CIO Tech Eksperten IT-JOB IT-Kurser Events Podcast Søg
Cookie ikon
Avatar billede jessrasmussen Nybegynder
30. december 2007 - 16:38 Der er 5 kommentarer og
1 løsning

Logfiler bedes gennemset

Hej Eksperter

Her er der 4 logfiler jeg gerne vil have gennemset for snavs

med venlig hilsen

jess Rasmussen

Logfile of HijackThis v1.99.1
Scan saved at 16:27:30, on 30-12-2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16574)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\Programmer\Alwil Software\Avast4\aswUpdSv.exe
C:\Programmer\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\Explorer.EXE
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Programmer\Java\jre1.6.0_03\bin\jusched.exe
C:\WINDOWS\RTHDCPL.EXE
C:\WINDOWS\system32\MSTMON_S.EXE
C:\Programmer\CyberLink\PowerDVD\PDVDServ.exe
C:\Programmer\MySpeedyAlert\Main.exe
C:\Programmer\MSN Messenger\MsnMsgr.Exe
C:\WINDOWS\system32\spoolsv.exe
C:\Programmer\DAEMON Tools\daemon.exe
C:\Programmer\ATI Technologies\ATI.ACE\CLI.EXE
C:\WINDOWS\system32\ctfmon.exe
C:\Programmer\SUPERAntiSpyware\SUPERAntiSpyware.exe
C:\Programmer\Logitech\SetPoint\SetPoint.exe
C:\Programmer\Fælles filer\Logitech\KhalShared\KHALMNPR.EXE
C:\Programmer\Fælles filer\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Programmer\IVT Corporation\BlueSoleil\BTNtService.exe
C:\WINDOWS\system32\inetsrv\inetinfo.exe
C:\Programmer\Fælles filer\Microsoft Shared\VS7Debug\mdm.exe
C:\WINDOWS\system32\netdde.exe
C:\Programmer\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe
C:\WINDOWS\System32\svchost.exe
C:\Programmer\Alwil Software\Avast4\ashMaiSv.exe
C:\Programmer\Alwil Software\Avast4\ashWebSv.exe
C:\Programmer\MSN Messenger\usnsvc.exe
C:\Programmer\ATI Technologies\ATI.ACE\cli.exe
C:\Programmer\ATI Technologies\ATI.ACE\cli.exe
C:\Documents and Settings\Jess\Skrivebord\viruscleaner\alternativ.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.dk/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Hyperlinks
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programmer\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programmer\Java\jre1.6.0_03\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Programmer\Java\jre1.6.0_03\bin\jusched.exe"
O4 - HKLM\..\Run: [Logitech Hardware Abstraction Layer] KHALMNPR.EXE
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [KONICA MINOLTA magicolor 2400W STD] C:\WINDOWS\system32\MSTMON_S.EXE STARTUP
O4 - HKLM\..\Run: [RemoteControl] C:\Programmer\CyberLink\PowerDVD\PDVDServ.exe
O4 - HKLM\..\Run: [NeroCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [ATICCC] "C:\Programmer\ATI Technologies\ATI.ACE\CLIStart.exe"
O4 - HKLM\..\Run: [My Speedy Alert] "C:\Programmer\MySpeedyAlert\Main.exe"
O4 - HKCU\..\Run: [MsnMsgr] "C:\Programmer\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [DAEMON Tools] "C:\Programmer\DAEMON Tools\daemon.exe" -lang 1033
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [SUPERAntiSpyware] C:\Programmer\SUPERAntiSpyware\SUPERAntiSpyware.exe
O4 - Global Startup: Adobe Reader Hurtigstart.lnk = C:\Programmer\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Logitech SetPoint.lnk = ?
O4 - Global Startup: Microsoft Office.lnk = C:\Programmer\Microsoft Office\Office10\OSA.EXE
O8 - Extra context menu item: E&ksporter til Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programmer\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programmer\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra button: Europa Casino - {4C826F10-D34B-4ba8-B609-1FB8C6482A05} - C:\Casino\Europa Casino\casino.exe
O9 - Extra 'Tools' menuitem: Europa Casino - {4C826F10-D34B-4ba8-B609-1FB8C6482A05} - C:\Casino\Europa Casino\casino.exe
O9 - Extra button: InterCasino $$$ - {909AAEB6-C2CB-4AB5-A7BB-C33B72AB4BFB} - C:\Documents and Settings\Jess\Skrivebord\InterCasino $$$.lnk (file missing)
O9 - Extra 'Tools' menuitem: InterCasino $$$ - {909AAEB6-C2CB-4AB5-A7BB-C33B72AB4BFB} - C:\Documents and Settings\Jess\Skrivebord\InterCasino $$$.lnk (file missing)
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programmer\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programmer\Messenger\msmsgs.exe
O11 - Options group: [INTERNATIONAL] International*
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {B1E2B96C-12FE-45E2-BEF1-44A219113CDD} (SABScanProcesses Class) - http://www.superadblocker.com/activex/sabspx.cab
O16 - DPF: {D8089245-3211-40F6-819B-9E5E92CD61A2} (FlashXControl Object) - https://casinodk.microgaming.com/casinodk/FlashAX.cab
O16 - DPF: {F7EDBBEA-1AD2-4EBF-AA07-D453CC29EE65} (Flash Casino Helper Object) - https://flashcasino.ladbrokes.com/instant-play-en/FlashAX2.cab
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O20 - Winlogon Notify: !SASWinLogon - C:\Programmer\SUPERAntiSpyware\SASWINLO.dll
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Programmer\Fælles filer\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Programmer\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Programmer\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - Unknown owner - C:\Programmer\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)
O23 - Service: avast! Web Scanner - Unknown owner - C:\Programmer\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)
O23 - Service: BlueSoleil Hid Service - Unknown owner - C:\Programmer\IVT Corporation\BlueSoleil\BTNtService.exe
O23 - Service: StarWind iSCSI Service (StarWindService) - Rocket Division Software - C:\Programmer\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe

