Så ku den være der...
Hijackthis siger nu:
_____________________________
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 22:41:35, on 14-09-2008
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16705)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\brsvc01a.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\brss01a.exe
C:\WINDOWS\ATKKBService.exe
C:\Programmer\Symantec\LiveUpdate\ALUSchedulerSvc.exe
C:\WINDOWS\Explorer.EXE
C:\Programmer\Fælles filer\Symantec Shared\ccSetMgr.exe
C:\Programmer\Cisco Systems\VPN Client\cvpnd.exe
C:\Programmer\Intel\Intel Matrix Storage Manager\Iaantmon.exe
C:\Programmer\Fælles filer\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe
C:\Programmer\MagicTune Premium\MagicTuneEngine.exe
C:\Programmer\Fælles filer\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Programmer\Fælles filer\Symantec Shared\ccApp.exe
C:\Programmer\Intel\Intel Matrix Storage Manager\Iaanotif.exe
C:\Programmer\Analog Devices\Core\smax4pnp.exe
C:\Programmer\Analog Devices\SoundMAX\Smax4.exe
C:\Programmer\ASUS\AASP\1.00.05\aaCenter.exe
C:\Programmer\Norton AntiVirus\navapsvc.exe
C:\Programmer\ScanSoft\PaperPort\pptd40nt.exe
C:\Programmer\Norton AntiVirus\IWP\NPFMntor.exe
C:\Programmer\Brother\Brmfl05a\BrStDvPt.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\Programmer\Java\jre1.6.0_07\bin\jusched.exe
C:\Programmer\Razer\Habu\razerhid.exe
C:\Programmer\Electronic Arts\Medal of Honor Airborne\UnrealEngine3\MOHAGame\pb\PnkBstrA.exe
C:\Programmer\D-Tools\daemon.exe
C:\Programmer\Microsoft IntelliType Pro\itype.exe
C:\Programmer\Fælles filer\Symantec Shared\SNDSrvc.exe
C:\Programmer\Multimedia Card Reader\shwicon2k.exe
C:\WINDOWS\System32\svchost.exe
C:\Programmer\Fælles filer\Symantec Shared\CCPD-LC\symlcsvc.exe
C:\Programmer\Compact Wireless-G USB Adapter Wireless Network Monitor\WLService.exe
C:\Programmer\Mindjet\MindManager 7\MMReminderService.exe
C:\Programmer\Compact Wireless-G USB Adapter Wireless Network Monitor\WUSB54GC.exe
C:\WINDOWS\system32\SearchIndexer.exe
C:\WINDOWS\system32\Rundll32.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Programmer\Razer\Habu\razertra.exe
C:\Programmer\Razer\Habu\razerofa.exe
C:\Programmer\Windows Live\Messenger\MsnMsgr.Exe
C:\Programmer\Fælles filer\Symantec Shared\ccEvtMgr.exe
C:\Programmer\SlySoft\AnyDVD\AnyDVD.exe
C:\Programmer\Mindjet\MindManager 7\PDF-XChange\pdfSaver\pdfSaver3.exe
C:\Programmer\Brother\Brmfcmon\BrMfcWnd.exe
C:\Programmer\Brother\Brmfcmon\BrMfcmon.exe
C:\Programmer\MagicTune Premium\MagicTune.exe
C:\Programmer\Messenger\msmsgs.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Programmer\Trend Micro\HijackThis\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar =
http://g.msn.com/0SEENUS/SAOS01?FORM=TOOLBRR0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =
http://newz.dk/R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
http://go.microsoft.com/fwlink/?LinkId=69157R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
http://go.microsoft.com/fwlink/?LinkId=54896R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =
http://go.microsoft.com/fwlink/?LinkId=54896R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) =
http://g.msn.com/0SEENUS/SAOS01?FORM=TOOLBRR1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext =
http://windowsupdate.microsoft.com/R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Hyperlinks
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programmer\Adobe\Acrobat
6.0\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programmer\Java\jre1.6.0_07\bin\ssv.dll
O2 - BHO: Hjælp til tilmelding til Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programmer\Fælles filer\Microsoft
Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: AcroIEToolbarHelper Class - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Programmer\Adobe\Acrobat
6.0\Acrobat\AcroIEFavClient.dll
O2 - BHO: {38330397-f445-4779-d584-faab7547f0ed} - {de0f7457-baaf-485d-9774-544f79303383} - C:\WINDOWS\system32\dhcudb.dll
(file missing)
O3 - Toolbar: Norton AntiVirus - {C4069E3A-68F1-403E-B40E-20066696354B} - C:\Programmer\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Programmer\Adobe\Acrobat 6.0\Acrobat\AcroIEFavClient.dll
