Seneste forumindlæg
-
Forskel på gas- og kulgrill (10)
-
Stifinder i windows - Stien i toppen er væk (12)
-
Anbefaling af høre bøffer til fx træning (4)
-
Lithiumbatterier ombord på fly (6)
-
Søger hjælp til brændt af elcykel controller (DIY) (2)
-
Skærm pixeleret efter Asus Ax3000 Wifi card installering (7)
-
Konstant BSOD, kan slet ikke benytte min pc (8)
-
Phoenix II - CPU stress test (3)
-
Ny til Homeservers (18)
-
Mobil Tilbudstråd 2024 - Value for money (39)
-
Vmax og M-Blade, værdiløs eller rent guld? (7)
-
CPU fan støj fjernet fra 7800X3D (11)
-
Priser på eBay.de og tradera for elektronik (7)
-
Tilbud i power dreame L10s ultra (29)
-
LG NAS er ikke længere synligt på netværket (11)
-
Lås på mobilapp (så de ikke kan slettes) (3)
-
Specs anbefalinger til ny pc (8)
-
M2 uden skrue (0)
-
Forbrugerrettigheder vs forsikringsselskab? (8)
-
Bedste software t. optimering (15)
-
Onyx Boox Poke 5 og eReolen (1)
-
Størrelse på txt filer som åbnes (7)
-
65" tv til ca. 7000 kr. (28)
-
læst email? (30)
-
Spil på Mac? (12)
-
Artic Cooler får "CPU Fan Error" (11)
-
DBA Perler, de gode tilbud :-) (427)
-
Tilbud tråd (9)
-
Er Unifi USG end of life? (8)
-
H: Nyt ITX build (Fractal Design Terra) (17)
-
Subnetting låne bits (3)
-
Det koster det at eje en Tesla Model 3 i 4 år (50)
-
refurbish mobiltelefon (8)
-
Køb af hardware i USA (8)
Køb / Salg
 * Uofficiel Black/White liste V3
-
S: LG Pose 42" OLED (1)
-
V: Geforce 1060, 6gb Jetstream (1)
-
Hol.dk's Uofficielle White/Black liste V3 (1764)
-
S: 2 NYE x SteelSeries arctis Nova 7 wireless headsets (0)
-
S: Samsung Odyssey G9 OLED (0)
-
S: i5-10400f, 16GB, B560M-K, GTX 1660 PC (2)
-
S: Thinkpad T60 (2)
-
K: 1080ti/6700xt eller lignende. (3)
-
S: Asus GTX 1080 Ti ROG Strix OC (6)
-
V: 7600x 3060ti gamer (6)
-
K: R9 280x (13)
-
S: Playstation 5 med tilbehør og spil (6)
-
4G usb modem (1)
-
S: XSPC radiatorer 240 + 360mm (2)
-
S: Meget billig pc sælges grundet færdig gf2 forlø... (10)
-
S: Seagate Firecuda 530 4TB NVMe (Heatsink) (7)
-
K: ITX mb eller bundle (0)
-
S: ASUS VG248QE (0)
-
S: 2x16GB DDR4-3200 (0)
-
V: Ældre gamer PC (1)
Login / opret bruger
Forum \ Software \ Sikkerhed
Denne tråd er over 6 måneder gammel

Er du sikker på, at du har noget relevant at tilføje?

HJT hjælp

Af Ultrabruger DaDuck | 12-09-2007 01:14 | 1869 visninger | 8 svar, hop til seneste
en masse crap, og popup vinduer hele tiden.... hjælp... TAK Logfile of HijackThis v1.99.1 Scan saved at 01:09:42, on 12-09-2007 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.6000.16512) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\ehome\ehtray.exe C:\Program Files\Launch Manager\LaunchAp.exe C:\Program Files\Launch Manager\PowerKey.exe C:\Program Files\Launch Manager\HotkeyApp.exe C:\Program Files\Launch Manager\OSDCtrl.exe C:\Program Files\Launch Manager\Wbutton.exe C:\Program Files\Synaptics\SynTP\SynTPLpr.exe C:\Program Files\Synaptics\SynTP\SynTPEnh.exe C:\Program Files\ATI Technologies\ATI.ACE\cli.exe C:\WINDOWS\system32\rundll32.exe C:\Acer\Empowering Technology\admtray.exe C:\Acer\Empowering Technology\eRecovery\Monitor.exe C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe C:\WINDOWS\RTHDCPL.EXE C:\Program Files\iTunes\iTunesHelper.exe C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe C:\Program Files\Creative\Creative Live! Cam\VideoFX\StartFX.exe C:\WINDOWS\C0100Mon.exe C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe C:\Program Files\PeerGuardian2\pg2.exe C:\Program Files\Creative\Creative Live! Cam\Live! Cam Manager\CTLCMgr.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe C:\Acer\Empowering Technology\admServ.exe C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe C:\WINDOWS\eHome\ehRecvr.exe C:\WINDOWS\eHome\ehSched.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe C:\DOCUME~1\MARIAL~1\LOCALS~1\Temp\RtkBtMnt.exe C:\Program Files\iPod\bin\iPodService.exe C:\WINDOWS\system32\dllhost.exe C:\WINDOWS\eHome\ehmsas.exe C:\Program Files\ATI Technologies\ATI.ACE\cli.exe C:\Program Files\ATI Technologies\ATI.ACE\cli.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\taskmgr.exe C:\Program Files\HijackThis\HijackThis.exe C:\Program Files\Internet Explorer\IEXPLORE.EXE C:\Program Files\Internet Explorer\iexplore.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.dk[...] R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com[...] R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com[...] R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com[...] R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com[...] R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://global.acer.com[...] R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll O2 - BHO: Seekmo - {07AA283A-43D7-4CBE-A064-32A21112D94D} - (no file) O2 - BHO: (no name) - {47B83D78-F986-4E96-9769-2C55EF14DA0B} - C:\WINDOWS\system32\__c00A158C.dat O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll O3 - Toolbar: Seekmo - {07AA283A-43D7-4CBE-A064-32A21112D94D} - (no file) O3 - Toolbar: (no name) - {F06E2ABE-3A50-4079-BE25-FC100D9EAA25} - (no file) O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll O4 - HKLM\..\Run: [ehTray] C:\WINDOWS\ehome\ehtray.exe O4 - HKLM\..\Run: [preload] C:\Windows\RUNXMLPL.exe O4 - HKLM\..\Run: [LaunchAp] "C:\Program Files\Launch Manager\LaunchAp.exe" O4 - HKLM\..\Run: [PowerKey] "C:\Program Files\Launch Manager\PowerKey.exe" O4 - HKLM\..\Run: [LManager] "C:\Program Files\Launch Manager\HotkeyApp.exe" O4 - HKLM\..\Run: [CtrlVol] "C:\Program Files\Launch Manager\CtrlVol.exe" O4 - HKLM\..\Run: [LMgrOSD] "C:\Program Files\Launch Manager\OSDCtrl.exe" O4 - HKLM\..\Run: [Wbutton] "C:\Program Files\Launch Manager\Wbutton.exe" O4 - HKLM\..\Run: [SynTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exe O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32 O4 - HKLM\..\Run: [MSPY2002] C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe /SYNC O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName O4 - HKLM\..\Run: [ATICCC] "C:\Program Files\ATI Technologies\ATI.ACE\cli.exe" runtime -Delay O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent O4 - HKLM\..\Run: [ADMTray.exe] "C:\Acer\Empowering Technology\admtray.exe" O4 - HKLM\..\Run: [eRecoveryService] C:\Acer\Empowering Technology\eRecovery\Monitor.exe O4 - HKLM\..\Run: [AVP] "C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe" O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe" O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe" O4 - HKLM\..\Run: [AVFX Engine] C:\Program Files\Creative\Creative Live! Cam\VideoFX\StartFX.exe O4 - HKLM\..\Run: [C0100Mon.exe] C:\WINDOWS\C0100Mon.exe O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized O4 - HKCU\..\Run: [updateMgr] C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe AcRdB7_0_9 O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe O4 - HKCU\..\Run: [PeerGuardian] C:\Program Files\PeerGuardian2\pg2.exe O4 - HKCU\..\Run: [Creative Live! Cam Manager] "C:\Program Files\Creative\Creative Live! Cam\Live! Cam Manager\CTLCMgr.exe" O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - Global Startup: BTTray.lnk = ? O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe O8 - Extra context menu item: E&ksporter til Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000 O8 - Extra context menu item: Send til &Bluetooth-enhed... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll O9 - Extra button: Web Anti-Virus statistics - {1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\scieplugin.dll O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\WINDOWS\system32\shdocvw.dll O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm O9 - Extra 'Tools' menuitem: @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing) O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing) O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O11 - Options group: [INTERNATIONAL] International* O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com[...] O16 - DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} (Creative Software AutoUpdate Support Package) - http://www.creative.com[...] O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL O20 - AppInit_DLLs: C:\WINDOWS\system32\__c001864A.dat O20 - Winlogon Notify: klogon - C:\WINDOWS\system32\klogon.dll O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe O23 - Service: Automatic LiveUpdate Scheduler - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe O23 - Service: Kaspersky Anti-Virus 6.0 (AVP) - Unknown owner - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe" -r (file missing) O23 - Service: AdminWorks Agent X6 (AWService) - Avocent Inc. - C:\Acer\Empowering Technology\admServ.exe O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: iPod-tjeneste (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE O23 - Service: Symantec Core LC - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
--
There are 10 types of people in the world; Those who understand binary and those who don't. http://my.qxl.dk[...]
#1
Daduck
Gæst
12-09-2007 13:58

