.2.5.24020\Data\Module_Screensaver.mx (Adware.DoubleD) -> No action taken.

C:\Program Files\DoubleD\GamingHarbor Toolbar\4.2.5.24020\Data\Module_Search.mx (Adware.DoubleD) -> No action taken.

C:\Program Files\DoubleD\GamingHarbor Toolbar\4.2.5.24020\Data\Module_Smiley.mx (Adware.DoubleD) -> No action taken.

C:\Program Files\DoubleD\GamingHarbor Toolbar\4.2.5.24020\Data\Module_Smiley_Config.mx (Adware.DoubleD) -> No action taken.

C:\Program Files\DoubleD\GamingHarbor Toolbar\4.2.5.24020\Data\Module_Smiley_TellAFriend.mx (Adware.DoubleD) -> No action taken.

C:\Program Files\DoubleD\GamingHarbor Toolbar\4.2.5.24020\Data\Module_Wallpaper.mx (Adware.DoubleD) -> No action taken.

C:\Program Files\DoubleD\GamingHarbor Toolbar\4.2.5.24020\Data\Module_Web.mx (Adware.DoubleD) -> No action taken.

C:\Program Files\DoubleD\GamingHarbor Toolbar\4.2.5.24020\Data\pixel.mx (Adware.DoubleD) -> No action taken.

C:\Program Files\DoubleD\GamingHarbor Toolbar\4.2.5.24020\Data\ProductInfo.mx (Adware.DoubleD) -> No action taken.

C:\Program Files\DoubleD\GamingHarbor Toolbar\4.2.5.24020\Data\profile.mx (Adware.DoubleD) -> No action taken.

C:\Program Files\DoubleD\GamingHarbor Toolbar\4.2.5.24020\Data\SearchEngineList.mx (Adware.DoubleD) -> No action taken.

C:\Program Files\DoubleD\GamingHarbor Toolbar\4.2.5.24020\Data\tbcore.mx (Adware.DoubleD) -> No action taken.

C:\Program Files\DoubleD\GamingHarbor Toolbar\4.2.5.24020\Data\ToolbarLayout.mx (Adware.DoubleD) -> No action taken.

C:\Program Files\DoubleD\GamingHarbor Toolbar\4.2.5.24020\Data\UpdateCentre.mx (Adware.DoubleD) -> No action taken.

C:\Program Files\DoubleD\GamingHarbor Toolbar\4.2.5.24020\Data\UpdateCentreBk.mx (Adware.DoubleD) -> No action taken.

C:\Program Files\DoubleD\GamingHarbor Toolbar\4.2.5.24020\Data\URLDynamic.mx (Adware.DoubleD) -> No action taken.

C:\Program Files\DoubleD\GamingHarbor Toolbar\4.2.5.24020\Data\URLStatic.mx (Adware.DoubleD) -> No action taken.

C:\Program Files\DoubleD\GamingHarbor Toolbar\4.2.5.24020\FFToolbar\install.rdf (Adware.DoubleD) -> No action taken.

C:\Program Files\DoubleD\GamingHarbor Toolbar\4.2.5.24020\FFToolbar\chrome\GamingHarborToolbar.jar (Adware.DoubleD) -> No action taken.

C:\Program Files\DoubleD\GamingHarbor Toolbar\4.2.5.24020\FFToolbar\chrome\locale\en-US\global.dtd (Adware.DoubleD) -> No action taken.

C:\Program Files\DoubleD\GamingHarbor Toolbar\4.2.5.24020\FFToolbar\components\ISmileyCore.xpt (Adware.DoubleD) -> No action taken.

C:\Program Files\DoubleD\GamingHarbor Toolbar\4.2.5.24020\FFToolbar\components\TBFFHelper.xpt (Adware.DoubleD) -> No action taken.

C:\Program Files\DoubleD\GamingHarbor Toolbar\4.2.5.24020\FFToolbar\searchplugins\gamingharborsearchplugins.xml (Adware.DoubleD) -> No action taken.

C:\Program Files\DoubleD\GamingHarbor Toolbar\4.2.5.24020\Icons\About.mg (Adware.DoubleD) -> No action taken.

C:\Program Files\DoubleD\GamingHarbor Toolbar\4.2.5.24020\Icons\Component_ComboBox.mg (Adware.DoubleD) -> No action taken.

C:\Program Files\DoubleD\GamingHarbor Toolbar\4.2.5.24020\Icons\Module_Cursor.mg (Adware.DoubleD) -> No action taken.

C:\Program Files\DoubleD\GamingHarbor Toolbar\4.2.5.24020\Icons\Module_Cursor.png (Adware.DoubleD) -> No action taken.

C:\Program Files\DoubleD\GamingHarbor Toolbar\4.2.5.24020\Icons\Module_DailyVideo.mg (Adware.DoubleD) -> No action taken.

C:\Program Files\DoubleD\GamingHarbor Toolbar\4.2.5.24020\Icons\Module_Game.mg (Adware.DoubleD) -> No action taken.

C:\Program Files\DoubleD\GamingHarbor Toolbar\4.2.5.24020\Icons\Module_Glitter.mg (Adware.DoubleD) -> No action taken.

C:\Program Files\DoubleD\GamingHarbor Toolbar\4.2.5.24020\Icons\Module_Glitter.png (Adware.DoubleD) -> No action taken.

C:\Program Files\DoubleD\GamingHarbor Toolbar\4.2.5.24020\Icons\Module_Logo.mg (Adware.DoubleD) -> No action taken.

C:\Program Files\DoubleD\GamingHarbor Toolbar\4.2.5.24020\Icons\Module_Option.mg (Adware.DoubleD) -> No action taken.

C:\Program Files\DoubleD\GamingHarbor Toolbar\4.2.5.24020\Icons\Module_Recipe.mg (Adware.DoubleD) -> No action taken.

C:\Program Files\DoubleD\GamingHarbor Toolbar\4.2.5.24020\Icons\Module_Ringtone.mg (Adware.DoubleD) -> No action taken.

C:\Program Files\DoubleD\GamingHarbor Toolbar\4.2.5.24020\Icons\Module_Screensaver.mg (Adware.DoubleD) -> No action taken.

C:\Program Files\DoubleD\GamingHarbor Toolbar\4.2.5.24020\Icons\Module_Search.mg (Adware.DoubleD) -> No action taken.

C:\Program Files\DoubleD\GamingHarbor Toolbar\4.2.5.24020\Icons\Module_Smiley.mg (Adware.DoubleD) -> No action taken.

C:\Program Files\DoubleD\GamingHarbor Toolbar\4.2.5.24020\Icons\Module_Smiley.png (Adware.DoubleD) -> No action taken.

C:\Program Files\DoubleD\GamingHarbor Toolbar\4.2.5.24020\Icons\Module_Wallpaper.mg (Adware.DoubleD) -> No action taken.

C:\Program Files\DoubleD\GamingHarbor Toolbar\4.2.5.24020\Icons\Module_Web.mg (Adware.DoubleD) -> No action taken.

C:\Program Files\DoubleD\GamingHarbor Toolbar\4.2.5.24020\Icons\TBBtnDefault.png (Adware.DoubleD) -> No action taken.

C:\Program Files\DoubleD\GamingHarbor Toolbar\4.2.5.24020\Icons\TBBtnDisplay.bmp (Adware.DoubleD) -> No action taken.

C:\Program Files\DoubleD\GamingHarbor Toolbar\4.2.5.24020\Icons\TBBtnDisplay.png (Adware.DoubleD) -> No action taken.

C:\Program Files\DoubleD\GamingHarbor Toolbar\4.2.5.24020\Icons\TBBtnDisplay18.bmp (Adware.DoubleD) -> No action taken.

C:\Program Files\DoubleD\GamingHarbor Toolbar\4.2.5.24020\Icons\TBBtnDisplay20.bmp (Adware.DoubleD) -> No action taken.

C:\Program Files\DoubleD\GamingHarbor Toolbar\4.2.5.24020\Icons\TBBtnGlitters.bmp (Adware.DoubleD) -> No action taken.

C:\Program Files\DoubleD\GamingHarbor Toolbar\4.2.5.24020\Icons\TBBtnGlitters.png (Adware.DoubleD) -> No action taken.

C:\Program Files\DoubleD\GamingHarbor Toolbar\4.2.5.24020\Icons\TBBtnGlitters18.bmp (Adware.DoubleD) -> No action taken.

C:\Program Files\DoubleD\GamingHarbor Toolbar\4.2.5.24020\Icons\TBBtnGlitters20.bmp (Adware.DoubleD) -> No action taken.

C:\Program Files\DoubleD\GamingHarbor Toolbar\4.2.5.24020\Icons\TBBtnOption.png (Adware.DoubleD) -> No action taken.

C:\Program Files\DoubleD\GamingHarbor Toolbar\4.2.5.24020\Icons\TBBtnSmiley.bmp (Adware.DoubleD) -> No action taken.

C:\Program Files\DoubleD\GamingHarbor Toolbar\4.2.5.24020\Icons\TBBtnSmiley.png (Adware.DoubleD) -> No action taken.

C:\Program Files\DoubleD\GamingHarbor Toolbar\4.2.5.24020\Icons\TBBtnSmiley18.bmp (Adware.DoubleD) -> No action taken.

C:\Program Files\DoubleD\GamingHarbor Toolbar\4.2.5.24020\Icons\TBBtnSmiley20.bmp (Adware.DoubleD) -> No action taken.

C:\Program Files\DoubleD\GamingHarbor Toolbar\4.2.5.24020\Icons\TBBtnTellFd.bmp (Adware.DoubleD) -> No action taken.

C:\Program Files\DoubleD\GamingHarbor Toolbar\4.2.5.24020\Icons\TBBtnTellFd.png (Adware.DoubleD) -> No action taken.

C:\Program Files\DoubleD\GamingHarbor Toolbar\4.2.5.24020\Icons\TBBtnTellFd18.bmp (Adware.DoubleD) -> No action taken.

C:\Program Files\DoubleD\GamingHarbor Toolbar\4.2.5.24020\Icons\TBBtnTellFd20.bmp (Adware.DoubleD) -> No action taken.

C:\Program Files\DoubleD\GamingHarbor Toolbar\4.2.5.24020\Icons\TBBtnWink.bmp (Adware.DoubleD) -> No action taken.

C:\Program Files\DoubleD\GamingHarbor Toolbar\4.2.5.24020\Icons\TBBtnWink.png (Adware.DoubleD) -> No action taken.

C:\Program Files\DoubleD\GamingHarbor Toolbar\4.2.5.24020\Icons\TBBtnWink18.bmp (Adware.DoubleD) -> No action taken.

C:\Program Files\DoubleD\GamingHarbor Toolbar\4.2.5.24020\Icons\TBBtnWink20.bmp (Adware.DoubleD) -> No action taken.

