CIO Tech Eksperten IT-JOB IT-Kurser Events Podcast Søg
Cookie ikon
Avatar billede kristian_the_one Nybegynder
13. november 2006 - 22:33 Der er 4 kommentarer

Tjek af log efter http://www.eksperten.dk/artikler/954

har hef fået fjernet ErrorSafe.

her er mine logs:

Logfile of HijackThis v1.99.1
Scan saved at 22:20:52, on 13-11-2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Programmer\WIDCOMM\Bluetooth-software\bin\btwdins.exe
C:\Programmer\Fælles filer\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Programmer\Trend Micro\OfficeScan Client\ntrtscan.exe
C:\Programmer\Analog Devices\SoundMAX\SMAgent.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\Programmer\Trend Micro\OfficeScan Client\tmlisten.exe
C:\Programmer\Trend Micro\OfficeScan Client\OfcPfwSvc.exe
C:\WINDOWS\AGRSMMSG.exe
C:\Programmer\Apoint2K\Apoint.exe
C:\WINDOWS\system32\hkcmd.exe
C:\Programmer\Trend Micro\OfficeScan Client\pccntmon.exe
C:\Programmer\iTunes\iTunesHelper.exe
C:\Programmer\HPQ\Quick Launch Buttons\EabServr.exe
C:\Programmer\hpq\HP Wireless Assistant\HP Wireless Assistant.exe
C:\Programmer\Java\jre1.5.0_06\bin\jusched.exe
C:\WINDOWS\system32\LVCOMSX.EXE
C:\Programmer\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe
C:\Programmer\Analog Devices\SoundMAX\SMax4PNP.exe
C:\Programmer\MSN Messenger\msnmsgr.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Programmer\SUPERAntiSpyware\SUPERAntiSpyware.exe
C:\Programmer\Fælles filer\Teleca Shared\CapabilityManager.exe
C:\Programmer\Apoint2K\Apntex.exe
C:\Programmer\Trend Micro\OfficeScan Client\Pop3Trap.exe
C:\WINDOWS\TEMP\XV164E.EXE
C:\Programmer\iPod\bin\iPodService.exe
C:\Programmer\Fælles filer\Teleca Shared\Generic.exe
C:\Programmer\HPQ\SHARED\HPQWMI.exe
C:\Programmer\Sony Ericsson\Mobile2\Mobile Phone Monitor\epmworker.exe
C:\Programmer\Trend Micro\OfficeScan Client\pccntupd.exe
C:\Programmer\WIDCOMM\Bluetooth-software\BTTray.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\NOTEPAD.EXE
C:\WINDOWS\system32\wuauclt.exe
C:\Programmer\Internet Explorer\iexplore.exe
C:\Programmer\Internet Explorer\iexplore.exe
C:\WINDOWS\system32\NOTEPAD.EXE
C:\Documents and Settings\Administrator\Skrivebord\hijackthis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.dk/
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Hyperlinks
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Programmer\Yahoo!\Companion\Installs\cpn\yt.dll (file missing)
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programmer\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programmer\Java\jre1.5.0_06\bin\ssv.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Programmer\Yahoo!\Companion\Installs\cpn\yt.dll (file missing)
O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe
O4 - HKLM\..\Run: [Apoint] C:\Programmer\Apoint2K\Apoint.exe
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [OfficeScanNT Monitor] "C:\Programmer\Trend Micro\OfficeScan Client\pccntmon.exe" -HideWindow
O4 - HKLM\..\Run: [Cpqset] C:\Programmer\HPQ\Default Settings\cpqset.exe
O4 - HKLM\..\Run: [iTunesHelper] C:\Programmer\iTunes\iTunesHelper.exe
O4 - HKLM\..\Run: [eabconfg.cpl] C:\Programmer\HPQ\Quick Launch Buttons\EabServr.exe /Start
O4 - HKLM\..\Run: [hpWirelessAssistant] C:\Programmer\hpq\HP Wireless Assistant\HP Wireless Assistant.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Programmer\Java\jre1.5.0_06\bin\jusched.exe