O4 - HKLM\..\Run: [ccApp] "C:\Programmer\Fælles filer\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [IAAnotif] C:\Programmer\Intel\Intel Matrix Storage Manager\Iaanotif.exe
O4 - HKLM\..\Run: [SoundMAXPnP] C:\Programmer\Analog Devices\Core\smax4pnp.exe
O4 - HKLM\..\Run: [SoundMAX] "C:\Programmer\Analog Devices\SoundMAX\Smax4.exe" /tray
O4 - HKLM\..\Run: [JMB36X Configure] C:\WINDOWS\system32\JMRaidTool.exe boot
O4 - HKLM\..\Run: [AsusServiceProvider] C:\Programmer\ASUS\AASP\1.00.05\aaCenter.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [SSBkgdUpdate] "C:\Programmer\Fælles filer\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" -Embedding -boot
O4 - HKLM\..\Run: [PaperPort PTD] C:\Programmer\ScanSoft\PaperPort\pptd40nt.exe
O4 - HKLM\..\Run: [IndexSearch] C:\Programmer\ScanSoft\PaperPort\IndexSearch.exe
O4 - HKLM\..\Run: [SetDefPrt] C:\Programmer\Brother\Brmfl05a\BrStDvPt.exe
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Programmer\Java\jre1.6.0_07\bin\jusched.exe"
O4 - HKLM\..\Run: [Habu] C:\Programmer\Razer\Habu\razerhid.exe
O4 - HKLM\..\Run: [DAEMON Tools-1033] "C:\Programmer\D-Tools\daemon.exe" -lang 1033 -lock
O4 - HKLM\..\Run: [itype] "C:\Programmer\Microsoft IntelliType Pro\itype.exe"
O4 - HKLM\..\Run: [Sunkist2k] C:\Programmer\Multimedia Card Reader\shwicon2k.exe
O4 - HKLM\..\Run: [MMReminderService] C:\Programmer\Mindjet\MindManager 7\MMReminderService.exe
O4 - HKLM\..\Run: [Symantec PIF AlertEng] "C:\Programmer\Fælles filer\Symantec
Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe" /a /m "C:\Programmer\Fælles filer\Symantec
Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\AlertEng.dll"
O4 - HKLM\..\Run: [BMb7b26ab9] Rundll32.exe "C:\WINDOWS\system32\oqxauxtu.dll",s
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Programmer\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [AnyDVD] C:\Programmer\SlySoft\AnyDVD\AnyDVD.exe
O4 - HKCU\..\Run: [pdfSaver3] "C:\Programmer\Mindjet\MindManager 7\PDF-XChange\pdfSaver\pdfSaver3.exe"
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'LOKAL TJENESTE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'NETVÆRKSTJENESTE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: Statusmonitor.lnk = C:\Programmer\Brother\Brmfcmon\BrMfcWnd.exe
O8 - Extra context menu item: E&ksporter til Microsoft Excel -
res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programmer\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} -
C:\Programmer\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra button: Opslag - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Send to Mindjet MindManager - {941E1A34-C6AF-4baa-A973-224F9C3E04BF} - C:\WINDOWS\System32\shdocvw.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network
Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programmer\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programmer\Messenger\msmsgs.exe
O15 - Trusted Zone:
http://s3.travian.dkO16 - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} (QuickTime Object) -
http://a1540.g.akamai.net/7/1540/52/20070711/qtinstall.info.apple.com/qtactivex/qtplugin.cabO16 - DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} (Facebook Photo Uploader 5) -
http://upload.facebook.com/controls/FacebookPhotoUploader5.cabO16 - DPF: {0D41B8C5-2599-4893-8183-00195EC8D5F9} (asusTek_sysctrl Class) -
http://support.asus.com/common/asusTek_sys_ctrl.cabO16 - DPF: {11818680-FCF6-11D0-9808-0800092A4865} (Adobe Form Control) -
http://www.kps.dk/Codebase/FormCtl.cabO16 - DPF: {1469FF24-47F6-11D2-8805-006008C537E3} (Adobe Mail Control) -
http://www.kps.dk/codebase/ffmail.cabO16 - DPF: {493ACF15-5CD9-4474-82A6-91670C3DD66E} (LinkedIn ContactFinderControl) -
http://www.linkedin.com/cab/LinkedInContactFinderControl.cabO16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) -
http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1172153690421O16 - DPF: {67A5F8DC-1A4B-4D66-9F24-A704AD929EEE} (System Requirements Lab) -
http://www.systemrequirementslab.com/sysreqlab2.cabO16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) -
http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1172167856718O16 - DPF: {92EB6641-286A-11D2-A68E-00A0C996A6DD} (Adobe Signature Object) -
http://www.kps.dk/codebase/jfsignature.cabO16 - DPF: {AD90E8D1-3B47-11D2-A696-00A0C996A6DD} (jfCryptoSignature Class) -
