Søg
Avatar billede varmeskud Praktikant
05. december 2007 - 18:21 Der er 1 kommentar og
1 løsning

Tjekke mine virus log filer

Hej

Jeg fik anbefaldet at læse og udføre denne aktikel
http://www.eksperten.dk/artikler/1123

Det har jeg så gjort nu.
Så ville jeg høre om der var en som kunne tyde mine log filer og hjælpe mig vider :-)

SUPERAntiSpyware Scan Log
http://www.superantispyware.com

Generated 12/05/2007 at 06:02 PM

Application Version : 3.7.1018

Core Rules Database Version : 3355
Trace Rules Database Version: 1354

Scan type      : Complete Scan
Total Scan Time : 03:19:35

Memory items scanned      : 448804
Memory threats detected  : 0
Registry items scanned    : 0
Registry threats detected : 0
File items scanned        : 0
File threats detected    : 0

********************************* ROOTCHK-(25-11-07)-LOG, by ejvindh
05-12-2007 18:07:22,75

The rootkits that are detected by this tool were not found.

********************************* ROOTCHK-LOG-end


catchme 0.3.1262 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2007-12-05 18:07:25
Windows 5.1.2600 Service Pack 2
scanning hidden processes ...

scanning hidden services & system hive ...

scanning hidden registry entries ...

scanning hidden files ...

hidden processes: 0
hidden services: 0
hidden files: 0


Logfile of HijackThis v1.99.1
Scan saved at 18:06:25, on 05-12-2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Programmer\Alwil Software\Avast4\aswUpdSv.exe
C:\Programmer\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\svchost.exe
C:\Programmer\Alwil Software\Avast4\ashMaiSv.exe
C:\Programmer\Alwil Software\Avast4\ashWebSv.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\sessmgr.exe
C:\WINDOWS\Explorer.EXE
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Programmer\ATI Technologies\ATI.ACE\Core-Static\MOM.EXE
C:\Programmer\Java\jre1.5.0_03\bin\jusched.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Programmer\Windows Live\Messenger\MsnMsgr.Exe
C:\Programmer\Messenger\msmsgs.exe
C:\Programmer\Java\jre1.5.0_03\bin\jucheck.exe
C:\Programmer\SUPERAntiSpyware\SUPERAntiSpyware.exe
C:\Programmer\TerraTec\DMX 6fire\DMX6Fire.exe
C:\Programmer\Hewlett-Packard\Digital Imaging\bin\hpotdd01.exe
C:\Programmer\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
C:\Programmer\Logitech\SetPoint\SetPoint.exe
C:\Programmer\ITE\ITE IT8212 ATA RAID Controller\RaidMgr.exe
C:\Programmer\Fælles filer\Logitech\khalshared\KHALMNPR.EXE
C:\WINDOWS\system32\wuauclt.exe
C:\Programmer\ATI Technologies\ATI.ACE\Core-Static\ccc.exe
C:\Programmer\Internet Explorer\IEXPLORE.EXE
C:\Programmer\Windows Live\Messenger\usnsvc.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Documents and Settings\Administrator\Skrivebord\hmm\alternativ.exe
C:\WINDOWS\SoftwareDistribution\Download\bc72a87327281a8065bc75eaa9dd4082\update\update.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.varmeskud.dk/foretrukne/1.htm
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Hyperlinks
O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - (no file)
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programmer\Fælles filer\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O4 - HKLM\..\Run: [NeroCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [Logitech Hardware Abstraction Layer] KHALMNPR.EXE
O4 - HKLM\..\Run: [StartCCC] "C:\Programmer\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Programmer\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Programmer\Java\jre1.5.0_03\bin\jusched.exe
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [LDM] C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BackWeb-8876480.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Programmer\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [MSMSGS] "C:\Programmer\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [SUPERAntiSpyware] C:\Programmer\SUPERAntiSpyware\SUPERAntiSpyware.exe
O4 - Global Startup: DMX 6fire 2496 ControlPanel.lnk = ?
O4 - Global Startup: hpoddt01.exe.lnk = ?
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Programmer\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O4 - Global Startup: Logitech SetPoint.lnk = ?
O4 - Global Startup: RAID Manager.lnk = C:\Programmer\ITE\ITE IT8212 ATA RAID Controller\RaidMgr.exe
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programmer\Java\jre1.5.0_03\bin\npjpi150_03.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programmer\Java\jre1.5.0_03\bin\npjpi150_03.dll
O9 - Extra button: Blog det - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Programmer\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Blog det i Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Programmer\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programmer\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programmer\Messenger\msmsgs.exe
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1195349641171
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1195359464109
O16 - DPF: {D8575CE3-3432-4540-88A9-85A1325D3375} (e-Safekey) - https://netbank.danskebank.dk/html/activex/e-Safekey/DB/e-Safekey.cab
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WINDOW~4\MESSEN~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WINDOW~4\MESSEN~1\MSGRAP~1.DLL
O20 - Winlogon Notify: !SASWinLogon - C:\Programmer\SUPERAntiSpyware\SASWINLO.dll
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Programmer\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Programmer\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - Unknown owner - C:\Programmer\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)
O23 - Service: avast! Web Scanner - Unknown owner - C:\Programmer\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)