Rapporter til Admin
Ingen der kan hjælpe ? TAK
--
Gæstebruger, opret dit eget login og få din egen signatur.
#2
Arlet
Maxibruger
13-09-2007 13:06

Rapporter til Admin
Kør trin 1 og 2 her http://www.malwarecheck.dk[...] Vi skal se log´ne fra SAS og AVG/EWIDO genstart Hent derefter nyeste version af hijackthis ved at følge denne vejledning: http://www.malwarecheck.dk[...] --
--
Med venlig hilsen Arlet www.arlet.dk[...] www.malwarecheck.dk[...]
#3
Daduck
Gæst
13-09-2007 18:22

Rapporter til Admin
SUPERAntiSpyware Scan Log http://www.superantispyware.com[...] Generated 09/13/2007 at 04:56 PM Application Version : 3.9.1008 Core Rules Database Version : 3305 Trace Rules Database Version: 1311 Scan type : Complete Scan Total Scan Time : 00:50:58 Memory items scanned : 675 Memory threats detected : 1 Registry items scanned : 6280 Registry threats detected : 227 File items scanned : 47870 File threats detected : 23 Trojan.Downloader-NewJuan/VM C:\WINDOWS\SYSTEM32\__C00A158C.DAT C:\WINDOWS\SYSTEM32\__C00A158C.DAT Unclassified.Unknown Origin HKLM\Software\Classes\CLSID\{47B83D78-F986-4E96-9769-2C55EF14DA0B} HKCR\CLSID\{47B83D78-F986-4E96-9769-2C55EF14DA0B} HKCR\CLSID\{47B83D78-F986-4E96-9769-2C55EF14DA0B}\InprocServer32 HKCR\CLSID\{47B83D78-F986-4E96-9769-2C55EF14DA0B}\InprocServer32#ThreadingModel HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{47B83D78-F986-4E96-9769-2C55EF14DA0B} HKCR\CLSID\{47B83D78-F986-4E96-9769-2C55EF14DA0B} Adware.Tracking Cookie C:\Documents and Settings\Maria Lund\Cookies\maria_lund@zedo[2].txt C:\Documents and Settings\Maria Lund\Cookies\maria_lund@doubleclick[2].txt C:\Documents and Settings\Maria Lund\Cookies\[email protected][2].txt C:\Documents and Settings\Maria Lund\Cookies\maria_lund@smileycentral[1].txt C:\Documents and Settings\Maria Lund\Cookies\[email protected][1].txt C:\Documents and Settings\Maria Lund\Cookies\maria_lund@tribalfusion[1].txt C:\Documents and Settings\Maria Lund\Cookies\maria_lund@precisionclick[1].txt C:\Documents and Settings\Maria Lund\Cookies\maria_lund@cpvfeed[2].txt Trojan.Security Toolbar C:\Documents and Settings\All Users\Start Menu\Online Security Guide.url C:\Documents and Settings\All Users\Start Menu\Security Troubleshooting.url Adware.180solutions/Seekmo HKCR\HostIE.Bho HKCR\HostIE.Bho\CLSID HKCR\HostIE.Bho\CurVer HKCR\HostIE.Bho.1 HKCR\HostIE.Bho.1\CLSID HKCR\CLSID\{07AA283A-43D7-4CBE-A064-32A21112D94D} HKCR\CLSID\{07AA283A-43D7-4CBE-A064-32A21112D94D}\ProgID HKCR\CLSID\{07AA283A-43D7-4CBE-A064-32A21112D94D}\Programmable HKCR\CLSID\{07AA283A-43D7-4CBE-A064-32A21112D94D}\TypeLib HKCR\CLSID\{07AA283A-43D7-4CBE-A064-32A21112D94D}\VersionIndependentProgID HKCR\CLSID\{93B0FA7B-50F6-41B4-AC7E-612A72CE8C3C} HKCR\CLSID\{93B0FA7B-50F6-41B4-AC7E-612A72CE8C3C}\Control HKCR\CLSID\{93B0FA7B-50F6-41B4-AC7E-612A72CE8C3C}\Implemented Categories HKCR\CLSID\{93B0FA7B-50F6-41B4-AC7E-612A72CE8C3C}\Implemented Categories\{00021494-0000-0000-C000-000000000046} HKCR\CLSID\{93B0FA7B-50F6-41B4-AC7E-612A72CE8C3C}\Instance HKCR\CLSID\{93B0FA7B-50F6-41B4-AC7E-612A72CE8C3C}\Instance#CLSID HKCR\CLSID\{93B0FA7B-50F6-41B4-AC7E-612A72CE8C3C}\Instance\InitPropertyBag HKCR\CLSID\{93B0FA7B-50F6-41B4-AC7E-612A72CE8C3C}\Instance\InitPropertyBag#Url HKCR\CLSID\{93B0FA7B-50F6-41B4-AC7E-612A72CE8C3C}\MiscStatus HKCR\CLSID\{93B0FA7B-50F6-41B4-AC7E-612A72CE8C3C}\MiscStatus\1 HKCR\CLSID\{93B0FA7B-50F6-41B4-AC7E-612A72CE8C3C}\ProgID HKCR\CLSID\{93B0FA7B-50F6-41B4-AC7E-612A72CE8C3C}\Programmable HKCR\CLSID\{93B0FA7B-50F6-41B4-AC7E-612A72CE8C3C}\TypeLib HKCR\CLSID\{93B0FA7B-50F6-41B4-AC7E-612A72CE8C3C}\Version HKCR\CLSID\{93B0FA7B-50F6-41B4-AC7E-612A72CE8C3C}\VersionIndependentProgID HKCR\TypeLib\{087C4054-0A2B-4F35-B0DB-BED3E21650F4} HKCR\TypeLib\{087C4054-0A2B-4F35-B0DB-BED3E21650F4}\1.0 HKCR\TypeLib\{087C4054-0A2B-4F35-B0DB-BED3E21650F4}\1.0\0 HKCR\TypeLib\{087C4054-0A2B-4F35-B0DB-BED3E21650F4}\1.0\0\win32 HKCR\TypeLib\{087C4054-0A2B-4F35-B0DB-BED3E21650F4}\1.0\FLAGS HKCR\TypeLib\{087C4054-0A2B-4F35-B0DB-BED3E21650F4}\1.0\HELPDIR HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{07AA283A-43D7-4CBE-A064-32A21112D94D} HKLM\Software\Microsoft\Internet Explorer\Explorer Bars\{93B0FA7B-50F6-41B4-AC7E-612A72CE8C3C} HKU\S-1-5-21-3829295412-2816458135-4248073172-1005\Software\Microsoft\Internet Explorer\Explorer Bars\{93B0FA7B-50F6-41B4-AC7E-612A72CE8C3C} HKLM\Software\Microsoft\Internet Explorer\Toolbar#{07AA283A-43D7-4CBE-A064-32A21112D94D} [ Seekmo ] C:\Documents and Settings\Maria Lund\Application Data\Seekmo\IESkins C:\Documents and Settings\Maria Lund\Application Data\Seekmo C:\SYSTEM VOLUME INFORMATION\_RESTORE{522AA546-BDE3-4168-A439-CC5B83810CC6}\RP117\A0026019.DLL C:\SYSTEM VOLUME INFORMATION\_RESTORE{522AA546-BDE3-4168-A439-CC5B83810CC6}\RP117\A0026020.DLL C:\SYSTEM VOLUME INFORMATION\_RESTORE{522AA546-BDE3-4168-A439-CC5B83810CC6}\RP117\A0026021.DLL Adware.Zango Toolbar/Hb HKCR\CoreSrv.CoreServices HKCR\CoreSrv.CoreServices\CLSID HKCR\CoreSrv.CoreServices\CurVer HKCR\CoreSrv.CoreServices.1 HKCR\CoreSrv.CoreServices.1\CLSID HKCR\CoreSrv.LfgAx HKCR\CoreSrv.LfgAx\CLSID HKCR\CoreSrv.LfgAx\CurVer HKCR\CoreSrv.LfgAx.1 HKCR\CoreSrv.LfgAx.1\CLSID HKCR\HBMain.CommBand HKCR\HBMain.CommBand\CLSID HKCR\HBMain.CommBand\CurVer HKCR\HBMain.CommBand.1 HKCR\HBMain.CommBand.1\CLSID HKCR\hbr.HbMain HKCR\hbr.HbMain\CLSID HKCR\hbr.HbMain\CurVer HKCR\hbr.HbMain.1 HKCR\hbr.HbMain.1\CLSID HKCR\CLSID\{B0CB585F-3271-4E42-88D9-AE5C9330D554} HKCR\CLSID\{B0CB585F-3271-4E42-88D9-AE5C9330D554}#AppID HKCR\CLSID\{B0CB585F-3271-4E42-88D9-AE5C9330D554}\Control HKCR\CLSID\{B0CB585F-3271-4E42-88D9-AE5C9330D554}\Implemented