C:\Program Files\DoubleD\GamingHarbor Toolbar\4.2.5.24020\Skins\myskin1.skf (Adware.DoubleD) -> No action taken.

C:\Program Files\DoubleD\GamingHarbor Toolbar\4.2.5.24020\Skins\myskin2.skf (Adware.DoubleD) -> No action taken.

C:\Program Files\DoubleD\GamingHarbor Toolbar\4.2.5.24020\Skins\myskin3.skf (Adware.DoubleD) -> No action taken.

C:\Program Files\DoubleD\GamingHarbor Toolbar\4.2.5.24020\Skins\myskin4.skf (Adware.DoubleD) -> No action taken.

C:\Program Files\DoubleD\GamingHarbor Toolbar\4.2.5.24020\Skins\TellafriendSkin.skf (Adware.DoubleD) -> No action taken.

C:\Program Files\DoubleD\GamingHarbor Toolbar\4.2.5.24020\Skins\TellafriendSkin_s.skf (Adware.DoubleD) -> No action taken.

C:\Program Files\DoubleD\GamingHarbor Toolbar\4.2.5.24020\Skins\ToastSkin.skf (Adware.DoubleD) -> No action taken.

C:\Program Files\Internet Saving Optimizer\3.8.1.4690\unins000.dat (Adware.DoubleD) -> No action taken.

C:\Program Files\Internet Saving Optimizer\3.8.1.4690\Data\config.md (Adware.DoubleD) -> No action taken.

C:\Program Files\Internet Saving Optimizer\3.8.1.4690\FF\install.rdf (Adware.DoubleD) -> No action taken.

C:\Program Files\Internet Saving Optimizer\3.8.1.4690\FF\chrome\NPAddOn.jar (Adware.DoubleD) -> No action taken.

C:\Program Files\Internet Saving Optimizer\3.8.1.4690\FF\chrome\content\NPAddOn.xul (Adware.DoubleD) -> No action taken.

C:\Program Files\Internet Saving Optimizer\3.8.1.4690\FF\components\NPFFAddOn.xpt (Adware.DoubleD) -> No action taken.

C:\Program Files\Media Access Startup\2.0.0.1050\unins000.dat (Adware.DoubleD) -> No action taken.

C:\Program Files\Media Access Startup\2.0.0.1050\Data\config.md (Adware.DoubleD) -> No action taken.

C:\Program Files\Media Access Startup\2.0.0.1050\FF\install.rdf (Adware.DoubleD) -> No action taken.

C:\Program Files\Media Access Startup\2.0.0.1050\FF\chrome\HPAddOn.jar (Adware.DoubleD) -> No action taken.

C:\Program Files\Media Access Startup\2.0.0.1050\FF\chrome\content\HPAddOn.xul (Adware.DoubleD) -> No action taken.

C:\Program Files\Media Access Startup\2.0.0.1050\FF\components\HPFFAddOn.xpt (Adware.DoubleD) -> No action taken.

C:\Program Files\MyWebSearch\bar\Settings\s_pid.dat (Adware.MyWebSearch) -> No action taken.

C:\Program Files\System Search Dispatcher\1.4.3.1040\unins000.dat (Adware.DoubleD) -> No action taken.

C:\Program Files\System Search Dispatcher\1.4.3.1040\Data\eacore.mx (Adware.DoubleD) -> No action taken.

C:\Program Files\System Search Dispatcher\1.4.3.1040\Data\URLDynamic.mx (Adware.DoubleD) -> No action taken.

C:\Program Files\System Search Dispatcher\1.4.3.1040\Data\URLStatic.mx (Adware.DoubleD) -> No action taken.

C:\Windows\ligh (Koobface.Trace) -> No action taken.

C:\Users\Marcus\AppData\Local\Temp\sshnas21.dll (Trojan.Downloader) -> No action taken.

C:\Windows\bk23567.dat (KoobFace.Trace) -> No action taken.

C:\Windows\fdgg34353edfgdfdf (KoobFace.Trace) -> No action taken.

C:\Users\Marcus\AppData\Roaming\msacm32S.dll (Trojan.Agent) -> No action taken.

C:\Windows\Tasks\{35DC3473-A719-4d14-B7C1-FD326CA84A0C}.job (Trojan.Downloader) -> No action taken.

C:\Users\Marcus\AppData\Roaming\MSA\w2_0.exe (Rogue.MSAntiVirus) -> No action taken.

C:\Users\Marcus\AppData\Local\avinvwrmulti\avinvwrmulti.dll (Adware.Agent.N) -> No action taken.

C:\Users\Marcus\Local Settings\Application Data\010112010146111103.xxe (Worm.KoobFace) -> No action taken.

C:\Users\Marcus\Local Settings\Application Data\010112010146114101.xxe (Worm.KoobFace) -> No action taken.

C:\Users\Marcus\Local Settings\Application Data\01011201014650115.xxe (Worm.KoobFace) -> No action taken.

C:\Users\Marcus\Local Settings\Application Data\rdr_1269090991.exe (Worm.KoobFace) -> No action taken.

C:\Users\Marcus\Local Settings\Application Data\rdr_1269140328.exe (Worm.KoobFace) -> No action taken.

C:\Users\Marcus\Local Settings\Application Data\rdr_1269140668.exe (Worm.KoobFace) -> No action taken.

C:\Users\Marcus\Local Settings\Application Data\rdr_1269162922.exe (Worm.KoobFace) -> No action taken.

C:\Users\Marcus\Local Settings\Application Data\rdr_1269163249.exe (Worm.KoobFace) -> No action taken.

C:\Users\Marcus\Local Settings\Application Data\rdr_1269251752.exe (Worm.KoobFace) -> No action taken.

C:\Users\Marcus\Local Settings\Application Data\rdr_1269252085.exe (Worm.KoobFace) -> No action taken.

C:\Users\Marcus\Local Settings\Application Data\rdr_1269283641.exe (Worm.KoobFace) -> No action taken.

C:\Users\Marcus\Local Settings\Application Data\rdr_1269283997.exe (Worm.KoobFace) -> No action taken.

C:\Users\Marcus\Local Settings\Application Data\rdr_1269430406.exe (Worm.KoobFace) -> No action taken.

Link to comment
Share on other sites

Du ska låta MBAM åtgärda det den hittar. Nu står det "No action taken" överallt i loggen.

Link to comment
Share on other sites

Malwarebytes' Anti-Malware 1.46

www.malwarebytes.org

 

Databasversion: 4052

 

Windows 6.0.6000

Internet Explorer 7.0.6000.16982

 

2010-07-04 14:15:56

mbam-log-2010-07-04 (14-15-56).txt

 

Skanningstyp: Snabbskanning

Antal skannade objekt: 126561

Förfluten tid: 22 minut(er), 54 sekund(er)

 

Infekterade minnesprocesser: 1

Infekterade minnesmoduler: 3

Infekterade registernycklar: 35

Infekterade registervärden: 9

Infekterade registerdataposter: 0

Infekterade mappar: 38

Infekterade filer: 138

 

Infekterade minnesprocesser:

C:\Windows\bill103.exe (Worm.KoobFace) -> No action taken.

 

Infekterade minnesmoduler:

c:\Windows\System32\captcha.dll (Worm.KoobFace) -> No action taken.

c:\Windows\System32\erokosvc.dll (Worm.KoobFace) -> No action taken.

C:\Users\Marcus\AppData\Local\Temp\sshnas21.dll (Trojan.Downloader) -> No action taken.

 

Infekterade registernycklar:

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\captcha (Worm.KoobFace) -> No action taken.

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\cpqoko6 (Worm.KoobFace) -> No action taken.

HKEY_CLASSES_ROOT\Interface\{2e9937fc-cf2f-4f56-af54-5a6a3dd375cc} (Adware.MyWebSearch) -> No action taken.

HKEY_CLASSES_ROOT\Interface\{741de825-a6f0-4497-9aa6-8023cf9b0fff} (Adware.MyWebSearch) -> No action taken.

HKEY_CLASSES_ROOT\Interface\{cf54be1c-9359-4395-8533-1657cf209cfe} (Adware.MyWebSearch) -> No action taken.

HKEY_CLASSES_ROOT\CLSID\{147a976f-eee1-4377-8ea7-4716e4cdd239} (Adware.MyWebSearch) -> No action taken.

HKEY_CLASSES_ROOT\Typelib\{d518921a-4a03-425e-9873-b9a71756821e} (Adware.MyWebSearch) -> No action taken.

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{56256a51-b582-467e-b8d4-7786eda79ae0} (Trojan.Vundo) -> No action taken.

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{00a6faf1-072e-44cf-8957-5838f569a31d} (Adware.MyWebSearch) -> No action taken.

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{07b18ea1-a523-4961-b6bb-170de4475cca} (Adware.MyWebSearch) -> No action taken.

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{07b18ea9-a523-4961-b6bb-170de4475cca} (Adware.MyWebSearch) -> No action taken.

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{07b18eab-a523-4961-b6bb-170de4475cca} (Adware.MyWebSearch) -> No action taken.

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{59c7fc09-1c83-4648-b3e6-003d2bbc7481} (Adware.MyWebSearch) -> No action taken.

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{68af847f-6e91-45dd-9b68-d6a12c30e5d7} (Adware.MyWebSearch) -> No action taken.

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{9170b96c-28d4-4626-8358-27e6caeef907} (Adware.MyWebSearch) -> No action taken.

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{d1a71fa0-ff48-48dd-9b6d-7a13a3e42127} (Adware.MyWebSearch) -> No action taken.

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{ddb1968e-ead6-40fd-8dae-ff14757f60c7} (Adware.MyWebSearch) -> No action taken.

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{f138d901-86f0-4383-99b6-9cdd406036da} (Adware.MyWebSearch) -> No action taken.

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{56256a51-b582-467e-b8d4-7786eda79ae0} (Trojan.Vundo) -> No action taken.

HKEY_CLASSES_ROOT\TypeLib\{dabf362d-d442-4402-9208-ca9ed70dd01e} (Adware.Advantage) -> No action taken.

HKEY_CLASSES_ROOT\Interface\{5ac3a9ef-c0f8-41d4-b4e2-b7cebb794151} (Adware.Advantage) -> No action taken.

HKEY_CLASSES_ROOT\Interface\{862def42-89aa-49fa-ae1f-8a84b1b08a17} (Adware.Advantage) -> No action taken.

HKEY_CLASSES_ROOT\Interface\{f6e4845d-1d13-4bc0-942d-b9191524cc48} (Adware.Advantage) -> No action taken.

HKEY_CLASSES_ROOT\CLSID\{602d9049-b4ac-4a25-bf75-a9b54d747cba} (Adware.Advantage) -> No action taken.