__________________________________________________________________

ComboFix 07-12-21.4 - Jess 2007-12-30 16:29:20.2 - NTFSx86
Microsoft Windows XP Professional  5.1.2600.2.1252.1.1030.18.368 [GMT 1:00]
Running from: C:\Documents and Settings\Jess\Skrivebord\viruscleaner\ComboFix.exe
.

(((((((((((((((((((((((((  Files Created from 2007-11-28 to 2007-12-30  )))))))))))))))))))))))))))))))
.

2007-12-18 22:54 . 2007-12-18 22:54    <DIR>    d--------    C:\WINDOWS\Casino Classic Flash Casino
2007-12-18 22:51 . 2007-12-18 22:51    <DIR>    d--------    C:\Documents and Settings\All Users\Application Data\MGS
2007-12-18 22:45 . 2007-12-18 22:45    <DIR>    d--------    C:\MicroGaming
2007-12-06 15:21 . 2007-12-06 15:21    <DIR>    d--------    C:\Programmer\MySpeedyAlert
2007-11-29 19:55 . 2006-09-28 16:05    2,414,360    --a------    C:\WINDOWS\system32\d3dx9_31.dll
2007-11-29 19:55 . 2006-09-28 16:04    68,888    --a------    C:\WINDOWS\system32\xinput1_3.dll
2007-11-29 19:54 . 2007-11-29 19:54    <DIR>    d--------    C:\WINDOWS\system32\AGEIA
2007-11-29 19:54 . 2007-11-29 19:54    <DIR>    d--------    C:\Programmer\AGEIA Technologies
2007-11-27 19:09 . 2007-10-11 00:52    6,065,664    -----c---    C:\WINDOWS\system32\dllcache\ieframe.dll
2007-11-27 19:09 . 2007-04-17 10:32    2,455,488    -----c---    C:\WINDOWS\system32\dllcache\ieapfltr.dat
2007-11-27 19:09 . 2007-03-08 06:09    1,015,808    -----c---    C:\WINDOWS\system32\dllcache\ieframe.dll.mui
2007-11-27 19:09 . 2007-10-11 00:52    459,264    -----c---    C:\WINDOWS\system32\dllcache\msfeeds.dll
2007-11-27 19:09 . 2007-10-11 00:52    383,488    -----c---    C:\WINDOWS\system32\dllcache\ieapfltr.dll
2007-11-27 19:09 . 2007-10-11 00:52    267,776    -----c---    C:\WINDOWS\system32\dllcache\iertutil.dll
2007-11-27 19:09 . 2007-10-11 00:52    63,488    -----c---    C:\WINDOWS\system32\dllcache\icardie.dll
2007-11-27 19:09 . 2007-10-11 00:52    52,224    -----c---    C:\WINDOWS\system32\dllcache\msfeedsbs.dll
2007-11-27 19:09 . 2007-10-10 11:59    13,824    -----c---    C:\WINDOWS\system32\dllcache\ieudinit.exe
2007-11-27 19:08 . 2007-11-27 19:09    <DIR>    d--------    C:\WINDOWS\system32\da-dk