Categories HKCR\CLSID\{B0CB585F-3271-4E42-88D9-AE5C9330D554}\Implemented Categories\{7DD95801-9882-11CF-9FA9-00AA006C42C4} HKCR\CLSID\{B0CB585F-3271-4E42-88D9-AE5C9330D554}\MiscStatus HKCR\CLSID\{B0CB585F-3271-4E42-88D9-AE5C9330D554}\MiscStatus\1 HKCR\CLSID\{B0CB585F-3271-4E42-88D9-AE5C9330D554}\ProgID HKCR\CLSID\{B0CB585F-3271-4E42-88D9-AE5C9330D554}\Programmable HKCR\CLSID\{B0CB585F-3271-4E42-88D9-AE5C9330D554}\TypeLib HKCR\CLSID\{B0CB585F-3271-4E42-88D9-AE5C9330D554}\Version HKCR\CLSID\{B0CB585F-3271-4E42-88D9-AE5C9330D554}\VersionIndependentProgID HKCR\CLSID\{BF1BF02C-5A86-4ECF-ADAC-472C54C4D21E} HKCR\CLSID\{BF1BF02C-5A86-4ECF-ADAC-472C54C4D21E}\Implemented Categories HKCR\CLSID\{BF1BF02C-5A86-4ECF-ADAC-472C54C4D21E}\Implemented Categories\{EA39B285-5A7D-4918-8DF1-95C48E74E409} HKCR\CLSID\{D2221CCB-F2BB-4858-AAD4-57C754153603} HKCR\CLSID\{D2221CCB-F2BB-4858-AAD4-57C754153603}\ProgID HKCR\CLSID\{D2221CCB-F2BB-4858-AAD4-57C754153603}\TypeLib HKCR\CLSID\{D2221CCB-F2BB-4858-AAD4-57C754153603}\VersionIndependentProgID HKCR\CLSID\{EA0B6A1A-6A59-4A58-9C41-9966504898A5} HKCR\CLSID\{EA0B6A1A-6A59-4A58-9C41-9966504898A5}\ProgID HKCR\CLSID\{EA0B6A1A-6A59-4A58-9C41-9966504898A5}\Programmable HKCR\CLSID\{EA0B6A1A-6A59-4A58-9C41-9966504898A5}\TypeLib HKCR\CLSID\{EA0B6A1A-6A59-4A58-9C41-9966504898A5}\VersionIndependentProgID HKCR\TypeLib\{229D2451-A617-4B30-B5E8-8138694240CB} HKCR\TypeLib\{229D2451-A617-4B30-B5E8-8138694240CB}\1.0 HKCR\TypeLib\{229D2451-A617-4B30-B5E8-8138694240CB}\1.0\0 HKCR\TypeLib\{229D2451-A617-4B30-B5E8-8138694240CB}\1.0\0\win32 HKCR\TypeLib\{229D2451-A617-4B30-B5E8-8138694240CB}\1.0\FLAGS HKCR\TypeLib\{229D2451-A617-4B30-B5E8-8138694240CB}\1.0\HELPDIR HKCR\Interface\{00B77587-BE1B-4201-B8E9-09FCF50AB771} HKCR\Interface\{00B77587-BE1B-4201-B8E9-09FCF50AB771}\ProxyStubClsid HKCR\Interface\{00B77587-BE1B-4201-B8E9-09FCF50AB771}\ProxyStubClsid32 HKCR\Interface\{00B77587-BE1B-4201-B8E9-09FCF50AB771}\TypeLib HKCR\Interface\{00B77587-BE1B-4201-B8E9-09FCF50AB771}\TypeLib#Version HKCR\Interface\{2E623B96-B166-4C70-8169-820761794299} HKCR\Interface\{2E623B96-B166-4C70-8169-820761794299}\ProxyStubClsid HKCR\Interface\{2E623B96-B166-4C70-8169-820761794299}\ProxyStubClsid32 HKCR\Interface\{2E623B96-B166-4C70-8169-820761794299}\TypeLib HKCR\Interface\{2E623B96-B166-4C70-8169-820761794299}\TypeLib#Version HKCR\Interface\{4E8B851B-05B0-4BAF-B24D-D0DFE88DDED3} HKCR\Interface\{4E8B851B-05B0-4BAF-B24D-D0DFE88DDED3}\ProxyStubClsid HKCR\Interface\{4E8B851B-05B0-4BAF-B24D-D0DFE88DDED3}\ProxyStubClsid32 HKCR\Interface\{4E8B851B-05B0-4BAF-B24D-D0DFE88DDED3}\TypeLib HKCR\Interface\{4E8B851B-05B0-4BAF-B24D-D0DFE88DDED3}\TypeLib#Version HKCR\Interface\{5A4737A8-B92A-4E54-970E-C2891D98CE3F} HKCR\Interface\{5A4737A8-B92A-4E54-970E-C2891D98CE3F}\ProxyStubClsid HKCR\Interface\{5A4737A8-B92A-4E54-970E-C2891D98CE3F}\ProxyStubClsid32 HKCR\Interface\{5A4737A8-B92A-4E54-970E-C2891D98CE3F}\TypeLib HKCR\Interface\{5A4737A8-B92A-4E54-970E-C2891D98CE3F}\TypeLib#Version HKCR\Interface\{62B0B239-F9AC-4A5B-BFAE-62C7A23F7627} HKCR\Interface\{62B0B239-F9AC-4A5B-BFAE-62C7A23F7627}\ProxyStubClsid HKCR\Interface\{62B0B239-F9AC-4A5B-BFAE-62C7A23F7627}\ProxyStubClsid32 HKCR\Interface\{62B0B239-F9AC-4A5B-BFAE-62C7A23F7627}\TypeLib HKCR\Interface\{62B0B239-F9AC-4A5B-BFAE-62C7A23F7627}\TypeLib#Version HKCR\Interface\{726F0AB9-B842-4AE4-90C7-230E233E6A99} HKCR\Interface\{726F0AB9-B842-4AE4-90C7-230E233E6A99}\ProxyStubClsid HKCR\Interface\{726F0AB9-B842-4AE4-90C7-230E233E6A99}\ProxyStubClsid32 HKCR\Interface\{726F0AB9-B842-4AE4-90C7-230E233E6A99}\TypeLib HKCR\Interface\{726F0AB9-B842-4AE4-90C7-230E233E6A99}\TypeLib#Version HKCR\Interface\{ACE99E77-AA2A-43C2-8C9D-CAF2020FDF2B} HKCR\Interface\{ACE99E77-AA2A-43C2-8C9D-CAF2020FDF2B}\ProxyStubClsid HKCR\Interface\{ACE99E77-AA2A-43C2-8C9D-CAF2020FDF2B}\ProxyStubClsid32 HKCR\Interface\{ACE99E77-AA2A-43C2-8C9D-CAF2020FDF2B}\TypeLib HKCR\Interface\{ACE99E77-AA2A-43C2-8C9D-CAF2020FDF2B}\TypeLib#Version HKCR\Interface\{B9CC2B92-5611-453F-8381-8B6F72D9C0B8} HKCR\Interface\{B9CC2B92-5611-453F-8381-8B6F72D9C0B8}\ProxyStubClsid HKCR\Interface\{B9CC2B92-5611-453F-8381-8B6F72D9C0B8}\ProxyStubClsid32 HKCR\Interface\{B9CC2B92-5611-453F-8381-8B6F72D9C0B8}\TypeLib HKCR\Interface\{B9CC2B92-5611-453F-8381-8B6F72D9C0B8}\TypeLib#Version HKCR\Interface\{C4543E64-1498-410D-8E72-4744EEA99AB9} HKCR\Interface\{C4543E64-1498-410D-8E72-4744EEA99AB9}\ProxyStubClsid HKCR\Interface\{C4543E64-1498-410D-8E72-4744EEA99AB9}\ProxyStubClsid32 HKCR\Interface\{C4543E64-1498-410D-8E72-4744EEA99AB9}\TypeLib HKCR\Interface\{C4543E64-1498-410D-8E72-4744EEA99AB9}\TypeLib#Version HKCR\Interface\{E0FB1610-B25B-49F6-BE20-751B2F230E6F} HKCR\Interface\{E0FB1610-B25B-49F6-BE20-751B2F230E6F}\ProxyStubClsid HKCR\Interface\{E0FB1610-B25B-49F6-BE20-751B2F230E6F}\ProxyStubClsid32 HKCR\Interface\{E0FB1610-B25B-49F6-BE20-751B2F230E6F}\TypeLib HKCR\Interface\{E0FB1610-B25B-49F6-BE20-751B2F230E6F}\TypeLib#Version C:\Documents and Settings\Maria Lund\Application Data\Zango Malware.VirusProtectPro HKCR\TypeLib\{6D7F9517-F134-45E3-BF2E-73414FF15CA1} HKCR\TypeLib\{6D7F9517-F134-45E3-BF2E-73414FF15CA1}\1.0 HKCR\TypeLib\{6D7F9517-F134-45E3-BF2E-73414FF15CA1}\1.0\0 HKCR\TypeLib\{6D7F9517-F134-45E3-BF2E-73414FF15CA1}\1.0\0\win32 HKCR\TypeLib\{6D7F9517-F134-45E3-BF2E-73414FF15CA1}\1.0\FLAGS HKCR\TypeLib\{6D7F9517-F134-45E3-BF2E-73414FF15CA1}\1.0\HELPDIR HKCR\Interface\{03F65A7B-6E49-4ACE-848B-4459DDBD3981} HKCR\Interface\{03F65A7B-6E49-4ACE-848B-4459DDBD3981}\ProxyStubClsid HKCR\Interface\{03F65A7B-6E49-4ACE-848B-4459DDBD3981}\ProxyStubClsid32 HKCR\Interface\{03F65A7B-6E49-4ACE-848B-4459DDBD3981}\TypeLib