ComboFix 07-12-02.6 - Administrator 2007-12-05 18:09:39.1 - NTFSx86
Microsoft Windows XP Professional  5.1.2600.2.1252.1.1030.18.1550 [GMT 1:00]
Running from: C:\Documents and Settings\Administrator\Skrivebord\hmm\ComboFix.exe
* Created a new restore point
.

(((((((((((((((((((((((((((((((((((((((  Other Deletions  )))))))))))))))))))))))))))))))))))))))))))))))))
.

C:\WINDOWS\install.exe
C:\WINDOWS\system32\uninstall.exe

.
(((((((((((((((((((((((((  Files Created from 2007-11-05 to 2007-12-05  )))))))))))))))))))))))))))))))
.

2007-12-05 18:05 . 2007-12-05 18:05    <DIR>    d--------    C:\WINDOWS\LastGood
2007-12-05 14:34 . 2007-12-05 14:42    <DIR>    d--------    C:\Programmer\SUPERAntiSpyware
2007-12-05 14:34 . 2007-12-05 14:34    <DIR>    d--------    C:\Programmer\Fælles filer\Wise Installation Wizard
2007-12-05 14:34 . 2007-12-05 14:34    <DIR>    d--------    C:\Documents and Settings\All Users.WINDOWS\Application Data\SUPERAntiSpyware.com
2007-12-05 14:34 . 2007-12-05 14:34    <DIR>    d--------    C:\Documents and Settings\Administrator\Application Data\SUPERAntiSpyware.com
2007-12-05 14:30 . 2007-12-05 14:30    <DIR>    d--------    C:\Programmer\CCleaner
2007-12-05 11:57 . 2007-12-05 11:57    <DIR>    d--------    C:\Programmer\Lavasoft
2007-12-05 11:53 . 2007-12-05 11:53    <DIR>    d--------    C:\Documents and Settings\Administrator\Application Data\SpywareBot
2007-12-05 00:18 . 2007-12-05 00:18    <DIR>    d--------    C:\WINDOWS\Sun
2007-12-05 00:18 . 2005-04-13 03:48    49,265    --a------    C:\WINDOWS\system32\jpicpl32.cpl
2007-12-05 00:17 . 2007-12-05 00:18    <DIR>    d--------    C:\Programmer\Java
2007-12-05 00:17 . 2007-12-05 00:17    <DIR>    d--------    C:\Programmer\Fælles filer\Java
2007-12-04 23:55 . 2006-03-02 13:00    13,463,552    --a--c---    C:\WINDOWS\system32\dllcache\hwxjpn.dll
2007-12-04 23:54 . 2006-03-02 13:00    2,134,528    --a--c---    C:\WINDOWS\system32\dllcache\smtpsnap.dll
2007-12-04 23:52 . 2007-12-04 23:52    749    -rah-----    C:\WINDOWS\WindowsShell.Manifest
2007-12-04 23:52 . 2007-12-04 23:52    749    -rah-----    C:\WINDOWS\system32\wuaucpl.cpl.manifest
2007-12-04 23:52 . 2007-12-04 23:52    749    -rah-----    C:\WINDOWS\system32\sapi.cpl.manifest
2007-12-04 23:52 . 2007-12-04 23:52    749    -rah-----    C:\WINDOWS\system32\nwc.cpl.manifest
2007-12-04 23:52 . 2007-12-04 23:52    749    -rah-----    C:\WINDOWS\system32\ncpa.cpl.manifest
2007-12-04 23:52 . 2007-12-04 23:52    488    -rah-----    C:\WINDOWS\system32\logonui.exe.manifest
2007-12-04 22:32 . 2007-12-04 22:32    <DIR>    d--------    C:\Programmer\MSXML 4.0
2007-12-04 22:32 . 2007-12-04 22:32    <DIR>    d--------    C:\Documents and Settings\Administrator\Application Data\Yahoo!
2007-12-04 22:30 . 2007-12-04 22:30    <DIR>    d--------    C:\Documents and Settings\Administrator\WINDOWS
2007-12-04 14:37 . 2007-12-04 22:33    <DIR>    d--------    C:\Programmer\AC3Filter
2007-12-04 14:37 . 2003-04-02 23:17    172,032    --a------    C:\WINDOWS\system32\ac3filter.cpl
2007-12-04 14:36 . 2003-03-15 23:15    90,112    --a------    C:\WINDOWS\unvise32.exe
2007-12-04 14:35 . 2007-12-04 14:35    <DIR>    d--------    C:\WINDOWS\system32\help
2007-12-04 14:35 . 2007-12-04 14:35    <DIR>    d--------    C:\Programmer\VideoLAN
2007-12-04 14:35 . 2007-12-04 14:35    <DIR>    d--------    C:\Documents and Settings\Administrator\Application Data\vlc