.
((((((((((((((((((((((((((((((((((((((((  Find3M Report  ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2007-12-30 14:27    ---------    d-----w    C:\Programmer\SUPERAntiSpyware
2007-12-28 20:59    ---------    d-----w    C:\Documents and Settings\Jess\Application Data\SUPERAntiSpyware.com
2007-12-28 20:58    ---------    d-----w    C:\Programmer\Fælles filer\Wise Installation Wizard
2007-12-04 14:56    93,264    ----a-w    C:\WINDOWS\system32\drivers\aswmon.sys
2007-12-04 14:55    94,544    ----a-w    C:\WINDOWS\system32\drivers\aswmon2.sys
2007-12-04 14:53    23,152    ----a-w    C:\WINDOWS\system32\drivers\aswRdr.sys
2007-12-04 14:51    42,912    ----a-w    C:\WINDOWS\system32\drivers\aswTdi.sys
2007-12-04 14:49    26,624    ----a-w    C:\WINDOWS\system32\drivers\aavmker4.sys
2007-12-04 13:04    837,496    ----a-w    C:\WINDOWS\system32\aswBoot.exe
2007-12-04 12:54    95,608    ----a-w    C:\WINDOWS\system32\AVASTSS.scr
2007-12-03 20:10    ---------    d-----w    C:\Programmer\DC++
2007-11-13 10:25    20,480    ----a-w    C:\WINDOWS\system32\drivers\secdrv.sys
2007-11-06 22:10    ---------    d-----w    C:\Documents and Settings\All Users\Application Data\Apple Computer
2007-11-06 22:06    ---------    d-----w    C:\Programmer\3GP Player
2007-10-29 22:44    1,291,776    ----a-w    C:\WINDOWS\system32\quartz.dll
2007-10-25 08:28    222,720    ----a-w    C:\WINDOWS\system32\wmasf.dll
2007-09-20 20:40    43,520    ----a-w    C:\WINDOWS\system32\CmdLineExt03.dll
2007-01-22 20:47    87,608    ----a-w    C:\Documents and Settings\Jess\Application Data\ezpinst.exe
2007-01-22 20:47    47,360    ----a-w    C:\Documents and Settings\Jess\Application Data\pcouffin.sys
2006-11-22 19:00    20,808    ----a-w    C:\Documents and Settings\Jess\Application Data\GDIPFONTCACHEV1.DAT
2006-11-19 20:49    25,600    ----a-w    C:\Documents and Settings\Jess\usbsermptxp.sys
2006-11-19 20:49    22,768    ----a-w    C:\Documents and Settings\Jess\usbsermpt.sys
2006-12-30 17:31    56    --sh--r    C:\WINDOWS\system32\68DD50F73C.sys
2006-12-30 17:31    1,682    --sha-w    C:\WINDOWS\system32\KGyGaAvL.sys
.