HKCR\Interface\{03F65A7B-6E49-4ACE-848B-4459DDBD3981}\TypeLib#Version HKCR\Interface\{15125718-D196-47C9-8FBF-9889C0C85D67} HKCR\Interface\{15125718-D196-47C9-8FBF-9889C0C85D67}\ProxyStubClsid HKCR\Interface\{15125718-D196-47C9-8FBF-9889C0C85D67}\ProxyStubClsid32 HKCR\Interface\{15125718-D196-47C9-8FBF-9889C0C85D67}\TypeLib HKCR\Interface\{15125718-D196-47C9-8FBF-9889C0C85D67}\TypeLib#Version HKCR\Interface\{21C40A12-3079-4A70-A715-8A44CE0DE829} HKCR\Interface\{21C40A12-3079-4A70-A715-8A44CE0DE829}\ProxyStubClsid HKCR\Interface\{21C40A12-3079-4A70-A715-8A44CE0DE829}\ProxyStubClsid32 HKCR\Interface\{21C40A12-3079-4A70-A715-8A44CE0DE829}\TypeLib HKCR\Interface\{21C40A12-3079-4A70-A715-8A44CE0DE829}\TypeLib#Version HKCR\Interface\{2A3E745F-1EAE-441F-A5D5-E53C909CEEC1} HKCR\Interface\{2A3E745F-1EAE-441F-A5D5-E53C909CEEC1}\ProxyStubClsid HKCR\Interface\{2A3E745F-1EAE-441F-A5D5-E53C909CEEC1}\ProxyStubClsid32 HKCR\Interface\{2A3E745F-1EAE-441F-A5D5-E53C909CEEC1}\TypeLib HKCR\Interface\{2A3E745F-1EAE-441F-A5D5-E53C909CEEC1}\TypeLib#Version HKCR\Interface\{2F6A3DCF-D68F-4663-8C25-312BCDBE4D47} HKCR\Interface\{2F6A3DCF-D68F-4663-8C25-312BCDBE4D47}\ProxyStubClsid HKCR\Interface\{2F6A3DCF-D68F-4663-8C25-312BCDBE4D47}\ProxyStubClsid32 HKCR\Interface\{2F6A3DCF-D68F-4663-8C25-312BCDBE4D47}\TypeLib HKCR\Interface\{2F6A3DCF-D68F-4663-8C25-312BCDBE4D47}\TypeLib#Version HKCR\Interface\{48129B70-2F29-4DBA-A499-BEB1A1554E10} HKCR\Interface\{48129B70-2F29-4DBA-A499-BEB1A1554E10}\ProxyStubClsid HKCR\Interface\{48129B70-2F29-4DBA-A499-BEB1A1554E10}\ProxyStubClsid32 HKCR\Interface\{48129B70-2F29-4DBA-A499-BEB1A1554E10}\TypeLib HKCR\Interface\{48129B70-2F29-4DBA-A499-BEB1A1554E10}\TypeLib#Version HKCR\Interface\{484E9A1B-C631-47F3-9BC0-F752CDAAFB9A} HKCR\Interface\{484E9A1B-C631-47F3-9BC0-F752CDAAFB9A}\ProxyStubClsid HKCR\Interface\{484E9A1B-C631-47F3-9BC0-F752CDAAFB9A}\ProxyStubClsid32 HKCR\Interface\{484E9A1B-C631-47F3-9BC0-F752CDAAFB9A}\TypeLib HKCR\Interface\{484E9A1B-C631-47F3-9BC0-F752CDAAFB9A}\TypeLib#Version HKCR\Interface\{A1886D5E-3508-4109-A8A0-F045AA86F3A3} HKCR\Interface\{A1886D5E-3508-4109-A8A0-F045AA86F3A3}\ProxyStubClsid HKCR\Interface\{A1886D5E-3508-4109-A8A0-F045AA86F3A3}\ProxyStubClsid32 HKCR\Interface\{A1886D5E-3508-4109-A8A0-F045AA86F3A3}\TypeLib HKCR\Interface\{A1886D5E-3508-4109-A8A0-F045AA86F3A3}\TypeLib#Version HKCR\Interface\{A2817460-5C53-4B41-8D01-D3EF255DD41E} HKCR\Interface\{A2817460-5C53-4B41-8D01-D3EF255DD41E}\ProxyStubClsid HKCR\Interface\{A2817460-5C53-4B41-8D01-D3EF255DD41E}\ProxyStubClsid32 HKCR\Interface\{A2817460-5C53-4B41-8D01-D3EF255DD41E}\TypeLib HKCR\Interface\{A2817460-5C53-4B41-8D01-D3EF255DD41E}\TypeLib#Version HKCR\Interface\{AEEA2138-2168-449E-B995-B56612EEF65E} HKCR\Interface\{AEEA2138-2168-449E-B995-B56612EEF65E}\ProxyStubClsid HKCR\Interface\{AEEA2138-2168-449E-B995-B56612EEF65E}\ProxyStubClsid32 HKCR\Interface\{AEEA2138-2168-449E-B995-B56612EEF65E}\TypeLib HKCR\Interface\{AEEA2138-2168-449E-B995-B56612EEF65E}\TypeLib#Version HKCR\Interface\{AEFD40BB-03E3-4C66-ABFB-B5720ACB833E} HKCR\Interface\{AEFD40BB-03E3-4C66-ABFB-B5720ACB833E}\ProxyStubClsid HKCR\Interface\{AEFD40BB-03E3-4C66-ABFB-B5720ACB833E}\ProxyStubClsid32 HKCR\Interface\{AEFD40BB-03E3-4C66-ABFB-B5720ACB833E}\TypeLib HKCR\Interface\{AEFD40BB-03E3-4C66-ABFB-B5720ACB833E}\TypeLib#Version HKCR\Interface\{B9C7A624-88E3-4DFA-8D56-438B10BC0149} HKCR\Interface\{B9C7A624-88E3-4DFA-8D56-438B10BC0149}\ProxyStubClsid HKCR\Interface\{B9C7A624-88E3-4DFA-8D56-438B10BC0149}\ProxyStubClsid32 HKCR\Interface\{B9C7A624-88E3-4DFA-8D56-438B10BC0149}\TypeLib HKCR\Interface\{B9C7A624-88E3-4DFA-8D56-438B10BC0149}\TypeLib#Version HKCR\Interface\{D21FBDCE-EF01-417C-A1A1-C1EEDB8D5DB6} HKCR\Interface\{D21FBDCE-EF01-417C-A1A1-C1EEDB8D5DB6}\ProxyStubClsid HKCR\Interface\{D21FBDCE-EF01-417C-A1A1-C1EEDB8D5DB6}\ProxyStubClsid32 HKCR\Interface\{D21FBDCE-EF01-417C-A1A1-C1EEDB8D5DB6}\TypeLib HKCR\Interface\{D21FBDCE-EF01-417C-A1A1-C1EEDB8D5DB6}\TypeLib#Version HKCR\Interface\{EBA2671E-29BF-42D8-B17E-AB5315CC73C5} HKCR\Interface\{EBA2671E-29BF-42D8-B17E-AB5315CC73C5}\ProxyStubClsid HKCR\Interface\{EBA2671E-29BF-42D8-B17E-AB5315CC73C5}\ProxyStubClsid32 HKCR\Interface\{EBA2671E-29BF-42D8-B17E-AB5315CC73C5}\TypeLib HKCR\Interface\{EBA2671E-29BF-42D8-B17E-AB5315CC73C5}\TypeLib#Version HKCR\Interface\{F105F0C9-50E2-44FA-B3EC-92CA7BFE0C0D} HKCR\Interface\{F105F0C9-50E2-44FA-B3EC-92CA7BFE0C0D}\ProxyStubClsid HKCR\Interface\{F105F0C9-50E2-44FA-B3EC-92CA7BFE0C0D}\ProxyStubClsid32 HKCR\Interface\{F105F0C9-50E2-44FA-B3EC-92CA7BFE0C0D}\TypeLib HKCR\Interface\{F105F0C9-50E2-44FA-B3EC-92CA7BFE0C0D}\TypeLib#Version HKCR\Interface\{F664EA90-9B91-4825-9B51-5635AC38CCA6} HKCR\Interface\{F664EA90-9B91-4825-9B51-5635AC38CCA6}\ProxyStubClsid HKCR\Interface\{F664EA90-9B91-4825-9B51-5635AC38CCA6}\ProxyStubClsid32 HKCR\Interface\{F664EA90-9B91-4825-9B51-5635AC38CCA6}\TypeLib HKCR\Interface\{F664EA90-9B91-4825-9B51-5635AC38CCA6}\TypeLib#Version C:\SYSTEM VOLUME INFORMATION\_RESTORE{522AA546-BDE3-4168-A439-CC5B83810CC6}\RP110\A0019668.EXE C:\SYSTEM VOLUME INFORMATION\_RESTORE{522AA546-BDE3-4168-A439-CC5B83810CC6}\RP117\A0026015.EXE Adware.180solutions/ZangoSearch C:\SYSTEM VOLUME INFORMATION\_RESTORE{522AA546-BDE3-4168-A439-CC5B83810CC6}\RP117\A0026018.DLL C:\SYSTEM VOLUME INFORMATION\_RESTORE{522AA546-BDE3-4168-A439-CC5B83810CC6}\RP117\A0026024.DLL C:\SYSTEM VOLUME INFORMATION\_RESTORE{522AA546-BDE3-4168-A439-CC5B83810CC6}\RP117\A0026025.DLL Browser Hijacker.Favorites C:\RECYCLED\DC3.URL
--
Gæstebruger, opret dit eget login og få din egen signatur.
#4
DaDuck
Gæst
13-09-2007 18:24

