Kunne kun finde logfile til 2/3 programmer. Håber det kan fixes anyways.
Logfile fra SAS
SUPERAntiSpyware Scan Log
Generated 05/16/2006 at 06:07 PM
Core Rules Database Version : 2932
Trace Rules Database Version: 1051
Memory threats detected : 0
Registry threats detected : 14
File threats detected : 78
Trojan.Homepage
HKLM\Software\Classes\CLSID\{B0398ECA-0BCD-4645-8261-5E9DC70248D0}
HKCR\CLSID\{B0398ECA-0BCD-4645-8261-5E9DC70248D0}
HKCR\CLSID\{B0398ECA-0BCD-4645-8261-5E9DC70248D0}
HKCR\CLSID\{B0398ECA-0BCD-4645-8261-5E9DC70248D0}\InprocServer32
HKCR\CLSID\{B0398ECA-0BCD-4645-8261-5E9DC70248D0}\InprocServer32#ThreadingModel
C:\WINDOWS\system32\hp6E40.tmp
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{b0398eca-0bcd-4645-8261-5e9dc70248d0}
Adware.Tracking Cookie
C:\Documents and Settings\Johannes Pedersen\Cookies\johannes pedersen@rambler[1].txt
C:\Documents and Settings\Johannes Pedersen\Cookies\johannes pedersen@as-us.falkag[1].txt
C:\Documents and Settings\Johannes Pedersen\Cookies\johannes pedersen@adtech[2].txt
C:\Documents and Settings\Johannes Pedersen\Cookies\johannes pedersen@1071761046[1].txt
C:\Documents and Settings\Johannes Pedersen\Cookies\johannes pedersen@smiley.smileycentral[1].txt
C:\Documents and Settings\Johannes Pedersen\Cookies\johannes pedersen@doubleclick[1].txt
C:\Documents and Settings\Johannes Pedersen\Cookies\johannes pedersen@ad.zanox[1].txt
C:\Documents and Settings\Johannes Pedersen\Cookies\johannes pedersen@ads.cbox[1].txt
C:\Documents and Settings\Johannes Pedersen\Cookies\johannes pedersen@adopt.hbmediapro[2].txt
C:\Documents and Settings\Johannes Pedersen\Cookies\johannes pedersen@stats1.reliablestats[1].txt
C:\Documents and Settings\Johannes Pedersen\Cookies\johannes pedersen@adfair[1].txt
C:\Documents and Settings\Johannes Pedersen\Cookies\johannes pedersen@dist.belnk[2].txt
C:\Documents and Settings\Johannes Pedersen\Cookies\johannes pedersen@tribalfusion[1].txt
C:\Documents and Settings\Johannes Pedersen\Cookies\johannes pedersen@mediaplex[1].txt
C:\Documents and Settings\Johannes Pedersen\Cookies\johannes pedersen@sideshow.directtrack[2].txt
C:\Documents and Settings\Johannes Pedersen\Cookies\johannes pedersen@msnportal.112.2o7[1].txt
C:\Documents and Settings\Johannes Pedersen\Cookies\johannes pedersen@links[1].txt
C:\Documents and Settings\Johannes Pedersen\Cookies\johannes pedersen@belnk[1].txt
C:\Documents and Settings\Johannes Pedersen\Cookies\johannes pedersen@m1.webstats4u[1].txt
C:\Documents and Settings\Johannes Pedersen\Cookies\johannes pedersen@cz5.clickzs[1].txt
C:\Documents and Settings\Johannes Pedersen\Cookies\johannes pedersen@www.pesttrap[1].txt
C:\Documents and Settings\Johannes Pedersen\Cookies\johannes pedersen@ads2.gamereactor[2].txt
C:\Documents and Settings\Johannes Pedersen\Cookies\johannes pedersen@cz8.clickzs[2].txt
C:\Documents and Settings\Johannes Pedersen\Cookies\johannes pedersen@screensavers.us.intellitxt[1].txt
C:\Documents and Settings\Johannes Pedersen\Cookies\johannes pedersen@1070201526[1].txt
C:\Documents and Settings\Johannes Pedersen\Cookies\johannes pedersen@track.adform[2].txt
C:\Documents and Settings\Johannes Pedersen\Cookies\johannes pedersen@ad1.emediate[2].txt
C:\Documents and Settings\Johannes Pedersen\Cookies\johannes pedersen@stats.liutilities[2].txt
C:\Documents and Settings\Johannes Pedersen\Cookies\johannes pedersen@cz3.clickzs[2].txt
C:\Documents and Settings\Johannes Pedersen\Cookies\johannes pedersen@cz7.clickzs[2].txt
C:\Documents and Settings\Johannes Pedersen\Cookies\johannes pedersen@as-eu.falkag[2].txt