2007-12-04 13:14 . 2007-12-05 12:02    <DIR>    d--------    C:\Programmer\Yahoo!
2007-12-04 13:14 . 2007-12-04 22:33    <DIR>    d--------    C:\Programmer\DivX
2007-12-04 11:23 . 2007-12-04 22:32    <DIR>    d--------    C:\Programmer\XviD
2007-12-04 11:23 . 2007-12-04 11:23    63    --a------    C:\WINDOWS\wininit.ini
2007-12-04 02:33 . 2007-12-04 02:33    823,296    --a------    C:\WINDOWS\system32\divx_xx0c.dll
2007-12-04 02:33 . 2007-12-04 02:33    823,296    --a------    C:\WINDOWS\system32\divx_xx07.dll
2007-12-04 02:33 . 2007-12-04 02:33    802,816    --a------    C:\WINDOWS\system32\divx_xx11.dll
2007-12-04 02:33 . 2007-12-04 02:33    682,496    --a------    C:\WINDOWS\system32\DivX.dll
2007-12-04 02:33 . 2007-12-04 02:33    630,784    --a------    C:\WINDOWS\system32\divxdec.ax
2007-12-02 20:09 . 2007-12-02 20:12    19,555    --a------    C:\WINDOWS\hpoins01.dat
2007-12-02 20:09 . 2003-04-22 14:13    16,606    --a------    C:\WINDOWS\hpomdl01.dat
2007-12-02 00:01 . 1996-01-09 10:38    283,648    --a------    C:\WINDOWS\uninst.exe
2007-12-02 00:01 . 1996-11-06 20:11    69,632    --a------    C:\WINDOWS\RAUNINST.EXE
2007-12-02 00:00 . 2007-12-04 22:30    <DIR>    d--------    C:\WESTWOOD
2007-12-01 23:32 . 2007-12-01 23:32    <DIR>    d--------    C:\Documents and Settings\All Users.WINDOWS\Application Data\CyberLink
2007-11-29 23:30 . 2007-11-29 23:30    3,596,288    --a------    C:\WINDOWS\system32\qt-dx331.dll
2007-11-29 23:30 . 2007-11-29 23:30    1,044,480    --a------    C:\WINDOWS\system32\libdivx.dll
2007-11-29 23:30 . 2007-11-29 23:30    524,288    --a------    C:\WINDOWS\system32\DivXsm.exe
2007-11-29 23:30 . 2007-11-29 23:30    200,704    --a------    C:\WINDOWS\system32\ssldivx.dll
2007-11-29 23:30 . 2007-11-29 23:30    4,816    --a------    C:\WINDOWS\system32\divxsm.tlb
2007-11-29 23:28 . 2007-11-29 23:28    196,608    --a------    C:\WINDOWS\system32\dtu100.dll
2007-11-29 23:28 . 2007-11-29 23:28    81,920    --a------    C:\WINDOWS\system32\dpl100.dll
2007-11-29 23:28 . 2007-11-29 23:28    416    --a------    C:\WINDOWS\system32\dtu100.dll.manifest
2007-11-29 23:28 . 2007-11-29 23:28    416    --a------    C:\WINDOWS\system32\dpl100.dll.manifest
2007-11-29 09:35 . 2007-12-04 11:22    <DIR>    d--------    C:\Programmer\XP Codec Pack
2007-11-28 22:55 . 2007-11-28 22:55    156,992    --a------    C:\WINDOWS\system32\DivXCodecVersionChecker.exe
2007-11-28 22:53 . 2007-11-28 22:53    593,920    --a------    C:\WINDOWS\system32\dpuGUI11.dll
2007-11-28 22:53 . 2007-11-28 22:53    352,401    --a------    C:\WINDOWS\system32\DivXMedia.ax
2007-11-28 22:53 . 2007-11-28 22:53    344,064    --a------    C:\WINDOWS\system32\dpus11.dll
2007-11-28 22:53 . 2007-11-28 22:53    294,912    --a------    C:\WINDOWS\system32\dpu11.dll
2007-11-28 22:53 . 2007-11-28 22:53    294,912    --a------    C:\WINDOWS\system32\dpu10.dll
2007-11-28 22:53 . 2007-11-28 22:53    57,344    --a------    C:\WINDOWS\system32\dpv11.dll
2007-11-28 22:53 . 2007-11-28 22:53    53,248    --a------    C:\WINDOWS\system32\dpuGUI10.dll
2007-11-28 22:52 . 2007-11-28 22:52    12,288    --a------    C:\WINDOWS\system32\DivXWMPExtType.dll
2007-11-26 21:53 . 2007-11-26 21:53    <DIR>    d--------    C:\Programmer\QuickTime
2007-11-24 17:45 . 2007-11-24 17:45    127,034    -ra------    C:\WINDOWS\bwUnin-8.1.1.50-8876480SL.exe
2007-11-21 20:48 . 2007-11-21 20:48    <DIR>    d--------    C:\Documents and Settings\All Users.WINDOWS\Application Data\e-Safekey
