jmor Skrevet 1. september 2008 Del Skrevet 1. september 2008 (endret) Har fulgt guiden her og håper noen kan se over logfilene..... Og et annet spørsmål? Kan jeg bare avinstallere alle de nedlasteden programmene etter at loggen er "godkjent"?!?! Klikk for å se/fjerne innholdet nedenfor <ComboFix 08-08-31.01 - ostjour51 2008-09-01 10:52:12.1 - NTFSx86Microsoft Windows XP Professional 5.1.2600.2.1252.47.1044.18.1430 [GMT 2:00] Running from: C:\Documents and Settings\ostjour51.OSTLENDINGEN\Skrivebord\ComboFix.exe * Created a new restore point WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !! . ((((((((((((((((((((((((((((((((((((((( Other Deletions ))))))))))))))))))))))))))))))))))))))))))))))))) . C:\WINDOWS\system32\x64 . ((((((((((((((((((((((((( Files Created from 2008-08-01 to 2008-09-01 ))))))))))))))))))))))))))))))) . 2008-09-01 10:32 . 2008-09-01 10:32 <DIR> d-------- C:\Programfiler\SUPERAntiSpyware 2008-09-01 10:32 . 2008-09-01 10:32 <DIR> d-------- C:\Documents and Settings\ostjour51.OSTLENDINGEN\Programdata\SUPERAntiSpyware.com 2008-09-01 10:32 . 2008-09-01 10:32 <DIR> d-------- C:\Documents and Settings\All Users\Programdata\SUPERAntiSpyware.com 2008-09-01 10:31 . 2008-09-01 10:31 <DIR> d-------- C:\Programfiler\Fellesfiler\Wise Installation Wizard 2008-09-01 10:29 . 2008-09-01 10:29 <DIR> dr-h----- C:\Documents and Settings\ostjour51.OSTLENDINGEN\Siste 2008-09-01 10:27 . 2008-09-01 10:27 <DIR> d-------- C:\Programfiler\CCleaner 2008-08-27 09:51 . 2008-08-27 09:51 <DIR> d-------- C:\Programfiler\Spybot - Search & Destroy 2008-08-27 09:51 . 2008-09-01 10:29 <DIR> d-------- C:\Documents and Settings\All Users\Programdata\Spybot - Search & Destroy 2008-08-27 09:43 . 2008-08-27 11:38 10,752 --a------ C:\WINDOWS\DCEBoot.exe 2008-08-07 15:16 . 2008-08-12 00:26 <DIR> d-------- C:\Documents and Settings\ostjour51.OSTLENDINGEN\Programdata\LimeWire 2008-08-07 15:16 . 2008-06-10 02:32 73,728 --a------ C:\WINDOWS\system32\javacpl.cpl 2008-08-07 15:15 . 2008-08-07 15:16 <DIR> d-------- C:\Programfiler\Java 2008-08-07 15:15 . 2008-08-07 15:15 <DIR> d-------- C:\Programfiler\Fellesfiler\Java 2008-08-07 15:14 . 2008-08-07 15:15 <DIR> d-------- C:\Programfiler\LimeWire 2008-08-07 14:14 . 2008-08-07 14:14 1,585,673 --a------ C:\07SPOSundet shot.JPG . (((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2008-08-25 10:42 --------- d-----w C:\Programfiler\FotoStation Pro 2008-08-14 16:16 --------- d-----w C:\Documents and Settings\ostjour51.OSTLENDINGEN\Programdata\ICAClient 2008-07-07 20:33 253,952 ----a-w C:\WINDOWS\system32\es.dll 2008-07-07 20:33 253,952 ----a-w C:\WINDOWS\system32\dllcache\es.dll 2008-06-24 16:24 74,240 ----a-w C:\WINDOWS\system32\mscms.dll 2008-06-24 16:24 74,240 ----a-w C:\WINDOWS\system32\dllcache\mscms.dll 2008-06-24 08:57 3,592,192 ------w C:\WINDOWS\system32\dllcache\mshtml.dll 2008-06-23 09:23 625,664 ------w C:\WINDOWS\system32\dllcache\iexplore.exe 2008-06-23 09:22 70,656 ------w C:\WINDOWS\system32\dllcache\ie4uinit.exe 2008-06-23 09:20 13,824 ------w C:\WINDOWS\system32\dllcache\ieudinit.exe 2008-06-21 05:23 161,792 ------w C:\WINDOWS\system32\dllcache\ieakui.dll 2008-06-20 17:43 246,784 ----a-w C:\WINDOWS\system32\mswsock.dll 2008-06-20 17:43 246,784 ----a-w C:\WINDOWS\system32\dllcache\mswsock.dll 2008-06-20 17:43 148,992 ----a-w C:\WINDOWS\system32\dllcache\dnsapi.dll 2008-06-20 