(((((((((((((((((((((((((((((  snapshot@2007-12-28_23.01.05,75  )))))))))))))))))))))))))))))))))))))))))
.
- 2007-12-28 21:57:04    226,305    ----a-w    C:\WINDOWS\system32\inetsrv\MetaBase.bin
+ 2007-12-30 15:16:50    226,302    ----a-w    C:\WINDOWS\system32\inetsrv\MetaBase.bin
+ 2007-12-30 15:12:44    16,384    ----atw    C:\WINDOWS\Temp\Perflib_Perfdata_620.dat
.
(((((((((((((((((((((((((((((((((((((  Reg Loading Points  ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"MsnMsgr"="C:\Programmer\MSN Messenger\MsnMsgr.exe" [2007-01-19 12:55]
"DAEMON Tools"="C:\Programmer\DAEMON Tools\daemon.exe" [2006-11-12 11:48]
"ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-26 17:53]
"SUPERAntiSpyware"="C:\Programmer\SUPERAntiSpyware\SUPERAntiSpyware.exe" [2007-04-23 15:46]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"avast!"="C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe" [2007-12-04 14:00]
"SunJavaUpdateSched"="C:\Programmer\Java\jre1.6.0_03\bin\jusched.exe" [2007-09-25 00:11]
"Logitech Hardware Abstraction Layer"="KHALMNPR.EXE" [2006-05-10 09:48 C:\WINDOWS\KHALMNPR.Exe]
"RTHDCPL"="RTHDCPL.EXE" [2005-12-09 08:49 C:\WINDOWS\RTHDCPL.exe]
"KONICA MINOLTA magicolor 2400W STD"="C:\WINDOWS\system32\MSTMON_S.exe" [2004-09-28 01:00]
"RemoteControl"="C:\Programmer\CyberLink\PowerDVD\PDVDServ.exe" [2004-11-02 20:24]
"NeroCheck"="C:\WINDOWS\system32\NeroCheck.exe" [2001-07-09 11:50]
"ATICCC"="C:\Programmer\ATI Technologies\ATI.ACE\CLIStart.exe" [2006-05-10 10:12]
"My Speedy Alert"="C:\Programmer\MySpeedyAlert\Main.exe" [2007-11-25 16:43]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\System32\CTFMON.EXE" [2004-08-26 17:53]

C:\Documents and Settings\All Users\Menuen Start\Programmer\Start\
Adobe Reader Hurtigstart.lnk - C:\Programmer\Adobe\Acrobat 7.0\Reader\reader_sl.exe [2005-09-23 22:05:26]
Logitech SetPoint.lnk - C:\Programmer\Logitech\SetPoint\SetPoint.exe [2006-11-19 23:38:26]
Microsoft Office.lnk - C:\Programmer\Microsoft Office\Office10\OSA.EXE [2001-02-13 10:01:04]

[hkey_local_machine\software\microsoft\windows\currentversion\explorer\shellexecutehooks]
"{93994DE8-8239-4655-B1D1-5F4E91300429}"= C:\PROGRA~1\DVDREG~1\DVDShell.dll [2004-10-09 15:18 49152]
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= C:\Programmer\SUPERAntiSpyware\SASSEH.DLL [2006-12-20 13:55 77824]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\!SASWinLogon]
C:\Programmer\SUPERAntiSpyware\SASWINLO.dll 2007-04-19 13:41 294912 C:\Programmer\SUPERAntiSpyware\SASWINLO.dll

R0 m5288;m5288;C:\WINDOWS\system32\drivers\m5288.sys [2005-12-23 23:54]
R2 LBeepKE;LBeepKE;C:\WINDOWS\system32\Drivers\LBeepKE.sys [2006-06-30 00:53]
R2 SMTPSVC;Simple Mail Transport Protocol (SMTP);C:\WINDOWS\system32\inetsrv\inetinfo.exe [2004-08-26 17:53]
R3 ULI5261XP;ULi M526X Ethernet NT Driver;C:\WINDOWS\system32\DRIVERS\ULILAN51.SYS [2005-03-22 20:36]

.
**************************************************************************

catchme 0.3.1333 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2007-12-30 16:32:40
Windows 5.1.2600 Service Pack 2 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************
.
Completion time: 2007-12-30 16:33:39
.
2007-12-11 22:58:47    --- E O F --- 
_________________________________________________________________



********************************* ROOTCHK-(5-12-07)-LOG, by ejvindh
30-12-2007 16:28:03,81

The rootkits that are detected by this tool were not found.