HKEY_CURRENT_USER\SOFTWARE\advantage (Adware.Vomba) -> No action taken.

HKEY_CURRENT_USER\SOFTWARE\MyWebSearch (Adware.MyWebSearch) -> No action taken.

HKEY_CURRENT_USER\SOFTWARE\XML (Trojan.FakeAlert) -> No action taken.

HKEY_LOCAL_MACHINE\SOFTWARE\FocusInteractive (Adware.MyWebSearch) -> No action taken.

HKEY_LOCAL_MACHINE\SOFTWARE\Fun Web Products (Adware.MyWebSearch) -> No action taken.

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\RunDll32Policy\f3ScrCtr.dll (Adware.MyWebSearch) -> No action taken.

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Multimedia\WMPlayer\Schemes\f3pss (Adware.MyWebSearch) -> No action taken.

HKEY_LOCAL_MACHINE\SOFTWARE\MyWebSearch (Adware.MyWebSearch) -> No action taken.

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Handle (Malware.Trace) -> No action taken.

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\apto6ko (Worm.KoobFace) -> No action taken.

HKEY_CURRENT_USER\SOFTWARE\QZAIB7KITK (Trojan.FakeAlert) -> No action taken.

 

Infekterade registervärden:

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\sysfbtray (Worm.KoobFace) -> No action taken.

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\mscj.exe (Backdoor.Bot) -> No action taken.

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\mscj (Backdoor.Bot) -> No action taken.

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\tapisrvs (Worm.KoobFace) -> No action taken.

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\mscjm.exe (Trojan.FakeAlert) -> No action taken.

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\halo2 (Trojan.Downloader) -> No action taken.

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\azjaq (Trojan.Agent) -> No action taken.

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\avinvwrmulti (Adware.Agent.N) -> No action taken.

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\captcha (Worm.KoobFace) -> No action taken.

 

Infekterade registerdataposter:

(Inga illasinnade poster hittades)

 

Infekterade mappar:

C:\Program Files\Advantage (Adware.Advantage) -> No action taken.

C:\Program Files\DoubleD (Adware.DoubleD) -> No action taken.

C:\Program Files\DoubleD\GamingHarbor Toolbar (Adware.DoubleD) -> No action taken.

C:\Program Files\DoubleD\GamingHarbor Toolbar\4.2.5.24020 (Adware.DoubleD) -> No action taken.

C:\Program Files\DoubleD\GamingHarbor Toolbar\4.2.5.24020\Cache (Adware.DoubleD) -> No action taken.

C:\Program Files\DoubleD\GamingHarbor Toolbar\4.2.5.24020\Data (Adware.DoubleD) -> No action taken.

C:\Program Files\DoubleD\GamingHarbor Toolbar\4.2.5.24020\FFToolbar (Adware.DoubleD) -> No action taken.

C:\Program Files\DoubleD\GamingHarbor Toolbar\4.2.5.24020\FFToolbar\chrome (Adware.DoubleD) -> No action taken.

C:\Program Files\DoubleD\GamingHarbor Toolbar\4.2.5.24020\FFToolbar\chrome\locale (Adware.DoubleD) -> No action taken.

C:\Program Files\DoubleD\GamingHarbor Toolbar\4.2.5.24020\FFToolbar\chrome\locale\en-US (Adware.DoubleD) -> No action taken.

C:\Program Files\DoubleD\GamingHarbor Toolbar\4.2.5.24020\FFToolbar\components (Adware.DoubleD) -> No action taken.

C:\Program Files\DoubleD\GamingHarbor Toolbar\4.2.5.24020\FFToolbar\searchplugins (Adware.DoubleD) -> No action taken.

C:\Program Files\DoubleD\GamingHarbor Toolbar\4.2.5.24020\Icons (Adware.DoubleD) -> No action taken.

C:\Program Files\DoubleD\GamingHarbor Toolbar\4.2.5.24020\Skins (Adware.DoubleD) -> No action taken.

C:\Program Files\FunWebProducts (Adware.MyWebSearch) -> No action taken.

C:\Program Files\FunWebProducts\ScreenSaver (Adware.MyWebSearch) -> No action taken.

C:\Program Files\FunWebProducts\ScreenSaver\Images (Adware.MyWebSearch) -> No action taken.

C:\Program Files\Internet Saving Optimizer (Adware.DoubleD) -> No action taken.

C:\Program Files\Internet Saving Optimizer\3.8.1.4690 (Adware.DoubleD) -> No action taken.

C:\Program Files\Internet Saving Optimizer\3.8.1.4690\Data (Adware.DoubleD) -> No action taken.

C:\Program Files\Internet Saving Optimizer\3.8.1.4690\FF (Adware.DoubleD) -> No action taken.

C:\Program Files\Internet Saving Optimizer\3.8.1.4690\FF\chrome (Adware.DoubleD) -> No action taken.

C:\Program Files\Internet Saving Optimizer\3.8.1.4690\FF\chrome\content (Adware.DoubleD) -> No action taken.

C:\Program Files\Internet Saving Optimizer\3.8.1.4690\FF\components (Adware.DoubleD) -> No action taken.

C:\Program Files\Media Access Startup (Adware.DoubleD) -> No action taken.

C:\Program Files\Media Access Startup\2.0.0.1050 (Adware.DoubleD) -> No action taken.

C:\Program Files\Media Access Startup\2.0.0.1050\Data (Adware.DoubleD) -> No action taken.

C:\Program Files\Media Access Startup\2.0.0.1050\FF (Adware.DoubleD) -> No action taken.

C:\Program Files\Media Access Startup\2.0.0.1050\FF\chrome (Adware.DoubleD) -> No action taken.

C:\Program Files\Media Access Startup\2.0.0.1050\FF\chrome\content (Adware.DoubleD) -> No action taken.

C:\Program Files\Media Access Startup\2.0.0.1050\FF\components (Adware.DoubleD) -> No action taken.

C:\Program Files\MyWebSearch (Adware.MyWebSearch) -> No action taken.

C:\Program Files\MyWebSearch\bar (Adware.MyWebSearch) -> No action taken.

C:\Program Files\MyWebSearch\bar\History (Adware.MyWebSearch) -> No action taken.

C:\Program Files\MyWebSearch\bar\Settings (Adware.MyWebSearch) -> No action taken.

C:\Program Files\System Search Dispatcher (Adware.DoubleD) -> No action taken.

C:\Program Files\System Search Dispatcher\1.4.3.1040 (Adware.DoubleD) -> No action taken.

C:\Program Files\System Search Dispatcher\1.4.3.1040\Data (Adware.DoubleD) -> No action taken.

 

Infekterade filer:

c:\Windows\System32\captcha.dll (Worm.KoobFace) -> No action taken.

c:\Windows\System32\erokosvc.dll (Worm.KoobFace) -> No action taken.

C:\Windows\bill103.exe (Worm.KoobFace) -> No action taken.

C:\Users\Marcus\AppData\Roaming\MSA\mscj.exe (Backdoor.Bot) -> No action taken.

C:\Windows\System32\drivers\imapioko.sys (Worm.KoobFace) -> No action taken.

C:\Users\Marcus\downloads\IWONGlobalSetup2.3.67.1.SA.HP.ZVfox000.exe (Adware.MyWebSearch) -> No action taken.

C:\Users\Marcus\downloads\packupdate_build106_231(5).exe (Trojan.Downloader) -> No action taken.

C:\Users\Marcus\downloads\packupdate_build106_231.exe (Trojan.Downloader) -> No action taken.

C:\Users\Marcus\downloads\packupdate_build106_231(4).exe (Trojan.Downloader) -> No action taken.

C:\Program Files\Advantage\AdVantage.db (Adware.Advantage) -> No action taken.

C:\Program Files\Advantage\AdVantage.htm (Adware.Advantage) -> No action taken.

C:\Program Files\Advantage\AdVUninst.exe (Adware.Advantage) -> No action taken.

C:\Program Files\Advantage\ffext.mod (Adware.Advantage) -> No action taken.

C:\Program Files\Advantage\TR.dll (Adware.Advantage) -> No action taken.

C:\Program Files\Advantage\user.db (Adware.Advantage) -> No action taken.

C:\Program Files\DoubleD\GamingHarbor Toolbar\4.2.5.24020\Cache\248d6576afce4ee94af42d7350131106.gif (Adware.DoubleD) -> No action taken.

C:\Program Files\DoubleD\GamingHarbor Toolbar\4.2.5.24020\Cache\24a70fb875fab686b6b3c217612bc07c.gif (Adware.DoubleD) -> No action taken.

C:\Program Files\DoubleD\GamingHarbor Toolbar\4.2.5.24020\Cache\2afcf6f3f2e19cc42d7f72f3b18b26ef.gif (Adware.DoubleD) -> No action taken.

C:\Program Files\DoubleD\GamingHarbor Toolbar\4.2.5.24020\Cache\50bffa6936b3e661971a58e3c8bdf4cb.gif (Adware.DoubleD) -> No action taken.

C:\Program Files\DoubleD\GamingHarbor Toolbar\4.2.5.24020\Cache\default1.dat (Adware.DoubleD) -> No action taken.

C:\Program Files\DoubleD\GamingHarbor Toolbar\4.2.5.24020\Cache\loading.dat (Adware.DoubleD) -> No action taken.

C:\Program Files\DoubleD\GamingHarbor Toolbar\4.2.5.24020\Cache\loading.gif (Adware.DoubleD) -> No action taken.

C:\Program Files\DoubleD\GamingHarbor Toolbar\4.2.5.24020\Data\Module_Cursor.mx (Adware.DoubleD) -> No action taken.

C:\Program Files\DoubleD\GamingHarbor Toolbar\4.2.5.24020\Data\Module_DailyVideo.mx (Adware.DoubleD) -> No action taken.

C:\Program Files\DoubleD\GamingHarbor Toolbar\4.2.5.24020\Data\Module_Game.mx (Adware.DoubleD) -> No action taken.

C:\Program Files\DoubleD\GamingHarbor Toolbar\4.2.5.24020\Data\Module_Glitter.mx (Adware.DoubleD) -> No action taken.

C:\Program Files\DoubleD\GamingHarbor Toolbar\4.2.5.24020\Data\Module_Logo.mx (Adware.DoubleD) -> No action taken.

C:\Program Files\DoubleD\GamingHarbor Toolbar\4.2.5.24020\Data\Module_Option.mx (Adware.DoubleD) -> No action taken.

C:\Program Files\DoubleD\GamingHarbor Toolbar\4.2.5.24020\Data\Module_Recipe.mx (Adware.DoubleD) -> No action taken.

C:\Program Files\DoubleD\GamingHarbor Toolbar\4.2.5.24020\Data\Module_Ringtone.mx (Adware.DoubleD) -> No action taken.