O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE
O4 - HKLM\..\Run: [Sony Ericsson PC Suite] "C:\Programmer\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe" /startoptions
O4 - HKLM\..\Run: [BigDogPath] C:\WINDOWS\VM_STI.EXE VIMICRO USB PC Camera 301x
O4 - HKLM\..\Run: [SoundMAXPnP] C:\Programmer\Analog Devices\SoundMAX\SMax4PNP.exe
O4 - HKLM\..\Run: [SoundMAX] C:\Programmer\Analog Devices\SoundMAX\Smax4.exe /tray
O4 - HKCU\..\Run: [msnmsgr] "C:\Programmer\MSN Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [SUPERAntiSpyware] C:\Programmer\SUPERAntiSpyware\SUPERAntiSpyware.exe
O4 - Global Startup: Adobe Reader Hurtigstart.lnk = C:\Programmer\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: BTTray.lnk = ?
O4 - Global Startup: Microsoft Office.lnk = C:\Programmer\Microsoft Office\Office10\OSA.EXE
O8 - Extra context menu item: E&ksporter til Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programmer\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programmer\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra button: Opslag - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Programmer\PartyGaming\PartyPoker\RunApp.exe (file missing)
O9 - Extra 'Tools' menuitem: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Programmer\PartyGaming\PartyPoker\RunApp.exe (file missing)
O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Programmer\WIDCOMM\Bluetooth-software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: @btrez.dll,-4017 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Programmer\WIDCOMM\Bluetooth-software\btsendto_ie.htm
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programmer\Messenger\MSMSGS.EXE (file missing)
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programmer\Messenger\MSMSGS.EXE (file missing)
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1125986449423
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/MsnMessengerSetupDownloader.cab
O16 - DPF: {C5E28B9D-0A68-4B50-94E9-E8F6B4697517} (NsvPlayX Control) - http://www.mmradio.org/embed22/nsvplayx_vp3_aac.cab
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
O18 - Protocol: widimg - {EE7C2AFF-5742-44FF-BD0E-E521B0D3C3BA} - C:\WINDOWS\system32\btxppanel.dll
O20 - Winlogon Notify: !SASWinLogon - C:\Programmer\SUPERAntiSpyware\SASWINLO.dll
O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxsrvc.dll
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Programmer\WIDCOMM\Bluetooth-software\bin\btwdins.exe
O23 - Service: HP WMI Interface (hpqwmi) - Hewlett-Packard Development Company, L.P. - C:\Programmer\HPQ\SHARED\HPQWMI.exe
O23 - Service: iPod Service (iPodService) - Apple Computer, Inc. - C:\Programmer\iPod\bin\iPodService.exe
O23 - Service: OfficeScanNT RealTime Scan (ntrtscan) - Trend Micro Inc. - C:\Programmer\Trend Micro\OfficeScan Client\ntrtscan.exe
O23 - Service: OfficeScanNT Personal Firewall (OfcPfwSvc) - Trend Micro Inc. - C:\Programmer\Trend Micro\OfficeScan Client\OfcPfwSvc.exe
O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) - Analog Devices, Inc. - C:\Programmer\Analog Devices\SoundMAX\SMAgent.exe
O23 - Service: OfficeScanNT Listener (tmlisten) - Trend Micro Inc. - C:\Programmer\Trend Micro\OfficeScan Client\tmlisten.exe