2007-11-18 18:38 . 2004-08-26 17:53    130,048    --a------    C:\WINDOWS\system32\ksproxy.ax
2007-11-18 18:38 . 2004-08-26 17:53    130,048    --a--c---    C:\WINDOWS\system32\dllcache\ksproxy.ax
2007-11-18 18:38 . 2004-08-03 23:10    85,376    --a------    C:\WINDOWS\system32\drivers\NABTSFEC.sys
2007-11-18 18:38 . 2004-08-03 23:07    52,864    --a------    C:\WINDOWS\system32\drivers\DMusic.sys
2007-11-18 18:38 . 2004-08-03 23:10    19,328    --a------    C:\WINDOWS\system32\drivers\WSTCODEC.SYS
2007-11-18 18:38 . 2004-08-03 23:10    17,024    --a------    C:\WINDOWS\system32\drivers\CCDECODE.sys
2007-11-18 18:38 . 2004-08-03 23:07    6,400    --a------    C:\WINDOWS\system32\drivers\splitter.sys
2007-11-18 18:38 . 2004-08-03 22:58    5,504    --a------    C:\WINDOWS\system32\drivers\MSTEE.sys
2007-11-18 18:37 . 2007-11-18 18:37    <DIR>    d--------    C:\Documents and Settings\All Users.WINDOWS\Application Data\ATI
2007-11-18 18:37 . 2007-11-18 18:37    <DIR>    d--------    C:\Documents and Settings\Administrator\Application Data\ATI
2007-11-18 18:37 . 2004-08-26 17:53    91,136    --a------    C:\WINDOWS\system32\kswdmcap.ax
2007-11-18 18:37 . 2004-08-26 17:53    61,952    --a------    C:\WINDOWS\system32\kstvtune.ax
2007-11-18 18:37 . 2004-08-26 17:53    54,272    --a------    C:\WINDOWS\system32\vfwwdm32.dll
2007-11-18 18:37 . 2004-08-26 17:53    43,008    --a------    C:\WINDOWS\system32\ksxbar.ax
2007-11-18 18:37 . 2004-08-26 17:53    28,672    --a------    C:\WINDOWS\system32\vidcap.ax
2007-11-18 18:37 . 2004-08-26 17:53    4,096    --a------    C:\WINDOWS\system32\ksuser.dll
2007-11-18 18:37 . 2004-08-26 17:53    4,096    --a--c---    C:\WINDOWS\system32\dllcache\ksuser.dll
2007-11-18 18:37 . 2007-11-18 18:37    0    --a------    C:\WINDOWS\ativpsrm.bin
2007-11-18 18:33 . 2007-11-18 18:35    <DIR>    d--------    C:\Programmer\ATI Technologies
2007-11-18 18:33 . 2007-09-28 21:05    593,920    --a------    C:\WINDOWS\system32\ati2sgag.exe
2007-11-18 18:33 . 2007-09-15 02:23    169,856    --a------    C:\WINDOWS\system32\drivers\atinavt2.sys
2007-11-18 18:33 . 2007-09-15 02:23    106,496    --a------    C:\WINDOWS\system32\atinppt2.ax
2007-11-18 18:33 . 2005-12-02 22:49    64,352    --a------    C:\WINDOWS\system32\drivers\ativmc01.cod
2007-11-18 13:58 . 2004-08-26 17:53    159,232    --a------    C:\WINDOWS\system32\ptpusd.dll
2007-11-18 13:58 . 2004-08-03 22:58    15,104    --a------    C:\WINDOWS\system32\drivers\usbscan.sys
2007-11-18 13:58 . 2001-10-04 17:07    5,632    --a------    C:\WINDOWS\system32\ptpusb.dll
2007-11-18 05:19 . 2007-11-18 05:26    <DIR>    d--------    C:\Programmer\Windows Live Toolbar
2007-11-18 05:16 . 2006-11-29 13:06    3,426,072    --a------    C:\WINDOWS\system32\d3dx9_32.dll
2007-11-18 05:11 . 2007-11-18 05:25    <DIR>    d--------    C:\Programmer\Windows Live
2007-11-18 05:11 . 2007-11-18 05:13    <DIR>    d--hsc---    C:\Programmer\Fælles filer\WindowsLiveInstaller
2007-11-18 05:10 . 2007-11-18 05:10    <DIR>    d--------    C:\Documents and Settings\All Users.WINDOWS\Application Data\WLInstaller
2007-11-18 05:09 . 2007-11-18 05:09    <DIR>    d--------    C:\Documents and Settings\Administrator\Contacts
2007-11-18 05:06 . 2007-11-18 05:06    <DIR>    d--------    C:\Documents and Settings\Administrator\Application Data\BSplayer Pro
2007-11-18 05:06 . 2007-11-18 05:06    <DIR>    d--------    C:\Documents and Settings\Administrator\Application Data\BSplayer