10:45 360,320 ----a-w C:\WINDOWS\system32\dllcache\tcpip.sys 2008-06-20 10:44 138,368 ----a-w C:\WINDOWS\system32\dllcache\afd.sys 2008-06-20 09:52 225,920 ----a-w C:\WINDOWS\system32\dllcache\tcpip6.sys 2008-06-17 12:26 20 ---h--w C:\Documents and Settings\All Users\Programdata\PKP_DLbz.DAT 2008-06-14 18:00 272,256 ------w C:\WINDOWS\system32\dllcache\bthport.sys . ((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))))) . . *Note* empty entries & legit default entries are not shown REGEDIT4 [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-04 14:00 15360] "QuickTime Task"="C:\Programfiler\QuickTime\qttask.exe" [2008-04-03 10:59 155648] "MsnMsgr"="C:\Programfiler\Windows Live\Messenger\MsnMsgr.Exe" [2007-10-18 11:34 5724184] "MSMSGS"="C:\Programfiler\Messenger\msmsgs.exe" [2004-10-13 18:24 1694208] "SpybotSD TeaTimer"="C:\Programfiler\Spybot - Search & Destroy\TeaTimer.exe" [2008-07-07 09:42 2156368] "SUPERAntiSpyware"="C:\Programfiler\SUPERAntiSpyware\SUPERAntiSpyware.exe" [2008-08-19 23:34 1576176] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "ATSwpNav"="C:\Programfiler\Fingerprint Sensor\ATSwpNav -run" [X] "HotKeysCmds"="C:\WINDOWS\system32\hkcmd.exe" [2007-02-26 12:34 155648] "Persistence"="C:\WINDOWS\system32\igfxpers.exe" [2007-02-26 12:33 131072] "SynTPEnh"="C:\Programfiler\Synaptics\SynTP\SynTPEnh.exe" [2006-06-09 08:26 794713] "PSUtility"="C:\AddOn\Fujitsu\PSUtility\TrayManager.exe" [2006-07-05 12:57 118784] "TvOutSwitch"="C:\AddOn\Fujitsu\DispSwitch\DispSwitchLauncher.exe" [2006-08-02 19:13 81920] "LoadFUJ02E3"="C:\Programfiler\Fujitsu\FUJ02E3\FUJ02E3.exe" [2006-11-17 15:38 80688] "SSUtility"="C:\AddOn\Fujitsu\SSUtility\FJSSDMN.exe" [2006-07-22 19:10 233472] "IndicatorUtility"="C:\Programfiler\Fujitsu\Fujitsu Hotkey Utility\IndicatorUty.exe" [2006-04-20 14:23 90112] "LoadFujitsuQuickTouch"="C:\AddOn\Fujitsu\Application Panel\QuickTouch.exe" [2005-07-21 14:21 353792] "LoadBtnHnd"="C:\Programfiler\Fujitsu\BtnHnd\BtnHnd.exe" [2005-07-21 14:20 61440] "WatcherHelper"="C:\Programfiler\Sierra Wireless Inc\3G Watcher\WaHelper.exe" [2007-03-28 15:14 114688] "iTunesHelper"="C:\Programfiler\iTunes\iTunesHelper.exe" [2005-12-20 20:54 278528] "QuickTime Task"="C:\Programfiler\QuickTime\qttask.exe" [2008-04-03 10:59 155648] "OfficeScanNT Monitor"="C:\Programfiler\Trend Micro\OfficeScan Client\pccntmon.exe" [2007-12-11 20:31 710000] "SunJavaUpdateSched"="C:\Programfiler\Java\jre1.6.0_07\bin\jusched.exe" [2008-06-10 04:27 144784] "RTHDCPL"="RTHDCPL.EXE" [2007-02-26 09:03 16125440 C:\WINDOWS\RTHDCPL.EXE] "SkyTel"="SkyTel.EXE" [2006-05-16 12:04 2879488 C:\WINDOWS\SkyTel.exe] "AGRSMMSG"="AGRSMMSG.exe" [2006-06-29 14:32 89541 C:\WINDOWS\AGRSMMSG.exe] [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="C:\WINDOWS\system32\CTFMON.EXE" [2004-08-04 14:00 15360] C:\Documents and Settings\All Users\Start-meny\Programmer\Oppstart\ Adobe Gamma Loader.lnk - C:\Programfiler\Fellesfiler\Adobe\Calibration\Adobe Gamma Loader.exe [2008-04-07 11:50:35 113664] Bluetooth Manager.lnk - C:\Programfiler\Toshiba\Bluetooth Toshiba Stack\TosBtMng.exe [2007-02-27 14:31:34 2756608] Hurtigstart for Adobe Reader.lnk - C:\Programfiler\Adobe\Acrobat 7.0\Reader\reader_sl.exe [2005-09-23 22:05:26 29696] Microsoft Office.lnk - C:\Programfiler\Microsoft Office\Office10\OSA.EXE [2001-02-13 10:01:04 83360] Program Neighborhood Agent.lnk - C:\Programfiler\Citrix\ICA Client\pnagent.exe [2006-11-08 18:33:12 233744] [hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks] "{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= "C:\Programfiler\SUPERAntiSpyware\SASSEH.DLL" [2008-05-13 10:13 77824] [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\!SASWinLogon] 2008-07-23 16:28 352256 C:\Programfiler\SUPERAntiSpyware\SASWINLO.dll [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\FJWSEL] 2006-06-29 15:45 32768 C:\WINDOWS\system32\FJWSWNP.dll [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\PSUTY] 2006-06-02 18:04 32768 C:\WINDOWS\system32\PSUWNP.dll [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\TrendAntiVirus] "DisableMonitoring"=dword:00000001 [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "%windir%\\system32\\sessmgr.exe"= "<NO NAME>"= "C:\\Programfiler\\Sierra Wireless Inc\\3G Watcher\\SwiApiMux.exe"= "C:\\Programfiler\\iTunes\\iTunes.exe"= "%windir%\\Network Diagnostic\\xpnetdiag.exe"= "C:\\Programfiler\\Windows Live\\Messenger\\msnmsgr.exe"= "C:\\Programfiler\\Windows Live\\Messenger\\livecall.exe"= "C:\\Programfiler\\LimeWire\\LimeWire.exe"= [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List] "42385:TCP"= 42385:TCP:Trend Micro OfficeScan Listener R0 FJGSDisk;G-Sensor Application Filter Driver;C:\WINDOWS\system32\DRIVERS\FJGSDisk.sys [2008-04-02 13:36] R0 O2MDRDR;O2MDRDR;C:\WINDOWS\system32\DRIVERS\o2media.sys [2006-10-03 06:23] R0 O2SDRDR;O2SDRDR;C:\WINDOWS\system32\DRIVERS\o2sd.sys [2007-05-11 10:56] R3 FUJ02E3;Fujitsu FUJ02E3 Device Driver;C:\WINDOWS\system32\DRIVERS\FUJ02E3.sys [2004-01-17 13:15] R3 SWNC8U32;Sierra Wireless MUX NDIS Driver (UMTS32);C:\WINDOWS\system32\DRIVERS\swnc8u32.sys [2007-03-12 17:17] R3 SWUMX32;Sierra Wireless USB MUX Driver (UMTS32);C:\WINDOWS\system32\DRIVERS\swumx32.sys [2007-03-12 16:18] S2 LvIBTSvr;Logitech IBT Service;C:\Programfiler\Fellesfiler\LogiShrd\LvIBTSvr\LvIBTSvr.exe [2007-04-02 23:29] *Newly Created Service* - CATCHME *Newly Created Service* - PROCEXP90 . - - - - ORPHANS REMOVED - - - - HKLM-Run-AirCardEnabler - (no file) Notify-1c8a3362382 - (no file) Notify-__c0060DE4 - (no file) . ------- Supplementary Scan ------- . R0 -: HKCU-Main,Start Page = hxxp://www.ostlendingen.no/apps/pbcs.dll/forside O8 -: E&ksporter til Microsoft Excel - C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000 . ************************************************************************** catchme 0.3.1361 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2008-09-01 10:53:35 Windows 5.1.2600 Service Pack 2 NTFS scanning hidden processes ... scanning hidden autostart entries ... scanning hidden files ... scan completed successfully hidden files: 0 ************************************************************************** . Completion time: 2008-09-01 10:54:21 ComboFix-quarantined-files.txt 2008-09-01 08:54:15 Pre-Run: 111,229,624,320 byte ledig Post-Run: 111,276,896,256 byte ledig 146 --- E O F --- 2008-08-13 01:01:53 SUPERAntiSpyware Scan Log http://www.superantispyware.com Generated 09/01/2008 at 10:44 AM Application Version : 4.20.1046 Core Rules Database Version : 3553 Trace Rules Database Version: 1542 Scan type : Quick Scan Total Scan Time : 00:10:37 Memory items scanned : 538 Memory threats detected : 0 Registry items scanned : 431 Registry threats detected : 6 File items scanned : 