SUPERAntiSpyware Scan Log
Generated 11/13/2006 at 09:49 PM

Application Version : 3.3.1020

Core Rules Database Version : 3127
Trace Rules Database Version: 1146

Scan type      : Complete Scan
Total Scan Time : 00:39:18

Memory items scanned      : 155
Memory threats detected  : 0
Registry items scanned    : 5208
Registry threats detected : 58
File items scanned        : 24274
File threats detected    : 16

Trojan.SearchTool
    HKLM\Software\Classes\CLSID\{5015BF9D-173C-474B-9AF3-77D4D23A4135}
    HKCR\CLSID\{5015BF9D-173C-474B-9AF3-77D4D23A4135}
    HKCR\CLSID\{5015BF9D-173C-474B-9AF3-77D4D23A4135}
    HKCR\CLSID\{5015BF9D-173C-474B-9AF3-77D4D23A4135}\InprocServer32
    HKCR\CLSID\{5015BF9D-173C-474B-9AF3-77D4D23A4135}\InprocServer32#ThreadingModel
    HKCR\CLSID\{5015BF9D-173C-474B-9AF3-77D4D23A4135}\ProgID
    HKCR\CLSID\{5015BF9D-173C-474B-9AF3-77D4D23A4135}\Programmable
    HKCR\CLSID\{5015BF9D-173C-474B-9AF3-77D4D23A4135}\TypeLib
    HKCR\CLSID\{5015BF9D-173C-474B-9AF3-77D4D23A4135}\VersionIndependentProgID
    C:\WINDOWS\SYSTEM32\SMARTSHOPPER\SMARTSHOPPER0.DLL
    HKLM\Software\Classes\CLSID\{5ED7D3DE-6DBE-4516-8712-01B1B64B7057}
    HKCR\CLSID\{5ED7D3DE-6DBE-4516-8712-01B1B64B7057}
    HKCR\CLSID\{5ED7D3DE-6DBE-4516-8712-01B1B64B7057}
    HKCR\CLSID\{5ED7D3DE-6DBE-4516-8712-01B1B64B7057}\InprocServer32
    HKCR\CLSID\{5ED7D3DE-6DBE-4516-8712-01B1B64B7057}\InprocServer32#ThreadingModel
    HKCR\CLSID\{5ED7D3DE-6DBE-4516-8712-01B1B64B7057}\ProgID
    HKCR\CLSID\{5ED7D3DE-6DBE-4516-8712-01B1B64B7057}\Programmable
    HKCR\CLSID\{5ED7D3DE-6DBE-4516-8712-01B1B64B7057}\TypeLib
    HKCR\CLSID\{5ED7D3DE-6DBE-4516-8712-01B1B64B7057}\VersionIndependentProgID
    C:\WINDOWS\SYSTEM32\SEARCHENHANCER\NSD6.DLL
    HKLM\Software\Classes\CLSID\{5ED7D3DE-6DBE-4516-8712-436325722327}
    HKCR\CLSID\{5ED7D3DE-6DBE-4516-8712-436325722327}
    HKCR\CLSID\{5ED7D3DE-6DBE-4516-8712-436325722327}
    HKCR\CLSID\{5ED7D3DE-6DBE-4516-8712-436325722327}\InprocServer32
    HKCR\CLSID\{5ED7D3DE-6DBE-4516-8712-436325722327}\InprocServer32#ThreadingModel
    HKCR\CLSID\{5ED7D3DE-6DBE-4516-8712-436325722327}\ProgID
    HKCR\CLSID\{5ED7D3DE-6DBE-4516-8712-436325722327}\Programmable
    HKCR\CLSID\{5ED7D3DE-6DBE-4516-8712-436325722327}\TypeLib
    HKCR\CLSID\{5ED7D3DE-6DBE-4516-8712-436325722327}\VersionIndependentProgID
    HKLM\Software\Classes\CLSID\{92C3F342-45DA-4511-853A-B3836AAFF5F5}
    HKCR\CLSID\{92C3F342-45DA-4511-853A-B3836AAFF5F5}
    HKCR\CLSID\{92C3F342-45DA-4511-853A-B3836AAFF5F5}
    HKCR\CLSID\{92C3F342-45DA-4511-853A-B3836AAFF5F5}\InprocServer32
    HKCR\CLSID\{92C3F342-45DA-4511-853A-B3836AAFF5F5}\InprocServer32#ThreadingModel
    HKCR\CLSID\{92C3F342-45DA-4511-853A-B3836AAFF5F5}\ProgID
    HKCR\CLSID\{92C3F342-45DA-4511-853A-B3836AAFF5F5}\Programmable
    HKCR\CLSID\{92C3F342-45DA-4511-853A-B3836AAFF5F5}\TypeLib
    HKCR\CLSID\{92C3F342-45DA-4511-853A-B3836AAFF5F5}\VersionIndependentProgID
    HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5ED7D3DE-6DBE-4516-8712-01B1B64B7057}
    HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5ED7D3DE-6DBE-4516-8712-436325722327}