Rapporter til Admin
Men det har indtil videre ikke hjulpet... Der kommer stadig en millard pop-up vinduer når jg prøver at gå på nettet... :-( HJT-log kommer om et øjeblik
--
Gæstebruger, opret dit eget login og få din egen signatur.
#5
DaDuck
Gæst
13-09-2007 18:26

Rapporter til Admin
Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 18:23:12, on 13-09-2007 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.6000.16512) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\ehome\ehtray.exe C:\Program Files\Launch Manager\LaunchAp.exe C:\Program Files\Launch Manager\PowerKey.exe C:\Program Files\Launch Manager\HotkeyApp.exe C:\Program Files\Launch Manager\OSDCtrl.exe C:\Program Files\Launch Manager\Wbutton.exe C:\Program Files\Synaptics\SynTP\SynTPLpr.exe C:\Program Files\Synaptics\SynTP\SynTPEnh.exe C:\Program Files\ATI Technologies\ATI.ACE\cli.exe C:\WINDOWS\system32\rundll32.exe C:\Acer\Empowering Technology\admtray.exe C:\Acer\Empowering Technology\eRecovery\Monitor.exe C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe C:\WINDOWS\RTHDCPL.EXE C:\Program Files\iTunes\iTunesHelper.exe C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe C:\Program Files\Creative\Creative Live! Cam\VideoFX\StartFX.exe C:\WINDOWS\C0100Mon.exe C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe C:\Acer\Empowering Technology\admServ.exe C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe C:\WINDOWS\eHome\ehRecvr.exe C:\WINDOWS\eHome\ehSched.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe C:\DOCUME~1\MARIAL~1\LOCALS~1\Temp\RtkBtMnt.exe C:\Program Files\iPod\bin\iPodService.exe C:\WINDOWS\system32\dllhost.exe C:\WINDOWS\eHome\ehmsas.exe C:\Program Files\ATI Technologies\ATI.ACE\cli.exe C:\Program Files\ATI Technologies\ATI.ACE\cli.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe C:\Program Files\HJTrenamed.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.dk[...] R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com[...] R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com[...] R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com[...] R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com[...] R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://global.acer.com[...] R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll O3 - Toolbar: (no name) - {F06E2ABE-3A50-4079-BE25-FC100D9EAA25} - (no file) O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll O4 - HKLM\..\Run: [ehTray] C:\WINDOWS\ehome\ehtray.exe O4 - HKLM\..\Run: [preload] C:\Windows\RUNXMLPL.exe O4 - HKLM\..\Run: [LaunchAp] "C:\Program Files\Launch Manager\LaunchAp.exe" O4 - HKLM\..\Run: [PowerKey] "C:\Program Files\Launch Manager\PowerKey.exe" O4 - HKLM\..\Run: [LManager] "C:\Program Files\Launch Manager\HotkeyApp.exe" O4 - HKLM\..\Run: [CtrlVol] "C:\Program Files\Launch Manager\CtrlVol.exe" O4 - HKLM\..\Run: [LMgrOSD] "C:\Program Files\Launch Manager\OSDCtrl.exe" O4 - HKLM\..\Run: [Wbutton] "C:\Program Files\Launch Manager\Wbutton.exe" O4 - HKLM\..\Run: [SynTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exe O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32 O4 - HKLM\..\Run: [MSPY2002] C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe /SYNC O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName O4 - HKLM\..\Run: [ATICCC] "C:\Program Files\ATI Technologies\ATI.ACE\cli.exe" runtime -Delay O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent O4 - HKLM\..\Run: [ADMTray.exe] "C:\Acer\Empowering Technology\admtray.exe" O4 - HKLM\..\Run: [eRecoveryService] C:\Acer\Empowering Technology\eRecovery\Monitor.exe O4 - HKLM\..\Run: [AVP] "C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe" O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe" O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe" O4 - HKLM\..\Run: [AVFX Engine] C:\Program Files\Creative\Creative Live! Cam\VideoFX\StartFX.exe O4 - HKLM\..\Run: [C0100Mon.exe] C:\WINDOWS\C0100Mon.exe O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized O4 - HKCU\..\Run: [updateMgr] C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe AcRdB7_0_9 O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe O4 - HKCU\..\Run: [PeerGuardian] C:\Program Files\PeerGuardian2\pg2.exe O4 - HKCU\..\Run: [Creative Live! Cam Manager] "C:\Program Files\Creative\Creative Live! Cam\Live! Cam Manager\CTLCMgr.exe" O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\S-1-5-18\..\RunOnce: [IETI] C:\Program Files\Skype\Phone\IEPlugin\unins000.exe /VERYSILENT /SUPPRESSMSGBOXES /NORESTART (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user') O4 - HKUS\.DEFAULT\..\RunOnce: [IETI] C:\Program Files\Skype\Phone\IEPlugin\unins000.exe /VERYSILENT /SUPPRESSMSGBOXES /NORESTART (User 'Default user') O4 - Global Startup: BTTray.lnk = ? O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe O8 - Extra context menu item: E&ksporter til Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000 O8 - Extra context menu item: Send til &Bluetooth-enhed... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll O9 - Extra button: Web Anti-Virus statistics - {1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\scieplugin.dll O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\WINDOWS\system32\shdocvw.dll O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm O9 - Extra 'Tools' menuitem: @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com[...] O16 - DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} (Creative Software AutoUpdate Support Package) - http://www.creative.com[...] O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL O20 - AppInit_DLLs: C:\WINDOWS\system32\__c001864A.dat O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe O23 - Service: Automatic LiveUpdate Scheduler - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe O23 - Service: Kaspersky Anti-Virus 6.0 (AVP) - Kaspersky Lab - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe O23 - Service: AdminWorks Agent X6 (AWService) - Avocent Inc. - C:\Acer\Empowering Technology\admServ.exe O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: iPod-tjeneste (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE O23 - Service: Symantec Core LC - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe -- End of file - 10952 bytes
--
Gæstebruger, opret dit eget login og få din egen signatur.
#6
Arlet
Maxibruger
13-09-2007 19:22

Rapporter til Admin
Da der er stadig snavs.. Download http://siri.urz.free.fr[...] (by S!Ri) Eller her: http://72.232.135.12[...] Til roden af C:drevet Genstart i fejlsikret tilstand, hvis du ikke ved hvordan så kig her: http://www.ctrlaltdel.dk[...] Dobbeltklik på C:\Smitfraud exe. Vælg option #2 - Clean. Det vil også checke om systemfilen wininet.dll er inficeret. Hvis den er det, vil du blive bedt om tilladelse til at erstatte den med en anden. Her skal du vælge "Yes", ved at taste "[b]y[/b]". Programmet bliver muligvis nødt til at genstarte undervejs. Herefter vil der dukke en liste med resultaterne af rensningen op . den kan findes her - C:\rapport.txt. Kopiér denne liste ind i tråden. Derefter: Hent Combofix, og gem den på dit skrivebord: http://download.bleepingcomputer.com[...] Kør så combofix.exe, og følg vejledningen i vinduet. Du bør ikke klikke på vinduet imens værktøjet kører, idet det kan få din computer til at fryse. Når combofix er færdig, og efter det har genstartet, skulle der gerne åbnes en logfil: combofix.txt som kan findes her-C:\combofix.txt Kopier også denne log herind sammen med en ny hijackthis log. --
--
Med venlig hilsen Arlet www.arlet.dk[...] www.malwarecheck.dk[...]
#7
DaDuck
Gæst
14-09-2007 17:21