.
((((((((((((((((((((((((((((((((((((((((  Find3M Report  ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2007-12-04 21:30    ---------    d--h--w    C:\Programmer\InstallShield Installation Information
2007-12-04 10:23    ---------    d-----w    C:\Programmer\SLD CODEC PACK 1.5.3
2007-12-01 22:32    ---------    d-----w    C:\Programmer\CyberLink
2007-11-29 22:30    9,464    ----a-w    C:\WINDOWS\system32\drivers\cdralw2k.sys
2007-11-29 22:30    9,336    ----a-w    C:\WINDOWS\system32\drivers\cdr4_xp.sys
2007-11-29 22:30    43,528    ----a-w    C:\WINDOWS\system32\drivers\PxHelp20.sys
2007-11-29 22:30    129,784    ----a-w    C:\WINDOWS\system32\pxafs.dll
2007-11-29 22:30    120,056    ----a-w    C:\WINDOWS\system32\pxcpyi64.exe
2007-11-29 22:30    118,520    ----a-w    C:\WINDOWS\system32\pxinsi64.exe
2007-11-29 08:30    ---------    d-----w    C:\Programmer\Matroska Pack
2007-11-18 04:15    ---------    d-----w    C:\Programmer\MSN Messenger
2007-11-18 04:00    ---------    d-----w    C:\Programmer\Fælles filer\Logitech
2007-10-27 16:10    ---------    d-----w    C:\Programmer\microsoft frontpage
2007-10-27 16:10    ---------    d-----w    C:\Documents and Settings\Kim p\Application Data\Microsoft Web Folders
2007-10-26 14:42    ---------    d-----w    C:\Programmer\Whisper Technology
2007-10-25 17:05    94,416    ----a-w    C:\WINDOWS\system32\drivers\aswmon2.sys
2007-10-25 17:05    93,264    ----a-w    C:\WINDOWS\system32\drivers\aswmon.sys
2007-10-25 17:03    23,152    ----a-w    C:\WINDOWS\system32\drivers\aswRdr.sys
2007-10-25 17:01    42,912    ----a-w    C:\WINDOWS\system32\drivers\aswTdi.sys
2007-10-25 16:58    26,624    ----a-w    C:\WINDOWS\system32\drivers\aavmker4.sys
2007-10-25 16:24    815,480    ----a-w    C:\WINDOWS\system32\aswBoot.exe
2007-10-25 16:14    95,608    ----a-w    C:\WINDOWS\system32\AVASTSS.scr
2007-10-21 12:26    ---------    d-----w    C:\Programmer\Google
2007-10-19 20:29    ---------    d-----w    C:\Programmer\PENTAX
2007-10-18 14:51    ---------    d-----w    C:\Documents and Settings\Kim p\Application Data\Logitech
2007-10-18 14:51    ---------    d-----w    C:\Documents and Settings\Kim p\Application Data\CyberLink
2007-10-18 10:31    51,224    ----a-w    C:\WINDOWS\system32\sirenacm.dll
2007-10-16 17:16    ---------    d-----w    C:\Documents and Settings\Kim p\Application Data\AdobeUM
2007-10-16 17:15    ---------    d-----w    C:\Programmer\Fælles filer\Adobe
2007-10-13 15:58    ---------    d-----w    C:\Programmer\Onlinetjenester
2007-10-13 11:56    ---------    d-----w    C:\Programmer\MUSICMATCH
2007-10-13 11:55    ---------    d-----w    C:\Programmer\Logitech
2007-10-13 11:51    ---------    d-----w    C:\Programmer\Fælles filer\InstallShield