4878 File threats detected : 12 Adware.Tracking Cookie C:\Documents and Settings\ostjour51.OSTLENDINGEN\Cookies\[email protected][1].txt C:\Documents and Settings\administrator.OSTLENDINGEN\Cookies\administrator@atdmt[1].txt C:\Documents and Settings\administrator.OSTLENDINGEN\Cookies\[email protected][1].txt C:\Documents and Settings\ostjour51\Cookies\ostjour51@advertising[1].txt C:\Documents and Settings\ostjour51\Cookies\ostjour51@atdmt[2].txt C:\Documents and Settings\ostjour51\Cookies\[email protected][1].txt C:\Documents and Settings\ostjour51\Cookies\ostjour51@adtech[1].txt C:\Documents and Settings\ostjour51\Cookies\ostjour51@2o7[2].txt C:\Documents and Settings\ostjour51\Cookies\ostjour51@tradedoubler[1].txt C:\Documents and Settings\ostjour51\Cookies\ostjour51@overture[2].txt C:\Documents and Settings\ostjour51\Cookies\[email protected][2].txt C:\Documents and Settings\ostjour51\Cookies\[email protected][1].txt Trojan.Unclassified/C00-WL HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\WINLOGON\NOTIFY\__C0060DE4 HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\WINLOGON\NOTIFY\__C0060DE4#Asynchronous HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\WINLOGON\NOTIFY\__C0060DE4#DllName HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\WINLOGON\NOTIFY\__C0060DE4#Impersonate HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\WINLOGON\NOTIFY\__C0060DE4#Startup HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\WINLOGON\NOTIFY\__C0060DE4#Logon Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 11:05, on 2008-09-01 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.6000.16705) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\Programfiler\Trend Micro\OfficeScan Client\ntrtscan.exe C:\WINDOWS\system32\svchost.exe C:\Programfiler\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe C:\Programfiler\Trend Micro\OfficeScan Client\tmlisten.exe C:\Programfiler\Trend Micro\OfficeScan Client\CNTAoSMgr.exe C:\WINDOWS\RTHDCPL.EXE C:\WINDOWS\AGRSMMSG.exe C:\WINDOWS\system32\hkcmd.exe C:\WINDOWS\system32\igfxpers.exe C:\WINDOWS\system32\igfxsrvc.exe C:\Programfiler\Synaptics\SynTP\SynTPEnh.exe C:\AddOn\Fujitsu\PSUtility\TrayManager.exe C:\AddOn\Fujitsu\DispSwitch\DispSwitchLauncher.exe C:\Programfiler\Fujitsu\FUJ02E3\FUJ02E3.exe C:\AddOn\Fujitsu\SSUtility\FJSSDMN.exe C:\Programfiler\Fujitsu\Fujitsu Hotkey Utility\IndicatorUty.exe C:\AddOn\Fujitsu\Application Panel\QuickTouch.exe C:\Programfiler\Fujitsu\BtnHnd\BtnHnd.exe C:\Programfiler\Fingerprint Sensor\ATSwpNav.exe C:\Programfiler\Sierra Wireless Inc\3G Watcher\WaHelper.exe C:\Programfiler\iTunes\iTunesHelper.exe C:\Programfiler\QuickTime\qttask.exe C:\Programfiler\Trend Micro\OfficeScan Client\pccntmon.exe C:\Programfiler\Java\jre1.6.0_07\bin\jusched.exe C:\WINDOWS\system32\ctfmon.exe C:\Programfiler\iPod\bin\iPodService.exe C:\Programfiler\SUPERAntiSpyware\SUPERAntiSpyware.exe C:\Programfiler\Toshiba\Bluetooth Toshiba Stack\TosBtMng.exe C:\Programfiler\Citrix\ICA Client\pnagent.exe C:\Programfiler\Toshiba\Bluetooth Toshiba Stack\TosA2dp.exe C:\Programfiler\Toshiba\Bluetooth Toshiba Stack\TosBtHid.exe C:\Programfiler\Toshiba\Bluetooth Toshiba Stack\TosAVRC.exe C:\Programfiler\Toshiba\Bluetooth Toshiba Stack\tosOBEX.exe C:\Programfiler\Toshiba\Bluetooth Toshiba Stack\tosBtProc.exe C:\WINDOWS\system32\wuauclt.exe C:\WINDOWS\explorer.exe