C:\Program Files\DoubleD\GamingHarbor Toolbar\4.2.5.24020\Data\Module_Screensaver.mx (Adware.DoubleD) -> No action taken.

C:\Program Files\DoubleD\GamingHarbor Toolbar\4.2.5.24020\Data\Module_Search.mx (Adware.DoubleD) -> No action taken.

C:\Program Files\DoubleD\GamingHarbor Toolbar\4.2.5.24020\Data\Module_Smiley.mx (Adware.DoubleD) -> No action taken.

C:\Program Files\DoubleD\GamingHarbor Toolbar\4.2.5.24020\Data\Module_Smiley_Config.mx (Adware.DoubleD) -> No action taken.

C:\Program Files\DoubleD\GamingHarbor Toolbar\4.2.5.24020\Data\Module_Smiley_TellAFriend.mx (Adware.DoubleD) -> No action taken.

C:\Program Files\DoubleD\GamingHarbor Toolbar\4.2.5.24020\Data\Module_Wallpaper.mx (Adware.DoubleD) -> No action taken.

C:\Program Files\DoubleD\GamingHarbor Toolbar\4.2.5.24020\Data\Module_Web.mx (Adware.DoubleD) -> No action taken.

C:\Program Files\DoubleD\GamingHarbor Toolbar\4.2.5.24020\Data\pixel.mx (Adware.DoubleD) -> No action taken.

C:\Program Files\DoubleD\GamingHarbor Toolbar\4.2.5.24020\Data\ProductInfo.mx (Adware.DoubleD) -> No action taken.

C:\Program Files\DoubleD\GamingHarbor Toolbar\4.2.5.24020\Data\profile.mx (Adware.DoubleD) -> No action taken.

C:\Program Files\DoubleD\GamingHarbor Toolbar\4.2.5.24020\Data\SearchEngineList.mx (Adware.DoubleD) -> No action taken.

C:\Program Files\DoubleD\GamingHarbor Toolbar\4.2.5.24020\Data\tbcore.mx (Adware.DoubleD) -> No action taken.

C:\Program Files\DoubleD\GamingHarbor Toolbar\4.2.5.24020\Data\ToolbarLayout.mx (Adware.DoubleD) -> No action taken.

C:\Program Files\DoubleD\GamingHarbor Toolbar\4.2.5.24020\Data\UpdateCentre.mx (Adware.DoubleD) -> No action taken.

C:\Program Files\DoubleD\GamingHarbor Toolbar\4.2.5.24020\Data\UpdateCentreBk.mx (Adware.DoubleD) -> No action taken.

C:\Program Files\DoubleD\GamingHarbor Toolbar\4.2.5.24020\Data\URLDynamic.mx (Adware.DoubleD) -> No action taken.

C:\Program Files\DoubleD\GamingHarbor Toolbar\4.2.5.24020\Data\URLStatic.mx (Adware.DoubleD) -> No action taken.

C:\Program Files\DoubleD\GamingHarbor Toolbar\4.2.5.24020\FFToolbar\install.rdf (Adware.DoubleD) -> No action taken.

C:\Program Files\DoubleD\GamingHarbor Toolbar\4.2.5.24020\FFToolbar\chrome\GamingHarborToolbar.jar (Adware.DoubleD) -> No action taken.

C:\Program Files\DoubleD\GamingHarbor Toolbar\4.2.5.24020\FFToolbar\chrome\locale\en-US\global.dtd (Adware.DoubleD) -> No action taken.

C:\Program Files\DoubleD\GamingHarbor Toolbar\4.2.5.24020\FFToolbar\components\ISmileyCore.xpt (Adware.DoubleD) -> No action taken.

C:\Program Files\DoubleD\GamingHarbor Toolbar\4.2.5.24020\FFToolbar\components\TBFFHelper.xpt (Adware.DoubleD) -> No action taken.

C:\Program Files\DoubleD\GamingHarbor Toolbar\4.2.5.24020\FFToolbar\searchplugins\gamingharborsearchplugins.xml (Adware.DoubleD) -> No action taken.

C:\Program Files\DoubleD\GamingHarbor Toolbar\4.2.5.24020\Icons\About.mg (Adware.DoubleD) -> No action taken.

C:\Program Files\DoubleD\GamingHarbor Toolbar\4.2.5.24020\Icons\Component_ComboBox.mg (Adware.DoubleD) -> No action taken.

C:\Program Files\DoubleD\GamingHarbor Toolbar\4.2.5.24020\Icons\Module_Cursor.mg (Adware.DoubleD) -> No action taken.

C:\Program Files\DoubleD\GamingHarbor Toolbar\4.2.5.24020\Icons\Module_Cursor.png (Adware.DoubleD) -> No action taken.

C:\Program Files\DoubleD\GamingHarbor Toolbar\4.2.5.24020\Icons\Module_DailyVideo.mg (Adware.DoubleD) -> No action taken.

C:\Program Files\DoubleD\GamingHarbor Toolbar\4.2.5.24020\Icons\Module_Game.mg (Adware.DoubleD) -> No action taken.

C:\Program Files\DoubleD\GamingHarbor Toolbar\4.2.5.24020\Icons\Module_Glitter.mg (Adware.DoubleD) -> No action taken.

C:\Program Files\DoubleD\GamingHarbor Toolbar\4.2.5.24020\Icons\Module_Glitter.png (Adware.DoubleD) -> No action taken.

C:\Program Files\DoubleD\GamingHarbor Toolbar\4.2.5.24020\Icons\Module_Logo.mg (Adware.DoubleD) -> No action taken.

C:\Program Files\DoubleD\GamingHarbor Toolbar\4.2.5.24020\Icons\Module_Option.mg (Adware.DoubleD) -> No action taken.

C:\Program Files\DoubleD\GamingHarbor Toolbar\4.2.5.24020\Icons\Module_Recipe.mg (Adware.DoubleD) -> No action taken.

C:\Program Files\DoubleD\GamingHarbor Toolbar\4.2.5.24020\Icons\Module_Ringtone.mg (Adware.DoubleD) -> No action taken.

C:\Program Files\DoubleD\GamingHarbor Toolbar\4.2.5.24020\Icons\Module_Screensaver.mg (Adware.DoubleD) -> No action taken.

C:\Program Files\DoubleD\GamingHarbor Toolbar\4.2.5.24020\Icons\Module_Search.mg (Adware.DoubleD) -> No action taken.

C:\Program Files\DoubleD\GamingHarbor Toolbar\4.2.5.24020\Icons\Module_Smiley.mg (Adware.DoubleD) -> No action taken.

C:\Program Files\DoubleD\GamingHarbor Toolbar\4.2.5.24020\Icons\Module_Smiley.png (Adware.DoubleD) -> No action taken.

C:\Program Files\DoubleD\GamingHarbor Toolbar\4.2.5.24020\Icons\Module_Wallpaper.mg (Adware.DoubleD) -> No action taken.

C:\Program Files\DoubleD\GamingHarbor Toolbar\4.2.5.24020\Icons\Module_Web.mg (Adware.DoubleD) -> No action taken.

C:\Program Files\DoubleD\GamingHarbor Toolbar\4.2.5.24020\Icons\TBBtnDefault.png (Adware.DoubleD) -> No action taken.

C:\Program Files\DoubleD\GamingHarbor Toolbar\4.2.5.24020\Icons\TBBtnDisplay.bmp (Adware.DoubleD) -> No action taken.

C:\Program Files\DoubleD\GamingHarbor Toolbar\4.2.5.24020\Icons\TBBtnDisplay.png (Adware.DoubleD) -> No action taken.

C:\Program Files\DoubleD\GamingHarbor Toolbar\4.2.5.24020\Icons\TBBtnDisplay18.bmp (Adware.DoubleD) -> No action taken.

C:\Program Files\DoubleD\GamingHarbor Toolbar\4.2.5.24020\Icons\TBBtnDisplay20.bmp (Adware.DoubleD) -> No action taken.

C:\Program Files\DoubleD\GamingHarbor Toolbar\4.2.5.24020\Icons\TBBtnGlitters.bmp (Adware.DoubleD) -> No action taken.

C:\Program Files\DoubleD\GamingHarbor Toolbar\4.2.5.24020\Icons\TBBtnGlitters.png (Adware.DoubleD) -> No action taken.

C:\Program Files\DoubleD\GamingHarbor Toolbar\4.2.5.24020\Icons\TBBtnGlitters18.bmp (Adware.DoubleD) -> No action taken.

C:\Program Files\DoubleD\GamingHarbor Toolbar\4.2.5.24020\Icons\TBBtnGlitters20.bmp (Adware.DoubleD) -> No action taken.

C:\Program Files\DoubleD\GamingHarbor Toolbar\4.2.5.24020\Icons\TBBtnOption.png (Adware.DoubleD) -> No action taken.

C:\Program Files\DoubleD\GamingHarbor Toolbar\4.2.5.24020\Icons\TBBtnSmiley.bmp (Adware.DoubleD) -> No action taken.

C:\Program Files\DoubleD\GamingHarbor Toolbar\4.2.5.24020\Icons\TBBtnSmiley.png (Adware.DoubleD) -> No action taken.

C:\Program Files\DoubleD\GamingHarbor Toolbar\4.2.5.24020\Icons\TBBtnSmiley18.bmp (Adware.DoubleD) -> No action taken.

C:\Program Files\DoubleD\GamingHarbor Toolbar\4.2.5.24020\Icons\TBBtnSmiley20.bmp (Adware.DoubleD) -> No action taken.

C:\Program Files\DoubleD\GamingHarbor Toolbar\4.2.5.24020\Icons\TBBtnTellFd.bmp (Adware.DoubleD) -> No action taken.

C:\Program Files\DoubleD\GamingHarbor Toolbar\4.2.5.24020\Icons\TBBtnTellFd.png (Adware.DoubleD) -> No action taken.

C:\Program Files\DoubleD\GamingHarbor Toolbar\4.2.5.24020\Icons\TBBtnTellFd18.bmp (Adware.DoubleD) -> No action taken.

C:\Program Files\DoubleD\GamingHarbor Toolbar\4.2.5.24020\Icons\TBBtnTellFd20.bmp (Adware.DoubleD) -> No action taken.

C:\Program Files\DoubleD\GamingHarbor Toolbar\4.2.5.24020\Icons\TBBtnWink.bmp (Adware.DoubleD) -> No action taken.

C:\Program Files\DoubleD\GamingHarbor Toolbar\4.2.5.24020\Icons\TBBtnWink.png (Adware.DoubleD) -> No action taken.

C:\Program Files\DoubleD\GamingHarbor Toolbar\4.2.5.24020\Icons\TBBtnWink18.bmp (Adware.DoubleD) -> No action taken.

