winstall på computeren
Ja, jeg er ramt af winstall og har et par log-filer.HighjackThis:
http://peecee.dk/?id=15476
ComboFix:
Eva Rasmussen - 06-12-06 21:01:15,68 Service Pack 2
ComboFix 06.11.27W - Running from: "C:\Documents and Settings\Eva Rasmussen\Skrivebord"
(((((((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
C:\Programmer\F‘lles filer\{34D4C6D6-07DA-1030-0317-05041029002d}
C:\Programmer\F‘lles filer\{D4D4C6D6-07DA-1030-0317-05041029002d}
((((((((((((((((((((((((((((((( Files Created from 2006-11-06 to 2006-12-06 ))))))))))))))))))))))))))))))))))
2006-12-06 19:34 <DIR> d-------- C:\Programmer\SUPERAntiSpyware
2006-12-06 19:34 <DIR> d-------- C:\Documents and Settings\Eva Rasmussen\Application Data\SUPERAntiSpyware.com
2006-12-03 01:07 77,824 --a------ C:\WINDOWS\system32\gotgo.exe
2006-12-03 01:07 122,880 --a------ C:\WINDOWS\system32\winstall.exe
2006-11-18 15:01 <DIR> d-------- C:\Programmer\MSXML 4.0
2006-11-18 15:01 <DIR> d-------- C:\6c2f5cb3238b67e4196407c089
2006-11-08 00:49 <DIR> d-------- C:\DVDVolume
(((((((((((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))))
2006-12-06 21:02 -------- d-------- C:\Programmer\F‘lles filer
2006-12-06 20:57 17408 --a------ C:\WINDOWS\system32\drivers\USBCRFT.SYS
2006-12-06 19:34 -------- d-------- C:\Programmer\F‘lles filer\Wise Installation Wizard
2006-12-06 19:33 -------- d-------- C:\Programmer\MSN Messenger
2006-12-06 19:33 -------- d-------- C:\Programmer\F‘lles filer\Microsoft Shared
2006-12-06 19:32 -------- d-------- C:\Programmer\AbiSuite2
2006-12-04 19:32 -------- d-------- C:\Programmer\eGames
2006-12-03 16:11 -------- d-------- C:\Documents and Settings\Eva Rasmussen\Application Data\AVG7
2006-12-03 01:15 16197928 --a------ C:\Programmer\Install_Messenger.exe
2006-12-03 01:13 -------- d--h----- C:\Programmer\InstallShield Installation Information
2006-11-18 15:00 -------- d-------- C:\Programmer\Internet Explorer
2006-11-04 14:14 1245696 --a------ C:\WINDOWS\system32\msxml4.dll
2006-11-02 11:06 816672 --a------ C:\WINDOWS\system32\drivers\avg7core.sys
2006-10-26 17:18 4960 --a------ C:\WINDOWS\system32\drivers\avgtdi.sys
2006-10-26 17:18 4224 --a------ C:\WINDOWS\system32\drivers\avg7rsw.sys
2006-10-26 17:18 3968 --a------ C:\WINDOWS\system32\drivers\avgclean.sys
2006-10-26 17:18 28416 --a------ C:\WINDOWS\system32\drivers\avg7rsxp.sys
2006-10-26 17:17 17207032 --a------ C:\Programmer\avg75free_428a818.exe
2006-10-26 17:17 -------- d---s---- C:\Documents and Settings\Eva Rasmussen\Application Data\Microsoft
2006-10-22 15:41 -------- d-------- C:\Programmer\Google
2006-10-13 13:39 142848 --a------ C:\WINDOWS\system32\nwprovau.dll
2006-10-06 13:25 98304 --a------ C:\WINDOWS\system32\CmdLineExt.dll
2006-10-06 13:20 -------- d-------- C:\Programmer\Ubisoft
2006-09-13 06:06 1084416 --a------ C:\WINDOWS\system32\msxml3.dll
(((((((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))
*Note* empty entries are not shown
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run]
"swg"="C:\\Programmer\\Google\\GoogleToolbarNotifier\\1.0.720.3640\\GoogleToolbarNotifier.exe"
"NBJ"="\"C:\\Programmer\\Ahead\\Nero BackItUp\\NBJ.exe\""
"SUPERAntiSpyware"="C:\\Programmer\\SUPERAntiSpyware\\SUPERAntiSpyware.exe"
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run]
"ATIPTA"="C:\\Programmer\\ATI Technologies\\ATI Control Panel\\atiptaxx.exe"
"Dit"="Dit.exe"
"CHotkey"="zHotkey.exe"
"AVG7_CC"="C:\\PROGRA~1\\Grisoft\\AVGFRE~1\\avgcc.exe /STARTUP"
"LogitechVideoRepair"="C:\\Programmer\\Logitech\\Video\\ISStart.exe"
"LogitechVideoTray"="C:\\Programmer\\Logitech\\Video\\LogiTray.exe"
"DAEMON Tools-1033"="\"C:\\Programmer\\D-Tools\\daemon.exe\" -lang 1033"
"TkBellExe"="\"C:\\Programmer\\Fælles filer\\Real\\Update_OB\\realsched.exe\" -osboot"