C:\Programfiler\Spybot - Search & Destroy\TeaTimer.exe C:\Programfiler\Internet Explorer\IEXPLORE.EXE C:\Programfiler\Fellesfiler\Microsoft Shared\Windows Live\WLLoginProxy.exe C:\Documents and Settings\ostjour51.OSTLENDINGEN\Skrivebord\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.ostlendingen.no/apps/pbcs.dll/forside R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koblinger O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programfiler\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programfiler\Java\jre1.6.0_07\bin\ssv.dll O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file) O2 - BHO: Påloggingshjelp for Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programfiler\Fellesfiler\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE O4 - HKLM\..\Run: [skyTel] SkyTel.EXE O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe O4 - HKLM\..\Run: [Persistence] C:\WINDOWS\system32\igfxpers.exe O4 - HKLM\..\Run: [synTPEnh] C:\Programfiler\Synaptics\SynTP\SynTPEnh.exe O4 - HKLM\..\Run: [PSUtility] C:\AddOn\Fujitsu\PSUtility\TrayManager.exe O4 - HKLM\..\Run: [TvOutSwitch] C:\AddOn\Fujitsu\DispSwitch\DispSwitchLauncher.exe O4 - HKLM\..\Run: [LoadFUJ02E3] C:\Programfiler\Fujitsu\FUJ02E3\FUJ02E3.exe O4 - HKLM\..\Run: [sSUtility] C:\AddOn\Fujitsu\SSUtility\FJSSDMN.exe O4 - HKLM\..\Run: [indicatorUtility] C:\Programfiler\Fujitsu\Fujitsu Hotkey Utility\IndicatorUty.exe O4 - HKLM\..\Run: [LoadFujitsuQuickTouch] C:\AddOn\Fujitsu\Application Panel\QuickTouch.exe O4 - HKLM\..\Run: [LoadBtnHnd] C:\Programfiler\Fujitsu\BtnHnd\BtnHnd.exe O4 - HKLM\..\Run: [ATSwpNav] "C:\Programfiler\Fingerprint Sensor\ATSwpNav" -run O4 - HKLM\..\Run: [WatcherHelper] "C:\Programfiler\Sierra Wireless Inc\3G Watcher\WaHelper.exe" O4 - HKLM\..\Run: [iTunesHelper] "C:\Programfiler\iTunes\iTunesHelper.exe" O4 - HKLM\..\Run: [QuickTime Task] "C:\Programfiler\QuickTime\qttask.exe" -atboottime O4 - HKLM\..\Run: [OfficeScanNT Monitor] "C:\Programfiler\Trend Micro\OfficeScan Client\pccntmon.exe" -HideWindow O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Programfiler\Java\jre1.6.0_07\bin\jusched.exe" O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [QuickTime Task] "C:\Programfiler\QuickTime\qttask.exe" -atboottime O4 - HKCU\..\Run: [MsnMsgr] "C:\Programfiler\Windows Live\Messenger\MsnMsgr.Exe" /background O4 - HKCU\..\Run: [MSMSGS] "C:\Programfiler\Messenger\msmsgs.exe" /background O4 - HKCU\..\Run: [spybotSD TeaTimer] C:\Programfiler\Spybot - Search & Destroy\TeaTimer.exe O4 - HKCU\..\Run: [sUPERAntiSpyware] C:\Programfiler\SUPERAntiSpyware\SUPERAntiSpyware.exe O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOKAL TJENESTE') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETTVERKSTJENESTE') O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user') O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Programfiler\Fellesfiler\Adobe\Calibration\Adobe Gamma Loader.exe O4 - Global Startup: Bluetooth Manager.lnk = ? O4 - Global Startup: Hurtigstart for Adobe Reader.lnk = C:\Programfiler\Adobe\Acrobat 7.0\Reader\reader_sl.exe O4 - Global Startup: Microsoft Office.lnk = C:\Programfiler\Microsoft Office\Office10\OSA.EXE O4 - Global Startup: Program Neighborhood Agent.lnk = C:\Programfiler\Citrix\ICA Client\pnagent.exe O8 - Extra context menu item: E&ksporter til Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000 