C:\Program Files\DoubleD\GamingHarbor Toolbar\4.2.5.24020\Icons\TBBtnWink20.bmp (Adware.DoubleD) -> No action taken.

C:\Program Files\DoubleD\GamingHarbor Toolbar\4.2.5.24020\Skins\myskin1.skf (Adware.DoubleD) -> No action taken.

C:\Program Files\DoubleD\GamingHarbor Toolbar\4.2.5.24020\Skins\myskin2.skf (Adware.DoubleD) -> No action taken.

C:\Program Files\DoubleD\GamingHarbor Toolbar\4.2.5.24020\Skins\myskin3.skf (Adware.DoubleD) -> No action taken.

C:\Program Files\DoubleD\GamingHarbor Toolbar\4.2.5.24020\Skins\myskin4.skf (Adware.DoubleD) -> No action taken.

C:\Program Files\DoubleD\GamingHarbor Toolbar\4.2.5.24020\Skins\TellafriendSkin.skf (Adware.DoubleD) -> No action taken.

C:\Program Files\DoubleD\GamingHarbor Toolbar\4.2.5.24020\Skins\TellafriendSkin_s.skf (Adware.DoubleD) -> No action taken.

C:\Program Files\DoubleD\GamingHarbor Toolbar\4.2.5.24020\Skins\ToastSkin.skf (Adware.DoubleD) -> No action taken.

C:\Program Files\Internet Saving Optimizer\3.8.1.4690\unins000.dat (Adware.DoubleD) -> No action taken.

C:\Program Files\Internet Saving Optimizer\3.8.1.4690\Data\config.md (Adware.DoubleD) -> No action taken.

C:\Program Files\Internet Saving Optimizer\3.8.1.4690\FF\install.rdf (Adware.DoubleD) -> No action taken.

C:\Program Files\Internet Saving Optimizer\3.8.1.4690\FF\chrome\NPAddOn.jar (Adware.DoubleD) -> No action taken.

C:\Program Files\Internet Saving Optimizer\3.8.1.4690\FF\chrome\content\NPAddOn.xul (Adware.DoubleD) -> No action taken.

C:\Program Files\Internet Saving Optimizer\3.8.1.4690\FF\components\NPFFAddOn.xpt (Adware.DoubleD) -> No action taken.

C:\Program Files\Media Access Startup\2.0.0.1050\unins000.dat (Adware.DoubleD) -> No action taken.

C:\Program Files\Media Access Startup\2.0.0.1050\Data\config.md (Adware.DoubleD) -> No action taken.

C:\Program Files\Media Access Startup\2.0.0.1050\FF\install.rdf (Adware.DoubleD) -> No action taken.

C:\Program Files\Media Access Startup\2.0.0.1050\FF\chrome\HPAddOn.jar (Adware.DoubleD) -> No action taken.

C:\Program Files\Media Access Startup\2.0.0.1050\FF\chrome\content\HPAddOn.xul (Adware.DoubleD) -> No action taken.

C:\Program Files\Media Access Startup\2.0.0.1050\FF\components\HPFFAddOn.xpt (Adware.DoubleD) -> No action taken.

C:\Program Files\MyWebSearch\bar\Settings\s_pid.dat (Adware.MyWebSearch) -> No action taken.

C:\Program Files\System Search Dispatcher\1.4.3.1040\unins000.dat (Adware.DoubleD) -> No action taken.

C:\Program Files\System Search Dispatcher\1.4.3.1040\Data\eacore.mx (Adware.DoubleD) -> No action taken.

C:\Program Files\System Search Dispatcher\1.4.3.1040\Data\URLDynamic.mx (Adware.DoubleD) -> No action taken.

C:\Program Files\System Search Dispatcher\1.4.3.1040\Data\URLStatic.mx (Adware.DoubleD) -> No action taken.

C:\Windows\ligh (Koobface.Trace) -> No action taken.

C:\Users\Marcus\AppData\Local\Temp\sshnas21.dll (Trojan.Downloader) -> No action taken.

C:\Windows\bk23567.dat (KoobFace.Trace) -> No action taken.

C:\Windows\fdgg34353edfgdfdf (KoobFace.Trace) -> No action taken.

C:\Users\Marcus\AppData\Roaming\msacm32S.dll (Trojan.Agent) -> No action taken.

C:\Windows\Tasks\{35DC3473-A719-4d14-B7C1-FD326CA84A0C}.job (Trojan.Downloader) -> No action taken.

C:\Users\Marcus\AppData\Roaming\MSA\w2_0.exe (Rogue.MSAntiVirus) -> No action taken.

C:\Users\Marcus\AppData\Local\avinvwrmulti\avinvwrmulti.dll (Adware.Agent.N) -> No action taken.

C:\Users\Marcus\Local Settings\Application Data\010112010146111103.xxe (Worm.KoobFace) -> No action taken.

C:\Users\Marcus\Local Settings\Application Data\010112010146114101.xxe (Worm.KoobFace) -> No action taken.

C:\Users\Marcus\Local Settings\Application Data\01011201014650115.xxe (Worm.KoobFace) -> No action taken.

C:\Users\Marcus\Local Settings\Application Data\rdr_1269090991.exe (Worm.KoobFace) -> No action taken.

C:\Users\Marcus\Local Settings\Application Data\rdr_1269140328.exe (Worm.KoobFace) -> No action taken.

C:\Users\Marcus\Local Settings\Application Data\rdr_1269140668.exe (Worm.KoobFace) -> No action taken.

C:\Users\Marcus\Local Settings\Application Data\rdr_1269162922.exe (Worm.KoobFace) -> No action taken.

C:\Users\Marcus\Local Settings\Application Data\rdr_1269163249.exe (Worm.KoobFace) -> No action taken.

C:\Users\Marcus\Local Settings\Application Data\rdr_1269251752.exe (Worm.KoobFace) -> No action taken.

C:\Users\Marcus\Local Settings\Application Data\rdr_1269252085.exe (Worm.KoobFace) -> No action taken.

C:\Users\Marcus\Local Settings\Application Data\rdr_1269283641.exe (Worm.KoobFace) -> No action taken.

C:\Users\Marcus\Local Settings\Application Data\rdr_1269283997.exe (Worm.KoobFace) -> No action taken.

C:\Users\Marcus\Local Settings\Application Data\rdr_1269430406.exe (Worm.KoobFace) -> No action taken.

Link to comment
Share on other sites

Malwarebytes' Anti-Malware 1.46

www.malwarebytes.org

 

Databasversion: 4052

 

Windows 6.0.6000

Internet Explorer 7.0.6000.16982

 

2010-07-04 14:18:07

mbam-log-2010-07-04 (14-18-07).txt

 

Skanningstyp: Snabbskanning

Antal skannade objekt: 126561

Förfluten tid: 22 minut(er), 54 sekund(er)

 

Infekterade minnesprocesser: 1

Infekterade minnesmoduler: 3

Infekterade registernycklar: 35

Infekterade registervärden: 9

Infekterade registerdataposter: 0

Infekterade mappar: 38

Infekterade filer: 138

 

Infekterade minnesprocesser:

C:\Windows\bill103.exe (Worm.KoobFace) -> Unloaded process successfully.

 

Infekterade minnesmoduler:

c:\Windows\System32\captcha.dll (Worm.KoobFace) -> Delete on reboot.

c:\Windows\System32\erokosvc.dll (Worm.KoobFace) -> Delete on reboot.

C:\Users\Marcus\AppData\Local\Temp\sshnas21.dll (Trojan.Downloader) -> Delete on reboot.

 

Infekterade registernycklar:

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\captcha (Worm.KoobFace) -> Quarantined and deleted successfully.

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\cpqoko6 (Worm.KoobFace) -> Delete on reboot.

HKEY_CLASSES_ROOT\Interface\{2e9937fc-cf2f-4f56-af54-5a6a3dd375cc} (Adware.MyWebSearch) -> Quarantined and deleted successfully.

HKEY_CLASSES_ROOT\Interface\{741de825-a6f0-4497-9aa6-8023cf9b0fff} (Adware.MyWebSearch) -> Quarantined and deleted successfully.

HKEY_CLASSES_ROOT\Interface\{cf54be1c-9359-4395-8533-1657cf209cfe} (Adware.MyWebSearch) -> Quarantined and deleted successfully.

HKEY_CLASSES_ROOT\CLSID\{147a976f-eee1-4377-8ea7-4716e4cdd239} (Adware.MyWebSearch) -> Quarantined and deleted successfully.

HKEY_CLASSES_ROOT\Typelib\{d518921a-4a03-425e-9873-b9a71756821e} (Adware.MyWebSearch) -> Quarantined and deleted successfully.

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{56256a51-b582-467e-b8d4-7786eda79ae0} (Trojan.Vundo) -> Quarantined and deleted successfully.

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{00a6faf1-072e-44cf-8957-5838f569a31d} (Adware.MyWebSearch) -> Quarantined and deleted successfully.

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{07b18ea1-a523-4961-b6bb-170de4475cca} (Adware.MyWebSearch) -> Quarantined and deleted successfully.

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{07b18ea9-a523-4961-b6bb-170de4475cca} (Adware.MyWebSearch) -> Quarantined and deleted successfully.

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{07b18eab-a523-4961-b6bb-170de4475cca} (Adware.MyWebSearch) -> Quarantined and deleted successfully.

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{59c7fc09-1c83-4648-b3e6-003d2bbc7481} (Adware.MyWebSearch) -> Quarantined and deleted successfully.

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{68af847f-6e91-45dd-9b68-d6a12c30e5d7} (Adware.MyWebSearch) -> Quarantined and deleted successfully.

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{9170b96c-28d4-4626-8358-27e6caeef907} (Adware.MyWebSearch) -> Quarantined and deleted successfully.

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{d1a71fa0-ff48-48dd-9b6d-7a13a3e42127} (Adware.MyWebSearch) -> Quarantined and deleted successfully.

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{ddb1968e-ead6-40fd-8dae-ff14757f60c7} (Adware.MyWebSearch) -> Quarantined and deleted successfully.

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{f138d901-86f0-4383-99b6-9cdd406036da} (Adware.MyWebSearch) -> Quarantined and deleted successfully.

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{56256a51-b582-467e-b8d4-7786eda79ae0} (Trojan.Vundo) -> Quarantined and deleted successfully.

HKEY_CLASSES_ROOT\TypeLib\{dabf362d-d442-4402-9208-ca9ed70dd01e} (Adware.Advantage) -> Quarantined and deleted successfully.

HKEY_CLASSES_ROOT\Interface\{5ac3a9ef-c0f8-41d4-b4e2-b7cebb794151} (Adware.Advantage) -> Quarantined and deleted successfully.