http://www.kps.dk/codebase/jfcrypto.cabO16 - DPF: {CDDCFBB3-4D93-11D2-B1A9-00A0C9B742BE} (Adobe Script Object) -
http://www.kps.dk/codebase/scriptobject.cabO16 - DPF: {D216644A-C6DB-49D9-BBCF-D38FE7991BF2} (Util Class) -
https://udstedelse.certifikat.tdc.dk/csp/authenticode/tdccsp-0506.exeO16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) -
http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cabO16 - DPF: {D821DC4A-0814-435E-9820-661C543A4679} (CRLDownloadWrapper Class) -
http://drmlicense.one.microsoft.com/crlupdate/en/crlocx.ocxO16 - DPF: {DEB21AD3-FDA4-42F6-B57D-EE696A675EE8} (IPSUploader Control) -
http://asp04.photoprintit.de/microsite/10023/defaults/activex/IPSUploader.cabO16 - DPF: {EF2FB80F-0975-408E-A871-B00CC863478A} (Adobe Soft Font Installer) -
http://www.kps.dk/codebase/fontinstaller.cabO16 - DPF: {FFBB3F3B-0A5A-4106-BE53-DFE1E2340CB1} (DownloadManager-kontrol) -
http://dlm.tools.akamai.com/dlmanager/versions/activex/dlm-activex-2.2.2.1.cabO20 - AppInit_DLLs: dhcudb.dll
O23 - Service: ATK Keyboard Service (ATKKeyboardService) - ASUSTeK COMPUTER INC. - C:\WINDOWS\ATKKBService.exe
O23 - Service: Automatic LiveUpdate Scheduler - Symantec Corporation - C:\Programmer\Symantec\LiveUpdate\ALUSchedulerSvc.exe
O23 - Service: BrSplService (Brother XP spl Service) - brother Industries Ltd - C:\WINDOWS\system32\brsvc01a.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Programmer\Fælles filer\Symantec
Shared\ccEvtMgr.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Programmer\Fælles filer\Symantec
Shared\ccSetMgr.exe
O23 - Service: Cisco Systems, Inc. VPN Service (CVPND) - Cisco Systems, Inc. - C:\Programmer\Cisco Systems\VPN Client\cvpnd.exe
O23 - Service: Intel(R) Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Programmer\Intel\Intel Matrix Storage
Manager\Iaantmon.exe
O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
O23 - Service: LiveUpdate Notice Service - Symantec Corporation - C:\Programmer\Fælles filer\Symantec
Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe
O23 - Service: MagicTuneEngine - Unknown owner - C:\Programmer\MagicTune Premium\MagicTuneEngine.exe
O23 - Service: Norton AntiVirus Auto-Protect Service (navapsvc) - Symantec Corporation - C:\Programmer\Norton
AntiVirus\navapsvc.exe
O23 - Service: Norton AntiVirus Firewall Monitor Service (NPFMntor) - Symantec Corporation - C:\Programmer\Norton
AntiVirus\IWP\NPFMntor.exe
O23 - Service: Norton Protection Center Service (NSCService) - Symantec Corporation - C:\Programmer\Fælles filer\Symantec
Shared\Security Console\NSCSRVCE.EXE
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: PunkBuster (PnkBstrA) - Unknown owner - C:\Programmer\Electronic Arts\Medal of Honor
Airborne\UnrealEngine3\MOHAGame\pb\PnkBstrA.exe
O23 - Service: Symantec AVScan (SAVScan) - Symantec Corporation - C:\Programmer\Norton AntiVirus\SAVScan.exe
O23 - Service: ServiceLayer - Nokia. - C:\Programmer\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: SessionLauncher - Unknown owner - C:\DOCUME~1\GITTE&~1\LOKALE~1\Temp\DX9\SessionLauncher.exe (file missing)
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Programmer\Fælles filer\Symantec
Shared\SNDSrvc.exe
O23 - Service: Symantec Core LC - Unknown owner - C:\Programmer\Fælles filer\Symantec Shared\CCPD-LC\symlcsvc.exe
O23 - Service: WUSB54GCSVC - GEMTEKS - C:\Programmer\Compact Wireless-G USB Adapter Wireless Network Monitor\WLService.exe
--
End of file - 13746 bytes
______________________________
Anti-Malware:
______________________________
Malwarebytes' Anti-Malware 1.28
Database version: 1151
Windows 5.1.2600 Service Pack 3
14-09-2008 22:38:31
mbam-log-2008-09-14 (22-38-31).txt
Skan type: Fuldstændig skanning (C:\|K:\|M:\|V:\|)
Objekter skannet: 288212
Tid tilbagelagt: 55 minute(s), 11 second(s)
Inficerede Hukommelses Processer: 0
Inficerede Hukommelses Moduler: 4
Inficerede Registeringsdatabase Nøgler: 7
Inficerede Registeringsdatabase Værdier: 2
Inficerede Registeringsdatabase Filer: 2
Inficerede Mapper: 0
Inficerede Filer: 15
Inficerede Hukommelses Processer:
(Ingen mistænkelige filer fundet)
Inficerede Hukommelses Moduler:
C:\WINDOWS\system32\mlJYrpQG.dll (Trojan.Vundo.H) -> Delete on reboot.