Adware.Tracking Cookie
    C:\Documents and Settings\Administrator\Cookies\administrator@adtech[2].txt
    C:\Documents and Settings\Administrator\Cookies\administrator@clickbank[1].txt
    C:\Documents and Settings\Administrator\Cookies\administrator@stats1.reliablestats[2].txt
    C:\Documents and Settings\Administrator\Cookies\administrator@1072707600[2].txt
    C:\Documents and Settings\Administrator\Cookies\administrator@doubleclick[1].txt
    C:\Documents and Settings\Administrator\Cookies\administrator@cpvfeed[2].txt
    C:\Documents and Settings\Administrator\Cookies\administrator@mediaplex[1].txt
    C:\Documents and Settings\Hamster\Cookies\hamster@ad.yieldmanager[1].txt
    C:\Documents and Settings\Hamster\Cookies\hamster@adopt.euroclick[2].txt
    C:\Documents and Settings\Hamster\Cookies\hamster@burstnet[2].txt
    C:\Documents and Settings\Hamster\Cookies\hamster@cz3.clickzs[1].txt
    C:\Documents and Settings\Hamster\Cookies\hamster@cz9.clickzs[1].txt
    C:\Documents and Settings\Hamster\Cookies\hamster@webpower[2].txt

Adware.AdRotator
    HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\AdRotator
    HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\AdRotator#DisplayName
    HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\AdRotator#UninstallString
    HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\AdRotator#NoModify
    HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\AdRotator#NoRepair
    HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\AdRotator#DisplayVersion

Adware.AdStart
    HKLM\Software\Microsoft\Windows\CurrentVersion\Run#adstart [ "iexplore.exe" "http://iesettingsupdate" ]

Adware.eZula/BannerRotator
    HKCR\BannerRotator.Rotator2
    HKCR\BannerRotator.Rotator2\CLSID
    HKCR\BannerRotator.Rotator2\CurVer
    HKCR\BannerRotator.Rotator2.1
    HKCR\BannerRotator.Rotator2.1\CLSID
    HKCR\CLSID\{E954DB82-1533-4714-92F2-59C98D5C18CC}
    HKCR\CLSID\{E954DB82-1533-4714-92F2-59C98D5C18CC}\TypeLib
    HKCR\TypeLib\{7DABFFEB-649F-4077-9E03-202688D77676}
    HKCR\TypeLib\{7DABFFEB-649F-4077-9E03-202688D77676}\1.0
    HKCR\TypeLib\{7DABFFEB-649F-4077-9E03-202688D77676}\1.0\0
    HKCR\TypeLib\{7DABFFEB-649F-4077-9E03-202688D77676}\1.0\0\win32
    HKCR\TypeLib\{7DABFFEB-649F-4077-9E03-202688D77676}\1.0\FLAGS
    HKCR\TypeLib\{7DABFFEB-649F-4077-9E03-202688D77676}\1.0\HELPDIR
    C:\WINDOWS\SYSTEM32\BRROT-UNINST.EXE
Avatar billede levich Nybegynder
14. november 2006 - 00:22 #1
Øjeblik, jeg ser på det.
Avatar billede levich Nybegynder
14. november 2006 - 00:27 #2
Ifølge hijackthis-loggen, så ser der ikke ud til at være noget tilbage. Kører windows som det skal?
Avatar billede kristian_the_one Nybegynder
14. november 2006 - 15:49 #3
jeg har lavet en ny scan med ewido