HKEY_CLASSES_ROOT\Interface\{862def42-89aa-49fa-ae1f-8a84b1b08a17} (Adware.Advantage) -> Quarantined and deleted successfully.

HKEY_CLASSES_ROOT\Interface\{f6e4845d-1d13-4bc0-942d-b9191524cc48} (Adware.Advantage) -> Quarantined and deleted successfully.

HKEY_CLASSES_ROOT\CLSID\{602d9049-b4ac-4a25-bf75-a9b54d747cba} (Adware.Advantage) -> Quarantined and deleted successfully.

HKEY_CURRENT_USER\SOFTWARE\advantage (Adware.Vomba) -> Quarantined and deleted successfully.

HKEY_CURRENT_USER\SOFTWARE\MyWebSearch (Adware.MyWebSearch) -> Quarantined and deleted successfully.

HKEY_CURRENT_USER\SOFTWARE\XML (Trojan.FakeAlert) -> Quarantined and deleted successfully.

HKEY_LOCAL_MACHINE\SOFTWARE\FocusInteractive (Adware.MyWebSearch) -> Quarantined and deleted successfully.

HKEY_LOCAL_MACHINE\SOFTWARE\Fun Web Products (Adware.MyWebSearch) -> Quarantined and deleted successfully.

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\RunDll32Policy\f3ScrCtr.dll (Adware.MyWebSearch) -> Quarantined and deleted successfully.

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Multimedia\WMPlayer\Schemes\f3pss (Adware.MyWebSearch) -> Quarantined and deleted successfully.

HKEY_LOCAL_MACHINE\SOFTWARE\MyWebSearch (Adware.MyWebSearch) -> Quarantined and deleted successfully.

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Handle (Malware.Trace) -> Quarantined and deleted successfully.

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\apto6ko (Worm.KoobFace) -> Quarantined and deleted successfully.

HKEY_CURRENT_USER\SOFTWARE\QZAIB7KITK (Trojan.FakeAlert) -> Quarantined and deleted successfully.

 

Infekterade registervärden:

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\sysfbtray (Worm.KoobFace) -> Quarantined and deleted successfully.

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\mscj.exe (Backdoor.Bot) -> Quarantined and deleted successfully.

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\mscj (Backdoor.Bot) -> Quarantined and deleted successfully.

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\tapisrvs (Worm.KoobFace) -> Quarantined and deleted successfully.

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\mscjm.exe (Trojan.FakeAlert) -> Quarantined and deleted successfully.

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\halo2 (Trojan.Downloader) -> Quarantined and deleted successfully.

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\azjaq (Trojan.Agent) -> Quarantined and deleted successfully.

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\avinvwrmulti (Adware.Agent.N) -> Quarantined and deleted successfully.

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\captcha (Worm.KoobFace) -> Quarantined and deleted successfully.

 

Infekterade registerdataposter:

(Inga illasinnade poster hittades)

 

Infekterade mappar:

C:\Program Files\Advantage (Adware.Advantage) -> Quarantined and deleted successfully.

C:\Program Files\DoubleD (Adware.DoubleD) -> Quarantined and deleted successfully.

C:\Program Files\DoubleD\GamingHarbor Toolbar (Adware.DoubleD) -> Quarantined and deleted successfully.

C:\Program Files\DoubleD\GamingHarbor Toolbar\4.2.5.24020 (Adware.DoubleD) -> Quarantined and deleted successfully.

C:\Program Files\DoubleD\GamingHarbor Toolbar\4.2.5.24020\Cache (Adware.DoubleD) -> Quarantined and deleted successfully.

C:\Program Files\DoubleD\GamingHarbor Toolbar\4.2.5.24020\Data (Adware.DoubleD) -> Quarantined and deleted successfully.

C:\Program Files\DoubleD\GamingHarbor Toolbar\4.2.5.24020\FFToolbar (Adware.DoubleD) -> Quarantined and deleted successfully.

C:\Program Files\DoubleD\GamingHarbor Toolbar\4.2.5.24020\FFToolbar\chrome (Adware.DoubleD) -> Quarantined and deleted successfully.

C:\Program Files\DoubleD\GamingHarbor Toolbar\4.2.5.24020\FFToolbar\chrome\locale (Adware.DoubleD) -> Quarantined and deleted successfully.

C:\Program Files\DoubleD\GamingHarbor Toolbar\4.2.5.24020\FFToolbar\chrome\locale\en-US (Adware.DoubleD) -> Quarantined and deleted successfully.

C:\Program Files\DoubleD\GamingHarbor Toolbar\4.2.5.24020\FFToolbar\components (Adware.DoubleD) -> Quarantined and deleted successfully.

C:\Program Files\DoubleD\GamingHarbor Toolbar\4.2.5.24020\FFToolbar\searchplugins (Adware.DoubleD) -> Quarantined and deleted successfully.

C:\Program Files\DoubleD\GamingHarbor Toolbar\4.2.5.24020\Icons (Adware.DoubleD) -> Quarantined and deleted successfully.

C:\Program Files\DoubleD\GamingHarbor Toolbar\4.2.5.24020\Skins (Adware.DoubleD) -> Quarantined and deleted successfully.

C:\Program Files\FunWebProducts (Adware.MyWebSearch) -> Quarantined and deleted successfully.

C:\Program Files\FunWebProducts\ScreenSaver (Adware.MyWebSearch) -> Quarantined and deleted successfully.

C:\Program Files\FunWebProducts\ScreenSaver\Images (Adware.MyWebSearch) -> Quarantined and deleted successfully.

C:\Program Files\Internet Saving Optimizer (Adware.DoubleD) -> Quarantined and deleted successfully.

C:\Program Files\Internet Saving Optimizer\3.8.1.4690 (Adware.DoubleD) -> Quarantined and deleted successfully.

C:\Program Files\Internet Saving Optimizer\3.8.1.4690\Data (Adware.DoubleD) -> Quarantined and deleted successfully.

C:\Program Files\Internet Saving Optimizer\3.8.1.4690\FF (Adware.DoubleD) -> Quarantined and deleted successfully.

C:\Program Files\Internet Saving Optimizer\3.8.1.4690\FF\chrome (Adware.DoubleD) -> Quarantined and deleted successfully.

C:\Program Files\Internet Saving Optimizer\3.8.1.4690\FF\chrome\content (Adware.DoubleD) -> Quarantined and deleted successfully.

C:\Program Files\Internet Saving Optimizer\3.8.1.4690\FF\components (Adware.DoubleD) -> Quarantined and deleted successfully.

C:\Program Files\Media Access Startup (Adware.DoubleD) -> Quarantined and deleted successfully.

C:\Program Files\Media Access Startup\2.0.0.1050 (Adware.DoubleD) -> Quarantined and deleted successfully.

C:\Program Files\Media Access Startup\2.0.0.1050\Data (Adware.DoubleD) -> Quarantined and deleted successfully.

C:\Program Files\Media Access Startup\2.0.0.1050\FF (Adware.DoubleD) -> Quarantined and deleted successfully.

C:\Program Files\Media Access Startup\2.0.0.1050\FF\chrome (Adware.DoubleD) -> Quarantined and deleted successfully.

C:\Program Files\Media Access Startup\2.0.0.1050\FF\chrome\content (Adware.DoubleD) -> Quarantined and deleted successfully.

C:\Program Files\Media Access Startup\2.0.0.1050\FF\components (Adware.DoubleD) -> Quarantined and deleted successfully.

C:\Program Files\MyWebSearch (Adware.MyWebSearch) -> Quarantined and deleted successfully.

C:\Program Files\MyWebSearch\bar (Adware.MyWebSearch) -> Quarantined and deleted successfully.

C:\Program Files\MyWebSearch\bar\History (Adware.MyWebSearch) -> Quarantined and deleted successfully.

C:\Program Files\MyWebSearch\bar\Settings (Adware.MyWebSearch) -> Quarantined and deleted successfully.

C:\Program Files\System Search Dispatcher (Adware.DoubleD) -> Quarantined and deleted successfully.

C:\Program Files\System Search Dispatcher\1.4.3.1040 (Adware.DoubleD) -> Quarantined and deleted successfully.

C:\Program Files\System Search Dispatcher\1.4.3.1040\Data (Adware.DoubleD) -> Quarantined and deleted successfully.

 

Infekterade filer:

c:\Windows\System32\captcha.dll (Worm.KoobFace) -> Delete on reboot.

c:\Windows\System32\erokosvc.dll (Worm.KoobFace) -> Delete on reboot.

C:\Windows\bill103.exe (Worm.KoobFace) -> Quarantined and deleted successfully.

C:\Users\Marcus\AppData\Roaming\MSA\mscj.exe (Backdoor.Bot) -> Quarantined and deleted successfully.

C:\Windows\System32\drivers\imapioko.sys (Worm.KoobFace) -> Quarantined and deleted successfully.

C:\Users\Marcus\downloads\IWONGlobalSetup2.3.67.1.SA.HP.ZVfox000.exe (Adware.MyWebSearch) -> Quarantined and deleted successfully.

C:\Users\Marcus\downloads\packupdate_build106_231(5).exe (Trojan.Downloader) -> Quarantined and deleted successfully.

C:\Users\Marcus\downloads\packupdate_build106_231.exe (Trojan.Downloader) -> Quarantined and deleted successfully.

C:\Users\Marcus\downloads\packupdate_build106_231(4).exe (Trojan.Downloader) -> Quarantined and deleted successfully.

C:\Program Files\Advantage\AdVantage.db (Adware.Advantage) -> Quarantined and deleted successfully.

C:\Program Files\Advantage\AdVantage.htm (Adware.Advantage) -> Quarantined and deleted successfully.

C:\Program Files\Advantage\AdVUninst.exe (Adware.Advantage) -> Quarantined and deleted successfully.

C:\Program Files\Advantage\ffext.mod (Adware.Advantage) -> Quarantined and deleted successfully.

C:\Program Files\Advantage\TR.dll (Adware.Advantage) -> Quarantined and deleted successfully.

C:\Program Files\Advantage\user.db (Adware.Advantage) -> Quarantined and deleted successfully.

C:\Program Files\DoubleD\GamingHarbor Toolbar\4.2.5.24020\Cache\248d6576afce4ee94af42d7350131106.gif (Adware.DoubleD) -> Quarantined and deleted successfully.

C:\Program Files\DoubleD\GamingHarbor Toolbar\4.2.5.24020\Cache\24a70fb875fab686b6b3c217612bc07c.gif (Adware.DoubleD) -> Quarantined and deleted successfully.

C:\Program Files\DoubleD\GamingHarbor Toolbar\4.2.5.24020\Cache\2afcf6f3f2e19cc42d7f72f3b18b26ef.gif (Adware.DoubleD) -> Quarantined and deleted successfully.