C:\Documents and Settings\Johannes Pedersen\Cookies\johannes pedersen@cgi-bin[1].txt
C:\Documents and Settings\Johannes Pedersen\Cookies\johannes pedersen@revsci[1].txt
C:\Documents and Settings\Johannes Pedersen\Cookies\johannes pedersen@ilead.itrack[1].txt
C:\Documents and Settings\Johannes Pedersen\Cookies\johannes pedersen@data2.perf.overture[1].txt
C:\Documents and Settings\Johannes Pedersen\Cookies\johannes pedersen@screensavers-online[2].txt
C:\Documents and Settings\Johannes Pedersen\Cookies\johannes pedersen@atdmt[2].txt
C:\Documents and Settings\Johannes Pedersen\Cookies\johannes pedersen@burstnet[2].txt
C:\Documents and Settings\Johannes Pedersen\Cookies\johannes pedersen@vip.clickzs[2].txt
C:\Documents and Settings\Johannes Pedersen\Cookies\johannes pedersen@cz6.clickzs[1].txt
C:\Documents and Settings\Johannes Pedersen\Cookies\johannes pedersen@www.thespyguard[1].txt
C:\Documents and Settings\Johannes Pedersen\Cookies\johannes pedersen@ads.lycos-europe[1].txt
C:\Documents and Settings\Johannes Pedersen\Cookies\johannes pedersen@i.screensavers[2].txt
C:\Documents and Settings\Johannes Pedersen\Cookies\johannes pedersen@http.edge.vru4[1].txt
C:\Documents and Settings\Johannes Pedersen\Cookies\johannes pedersen@smileycentral[1].txt
C:\Documents and Settings\Johannes Pedersen\Cookies\johannes pedersen@yadro[2].txt
C:\Documents and Settings\Johannes Pedersen\Cookies\johannes pedersen@www.screensavers[1].txt
C:\Documents and Settings\Johannes Pedersen\Cookies\johannes pedersen@tacoda[2].txt
C:\Documents and Settings\Johannes Pedersen\Cookies\johannes pedersen@ads2.jubii[1].txt
C:\Documents and Settings\Johannes Pedersen\Cookies\johannes pedersen@1072476487[1].txt
C:\Documents and Settings\Johannes Pedersen\Cookies\johannes pedersen@myfuncards.smileycentral[1].txt
C:\Documents and Settings\Johannes Pedersen\Cookies\johannes pedersen@www.livewebstats[1].txt
C:\Documents and Settings\Johannes Pedersen\Cookies\johannes pedersen@flashstat.jubii[2].txt
C:\Documents and Settings\Johannes Pedersen\Cookies\johannes pedersen@adopt.euroclick[1].txt
C:\Documents and Settings\Johannes Pedersen\Cookies\johannes pedersen@www.sexlinien[1].txt
C:\Documents and Settings\Johannes Pedersen\Cookies\johannes pedersen@interclick[2].txt
C:\Documents and Settings\Johannes Pedersen\Cookies\johannes pedersen@mb[1].txt
C:\Documents and Settings\Johannes Pedersen\Cookies\johannes pedersen@www.spyfalcon[2].txt
Trojan.Security Toolbar
C:\Documents and Settings\All Users\Menuen Start\Online Security Guide.url
C:\Documents and Settings\All Users\Menuen Start\Security Troubleshooting.url
C:\Documents and Settings\Johannes Pedersen\Foretrukne\Antivirus Test Online.url
Adware.ClickSpring/Yazzle
HKCR\YAZZLEACTIVEX.YazzleActiveXCtrl.1
HKCR\YAZZLEACTIVEX.YazzleActiveXCtrl.1\CLSID
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/WINDOWS/Downloaded Program Files/YazzleActiveX.ocx
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/WINDOWS/Downloaded Program Files/YazzleActiveX.ocx#.Owner
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/WINDOWS/Downloaded Program Files/YazzleActiveX.ocx#{74CD40EA-EF77-4BAD-808A-B5982DA73F20}
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs#C:\WINDOWS\Downloaded Program Files\YazzleActiveX.ocx [ ]
Trojan.AtmClk
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\explorer\run#kernel32.dll [ C:\WINDOWS\system32\atmclk.exe ]
C:\WINDOWS\system32\atmclk.exe
C:\WINDOWS\Prefetch\ATMCLK.EXE-15A39E48.pf
Trojan.Homepage/Puper
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\explorer\run#wininet.dll [ regperf.exe ]