********************************* ROOTCHK-LOG-end


catchme 0.3.1319 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2007-12-30 16:28:06
Windows 5.1.2600 Service Pack 2
scanning hidden processes ...

scanning hidden services & system hive ...
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\sptd\Cfg]
"s1"=dword:b318b6a2
"s2"=dword:f3c7f01f
"h0"=dword:00000002
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04]
"p0"="C:\Programmer\Alcohol Soft\Alcohol 120\"
"h0"=dword:00000001
"ujdew"=hex:41,51,46,46,47,b3,19,c3,67,8c,5d,37,ed,fd,f8,ac,80,2a,78,af,48,..
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4]
"h0"=dword:00000000
"khjeh"=hex:1a,0a,5e,3f,fc,3e,73,41,b3,0e,f1,a8,c2,68,44,dd,9a,c2,4e,fa,8a,..
"p0"="C:\Programmer\DAEMON Tools\"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001]
"khjeh"=hex:cc,ab,55,93,6c,11,46,fc,a8,a3,9b,0b,fb,2b,7d,ba,ca,7c,3a,6a,a9,..
"a0"=hex:20,01,00,00,d0,df,4f,84,c1,07,8a,83,48,ef,02,ed,84,7d,44,1c,06,..
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf40]
"khjeh"=hex:05,81,21,2d,aa,d2,22,ba,34,61,ea,cf,4a,a1,26,de,87,27,bf,34,09,..
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf41]
"khjeh"=hex:76,9d,46,17,a8,c5,b5,ae,0d,6d,4d,9a,af,4d,a5,6b,0b,9e,57,bc,08,..
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf42]
"khjeh"=hex:99,c4,d0,4a,dc,c7,5c,52,54,9b,14,35,4b,26,05,08,de,7b,01,ed,90,..
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04]
"p0"="C:\Programmer\Alcohol Soft\Alcohol 120\"
"h0"=dword:00000001
"ujdew"=hex:41,51,46,46,47,b3,19,c3,67,8c,5d,37,ed,fd,f8,ac,80,2a,78,af,48,..
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4]
"h0"=dword:00000000
"khjeh"=hex:1a,0a,5e,3f,fc,3e,73,41,b3,0e,f1,a8,c2,68,44,dd,9a,c2,4e,fa,8a,..
"p0"="C:\Programmer\DAEMON Tools\"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001]
"khjeh"=hex:cc,ab,55,93,6c,11,46,fc,a8,a3,9b,0b,fb,2b,7d,ba,ca,7c,3a,6a,a9,..
"a0"=hex:20,01,00,00,d0,df,4f,84,c1,07,8a,83,48,ef,02,ed,84,7d,44,1c,06,..
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf40]
"khjeh"=hex:05,81,21,2d,aa,d2,22,ba,34,61,ea,cf,4a,a1,26,de,87,27,bf,34,09,..
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf41]
"khjeh"=hex:76,9d,46,17,a8,c5,b5,ae,0d,6d,4d,9a,af,4d,a5,6b,0b,9e,57,bc,08,..
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf42]
"khjeh"=hex:99,c4,d0,4a,dc,c7,5c,52,54,9b,14,35,4b,26,05,08,de,7b,01,ed,90,..

scanning hidden registry entries ...

scanning hidden files ...

hidden processes: 0
hidden services: 0
hidden files: 0
__________________________________________________________________


SUPERAntiSpyware Scan Log
http://www.superantispyware.com

Generated 12/30/2007 at 04:03 PM

Application Version : 3.7.1018

Core Rules Database Version : 3370
Trace Rules Database Version: 1365

Scan type      : Complete Scan
Total Scan Time : 00:35:35

Memory items scanned      : 164
Memory threats detected  : 0
Registry items scanned    : 5567
Registry threats detected : 0
File items scanned        : 56636
File threats detected    : 18