Logfile of HijackThis v1.99.1
Scan saved at 15:47:42, on 14-11-2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Programmer\WIDCOMM\Bluetooth-software\bin\btwdins.exe
C:\Programmer\ewido\security suite\ewidoctrl.exe
C:\Programmer\ewido\security suite\ewidoguard.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\AGRSMMSG.exe
C:\Programmer\Apoint2K\Apoint.exe
C:\WINDOWS\system32\hkcmd.exe
C:\Programmer\Trend Micro\OfficeScan Client\pccntmon.exe
C:\Programmer\iTunes\iTunesHelper.exe
C:\Programmer\HPQ\Quick Launch Buttons\EabServr.exe
C:\Programmer\hpq\HP Wireless Assistant\HP Wireless Assistant.exe
C:\Programmer\Java\jre1.5.0_06\bin\jusched.exe
C:\WINDOWS\system32\LVCOMSX.EXE
C:\Programmer\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe
C:\Programmer\Analog Devices\SoundMAX\SMax4PNP.exe
C:\Programmer\MSN Messenger\msnmsgr.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Programmer\SUPERAntiSpyware\SUPERAntiSpyware.exe
C:\Programmer\Fælles filer\Teleca Shared\CapabilityManager.exe
C:\Programmer\Adobe\Acrobat 7.0\Reader\reader_sl.exe
C:\Programmer\Apoint2K\Apntex.exe
C:\Programmer\WIDCOMM\Bluetooth-software\BTTray.exe
C:\Programmer\Fælles filer\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Programmer\Trend Micro\OfficeScan Client\ntrtscan.exe
C:\Programmer\Analog Devices\SoundMAX\SMAgent.exe
C:\WINDOWS\system32\svchost.exe
C:\Programmer\Trend Micro\OfficeScan Client\tmlisten.exe
C:\Programmer\Fælles filer\Teleca Shared\Generic.exe
C:\Programmer\Trend Micro\OfficeScan Client\OfcPfwSvc.exe
C:\Programmer\iPod\bin\iPodService.exe
C:\Programmer\Sony Ericsson\Mobile2\Mobile Phone Monitor\epmworker.exe
C:\Programmer\HPQ\SHARED\HPQWMI.exe
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\TEMP\CBFF12.EXE
C:\WINDOWS\system32\wuauclt.exe
C:\Programmer\Trend Micro\OfficeScan Client\Pop3Trap.exe
C:\Documents and Settings\Administrator\Skrivebord\hijackthis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.dk/
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Hyperlinks
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programmer\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programmer\Java\jre1.5.0_06\bin\ssv.dll
O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe
O4 - HKLM\..\Run: [Apoint] C:\Programmer\Apoint2K\Apoint.exe
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [OfficeScanNT Monitor] "C:\Programmer\Trend Micro\OfficeScan Client\pccntmon.exe" -HideWindow
O4 - HKLM\..\Run: [Cpqset] C:\Programmer\HPQ\Default Settings\cpqset.exe
O4 - HKLM\..\Run: [iTunesHelper] C:\Programmer\iTunes\iTunesHelper.exe
O4 - HKLM\..\Run: [eabconfg.cpl] C:\Programmer\HPQ\Quick Launch Buttons\EabServr.exe /Start
O4 - HKLM\..\Run: [hpWirelessAssistant] C:\Programmer\hpq\HP Wireless Assistant\HP Wireless Assistant.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Programmer\Java\jre1.5.0_06\bin\jusched.exe
O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE
O4 - HKLM\..\Run: [Sony Ericsson PC Suite] "C:\Programmer\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe" /startoptions
O4 - HKLM\..\Run: [BigDogPath] C:\WINDOWS\VM_STI.EXE VIMICRO USB PC Camera 301x
O4 - HKLM\..\Run: [SoundMAXPnP] C:\Programmer\Analog Devices\SoundMAX\SMax4PNP.exe
O4 - HKLM\..\Run: [SoundMAX] C:\Programmer\Analog Devices\SoundMAX\Smax4.exe /tray
O4 - HKCU\..\Run: [msnmsgr] "C:\Programmer\MSN Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [SUPERAntiSpyware] C:\Programmer\SUPERAntiSpyware\SUPERAntiSpyware.exe
O4 - Global Startup: Adobe Reader Hurtigstart.lnk = C:\Programmer\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: BTTray.lnk = ?
O4 - Global Startup: Microsoft Office.lnk = C:\Programmer\Microsoft Office\Office10\OSA.EXE
O8 - Extra context menu item: E&ksporter til Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programmer\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programmer\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra button: Opslag - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Programmer\PartyGaming\PartyPoker\RunApp.exe (file missing)
O9 - Extra 'Tools' menuitem: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Programmer\PartyGaming\PartyPoker\RunApp.exe (file missing)
O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Programmer\WIDCOMM\Bluetooth-software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: @btrez.dll,-4017 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Programmer\WIDCOMM\Bluetooth-software\btsendto_ie.htm
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programmer\Messenger\MSMSGS.EXE (file missing)
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programmer\Messenger\MSMSGS.EXE (file missing)
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1125986449423
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/MsnMessengerSetupDownloader.cab
O16 - DPF: {C5E28B9D-0A68-4B50-94E9-E8F6B4697517} (NsvPlayX Control) - http://www.mmradio.org/embed22/nsvplayx_vp3_aac.cab
O20 - Winlogon Notify: !SASWinLogon - C:\Programmer\SUPERAntiSpyware\SASWINLO.dll
O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxsrvc.dll
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Programmer\WIDCOMM\Bluetooth-software\bin\btwdins.exe
O23 - Service: ewido security suite control - ewido networks - C:\Programmer\ewido\security suite\ewidoctrl.exe
O23 - Service: ewido security suite guard - ewido networks - C:\Programmer\ewido\security suite\ewidoguard.exe
O23 - Service: HP WMI Interface (hpqwmi) - Hewlett-Packard Development Company, L.P. - C:\Programmer\HPQ\SHARED\HPQWMI.exe
O23 - Service: iPod Service (iPodService) - Apple Computer, Inc. - C:\Programmer\iPod\bin\iPodService.exe
O23 - Service: OfficeScanNT RealTime Scan (ntrtscan) - Trend Micro Inc. - C:\Programmer\Trend Micro\OfficeScan Client\ntrtscan.exe
O23 - Service: OfficeScanNT Personal Firewall (OfcPfwSvc) - Trend Micro Inc. - C:\Programmer\Trend Micro\OfficeScan Client\OfcPfwSvc.exe
O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) - Analog Devices, Inc. - C:\Programmer\Analog Devices\SoundMAX\SMAgent.exe
O23 - Service: OfficeScanNT Listener (tmlisten) - Trend Micro Inc. - C:\Programmer\Trend Micro\OfficeScan Client\tmlisten.exe