C:\WINDOWS\system32\ldC10D.tmp
C:\WINDOWS\system32\regperf.exe
Adware.ClickSpring
C:\Documents and Settings\Johannes Pedersen\Application Data\ECURIT~1\WNWORD~1.EXE
Adware.Universa
C:\Documents and Settings\Johannes Pedersen\Lokale indstillinger\Temp\win15.tmp.exe
C:\Documents and Settings\Johannes Pedersen\Lokale indstillinger\Temp\win1B.tmp.#xe
C:\Documents and Settings\Johannes Pedersen\Lokale indstillinger\Temporary Internet Files\Content.IE5\OZRBQWLD\mulbin32[1].exe
C:\WINDOWS\Temp\win23.tmp.#xe
C:\WINDOWS\Temp\win29.tmp.#xe
C:\WINDOWS\Temp\win2C.tmp.#xe
C:\WINDOWS\Temp\win43.tmp.#xe
C:\WINDOWS\Temp\win51.tmp.#xe
Trojan.DCOMCfg
C:\WINDOWS\system32\dcomcfg.exe
C:\WINDOWS\Prefetch\DCOMCFG.EXE-1E780C99.pf
Adware.ClickSpring/Outer Info Network
C:\WINDOWS\system32\oins.exe
Logfile fra Hijackthis
Logfile of HijackThis v1.99.1
Scan saved at 18:18:38, on 16-05-2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Programmer\Intel\Wireless\Bin\EvtEng.exe
C:\Programmer\Intel\Wireless\Bin\S24EvMon.exe
C:\Programmer\Intel\Wireless\Bin\ZcfgSvc.exe
C:\WINDOWS\system32\spoolsv.exe
C:\PROGRA~1\Intel\Wireless\Bin\1XConfig.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\Programmer\Intel\Wireless\Bin\OProtSvc.exe
C:\Programmer\Intel\Wireless\Bin\RegSrvc.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\wscntfy.exe
C:\Programmer\Intel\Wireless\Bin\ifrmewrk.exe
C:\Programmer\Intel\Wireless\Bin\EOUWiz.exe
C:\WINDOWS\AGRSMMSG.exe
C:\Programmer\Synaptics\SynTP\SynTPLpr.exe
C:\Programmer\Synaptics\SynTP\SynTPEnh.exe
C:\Programmer\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\Programmer\Razer\Copperhead\razerhid.exe
C:\Programmer\Java\jre1.5.0_03\bin\jusched.exe
C:\Programmer\CyberLink\PowerDVD\PDVDServ.exe
C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb10.exe
C:\Programmer\HP\hpcoretech\hpcmpmgr.exe
C:\Programmer\Hewlett-Packard\HP Software Update\HPWuSchd2.exe
C:\WINDOWS\system32\LVCOMSX.EXE
C:\Programmer\Logitech\Video\LogiTray.exe
C:\Programmer\DAEMON Tools\daemon.exe
C:\Programmer\GIANT Company Software\GIANT AntiSpyware\gcasServ.exe
C:\WINDOWS\system32\ctfmon.exe
C:\programmer\steam\steam.exe
C:\Programmer\MSN Messenger\MsnMsgr.Exe
C:\WINDOWS\system32\YSTEM~1\smss.exe
C:\Programmer\Razer\Copperhead\razerofa.exe
C:\Programmer\GIANT Company Software\GIANT AntiSpyware\gcasDtServ.exe
C:\Programmer\Logitech\Video\FxSvr2.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Programmer\Internet Explorer\iexplore.exe
C:\Programmer\SUPERAntiSpyware\SUPERAntiSpyware.exe
C:\WINDOWS\system32\notepad.exe
C:\Documents and Settings\Johannes Pedersen\Skrivebord\Programmer\Programmer\Diverse\Installeringsfiler\hijackthis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,SearchURL = prosearching.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,SearchURL = prosearching.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page_bak = prosearching.com
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Hyperlinks
R3 - URLSearchHook: (no name) - {3EB762A8-F869-D9E8-662B-FC6A13DAD1CB} - C:\WINDOWS\system32\jlcy.dll (file missing)
O4 - HKLM\..\Run: [IntelZeroConfig] C:\Programmer\Intel\Wireless\bin\ZCfgSvc.exe
O4 - HKLM\..\Run: [IntelWireless] C:\Programmer\Intel\Wireless\Bin\ifrmewrk.exe /tf Intel PROSet/Wireless
O4 - HKLM\..\Run: [EOUApp] C:\Programmer\Intel\Wireless\Bin\EOUWiz.exe
O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe
O4 - HKLM\..\Run: [SynTPLpr] C:\Programmer\Synaptics\SynTP\SynTPLpr.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Programmer\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [ATIPTA] C:\Programmer\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [razer] C:\Programmer\Razer\Copperhead\razerhid.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Programmer\Java\jre1.5.0_03\bin\jusched.exe
O4 - HKLM\..\Run: [RemoteControl] C:\Programmer\CyberLink\PowerDVD\PDVDServ.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb10.exe
O4 - HKLM\..\Run: [HP Component Manager] "C:\Programmer\HP\hpcoretech\hpcmpmgr.exe"
O4 - HKLM\..\Run: [HP Software Update] "C:\Programmer\Hewlett-Packard\HP Software Update\HPWuSchd2.exe"
O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE
O4 - HKLM\..\Run: [LogitechVideoRepair] C:\Programmer\Logitech\Video\ISStart.exe
O4 - HKLM\..\Run: [LogitechVideoTray] C:\Programmer\Logitech\Video\LogiTray.exe
O4 - HKLM\..\Run: [DAEMON Tools] "C:\Programmer\DAEMON Tools\daemon.exe" -lang 1033
O4 - HKLM\..\Run: [gcasServ] "C:\Programmer\GIANT Company Software\GIANT AntiSpyware\gcasServ.exe"
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Steam] "c:\programmer\steam\steam.exe" -silent
O4 - HKCU\..\Run: [MsnMsgr] "C:\Programmer\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [LogitechSoftwareUpdate] C:\Programmer\Logitech\Video\ManifestEngine.exe boot
O4 - HKCU\..\Run: [cb5f61ae.exe] C:\Documents and Settings\Johannes Pedersen\Lokale indstillinger\Application Data\cb5f61ae.exe
O4 - HKCU\..\Run: [Eosr] "C:\WINDOWS\system32\YSTEM~1\smss.exe" -vt yax
O4 - HKCU\..\Run: [Gpyggn] C:\Documents and Settings\Johannes Pedersen\Application Data\?ecurity\w?nword.exe
O4 - Startup: OpenOffice.org 2.0.lnk = C:\Programmer\OpenOffice.org 2.0\program\quickstart.exe
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
O8 - Extra context menu item: E&xport to Microsoft Excel -
res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programmer\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programmer\Messenger\msmsgs.exe
O12 - Plugin for .spop: C:\Programmer\Internet Explorer\Plugins\NPDocBox.dll
O16 - DPF: {74CD40EA-EF77-4BAD-808A-B5982DA73F20} -
http://yax-download.yazzle.net/YazzleActiveX.cab?refid=1162O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) -
http://messenger.zone.msn.com/binary/MessengerStatsClient.cab31267.cabO16 - DPF: {BE833F39-1E0C-468C-BA70-25AAEE55775E} (System Requirements Lab) -
http://www.systemrequirementslab.com/sysreqlab.cabO16 - DPF: {D8575CE3-3432-4540-88A9-85A1325D3375} (e-Safekey) -
https://netbank.bgbank.dk/html/activex/e-Safekey/BG/e-Safekey.cabO16 - DPF: {F6BF0D00-0B2A-4A75-BF7B-F385591623AF} (Solitaire Showdown Class) -
http://messenger.zone.msn.com/binary/SolitaireShowdown.cab31267.cabO18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
O20 - Winlogon Notify: IntelWireless - C:\Programmer\Intel\Wireless\Bin\LgNotify.dll
O20 - Winlogon Notify: SASWinLogon - C:\Programmer\SUPERAntiSpyware\SASWINLO.dll
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O20 - Winlogon Notify: winpdc32 - winpdc32.dll (file missing)
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: EvtEng - Intel Corporation - C:\Programmer\Intel\Wireless\Bin\EvtEng.exe
O23 - Service: OwnershipProtocol - Intel Corporation - C:\Programmer\Intel\Wireless\Bin\OProtSvc.exe
O23 - Service: RegSrvc - Intel Corporation - C:\Programmer\Intel\Wireless\Bin\RegSrvc.exe
O23 - Service: Spectrum24 Event Monitor (S24EventMonitor) - Intel Corporation - C:\Programmer\Intel\Wireless\Bin\S24EvMon.exe
Håber det kan give et praj. Status lige nu er at den virus jeg umiddelbart kunne se er væk, så foreløbig er alt godt. Men, ved jo ikke om der er noget tilbage, er der det?.. :D
Foreløbig mange tak for hjælpen