Rapporter til Admin
ComboFix 07-09-14.2 - "Maria Lund" 2007-09-14 17:04:45.1 - [color=red][b]FAT32[/b][/color]x86 Microsoft Windows XP Professional 5.1.2600.2.1252.45.1033.18.408 [GMT 2:00] * Created a new restore point . ((((((((((((((((((((((((((((((((((((((( Other Deletions ))))))))))))))))))))))))))))))))))))))))))))))))) . C:\DOCUME~1\ALLUSE~1\APPLIC~1\SeekmoSA C:\DOCUME~1\ALLUSE~1\APPLIC~1\SeekmoSA\SeekmoSA.dat C:\DOCUME~1\ALLUSE~1\APPLIC~1\SeekmoSA\SeekmoSAEULA.mht C:\DOCUME~1\ALLUSE~1\APPLIC~1\SeekmoSA\SeekmoSAAbout.mht C:\WINDOWS\system32\__c001864A.dat C:\WINDOWS\system32\_000004_.tmp.dll C:\WINDOWS\system32\_000005_.tmp.dll C:\WINDOWS\system32\_000006_.tmp.dll C:\WINDOWS\system32\_000007_.tmp.dll C:\WINDOWS\system32\_000008_.tmp.dll C:\WINDOWS\system32\_000017_.tmp.dll . ((((((((((((((((((((((((( Files Created from 2007-08-14 to 2007-09-14 ))))))))))))))))))))))))))))))) . 2007-09-14 17:03 51,200 --a------ C:\WINDOWS\NirCmd.exe 2007-09-14 16:58 53,248 --a------ C:\WINDOWS\system32\Process.exe 2007-09-14 16:58 51,200 --a------ C:\WINDOWS\system32\dumphive.exe 2007-09-14 16:58 4,930 --a------ C:\WINDOWS\system32\tmp.reg 2007-09-14 16:58 289,144 --a------ C:\WINDOWS\system32\VCCLSID.exe 2007-09-14 16:58 288,417 --a------ C:\WINDOWS\system32\SrchSTS.exe 2007-09-14 16:57 d-------- C:\SmitfraudFix 2007-09-14 16:49 1,004,608 --a------ C:\SmitfraudFix.exe 2007-09-13 18:17 401,720 --a------ C:\Program Files\HJTrenamed.exe 2007-09-13 16:03 d-------- C:\Program Files\SUPERAntiSpyware 2007-09-13 16:03 d-------- C:\DOCUME~1\MARIAL~1\APPLIC~1\SUPERAntiSpyware.com 2007-09-13 16:03 d-------- C:\DOCUME~1\ALLUSE~1\APPLIC~1\SUPERAntiSpyware.com 2007-09-12 01:03 d-------- C:\DOCUME~1\ALLUSE~1\APPLIC~1\Yahoo! Companion 2007-09-12 00:59 d-------- C:\Program Files\Yahoo! 2007-09-12 00:58 d-------- C:\Program Files\CCleaner 2007-09-11 23:38 29,704 --a------ C:\WINDOWS\system32\uxtuneup.dll 2007-09-11 23:37 d-------- C:\Program Files\TuneUp Utilities 2007 2007-09-11 23:36 d-------- C:\Program Files\Common Files\Wise Installation Wizard 2007-09-11 23:18 d--hs---- C:\FOUND.006 2007-09-11 21:02 d-------- C:\DOCUME~1\ALLUSE~1\APPLIC~1\Spybot - Search & Destroy 2007-09-09 18:42 d--hs---- C:\FOUND.005 2007-09-08 14:03 d-------- C:\DOCUME~1\ALLUSE~1\APPLIC~1\Creative 2007-09-03 18:13 d-------- C:\DOCUME~1\ALLUSE~1\APPLIC~1\TEMP 2007-09-02 20:47 d--hs---- C:\FOUND.004 2007-08-31 21:52 d--hs---- C:\FOUND.003 2007-08-28 20:44 d--hs---- C:\FOUND.002 2007-08-26 20:28 5,632 --a------ C:\WINDOWS\system32\ptpusb.dll 2007-08-26 20:28 159,232 --a------ C:\WINDOWS\system32\ptpusd.dll 2007-08-26 20:28 15,104 --a------ C:\WINDOWS\system32\drivers\usbscan.sys 2007-08-26 20:28 15,104 --a------ C:\WINDOWS\system32\dllcache\usbscan.sys 2007-08-16 14:46 d-------- C:\Program Files\MSXML 6.0 2007-08-15 09:58 d-------- C:\Program Files\Common Files\Skype 2007-08-14 15:32 d-------- C:\DOCUME~1\MARIAL~1\APPLIC~1\Sony Corporation . (((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2007-09-14 17:09 37664 --ahs---- C:\WINDOWS\system32\drivers\fidbox.dat 2007-09-14 17:09 32 --ahs---- C:\WINDOWS\system32\drivers\fidbox2.idx 2007-09-14 17:09 32 --ahs---- C:\WINDOWS\system32\drivers\fidbox2.dat 2007-09-14 17:09 1580 --ahs---- C:\WINDOWS\system32\drivers\fidbox.idx 2007-09-13 18:23 10954 --a------ C:\Program Files\hijackthis.log 2007-09-04 21:48 82061 --a------ C:\WINDOWS\system32\drivers\klick.dat 2007-09-04 21:48 81549 --a------ C:\WINDOWS\system32\drivers\klin.dat 2007-07-30 19:19 92504 --a------ C:\WINDOWS\system32\dllcache\cdm.dll 2007-07-30 19:19 92504 --a------ C:\WINDOWS\system32\cdm.dll 2007-07-30 19:19 549720 --a------ C:\WINDOWS\system32\wuapi.dll 2007-07-30 19:19 549720 --a------ C:\WINDOWS\system32\dllcache\wuapi.dll 2007-07-30 19:19 53080 --a------ C:\WINDOWS\system32\wuauclt.exe 2007-07-30 19:19 53080 --a------ C:\WINDOWS\system32\dllcache\wuauclt.exe 2007-07-30 19:19 43352 --a------ C:\WINDOWS\system32\wups2.dll 2007-07-30 19:19 325976 --a------ C:\WINDOWS\system32\wucltui.dll 2007-07-30 19:19 325976 --a------ C:\WINDOWS\system32\dllcache\wucltui.dll 2007-07-30 19:19 271224 --a------ C:\WINDOWS\system32\mucltui.dll 2007-07-30 19:19 207736 --a------ C:\WINDOWS\system32\muweb.dll 2007-07-30 19:19 203096 --a------ C:\WINDOWS\system32\wuweb.dll 2007-07-30 19:19 203096 --a------ C:\WINDOWS\system32\dllcache\wuweb.dll 2007-07-30 19:19 1712984 --a------ C:\WINDOWS\system32\wuaueng.dll 2007-07-30 19:19 1712984 --a------ C:\WINDOWS\system32\dllcache\wuaueng.dll 2007-07-30 19:18 33624 --a------ C:\WINDOWS\system32\wups.dll 2007-07-30 19:18 33624 --a------ C:\WINDOWS\system32\dllcache\wups.dll 2007-07-26 15:29 --------- d-------- C:\DOCUME~1\ALLUSE~1\APPLIC~1\ZangoSA 2007-07-26 15:29 --------- d-------- C:\DOCUME~1\ALLUSE~1\APPLIC~1\2ACA5CC3-0F83-453D-A079-1076FE1A8B65 2007-07-19 09:00 3583488 --a------ C:\WINDOWS\system32\dllcache\mshtml.dll 2007-07-13 01:31 765952 --a------ C:\WINDOWS\system32\dllcache\vgx.dll 2007-06-27 16:35 823808 --a------ C:\WINDOWS\system32\dllcache\wininet.dll 2007-06-27 16:35 232960 --a------ C:\WINDOWS\system32\dllcache\webcheck.dll 2007-06-27 16:34 671232 --a------ C:\WINDOWS\system32\dllcache\mstime.dll 2007-06-27 16:34 6058496 --------- C:\WINDOWS\system32\dllcache\ieframe.dll 2007-06-27 16:34 52224 --------- C:\WINDOWS\system32\dllcache\msfeedsbs.dll 2007-06-27 16:34 477696 --a------ C:\WINDOWS\system32\dllcache\mshtmled.dll 2007-06-27 16:34 459264 --------- C:\WINDOWS\system32\dllcache\msfeeds.dll 2007-06-27 16:34 44544 --a------ C:\WINDOWS\system32\dllcache\iernonce.dll 2007-06-27 16:34 384512 --a------ C:\WINDOWS\system32\dllcache\iedkcs32.dll 2007-06-27 16:34 383488 --------- C:\WINDOWS\system32\dllcache\ieapfltr.dll 2007-06-27 16:34 27648 --a------ C:\WINDOWS\system32\dllcache\jsproxy.dll 2007-06-27 16:34 267776 --------- C:\WINDOWS\system32\dllcache\iertutil.dll 2007-06-27 16:34 230400 --a------ C:\WINDOWS\system32\dllcache\ieaksie.dll 2007-06-27 16:34 193024 --a------ C:\WINDOWS\system32\dllcache\msrating.dll 2007-06-27 16:34 153088 --a------ C:\WINDOWS\system32\dllcache\ieakeng.dll 2007-06-27 16:34 132608 --a------ C:\WINDOWS\system32\dllcache\extmgr.dll 2007-06-27 16:34 124928 --a------ C:\WINDOWS\system32\dllcache\advpack.dll 2007-06-27 16:34 1152000 --a------ C:\WINDOWS\system32\dllcache\urlmon.dll 2007-06-27 16:34 105984 --a------ C:\WINDOWS\system32\dllcache\url.dll 2007-06-27 16:34 102400 --a------ C:\WINDOWS\system32\dllcache\occache.dll 2007-06-27 10:27 63488 --a------ C:\WINDOWS\system32\dllcache\ie4uinit.exe 2007-06-27 10:27 625152 --a------ C:\WINDOWS\system32\dllcache\iexplore.exe 2007-06-27 10:27 13824 --------- C:\WINDOWS\system32\dllcache\ieudinit.exe 2007-06-27 09:00 161792 --a------ C:\WINDOWS\system32\dllcache\ieakui.dll 2007-06-26 22:10 317440 --a------ C:\WINDOWS\system32\dllcache\unregmp2.exe 2007-06-26 08:08 1104896 --a------ C:\WINDOWS\system32\msxml3.dll 2007-06-26 08:08 1104896 --a------ C:\WINDOWS\system32\dllcache\msxml3.dll 2007-06-19 15:31 282112 --a------ C:\WINDOWS\system32\gdi32.dll 2007-06-19 15:31 282112 --a------ C:\WINDOWS\system32\dllcache\gdi32.dll 2007-06-15 10:12 474112 --a------ C:\WINDOWS\system32\dllcache\shlwapi.dll 2007-06-15 10:12 151040 --a------ C:\WINDOWS\system32\dllcache\cdfview.dll 2007-06-15 10:12 1498112 --a------ C:\WINDOWS\system32\dllcache\shdocvw.dll 2007-06-15 10:12 1054208 --a------ C:\WINDOWS\system32\dllcache\danim.dll 2007-06-15 10:12 1022976 --a------ C:\WINDOWS\system32\dllcache\browseui.dll . ((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))))) . *Note* empty entries & legit default entries are not shown [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "ehTray"="C:\WINDOWS\ehome\ehtray.exe" [2005-08-05 13:56] "preload"="C:\Windows\RUNXMLPL.exe" [2005-05-19 17:09] "LaunchAp"="C:\Program Files\Launch Manager\LaunchAp.exe" [2005-07-25 13:36] "PowerKey"="C:\Program Files\Launch Manager\PowerKey.exe" [2002-08-30 15:02] "LManager"="C:\Program Files\Launch Manager\HotkeyApp.exe" [2005-11-08 10:45] "CtrlVol"="C:\Program Files\Launch Manager\CtrlVol.exe" [2003-09-16 14:28] "LMgrOSD"="C:\Program Files\Launch Manager\OSDCtrl.exe" [2005-07-25 10:45] "Wbutton"="C:\Program Files\Launch Manager\Wbutton.exe" [2005-11-08 10:19] "SynTPLpr"="C:\Program Files\Synaptics\SynTP\SynTPLpr.exe" [2004-10-05 16:25] "SynTPEnh"="C:\Program Files\Synaptics\SynTP\SynTPEnh.exe" [2004-10-05 16:24] "IMJPMIG8.1"="C:\WINDOWS\IME\imjp8_1\IMJPMIG.exe" [2004-08-10 04:00] "MSPY2002"="C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe" [2004-08-10 04:00] "PHIME2002ASync"="C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.exe" [2004-08-10 04:00] "PHIME2002A"="C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.exe" [2004-08-10 04:00] "ATICCC"="C:\Program Files\ATI Technologies\ATI.ACE\cli.exe" [2005-08-12 14:43] "BluetoothAuthenticationAgent"="bthprops.cpl" [2004-08-10 04:00 C:\WINDOWS\system32\bthprops.cpl] "ADMTray.exe"="C:\Acer\Empowering Technology\admtray.exe" [2005-10-24 16:45] "eRecoveryService"="C:\Acer\Empowering Technology\eRecovery\Monitor.exe" [2006-01-24 18:00] "RTHDCPL"="RTHDCPL.EXE" [2007-03-21 14:49 C:\WINDOWS\RTHDCPL.exe] "iTunesHelper"="C:\Program Files\iTunes\iTunesHelper.exe" [2007-03-14 19:05] "SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe" [2007-03-14 03:43] "AVFX Engine"="C:\Program Files\Creative\Creative Live! Cam\VideoFX\StartFX.exe" [2006-12-18 10:11] "C0100Mon.exe"="C:\WINDOWS\C0100Mon.exe" [2006-10-02 19:00] "AVP"="C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe" [2007-01-29 23:02] [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "MsnMsgr"="C:\Program Files\MSN Messenger\MsnMsgr.exe" [2007-01-19 12:55] "Skype"="C:\Program Files\Skype\Phone\Skype.exe" [2007-08-06 12:43] "updateMgr"="C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe" [2006-03-30 16:45] "swg"="C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2007-07-27 18:13] "PeerGuardian"="C:\Program Files\PeerGuardian2\pg2.exe" [2005-09-18 18:40] "Creative Live! Cam Manager"="C:\Program Files\Creative\Creative Live! Cam\Live! Cam Manager\CTLCMgr.exe" [2006-12-22 10:14] "ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-10 04:00] "SUPERAntiSpyware"="C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe" [2007-06-21 14:06] [HKEY_USERS\.default\software\microsoft\windows\currentversion\runonce] "IETI"=C:\Program Files\Skype\Phone\IEPlugin\unins000.exe /VERYSILENT /SUPPRESSMSGBOXES /NORESTART C:\DOCUME~1\ALLUSE~1\STARTM~1\Programs\Startup\ BTTray.lnk - C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe [2005-12-02 14:30:42] Microsoft Office.lnk - C:\Program Files\Microsoft Office\Office10\OSA.EXE [2001-02-13 10:01:04] Adobe Reader Speed Launch.lnk - C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe [2005-09-23 22:05:26] [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "InstallVisualStyle"=C:\WINDOWS\Resources\Themes\Royale\Royale.msstyles "InstallTheme"=C:\WINDOWS\Resources\Themes\Royale.theme [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks] "{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= C:\Program Files\SUPERAntiSpyware\SASSEH.DLL [2006-12-20 13:55 77824] [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\!SASWinLogon] C:\Program Files\SUPERAntiSpyware\SASWINLO.dll 2007-04-19 13:41 294912 C:\Program Files\SUPERAntiSpyware\SASWINLO.dll [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows] "appinit_dlls"=C:\WINDOWS\system32\__c001864A.dat [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-] "QuickTime Task"="C:\Program Files\QuickTime\qttask.exe" -atboottime R0 UBHelper;UBHelper;C:\WINDOWS\system32\drivers\UBHelper.sys R0 viaagp;VIA AGP Bus Filter;C:\WINDOWS\system32\DRIVERS\viaagp.sys R1 Hotkey;Hotkey;C:\WINDOWS\system32\drivers\Hotkey.sys R1 OsaFsLoc;OsaFsLoc;\??\C:\WINDOWS\system32\drivers\OsaFsLoc.sys R2 int15.sys;int15.sys;\??\C:\Acer\Empowering Technology\eRecovery\int15.sys R2 osaio;osaio;\??\C:\WINDOWS\system32\drivers\osaio.sys R2 osanbm;osanbm;\??\C:\WINDOWS\system32\drivers\osanbm.sys R2 UxTuneUp;TuneUp Theme Extension;C:\WINDOWS\System32\svchost.exe -k netsvcs R3 NdisFilt;OSA NdisFilter Protocol;C:\WINDOWS\system32\Drivers\NdisFilt.sys R3 pgfilter;pgfilter;\??\C:\Program Files\PeerGuardian2\pgfilter.sys R3 POWERKEY;POWERKEY;\??\C:\Program Files\Launch Manager\POWERKEY.sys S1 Wbutton;Wbutton;C:\WINDOWS\system32\drivers\Wbutton.sys S3 C0100Afx;Provides a software interface to control audio effects of VC0100 camera.;\??\C:\WINDOWS\system32\Drivers\C0100Afx.sys S3 C0100Aud;Provides a software interface to control noise cancellation of VC0100 camera.;\??\C:\WINDOWS\system32\Drivers\C0100Aud.sys S3 C0100Dev;Creative Camera VC0100 Driver;C:\WINDOWS\system32\DRIVERS\C0100Dev.sys S3 C0100Vfx;Creative Camera VC0100 Video VFX Driver;C:\WINDOWS\system32\DRIVERS\C0100Vfx.sys S3 SI15CI;SI15CI;\??\c:\elements\1stboot\SI15CI.SYS HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs UxTuneUp [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{0e2daf22-e201-11db-a5f4-0016cf9bd0f7}] AutoRun\command- F:\Launch.exe *Newly Created Service* - INT15.SYS . Contents of the 'Scheduled Tasks' folder "2007-08-09 17:39:02 C:\WINDOWS\Tasks\AppleSoftwareUpdate.job" "2007-09-14 15:15:02 C:\WINDOWS\Tasks\1-Click Maintenance.job" - C:\Program Files\TuneUp Utilities 2007\SystemOptimizer.exe . ************************************************************************** catchme 0.3.1061 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net[...] Rootkit scan 2007-09-14 17:11:15 Windows 5.1.2600 Service Pack 2 FAT NTAPI scanning hidden processes ... scanning hidden autostart entries ... scanning hidden files ... scan completed successfully hidden files: 0 ************************************************************************** [HKEY_LOCAL_MACHINE\system\ControlSet001\Services\viaagp] "ImagePath"="system32\DRIVERS\viaagp.sys" . Completion time: 2007-09-14 17:16:08 - machine was rebooted C:\ComboFix-quarantined-files.txt ... 2007-09-14 17:16 . --- E O F --- SmitFraudFix v2.223 Scan done at 16:58:20,14, 14-09-2007 Run from C:\SmitfraudFix OS: Microsoft Windows XP [version 5.1.2600] - Windows_NT The filesystem type is FAT32 Fix run in safe mode »»»»»»»»»»»»»»»»»»»»»»»» SharedTaskScheduler Before SmitFraudFix !!!Attention, following keys are not inevitably infected!!! SrchSTS.exe by S!Ri Search SharedTaskScheduler's .dll »»»»»»»»»»»»»»»»»»»»»»»» Killing process »»»»»»»»»»»»»»»»»»»»»»»» hosts 127.0.0.1 localhost »»»»»»»»»»»»»»»»»»»»»»»» Generic Renos Fix GenericRenosFix by S!Ri »»»»»»»»»»»»»»»»»»»»»»»» Deleting infected files »»»»»»»»»»»»»»»»»»»»»»»» DNS HKLM\SYSTEM\CCS\Services\Tcpip\..\{1EBDDAB3-8EA3-46ED-B431-AA90F27148BA}: DhcpNameServer=212.10.10.5 212.10.10.4 212.10.10.3 HKLM\SYSTEM\CS1\Services\Tcpip\..\{1EBDDAB3-8EA3-46ED-B431-AA90F27148BA}: DhcpNameServer=212.10.10.5 212.10.10.4 212.10.10.3 HKLM\SYSTEM\CS3\Services\Tcpip\..