C:\Program Files\DoubleD\GamingHarbor Toolbar\4.2.5.24020\Cache\50bffa6936b3e661971a58e3c8bdf4cb.gif (Adware.DoubleD) -> Quarantined and deleted successfully.

C:\Program Files\DoubleD\GamingHarbor Toolbar\4.2.5.24020\Cache\default1.dat (Adware.DoubleD) -> Quarantined and deleted successfully.

C:\Program Files\DoubleD\GamingHarbor Toolbar\4.2.5.24020\Cache\loading.dat (Adware.DoubleD) -> Quarantined and deleted successfully.

C:\Program Files\DoubleD\GamingHarbor Toolbar\4.2.5.24020\Cache\loading.gif (Adware.DoubleD) -> Quarantined and deleted successfully.

C:\Program Files\DoubleD\GamingHarbor Toolbar\4.2.5.24020\Data\Module_Cursor.mx (Adware.DoubleD) -> Quarantined and deleted successfully.

C:\Program Files\DoubleD\GamingHarbor Toolbar\4.2.5.24020\Data\Module_DailyVideo.mx (Adware.DoubleD) -> Quarantined and deleted successfully.

C:\Program Files\DoubleD\GamingHarbor Toolbar\4.2.5.24020\Data\Module_Game.mx (Adware.DoubleD) -> Quarantined and deleted successfully.

C:\Program Files\DoubleD\GamingHarbor Toolbar\4.2.5.24020\Data\Module_Glitter.mx (Adware.DoubleD) -> Quarantined and deleted successfully.

C:\Program Files\DoubleD\GamingHarbor Toolbar\4.2.5.24020\Data\Module_Logo.mx (Adware.DoubleD) -> Quarantined and deleted successfully.

C:\Program Files\DoubleD\GamingHarbor Toolbar\4.2.5.24020\Data\Module_Option.mx (Adware.DoubleD) -> Quarantined and deleted successfully.

C:\Program Files\DoubleD\GamingHarbor Toolbar\4.2.5.24020\Data\Module_Recipe.mx (Adware.DoubleD) -> Quarantined and deleted successfully.

C:\Program Files\DoubleD\GamingHarbor Toolbar\4.2.5.24020\Data\Module_Ringtone.mx (Adware.DoubleD) -> Quarantined and deleted successfully.

C:\Program Files\DoubleD\GamingHarbor Toolbar\4.2.5.24020\Data\Module_Screensaver.mx (Adware.DoubleD) -> Quarantined and deleted successfully.

C:\Program Files\DoubleD\GamingHarbor Toolbar\4.2.5.24020\Data\Module_Search.mx (Adware.DoubleD) -> Quarantined and deleted successfully.

C:\Program Files\DoubleD\GamingHarbor Toolbar\4.2.5.24020\Data\Module_Smiley.mx (Adware.DoubleD) -> Quarantined and deleted successfully.

C:\Program Files\DoubleD\GamingHarbor Toolbar\4.2.5.24020\Data\Module_Smiley_Config.mx (Adware.DoubleD) -> Quarantined and deleted successfully.

C:\Program Files\DoubleD\GamingHarbor Toolbar\4.2.5.24020\Data\Module_Smiley_TellAFriend.mx (Adware.DoubleD) -> Quarantined and deleted successfully.

C:\Program Files\DoubleD\GamingHarbor Toolbar\4.2.5.24020\Data\Module_Wallpaper.mx (Adware.DoubleD) -> Quarantined and deleted successfully.

C:\Program Files\DoubleD\GamingHarbor Toolbar\4.2.5.24020\Data\Module_Web.mx (Adware.DoubleD) -> Quarantined and deleted successfully.

C:\Program Files\DoubleD\GamingHarbor Toolbar\4.2.5.24020\Data\pixel.mx (Adware.DoubleD) -> Quarantined and deleted successfully.

C:\Program Files\DoubleD\GamingHarbor Toolbar\4.2.5.24020\Data\ProductInfo.mx (Adware.DoubleD) -> Quarantined and deleted successfully.

C:\Program Files\DoubleD\GamingHarbor Toolbar\4.2.5.24020\Data\profile.mx (Adware.DoubleD) -> Quarantined and deleted successfully.

C:\Program Files\DoubleD\GamingHarbor Toolbar\4.2.5.24020\Data\SearchEngineList.mx (Adware.DoubleD) -> Quarantined and deleted successfully.

C:\Program Files\DoubleD\GamingHarbor Toolbar\4.2.5.24020\Data\tbcore.mx (Adware.DoubleD) -> Quarantined and deleted successfully.

C:\Program Files\DoubleD\GamingHarbor Toolbar\4.2.5.24020\Data\ToolbarLayout.mx (Adware.DoubleD) -> Quarantined and deleted successfully.

C:\Program Files\DoubleD\GamingHarbor Toolbar\4.2.5.24020\Data\UpdateCentre.mx (Adware.DoubleD) -> Quarantined and deleted successfully.

C:\Program Files\DoubleD\GamingHarbor Toolbar\4.2.5.24020\Data\UpdateCentreBk.mx (Adware.DoubleD) -> Quarantined and deleted successfully.

C:\Program Files\DoubleD\GamingHarbor Toolbar\4.2.5.24020\Data\URLDynamic.mx (Adware.DoubleD) -> Quarantined and deleted successfully.

C:\Program Files\DoubleD\GamingHarbor Toolbar\4.2.5.24020\Data\URLStatic.mx (Adware.DoubleD) -> Quarantined and deleted successfully.

C:\Program Files\DoubleD\GamingHarbor Toolbar\4.2.5.24020\FFToolbar\install.rdf (Adware.DoubleD) -> Quarantined and deleted successfully.

C:\Program Files\DoubleD\GamingHarbor Toolbar\4.2.5.24020\FFToolbar\chrome\GamingHarborToolbar.jar (Adware.DoubleD) -> Quarantined and deleted successfully.

C:\Program Files\DoubleD\GamingHarbor Toolbar\4.2.5.24020\FFToolbar\chrome\locale\en-US\global.dtd (Adware.DoubleD) -> Quarantined and deleted successfully.

C:\Program Files\DoubleD\GamingHarbor Toolbar\4.2.5.24020\FFToolbar\components\ISmileyCore.xpt (Adware.DoubleD) -> Quarantined and deleted successfully.

C:\Program Files\DoubleD\GamingHarbor Toolbar\4.2.5.24020\FFToolbar\components\TBFFHelper.xpt (Adware.DoubleD) -> Quarantined and deleted successfully.

C:\Program Files\DoubleD\GamingHarbor Toolbar\4.2.5.24020\FFToolbar\searchplugins\gamingharborsearchplugins.xml (Adware.DoubleD) -> Quarantined and deleted successfully.

C:\Program Files\DoubleD\GamingHarbor Toolbar\4.2.5.24020\Icons\About.mg (Adware.DoubleD) -> Quarantined and deleted successfully.

C:\Program Files\DoubleD\GamingHarbor Toolbar\4.2.5.24020\Icons\Component_ComboBox.mg (Adware.DoubleD) -> Quarantined and deleted successfully.

C:\Program Files\DoubleD\GamingHarbor Toolbar\4.2.5.24020\Icons\Module_Cursor.mg (Adware.DoubleD) -> Quarantined and deleted successfully.

C:\Program Files\DoubleD\GamingHarbor Toolbar\4.2.5.24020\Icons\Module_Cursor.png (Adware.DoubleD) -> Quarantined and deleted successfully.

C:\Program Files\DoubleD\GamingHarbor Toolbar\4.2.5.24020\Icons\Module_DailyVideo.mg (Adware.DoubleD) -> Quarantined and deleted successfully.

C:\Program Files\DoubleD\GamingHarbor Toolbar\4.2.5.24020\Icons\Module_Game.mg (Adware.DoubleD) -> Quarantined and deleted successfully.

C:\Program Files\DoubleD\GamingHarbor Toolbar\4.2.5.24020\Icons\Module_Glitter.mg (Adware.DoubleD) -> Quarantined and deleted successfully.

C:\Program Files\DoubleD\GamingHarbor Toolbar\4.2.5.24020\Icons\Module_Glitter.png (Adware.DoubleD) -> Quarantined and deleted successfully.

C:\Program Files\DoubleD\GamingHarbor Toolbar\4.2.5.24020\Icons\Module_Logo.mg (Adware.DoubleD) -> Quarantined and deleted successfully.

C:\Program Files\DoubleD\GamingHarbor Toolbar\4.2.5.24020\Icons\Module_Option.mg (Adware.DoubleD) -> Quarantined and deleted successfully.

C:\Program Files\DoubleD\GamingHarbor Toolbar\4.2.5.24020\Icons\Module_Recipe.mg (Adware.DoubleD) -> Quarantined and deleted successfully.

C:\Program Files\DoubleD\GamingHarbor Toolbar\4.2.5.24020\Icons\Module_Ringtone.mg (Adware.DoubleD) -> Quarantined and deleted successfully.

C:\Program Files\DoubleD\GamingHarbor Toolbar\4.2.5.24020\Icons\Module_Screensaver.mg (Adware.DoubleD) -> Quarantined and deleted successfully.

C:\Program Files\DoubleD\GamingHarbor Toolbar\4.2.5.24020\Icons\Module_Search.mg (Adware.DoubleD) -> Quarantined and deleted successfully.

C:\Program Files\DoubleD\GamingHarbor Toolbar\4.2.5.24020\Icons\Module_Smiley.mg (Adware.DoubleD) -> Quarantined and deleted successfully.

C:\Program Files\DoubleD\GamingHarbor Toolbar\4.2.5.24020\Icons\Module_Smiley.png (Adware.DoubleD) -> Quarantined and deleted successfully.

C:\Program Files\DoubleD\GamingHarbor Toolbar\4.2.5.24020\Icons\Module_Wallpaper.mg (Adware.DoubleD) -> Quarantined and deleted successfully.

C:\Program Files\DoubleD\GamingHarbor Toolbar\4.2.5.24020\Icons\Module_Web.mg (Adware.DoubleD) -> Quarantined and deleted successfully.

C:\Program Files\DoubleD\GamingHarbor Toolbar\4.2.5.24020\Icons\TBBtnDefault.png (Adware.DoubleD) -> Quarantined and deleted successfully.

C:\Program Files\DoubleD\GamingHarbor Toolbar\4.2.5.24020\Icons\TBBtnDisplay.bmp (Adware.DoubleD) -> Quarantined and deleted successfully.

C:\Program Files\DoubleD\GamingHarbor Toolbar\4.2.5.24020\Icons\TBBtnDisplay.png (Adware.DoubleD) -> Quarantined and deleted successfully.