2007-10-12 20:49    ---------    d-----w    C:\Programmer\Hewlett-Packard
2007-10-12 20:49    ---------    d-----w    C:\Programmer\Fælles filer\Hewlett-Packard
2007-10-12 20:48    ---------    d-----w    C:\Programmer\Webteh
2007-10-12 20:47    ---------    d-----w    C:\Programmer\Alwil Software
2007-10-11 18:06    ---------    d-----w    C:\Programmer\Fælles filer\SpeechEngines
2007-10-11 18:06    ---------    d-----w    C:\Programmer\Fælles filer\ODBC
2007-10-11 17:29    ---------    d-----w    C:\Programmer\TerraTec
2007-10-11 17:28    ---------    d-----w    C:\Programmer\ITE
2007-10-11 17:26    ---------    d-----w    C:\Programmer\Intel
2007-10-11 17:24    ---------    d-----w    C:\Programmer\bundkort
2007-10-11 17:22    ---------    d-----w    C:\Programmer\WinXP
2007-10-11 17:22    ---------    d-----w    C:\Programmer\Win2003
2007-10-11 17:22    ---------    d-----w    C:\Programmer\Marvell
2007-10-11 17:22    ---------    d-----w    C:\Programmer\2000
2007-10-11 17:11    ---------    d-----w    C:\Programmer\Fælles filer\Tjenester
2007-10-11 17:11    ---------    d-----w    C:\Programmer\Fælles filer\MSSoap
2007-09-29 03:21    9,854,976    ----a-w    C:\WINDOWS\system32\atioglx2.dll
2007-09-29 03:07    356,352    ----a-w    C:\WINDOWS\system32\ATIDEMGX.dll
2007-09-29 03:06    268,800    ----a-w    C:\WINDOWS\system32\ati2dvag.dll
2007-09-29 02:58    43,520    ----a-w    C:\WINDOWS\system32\ati2edxx.dll
2007-09-29 02:58    26,112    ----a-w    C:\WINDOWS\system32\Ati2mdxx.exe
2007-09-29 02:58    143,360    ----a-w    C:\WINDOWS\system32\atipdlxx.dll
2007-09-29 02:58    122,880    ----a-w    C:\WINDOWS\system32\Oemdspif.dll
2007-09-29 02:57    122,880    ----a-w    C:\WINDOWS\system32\ati2evxx.dll
2007-09-29 02:56    483,328    ----a-w    C:\WINDOWS\system32\ati2evxx.exe
2007-09-29 02:55    53,248    ----a-w    C:\WINDOWS\system32\ATIDDC.DLL
2007-09-29 02:49    307,200    ----a-w    C:\WINDOWS\system32\atiiiexx.dll
2007-09-29 02:47    3,130,720    ----a-w    C:\WINDOWS\system32\ati3duag.dll
2007-09-29 02:47    172,032    ----a-w    C:\WINDOWS\system32\atiok3x2.dll
2007-09-29 02:36    1,593,600    ----a-w    C:\WINDOWS\system32\ativvaxx.dll
2007-09-29 02:23    5,435,392    ----a-w    C:\WINDOWS\system32\atioglxx.dll
2007-09-29 02:22    376,832    ----a-w    C:\WINDOWS\system32\atikvmag.dll
2007-09-29 02:20    17,408    ----a-w    C:\WINDOWS\system32\atitvo32.dll
2007-09-29 02:14    499,712    ----a-w    C:\WINDOWS\system32\ati2cqag.dll
2004-11-19 06:24    5,796    ----a-r    C:\Programmer\SetupYukonWin.htm
2004-11-19 06:24    3,714    ----a-r    C:\Programmer\SetupYukonWin.txt
2004-11-19 06:24    11,254,554    ----a-r    C:\Programmer\SetupYukonWin.exe
.