O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programfiler\Java\jre1.6.0_07\bin\ssv.dll O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programfiler\Java\jre1.6.0_07\bin\ssv.dll O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programfiler\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programfiler\Messenger\msmsgs.exe O16 - DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} (Facebook Photo Uploader 5) - http://upload.facebook.com/controls/Facebo...toUploader5.cab O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} (Java Runtime Environment 1.6.0) - http://sdlc-esd.sun.com/ESD44/JSCDL/jdk/6u...ows-i586-jc.cab O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shoc...ash/swflash.cab O16 - DPF: {D6E7CFB5-C074-4D1C-B647-663D1A8D96BF} (Facebook Photo Uploader 4) - http://upload.facebook.com/controls/Facebo...Uploader4_5.cab O17 - HKLM\System\CCS\Services\Tcpip\Parameters: Domain = ostlendingen.local O17 - HKLM\Software\..\Telephony: DomainName = ostlendingen.local O17 - HKLM\System\CS1\Services\Tcpip\Parameters: Domain = ostlendingen.local O20 - Winlogon Notify: !SASWinLogon - C:\Programfiler\SUPERAntiSpyware\SASWINLO.dll O20 - Winlogon Notify: FJWSEL - C:\WINDOWS\SYSTEM32\FJWSWNP.dll O20 - Winlogon Notify: PSUTY - C:\WINDOWS\SYSTEM32\PSUWNP.dll O23 - Service: Adobe LM Service - Unknown owner - C:\Programfiler\Fellesfiler\Adobe Systems Shared\Service\Adobelmsvc.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Programfiler\Fellesfiler\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: iPodService - Apple Computer, Inc. - C:\Programfiler\iPod\bin\iPodService.exe O23 - Service: Logitech IBT Service (LvIBTSvr) - Logitech Inc. - C:\Programfiler\Fellesfiler\LogiShrd\LvIBTSvr\LvIBTSvr.exe O23 - Service: LVSrvLauncher - Logitech Inc. - C:\Programfiler\Fellesfiler\LogiShrd\SrvLnch\SrvLnch.exe O23 - Service: OfficeScanNT RealTime Scan (ntrtscan) - Trend Micro Inc. - C:\Programfiler\Trend Micro\OfficeScan Client\ntrtscan.exe O23 - Service: OfficeScan NT Listener (tmlisten) - Trend Micro Inc. - C:\Programfiler\Trend Micro\OfficeScan Client\tmlisten.exe O23 - Service: OfficeScan NT Proxy Service (TmProxy) - Trend Micro Inc. - C:\Programfiler\Trend Micro\OfficeScan Client\TmProxy.exe O23 - Service: TOSHIBA Bluetooth Service - TOSHIBA CORPORATION - C:\Programfiler\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe -- End of file - 9732 bytes > Endret 1. september 2008 av jmor Lenke til kommentar
snippsat Skrevet 1. september 2008 Del Skrevet 1. september 2008 Ser bra ut grumset ble slettet. Du kan fjerne combofix ved å skrive combofix /u fra kjør-vinduet. Denne kommandoen gjør at filer i karantene og backups blir slette. Systemgjenopprettingsmappa nullstilt etc. Og et annet spørsmål? Kan jeg bare avinstallere alle de nedlasteden programmene etter at loggen er "godkjent"?!?! Ja. Nå kan det være greit og beholde SAS og CCleaner. Du kan heller fjerne spybot. Surf trygt. Lenke til kommentar
jmor Skrevet 1. september 2008 Forfatter Del Skrevet 1. september 2008 Takker hjerteligst for hjelpen! Raskt og greit! Lenke til kommentar
Anbefalte innlegg
Opprett en konto eller logg inn for å kommentere
Du må være et medlem for å kunne skrive en kommentar
Opprett konto
Det er enkelt å melde seg inn for å starte en ny konto!
Start en kontoLogg inn
Har du allerede en konto? Logg inn her.
Logg inn nå