---------------------------------------------------------
ewido security suite - Scan report
---------------------------------------------------------

+ Created on:            00:16:11, 14-11-2006
+ Report-Checksum:        A2679476

+ Scan result:

    C:\Documents and Settings\Administrator\Cookies\administrator@adtech[1].txt -> Spyware.Cookie.Adtech : Cleaned with backup
    C:\Documents and Settings\Administrator\Cookies\administrator@atdmt[1].txt -> Spyware.Cookie.Atdmt : Cleaned with backup
    C:\Documents and Settings\Administrator\Cookies\administrator@doubleclick[1].txt -> Spyware.Cookie.Doubleclick : Cleaned with backup
    C:\Documents and Settings\Administrator\Cookies\administrator@mediaplex[1].txt -> Spyware.Cookie.Mediaplex : Cleaned with backup
    C:\Documents and Settings\Administrator\Cookies\administrator@tribalfusion[1].txt -> Spyware.Cookie.Tribalfusion : Cleaned with backup
    C:\WINDOWS\system32\MRT.exe -> Heuristic.Win32.AVKiller : Cleaned with backup


::Report End
Avatar billede levich Nybegynder
13. januar 2007 - 18:51 #4
Det er godt nok lang tid siden, at du skrev ovenstående, men fik du windows til at køre normalt?
Avatar billede Ny bruger Nybegynder

Din løsning...

Tilladte BB-code-tags: [b]fed[/b] [i]kursiv[/i] [u]understreget[/u] Web- og emailadresser omdannes automatisk til links. Der sættes "nofollow" på alle links.