(((((((((((((((((((((((((((((((((((((  Reg Loading Points  ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\system32\ctfmon.exe" [2006-03-02 13:00]
"LDM"="C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BackWeb-8876480.exe" []
"MsnMsgr"="C:\Programmer\Windows Live\Messenger\MsnMsgr.exe" [2007-10-18 11:34]
"MSMSGS"="C:\Programmer\Messenger\msmsgs.exe" [2004-10-13 17:24]
"SUPERAntiSpyware"="C:\Programmer\SUPERAntiSpyware\SUPERAntiSpyware.exe" [2007-04-23 15:46]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NeroCheck"="C:\WINDOWS\system32\NeroCheck.exe" [2001-07-09 10:50]
"avast!"="C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe" [2007-10-25 17:20]
"Logitech Hardware Abstraction Layer"="KHALMNPR.EXE" [2006-07-19 12:03 C:\WINDOWS\KHALMNPR.Exe]
"StartCCC"="C:\Programmer\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2006-11-10 12:35]
"QuickTime Task"="C:\Programmer\QuickTime\qttask.exe" [2007-11-26 21:53]
"SunJavaUpdateSched"="C:\Programmer\Java\jre1.5.0_03\bin\jusched.exe" [2005-04-13 03:48]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\system32\CTFMON.EXE" [2006-03-02 13:00]