C:\Program Files\DoubleD\GamingHarbor Toolbar\4.2.5.24020\Icons\TBBtnDisplay18.bmp (Adware.DoubleD) -> Quarantined and deleted successfully.

C:\Program Files\DoubleD\GamingHarbor Toolbar\4.2.5.24020\Icons\TBBtnDisplay20.bmp (Adware.DoubleD) -> Quarantined and deleted successfully.

C:\Program Files\DoubleD\GamingHarbor Toolbar\4.2.5.24020\Icons\TBBtnGlitters.bmp (Adware.DoubleD) -> Quarantined and deleted successfully.

C:\Program Files\DoubleD\GamingHarbor Toolbar\4.2.5.24020\Icons\TBBtnGlitters.png (Adware.DoubleD) -> Quarantined and deleted successfully.

C:\Program Files\DoubleD\GamingHarbor Toolbar\4.2.5.24020\Icons\TBBtnGlitters18.bmp (Adware.DoubleD) -> Quarantined and deleted successfully.

C:\Program Files\DoubleD\GamingHarbor Toolbar\4.2.5.24020\Icons\TBBtnGlitters20.bmp (Adware.DoubleD) -> Quarantined and deleted successfully.

C:\Program Files\DoubleD\GamingHarbor Toolbar\4.2.5.24020\Icons\TBBtnOption.png (Adware.DoubleD) -> Quarantined and deleted successfully.

C:\Program Files\DoubleD\GamingHarbor Toolbar\4.2.5.24020\Icons\TBBtnSmiley.bmp (Adware.DoubleD) -> Quarantined and deleted successfully.

C:\Program Files\DoubleD\GamingHarbor Toolbar\4.2.5.24020\Icons\TBBtnSmiley.png (Adware.DoubleD) -> Quarantined and deleted successfully.

C:\Program Files\DoubleD\GamingHarbor Toolbar\4.2.5.24020\Icons\TBBtnSmiley18.bmp (Adware.DoubleD) -> Quarantined and deleted successfully.

C:\Program Files\DoubleD\GamingHarbor Toolbar\4.2.5.24020\Icons\TBBtnSmiley20.bmp (Adware.DoubleD) -> Quarantined and deleted successfully.

C:\Program Files\DoubleD\GamingHarbor Toolbar\4.2.5.24020\Icons\TBBtnTellFd.bmp (Adware.DoubleD) -> Quarantined and deleted successfully.

C:\Program Files\DoubleD\GamingHarbor Toolbar\4.2.5.24020\Icons\TBBtnTellFd.png (Adware.DoubleD) -> Quarantined and deleted successfully.

C:\Program Files\DoubleD\GamingHarbor Toolbar\4.2.5.24020\Icons\TBBtnTellFd18.bmp (Adware.DoubleD) -> Quarantined and deleted successfully.

C:\Program Files\DoubleD\GamingHarbor Toolbar\4.2.5.24020\Icons\TBBtnTellFd20.bmp (Adware.DoubleD) -> Quarantined and deleted successfully.

C:\Program Files\DoubleD\GamingHarbor Toolbar\4.2.5.24020\Icons\TBBtnWink.bmp (Adware.DoubleD) -> Quarantined and deleted successfully.

C:\Program Files\DoubleD\GamingHarbor Toolbar\4.2.5.24020\Icons\TBBtnWink.png (Adware.DoubleD) -> Quarantined and deleted successfully.

C:\Program Files\DoubleD\GamingHarbor Toolbar\4.2.5.24020\Icons\TBBtnWink18.bmp (Adware.DoubleD) -> Quarantined and deleted successfully.

C:\Program Files\DoubleD\GamingHarbor Toolbar\4.2.5.24020\Icons\TBBtnWink20.bmp (Adware.DoubleD) -> Quarantined and deleted successfully.

C:\Program Files\DoubleD\GamingHarbor Toolbar\4.2.5.24020\Skins\myskin1.skf (Adware.DoubleD) -> Quarantined and deleted successfully.

C:\Program Files\DoubleD\GamingHarbor Toolbar\4.2.5.24020\Skins\myskin2.skf (Adware.DoubleD) -> Quarantined and deleted successfully.

C:\Program Files\DoubleD\GamingHarbor Toolbar\4.2.5.24020\Skins\myskin3.skf (Adware.DoubleD) -> Quarantined and deleted successfully.

C:\Program Files\DoubleD\GamingHarbor Toolbar\4.2.5.24020\Skins\myskin4.skf (Adware.DoubleD) -> Quarantined and deleted successfully.

C:\Program Files\DoubleD\GamingHarbor Toolbar\4.2.5.24020\Skins\TellafriendSkin.skf (Adware.DoubleD) -> Quarantined and deleted successfully.

C:\Program Files\DoubleD\GamingHarbor Toolbar\4.2.5.24020\Skins\TellafriendSkin_s.skf (Adware.DoubleD) -> Quarantined and deleted successfully.

C:\Program Files\DoubleD\GamingHarbor Toolbar\4.2.5.24020\Skins\ToastSkin.skf (Adware.DoubleD) -> Quarantined and deleted successfully.

C:\Program Files\Internet Saving Optimizer\3.8.1.4690\unins000.dat (Adware.DoubleD) -> Quarantined and deleted successfully.

C:\Program Files\Internet Saving Optimizer\3.8.1.4690\Data\config.md (Adware.DoubleD) -> Quarantined and deleted successfully.

C:\Program Files\Internet Saving Optimizer\3.8.1.4690\FF\install.rdf (Adware.DoubleD) -> Quarantined and deleted successfully.

C:\Program Files\Internet Saving Optimizer\3.8.1.4690\FF\chrome\NPAddOn.jar (Adware.DoubleD) -> Quarantined and deleted successfully.

C:\Program Files\Internet Saving Optimizer\3.8.1.4690\FF\chrome\content\NPAddOn.xul (Adware.DoubleD) -> Quarantined and deleted successfully.

C:\Program Files\Internet Saving Optimizer\3.8.1.4690\FF\components\NPFFAddOn.xpt (Adware.DoubleD) -> Quarantined and deleted successfully.

C:\Program Files\Media Access Startup\2.0.0.1050\unins000.dat (Adware.DoubleD) -> Quarantined and deleted successfully.

C:\Program Files\Media Access Startup\2.0.0.1050\Data\config.md (Adware.DoubleD) -> Quarantined and deleted successfully.

C:\Program Files\Media Access Startup\2.0.0.1050\FF\install.rdf (Adware.DoubleD) -> Quarantined and deleted successfully.

C:\Program Files\Media Access Startup\2.0.0.1050\FF\chrome\HPAddOn.jar (Adware.DoubleD) -> Quarantined and deleted successfully.

C:\Program Files\Media Access Startup\2.0.0.1050\FF\chrome\content\HPAddOn.xul (Adware.DoubleD) -> Quarantined and deleted successfully.

C:\Program Files\Media Access Startup\2.0.0.1050\FF\components\HPFFAddOn.xpt (Adware.DoubleD) -> Quarantined and deleted successfully.

C:\Program Files\MyWebSearch\bar\Settings\s_pid.dat (Adware.MyWebSearch) -> Quarantined and deleted successfully.

C:\Program Files\System Search Dispatcher\1.4.3.1040\unins000.dat (Adware.DoubleD) -> Quarantined and deleted successfully.

C:\Program Files\System Search Dispatcher\1.4.3.1040\Data\eacore.mx (Adware.DoubleD) -> Quarantined and deleted successfully.

C:\Program Files\System Search Dispatcher\1.4.3.1040\Data\URLDynamic.mx (Adware.DoubleD) -> Quarantined and deleted successfully.

C:\Program Files\System Search Dispatcher\1.4.3.1040\Data\URLStatic.mx (Adware.DoubleD) -> Quarantined and deleted successfully.

C:\Windows\ligh (Koobface.Trace) -> Quarantined and deleted successfully.

C:\Users\Marcus\AppData\Local\Temp\sshnas21.dll (Trojan.Downloader) -> Delete on reboot.

C:\Windows\bk23567.dat (KoobFace.Trace) -> Quarantined and deleted successfully.

C:\Windows\fdgg34353edfgdfdf (KoobFace.Trace) -> Quarantined and deleted successfully.

C:\Users\Marcus\AppData\Roaming\msacm32S.dll (Trojan.Agent) -> Quarantined and deleted successfully.

C:\Windows\Tasks\{35DC3473-A719-4d14-B7C1-FD326CA84A0C}.job (Trojan.Downloader) -> Quarantined and deleted successfully.

C:\Users\Marcus\AppData\Roaming\MSA\w2_0.exe (Rogue.MSAntiVirus) -> Quarantined and deleted successfully.

C:\Users\Marcus\AppData\Local\avinvwrmulti\avinvwrmulti.dll (Adware.Agent.N) -> Delete on reboot.

C:\Users\Marcus\Local Settings\Application Data\010112010146111103.xxe (Worm.KoobFace) -> Quarantined and deleted successfully.

C:\Users\Marcus\Local Settings\Application Data\010112010146114101.xxe (Worm.KoobFace) -> Quarantined and deleted successfully.

C:\Users\Marcus\Local Settings\Application Data\01011201014650115.xxe (Worm.KoobFace) -> Quarantined and deleted successfully.

C:\Users\Marcus\Local Settings\Application Data\rdr_1269090991.exe (Worm.KoobFace) -> Quarantined and deleted successfully.

C:\Users\Marcus\Local Settings\Application Data\rdr_1269140328.exe (Worm.KoobFace) -> Quarantined and deleted successfully.

C:\Users\Marcus\Local Settings\Application Data\rdr_1269140668.exe (Worm.KoobFace) -> Quarantined and deleted successfully.

C:\Users\Marcus\Local Settings\Application Data\rdr_1269162922.exe (Worm.KoobFace) -> Quarantined and deleted successfully.

C:\Users\Marcus\Local Settings\Application Data\rdr_1269163249.exe (Worm.KoobFace) -> Quarantined and deleted successfully.

C:\Users\Marcus\Local Settings\Application Data\rdr_1269251752.exe (Worm.KoobFace) -> Quarantined and deleted successfully.

C:\Users\Marcus\Local Settings\Application Data\rdr_1269252085.exe (Worm.KoobFace) -> Quarantined and deleted successfully.

C:\Users\Marcus\Local Settings\Application Data\rdr_1269283641.exe (Worm.KoobFace) -> Quarantined and deleted successfully.

C:\Users\Marcus\Local Settings\Application Data\rdr_1269283997.exe (Worm.KoobFace) -> Quarantined and deleted successfully.

C:\Users\Marcus\Local Settings\Application Data\rdr_1269430406.exe (Worm.KoobFace) -> Quarantined and deleted successfully.

Link to comment
Share on other sites

Archived

This topic is now archived and is closed to further replies.



×
×
  • Create New...