Loading billede Opret Preview
Kategori
Se alle it-kurser fra Computerworld Kurser
IT-kurser om Microsoft 365, sikkerhed, personlig vækst, udvikling, digital markedsføring, grafisk design, SAP og forretningsanalyse.
Se alle it-kurser

Flere spørgsmål fra Virus kategorien

Titel Indlæg Oprettet Seneste aktivitet
Findes der mon et Antivirus program, som ikke, konstant, reklamerer, for at købe ? Af Ikke-ekspert i Virus 21 22/06/202419:22 23/06/202412:54
Anbefaling af antivirusprogram med firewall Af OnePlusFan i Virus 23 07/05/202421:02 13/05/202419:48
trusler Af gerhardpet i Virus 4 26/01/202410:02 27/01/202408:32
Kan ikke fjerne virus Af mik28 i Virus 16 09/01/202416:37 10/01/202419:59
virusscanning Af JetteD i Virus 2 10/11/202312:55 10/11/202316:36
Se alle spørgsmål i kategorien Opret spørgsmål

Log ind eller opret profil

Hov!

For at kunne deltage på Computerworld Eksperten skal du være logget ind.

Det er heldigvis nemt at oprette en bruger: Det tager to minutter og du kan vælge at bruge enten e-mail, Facebook eller Google som login.

Opret Log ind

Du kan også logge ind via nedenstående tjenester



Alle kategorier på Eksperten
Seneste spørgsmål Seneste aktivitet
I dag 20:17 vlc viser kegle-icon Af casablanca i Andet software
I dag 14:01 Oprette / gemme et par fotos i en mappe - Samsung Galaxy A 14 5G ? Af Ikke-ekspert i Mobiltelefoner
I dag 11:14 Bærbar til Sims 3? Af idamarie i PC
I dag 10:49 Adobe til excel Af densortehingst i Andet software
I dag 09:26 Chrome Af fjorbak i Andet netværk
White papers
Flere white papers »


Premium
Teaser billede
5.000 flyafgange i verden blev aflyst som følge af Crowdstrike-nedbrud: Vil Københavns Lufthavn søge erstatning?
Læs mere »
Hackere udnytter CrowdStrike-nedbruddet: Spreder malware ved hjælp af falske løsninger
Microsoft skyder dele af skylden for CrowdStrike-nedbrud på 15 år gammel EU-aftale
Derfor står Danske Bank foran en kæmpe AWS-transformation: Ellers skulle vi bygge en ny infrastruktur for at følge med
Se alle »
Computerworld
Teaser billede
Microsoft-nedbrud spreder sig: It-systemer i lufthavne verden over er ramt
Læs mere »
Test: Denne mikro-pc er smartere end de stærkeste desktop-maskiner - men flopper alligevel
Elon Musk dropper CrowdStrike efter kæmpe nedbrud
Hundredevis af flyafgange ramt af stort Microsoft-nedbrud
Se alle »
CIO
Teaser billede
Microsoft er på sagen: I gang med at løse kæmpe nedbrud efter katastrofal Crowdstrike-fejl
Læs mere »
Så mange Microsoft-enheder blev ramt af gigantisk Crowdstrike-koks
Telenor skrotter ældre it-system: Nyt system er en hyldevare
Peter Lüth udlever CTO-drømmen: Bygger et system fra bunden og tjener kassen på det
Se alle »
Job & Karriere
Teaser billede
Efter 12 år er NNIT's hovedkvarter i Søborg nu ryddet og tomt - alle arbejder hjemme: "Det er med et vist vemod"
Læs mere »
Norlys skal splittes op i fem selskaber: Nu bliver flere ansatte og ledere fyret
Dansk top-profil trækker sig fra Microsoft: Skal være direktør i TDC Erhverv
KMD-direktør forlader selskabet: Det skal hun nu
Se alle »
White paper
Teaser billede
Det behøver ikke at gøre ondt: Sådan gør du livet lettere for kunder med multicloud
Læs mere »
MDR: Transparent sikkerhed og overvågning i realtid
SASE: Træf det rette valg – første gang
Nemmere overblik, styring og omkostningskontrol i dit multicloud-miljø
Se alle »

Events
Flere events »
White papers
Flere white papers »
IT-Kurser
Se alle vores it-kurser »