Adware.Casino Games (Golden Palace Casino)
    C:\CASINO\BET365CASINO\CASINO.EXE
    C:\CASINO\PLAYGATE CASINO\CASINO.EXE
    C:\DOCUMENTS AND SETTINGS\ALL USERS\MENUEN START\PROGRAMMER\BET365CASINO\BET365CASINO.LNK
    C:\DOCUMENTS AND SETTINGS\ALL USERS\MENUEN START\PROGRAMMER\EUROPA CASINO\EUROPA CASINO.LNK
    C:\DOCUMENTS AND SETTINGS\ALL USERS\MENUEN START\PROGRAMMER\PLAYGATE CASINO\PLAYGATE CASINO.LNK
    C:\DOCUMENTS AND SETTINGS\ALL USERS\SKRIVEBORD\BET365CASINO.LNK
    C:\DOCUMENTS AND SETTINGS\ALL USERS\SKRIVEBORD\EUROPA CASINO.LNK
    C:\DOCUMENTS AND SETTINGS\JESS\APPLICATION DATA\MICROSOFT\INTERNET EXPLORER\QUICK LAUNCH\EUROPA CASINO.LNK
    C:\DOCUMENTS AND SETTINGS\JESS\SKRIVEBORD\VæRKTøJER\BET365CASINO.LNK
    C:\WINDOWS\Prefetch\CASINO.EXE-1FE492E7.pf

Adware.Tracking Cookie
    C:\Documents and Settings\Jess\Cookies\jess@2o7[2].txt
    C:\Documents and Settings\Jess\Cookies\jess@casalemedia[1].txt
    C:\Documents and Settings\Jess\Cookies\jess@counter7.sextracker[1].txt
    C:\Documents and Settings\Jess\Cookies\jess@doubleclick[1].txt
    C:\Documents and Settings\Jess\Cookies\jess@galleries.adult-empire[2].txt
    C:\Documents and Settings\Jess\Cookies\jess@sextracker[2].txt
    C:\Documents and Settings\Jess\Cookies\jess@track.adform[1].txt
    C:\Documents and Settings\Jess\Cookies\jess@tradedoubler[1].txt
Avatar billede levich Nybegynder
30. december 2007 - 17:32 #1
Det ser ikke ud til, at der er noget snavs.
Hvordan oplever du problemer?
Avatar billede jessrasmussen Nybegynder
30. december 2007 - 18:07 #2
Hej levich

Jeg har ikke oplevet nogle problemer, det var bare lang tid siden at jeg havde "ryddet" op i min computer og da jeg havde et par fridage i denne dejlige tid var det jo oplagt at få det gjort.

Det er dejligt at der er nogle der gider at hjælpe os med at holde vores computere i fin form.

Godt Nytår

Smid et svar

Med Venlig Hilsen

Jess
Avatar billede Computer Hjælp (Gratis) Mester
30. december 2007 - 18:14 #3
Generelt - pas på med C:\Programmer\DC++
http://www.spywarefri.dk/forum/topic.asp?TOPIC_ID=40284

--------------
Mht oprydning -> Registreringsdatabase oprydning kan anbefales ->
RegCleaner http://www.ccleaner.com/ + http://www.spywarefri.dk/manualer/ccleaner-manual.htm (Specielt punktet [Register]...)
Under installationen får du tilbudt [Yahoo Toolbar]. Du kan sige ja eller NEJ til den.
Avatar billede jessrasmussen Nybegynder
30. december 2007 - 18:22 #4
jeg har brugt fromsej's "Ny og kraftigt ændret vejledning til fjernelse af diverse utøj." http://www.eksperten.dk/artikler/1123 og der var ccleaner imellem. det har virket rigtigt godt.
Avatar billede jessrasmussen Nybegynder
30. december 2007 - 18:48 #5
Den der ErrorSmart "Speed up Windows XP", kan den anbefales.
Avatar billede levich Nybegynder
30. december 2007 - 19:29 #6
svar
Avatar billede Ny bruger Nybegynder

Din løsning...

Tilladte BB-code-tags: [b]fed[/b] [i]kursiv[/i] [u]understreget[/u] Web- og emailadresser omdannes automatisk til links. Der sættes "nofollow" på alle links.