"NeroFilterCheck"="C:\\WINDOWS\\system32\\NeroCheck.exe"
"Ad-Aware"="\"C:\\Programmer\\Lavasoft\\Ad-Aware SE Professional\\Ad-Aware.exe\" +c"
"QuickTime Task"="\"C:\\Programmer\\QuickTime\\qttask.exe\" -atboottime"
[HKEY_CURRENT_USER\software\microsoft\internet explorer\desktop\components]
"DeskHtmlVersion"=dword:00000110
"DeskHtmlMinorVersion"=dword:00000005
"Settings"=dword:00000001
"GeneralFlags"=dword:00000001
[HKEY_CURRENT_USER\software\microsoft\internet explorer\desktop\components\0]
"Source"="About:Home"
"SubscribedURL"="About:Home"
"FriendlyName"="Min aktuelle startside"
"Flags"=dword:00000002
"Position"=hex:2c,00,00,00,00,01,00,00,00,00,00,00,00,04,00,00,c0,03,00,00,00,\
00,00,00,01,00,00,00,01,00,00,00,01,00,00,00,00,00,00,00,00,00,00,00
"CurrentState"=hex:04,00,00,40
"OriginalStateInfo"=hex:18,00,00,00,cc,00,00,00,00,00,00,00,34,03,00,00,e2,02,\
00,00,04,00,00,40
"RestoredStateInfo"=hex:18,00,00,00,cc,00,00,00,00,00,00,00,34,03,00,00,e2,02,\
00,00,01,00,00,00
[HKEY_USERS\.default\software\microsoft\windows\currentversion\run]
"CTFMON.EXE"="C:\\WINDOWS\\system32\\CTFMON.EXE"
"AVG7_Run"="C:\\PROGRA~1\\Grisoft\\AVGFRE~1\\avgw.exe /RUNONCE"
[HKEY_USERS\s-1-5-18\software\microsoft\windows\currentversion\run]
"CTFMON.EXE"="C:\\WINDOWS\\system32\\CTFMON.EXE"
"AVG7_Run"="C:\\PROGRA~1\\Grisoft\\AVGFRE~1\\avgw.exe /RUNONCE"
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\sharedtaskscheduler]
"{438755C2-A8BA-11D1-B96B-00A0C90312E1}"="Browseui preloader"
"{8C7461EF-2B13-11d2-BE35-3078302C2030}"="Component Categories cache daemon"
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shellexecutehooks]
"{AEB6717E-7E19-11d0-97EE-00C04FD91972}"=""
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"=""
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer]
"NoDriveTypeAutoRun"=dword:000000ff
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer\Run]
"{D4D4C6D6-07DA-1030-0317-05041029002d}"="\"C:\\Programmer\\Fælles filer\\{D4D4C6D6-07DA-1030-0317-05041029002d}\\Update.exe\" mc-110-12-0001411"
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"dontdisplaylastusername"=dword:00000000
"legalnoticecaption"=""
"legalnoticetext"=""
"shutdownwithoutlogon"=dword:00000001
"undockwithoutlogon"=dword:00000001
[HKEY_USERS\.default\software\microsoft\windows\currentversion\policies\explorer]
"NoDriveTypeAutoRun"=dword:00000091
[HKEY_USERS\s-1-5-18\software\microsoft\windows\currentversion\policies\explorer]
"NoDriveTypeAutoRun"=dword:00000091
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\shellserviceobjectdelayload]
"PostBootReminder"="{7849596a-48ea-486e-8937-a2a3009f31a9}"
"CDBurn"="{fbeb8a05-beee-4442-804e-409d6c4515e9}"
"WebCheck"="{E6FB5E20-DE35-11CF-9C87-00AA005127ED}"
"SysTray"="{35CEC8A3-2BE6-11D2-8773-92E220524153}"
HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\!SASWinLogon
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"="msapsspc.dll, schannel.dll, digest.dll, msnsspc.dll"
Completion time: 06-12-06 21:02:56.00
C:\ComboFix.txt ... 06-12-06 21:02
SUPERAntiSpyware Scan Log
Generated 12/06/2006 at 08:55 PM
Application Version : 3.3.1020
Core Rules Database Version : 0
Trace Rules Database Version: 0
Scan type : Complete Scan
Total Scan Time : 00:18:43
Memory items scanned : 162
Memory threats detected : 0
Registry items scanned : 4762
Registry threats detected : 5
File items scanned : 25468
File threats detected : 0
Adware.Toolbar888
HKCR\Interface\{C6F2214E-0B54-45A9-B90D-7DD4BA45ED0B}
HKCR\Interface\{C6F2214E-0B54-45A9-B90D-7DD4BA45ED0B}\ProxyStubClsid
HKCR\Interface\{C6F2214E-0B54-45A9-B90D-7DD4BA45ED0B}\ProxyStubClsid32
HKCR\Interface\{C6F2214E-0B54-45A9-B90D-7DD4BA45ED0B}\TypeLib
HKCR\Interface\{C6F2214E-0B54-45A9-B90D-7DD4BA45ED0B}\TypeLib#Version
Ehh... Hjælp!
MVH
Michael