C:\WINDOWS\system32\yshocjcq.dll (Trojan.Vundo.H) -> Delete on reboot.
C:\WINDOWS\system32\khffCTnO.dll (Trojan.Vundo) -> Delete on reboot.
C:\WINDOWS\system32\nxurip.dll (Trojan.Vundo) -> Delete on reboot.
Inficerede Registeringsdatabase Nøgler:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{47836122-9d2e-476c-9763-b1d366f704e1} (Trojan.Vundo.H) -> Delete on reboot.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\khffctno (Trojan.Vundo.H) -> Delete on reboot.
HKEY_CLASSES_ROOT\CLSID\{47836122-9d2e-476c-9763-b1d366f704e1} (Trojan.Vundo.H) -> Delete on reboot.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{60eb71a6-d78a-4cca-be36-baeeb6543788} (Trojan.Vundo.H) -> Delete on reboot.
HKEY_CLASSES_ROOT\CLSID\{60eb71a6-d78a-4cca-be36-baeeb6543788} (Trojan.Vundo.H) -> Delete on reboot.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{a7861b7d-d138-4455-8ad8-a6e936ae97ff} (Trojan.Vundo.H) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{a7861b7d-d138-4455-8ad8-a6e936ae97ff} (Trojan.Vundo.H) -> Quarantined and deleted successfully.
Inficerede Registeringsdatabase Værdier:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\b4815925 (Trojan.Vundo.H) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks\{47836122-9d2e-476c-9763-b1d366f704e1} (Trojan.Vundo) -> Delete on reboot.
Inficerede Registeringsdatabase Filer:
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\LSA\Security Packages (Trojan.Vundo.H) -> Data: c:\windows\system32\mljyrpqg -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\LSA\Authentication Packages (Trojan.Vundo) -> Data: c:\windows\system32\mljyrpqg -> Quarantined and deleted successfully.
Inficerede Mapper:
(Ingen mistænkelige filer fundet)
Inficerede Filer:
C:\WINDOWS\system32\khffCTnO.dll (Trojan.Vundo.H) -> Delete on reboot.
C:\WINDOWS\system32\mlJYrpQG.dll (Trojan.Vundo.H) -> Delete on reboot.
C:\WINDOWS\system32\GQprYJlm.ini (Trojan.Vundo.H) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\GQprYJlm.ini2 (Trojan.Vundo.H) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\nxurip.dll (Trojan.Vundo.H) -> Delete on reboot.
C:\WINDOWS\system32\yshocjcq.dll (Trojan.Vundo.H) -> Delete on reboot.
C:\WINDOWS\system32\qcjcohsy.ini (Trojan.Vundo.H) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{33AE254A-91D2-4317-8EE3-EF6FE7BFE316}\RP581\A0091036.exe (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{33AE254A-91D2-4317-8EE3-EF6FE7BFE316}\RP581\A0091037.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{33AE254A-91D2-4317-8EE3-EF6FE7BFE316}\RP581\A0091038.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\oytaiwjk.dll (Trojan.Vundo) -> Delete on reboot.
C:\WINDOWS\system32\upskjrbb.dll (Trojan.Vundo) -> Delete on reboot.
C:\WINDOWS\system32\nnnmjGyw.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\dhcudb.dll (Trojan.Vundo) -> Delete on reboot.
C:\WINDOWS\system32\vqssrsde.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
__________________________________________
Jer er sikker på at det er den Vundo der har givet mig alt det bøvl...
Med mindre du kan se andet meget iøjnefaldende vil jeg mene du har løst mit problem, jeg bukker og takker :-)
Smid et svar, og su skal blive belønnet som lovet.
/Jonas