Loading billede Opret Preview
Kategori
Se alle it-kurser fra Computerworld Kurser
IT-kurser om Microsoft 365, sikkerhed, personlig vækst, udvikling, digital markedsføring, grafisk design, SAP og forretningsanalyse.
Se alle it-kurser

Flere spørgsmål fra Virus kategorien

Titel Indlæg Oprettet Seneste aktivitet
Findes der mon et Antivirus program, som ikke, konstant, reklamerer, for at købe ? Af Ikke-ekspert i Virus 21 22/06/202419:22 23/06/202412:54
Anbefaling af antivirusprogram med firewall Af OnePlusFan i Virus 23 07/05/202421:02 13/05/202419:48
trusler Af gerhardpet i Virus 4 26/01/202410:02 27/01/202408:32
Kan ikke fjerne virus Af mik28 i Virus 16 09/01/202416:37 10/01/202419:59
virusscanning Af JetteD i Virus 2 10/11/202312:55 10/11/202316:36
Se alle spørgsmål i kategorien Opret spørgsmål

Log ind eller opret profil

Hov!

For at kunne deltage på Computerworld Eksperten skal du være logget ind.

Det er heldigvis nemt at oprette en bruger: Det tager to minutter og du kan vælge at bruge enten e-mail, Facebook eller Google som login.

Opret Log ind

Du kan også logge ind via nedenstående tjenester



Alle kategorier på Eksperten
Seneste spørgsmål Seneste aktivitet
I dag 11:43 Gmail-ikon på skrivebordet Win 10 Af ErikHg i Fri debat
I dag 09:22 Lopslag Af Luffe i Excel
I går 19:15 Personlige indstillinger på Facebook Af nu_igen i Sociale medier
I går 17:56 Bluetooth Højttalersæt Af valby i Andet hardware
I går 16:52 Flextids registrering Af Kenneth Kirsgart i Excel
White papers
Flere white papers »


Premium
Teaser billede
Rigsrevisionen undersøger it-sikkerheden i Banedanmarks signalsystem
Læs mere »
Nye prisstigninger kan være på vej til VMware-kunder: Priser står til flerdobling
Oplæring i ny it skaber frustrationer: Mange ansatte føler, at de spilder tiden
AI kan gøre danske projektledere arbejdsløse, hvis ikke de passer på: "Både hastigheden og præcisionen i arbejdet vil stige "
Se alle »
Computerworld
Teaser billede
Softwarefirmaet Teamviewer med 640.000 kunder globalt ramt af avanceret hackerangreb
Læs mere »
En pladesaks, 1000W og et Nvidia-grafikkort til 14.000 kroner - sådan opgraderede jeg min pc
Test: Endelig en skærm der er god til alt - lige fra gaming og underholdning til kontorbrug
I dag træder nye de regler om registrering af din arbejdstid i kraft: Er du klar?
Se alle »
CIO
Teaser billede
Efter stort hackerangreb mod Teamviewer: Stop dine opdateringer og tjek opsætningen nu
Læs mere »
I dag træder nye de regler om registrering af din arbejdstid i kraft: Er du klar?
Frygtet melding: Russiske hackere har stjålet Microsoft-kunders e-mails
Russisk hack af Microsoft er meget større end først antaget
Se alle »
Job & Karriere
Teaser billede
Bo solgte sit software-system for et treciftret millionbeløb: Brugte pengene på at købe 80 medarbejdere til ny storsatsning
Læs mere »
Norlys skal splittes op i fem selskaber: Nu bliver flere ansatte og ledere fyret
Dansk top-profil trækker sig fra Microsoft: Skal være direktør i TDC Erhverv
IBM Danmark skifter ud i sin øverste ledelse - her er den nye direktion
Se alle »
White paper
Teaser billede
Unbreakable - sådan sikrer du dig vedvarende og uafbrudt adgang til dine data
Læs mere »
Samlet platform sikrer sammenhæng, kontrol og sikkerhed i hybrid cloud
Sådan gør du: Elektronisk dokumentudveksling i praksis
Sådan får du overblik og beskytter dine cloudapplikationer
Se alle »

Events
Flere events »
White papers
Flere white papers »
IT-Kurser
Se alle vores it-kurser »