\{1EBDDAB3-8EA3-46ED-B431-AA90F27148BA}: DhcpNameServer=212.10.10.5 212.10.10.4 212.10.10.3 HKLM\SYSTEM\CCS\Services\Tcpip\Parameters: DhcpNameServer=212.10.10.5 212.10.10.4 212.10.10.3 HKLM\SYSTEM\CS1\Services\Tcpip\Parameters: DhcpNameServer=212.10.10.5 212.10.10.4 212.10.10.3 HKLM\SYSTEM\CS3\Services\Tcpip\Parameters: DhcpNameServer=212.10.10.5 212.10.10.4 212.10.10.3 »»»»»»»»»»»»»»»»»»»»»»»» Deleting Temp Files »»»»»»»»»»»»»»»»»»»»»»»» Winlogon.System !!!Attention, following keys are not inevitably infected!!! [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon] "System"="" »»»»»»»»»»»»»»»»»»»»»»»» Registry Cleaning Registry Cleaning done. »»»»»»»»»»»»»»»»»»»»»»»» SharedTaskScheduler After SmitFraudFix !!!Attention, following keys are not inevitably infected!!! SrchSTS.exe by S!Ri Search SharedTaskScheduler's .dll »»»»»»»»»»»»»»»»»»»»»»»» End Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 17:18:07, on 14-09-2007 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.6000.16512) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\Explorer.EXE C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe C:\Acer\Empowering Technology\admServ.exe C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe C:\WINDOWS\eHome\ehRecvr.exe C:\WINDOWS\eHome\ehSched.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe C:\WINDOWS\system32\dllhost.exe C:\WINDOWS\system32\wuauclt.exe C:\WINDOWS\ehome\ehtray.exe C:\Program Files\Launch Manager\LaunchAp.exe C:\WINDOWS\eHome\ehmsas.exe C:\Program Files\Launch Manager\PowerKey.exe C:\Program Files\Launch Manager\HotkeyApp.exe C:\Program Files\Launch Manager\OSDCtrl.exe C:\Program Files\Launch Manager\Wbutton.exe C:\Program Files\Synaptics\SynTP\SynTPLpr.exe C:\Program Files\Synaptics\SynTP\SynTPEnh.exe C:\Program Files\ATI Technologies\ATI.ACE\cli.exe C:\WINDOWS\system32\rundll32.exe C:\Acer\Empowering Technology\admtray.exe C:\Acer\Empowering Technology\eRecovery\Monitor.exe C:\WINDOWS\RTHDCPL.EXE C:\Program Files\iTunes\iTunesHelper.exe C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe C:\Program Files\Creative\Creative Live! Cam\VideoFX\StartFX.exe C:\WINDOWS\C0100Mon.exe C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe C:\Program Files\MSN Messenger\MsnMsgr.Exe C:\Program Files\iPod\bin\iPodService.exe C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe C:\Program Files\PeerGuardian2\pg2.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe C:\WINDOWS\System32\svchost.exe C:\DOCUME~1\MARIAL~1\LOCALS~1\Temp\RtkBtMnt.exe C:\Program Files\ATI Technologies\ATI.ACE\cli.exe C:\Program Files\ATI Technologies\ATI.ACE\cli.exe C:\Program Files\Internet Explorer\iexplore.exe C:\WINDOWS\system32\NOTEPAD.EXE C:\WINDOWS\system32\NOTEPAD.EXE C:\Program Files\HJTrenamed.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.dk[...] R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://global.acer.com[...] R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll O4 - HKLM\..\Run: [ehTray] C:\WINDOWS\ehome\ehtray.exe O4 - HKLM\..\Run: [preload] C:\Windows\RUNXMLPL.exe O4 - HKLM\..\Run: [LaunchAp] "C:\Program Files\Launch Manager\LaunchAp.exe" O4 - HKLM\..\Run: [PowerKey] "C:\Program Files\Launch Manager\PowerKey.exe" O4 - HKLM\..\Run: [LManager] "C:\Program Files\Launch Manager\HotkeyApp.exe" O4 - HKLM\..\Run: [CtrlVol] "C:\Program Files\Launch Manager\CtrlVol.exe" O4 - HKLM\..\Run: [LMgrOSD] "C:\Program Files\Launch Manager\OSDCtrl.exe" O4 - HKLM\..\Run: [Wbutton] "C:\Program Files\Launch Manager\Wbutton.exe" O4 - HKLM\..\Run: [SynTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exe O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32 O4 - HKLM\..\Run: [MSPY2002] C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe /SYNC O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName O4 - HKLM\..\Run: [ATICCC] "C:\Program Files\ATI Technologies\ATI.ACE\cli.exe" runtime -Delay O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent O4 - HKLM\..\Run: [ADMTray.exe] "C:\Acer\Empowering Technology\admtray.exe" O4 - HKLM\..\Run: [eRecoveryService] C:\Acer\Empowering Technology\eRecovery\Monitor.exe O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe" O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe" O4 - HKLM\..\Run: [AVFX Engine] C:\Program Files\Creative\Creative Live! Cam\VideoFX\StartFX.exe O4 - HKLM\..\Run: [C0100Mon.exe] C:\WINDOWS\C0100Mon.exe O4 - HKLM\..\Run: [AVP] "C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe" O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized O4 - HKCU\..\Run: [updateMgr] C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe AcRdB7_0_9 O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe O4 - HKCU\..\Run: [PeerGuardian] C:\Program Files\PeerGuardian2\pg2.exe O4 - HKCU\..\Run: [Creative Live! Cam Manager] "C:\Program Files\Creative\Creative Live! Cam\Live! Cam Manager\CTLCMgr.exe" O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\S-1-5-18\..\RunOnce: [IETI] C:\Program Files\Skype\Phone\IEPlugin\unins000.exe /VERYSILENT /SUPPRESSMSGBOXES /NORESTART (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user') O4 - HKUS\.DEFAULT\..\RunOnce: [IETI] C:\Program Files\Skype\Phone\IEPlugin\unins000.exe /VERYSILENT /SUPPRESSMSGBOXES /NORESTART (User 'Default user') O4 - Global Startup: BTTray.lnk = ? O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe O8 - Extra context menu item: E&ksporter til Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000 O8 - Extra context menu item: Send til &Bluetooth-enhed... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll O9 - Extra button: Web Anti-Virus statistics - {1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\scieplugin.dll O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\WINDOWS\system32\shdocvw.dll O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm O9 - Extra 'Tools' menuitem: @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com[...] O16 - DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} (Creative Software AutoUpdate Support Package) - http://www.creative.com[...] O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL O20 - AppInit_DLLs: C:\WINDOWS\system32\__c001864A.dat O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe O23 - Service: Automatic LiveUpdate Scheduler - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe O23 - Service: Kaspersky Anti-Virus 6.0 (AVP) - Kaspersky Lab - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe O23 - Service: AdminWorks Agent X6 (AWService) - Avocent Inc. - C:\Acer\Empowering Technology\admServ.exe O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: iPod-tjeneste (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE O23 - Service: Symantec Core LC - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe -- End of file - 10486 bytes
--
Gæstebruger, opret dit eget login og få din egen signatur.
#8
Arlet
Maxibruger
14-09-2007 22:00

Rapporter til Admin
Er der stadig popups?? --
--
Med venlig hilsen Arlet www.arlet.dk[...] www.malwarecheck.dk[...]

Opret svar til indlægget: HJT hjælp

Grundet øget spam aktivitet fra gæstebrugere, er det desværre ikke længere muligt, at oprette svar som gæst.

Hvis du ønsker at deltage i debatten, skal du oprette en brugerprofil.

Opret bruger | Login
NYHEDSBREV
Du skal være logget ind for at tilmelde dig nyhedsbrev.
Afstemning

Hvilken udbyder har du til internet?

255 personer har stemt
-
Mit energiselskab (Ewii f.eks)
12%
-
Fastspeed
11%
-
Kviknet
4%
-
Boligforening
7%
-
Norlys
15%
-
Hiper
12%
-
Fibia
3%
-
Telenor
4%
-
YouSee
10%
-
Andet
22%