C:\Documents and Settings\All Users.WINDOWS\Menuen Start\Programmer\Start\
DMX 6fire 2496 ControlPanel.lnk - C:\Programmer\TerraTec\DMX 6fire\DMX6Fire.exe [2007-11-18 18:52:13]
hpoddt01.exe.lnk - C:\Programmer\Hewlett-Packard\Digital Imaging\bin\hpotdd01.exe [2003-04-09 17:11:12]
Logitech Desktop Messenger.lnk - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe [2007-11-24 17:45:37]
Logitech SetPoint.lnk - C:\Programmer\Logitech\SetPoint\SetPoint.exe [2007-11-18 05:00:40]
RAID Manager.lnk - C:\Programmer\ITE\ITE IT8212 ATA RAID Controller\RaidMgr.exe [2007-10-11 18:28:34]

[hkey_local_machine\software\microsoft\windows\currentversion\explorer\shellexecutehooks]
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= C:\Programmer\SUPERAntiSpyware\SASSEH.DLL [2006-12-20 13:55 77824]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\!SASWinLogon]
C:\Programmer\SUPERAntiSpyware\SASWINLO.dll 2007-04-19 13:41 294912 C:\Programmer\SUPERAntiSpyware\SASWINLO.dll

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^Administrator^Menuen Start^Programmer^Start^VersionTrackerPro.lnk]
path=C:\Documents and Settings\Administrator\Menuen Start\Programmer\Start\VersionTrackerPro.lnk
backup=C:\WINDOWS\pss\VersionTrackerPro.lnkStartup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users.WINDOWS^Menuen Start^Programmer^Start^Microsoft Office.lnk]
path=C:\Documents and Settings\All Users.WINDOWS\Menuen Start\Programmer\Start\Microsoft Office.lnk
backup=C:\WINDOWS\pss\Microsoft Office.lnkCommon Startup
           
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
2007-10-10 18:51    39792    --a------    C:\Programmer\Adobe\Reader 8.0\Reader\Reader_sl.exe

R0 iteraid;ITERAID_Service_Install;C:\WINDOWS\system32\DRIVERS\iteraid.sys
R3 dmxfire;DMX6fire WDM Audio;C:\WINDOWS\system32\drivers\dmx6fire.sys
R3 dmxsens;dmxsens;C:\WINDOWS\system32\drivers\dmxsens.sys

*Newly Created Service* - CATCHME
*Newly Created Service* - PROCEXP90
.
Contents of the 'Scheduled Tasks' folder
"2007-12-05 10:53:47 C:\WINDOWS\Tasks\SpywareBot Scheduled Scan.job"
- C:\Programmer\SpywareBot\SpywareBot.ex
- C:\Programmer\SpywareBot
.
**************************************************************************

catchme 0.3.1318 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2007-12-05 18:10:56
Windows 5.1.2600 Service Pack 2 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

**************************************************************************
.
Completion time: 2007-12-05 18:11:55
.
    --- E O F ---
Avatar billede arlet Juniormester
06. december 2007 - 08:49 #1
Det var en tung omgang at komme igennem, men ingen suspekte ting i de logs..

Var det et tjek eller nogle problemer`??
Avatar billede varmeskud Praktikant
15. december 2007 - 19:33 #2
Hej

Undskyld jeg ikke har svaret.
Men havde slet ikke fået nogen beskeder om der var blevet skrevet på mail.

Jeg havde problemer med at den ikke ville vise ikoner samt der konstant blev oprettet en tekst dokument på pc.
Men efter jeg havde kørt hele den vejledningen igennem er det blevet stoppet, så ingen problem.

Takker for at du gad og tjekke det igennem.

Mvh Kim
Avatar billede Ny bruger Nybegynder

Din løsning...

Tilladte BB-code-tags: [b]fed[/b] [i]kursiv[/i] [u]understreget[/u] Web- og emailadresser omdannes automatisk til links. Der sættes "nofollow" på alle links.

Loading billede Opret Preview
Kategori
Se alle it-kurser fra Computerworld Kurser
IT-kurser om Microsoft 365, sikkerhed, personlig vækst, udvikling, digital markedsføring, grafisk design, SAP og forretningsanalyse.
Se alle it-kurser

Flere spørgsmål fra Virus kategorien

Titel Indlæg Oprettet Seneste aktivitet
Vil skrifte antivirusprogram. Af ErikHg i Virus 22 26/11/202510:42 23/12/202514:29
Er gratis Bitdefender værd at installere ? Af Ikke-ekspert i Virus 8 31/08/202519:08 01/09/202514:18
Ukendte filer på min Pc Af jonpet i Virus 10 03/02/202514:20 04/02/202511:05
mulig ukendt virus Af jackie18 i Virus 3 18/01/202514:07 18/01/202516:39
virus popper op med jævne mellemrum Af Malm i Virus 13 18/01/202511:40 20/01/202517:53
Se alle spørgsmål i kategorien Opret spørgsmål

Log ind eller opret profil

Hov!

For at kunne deltage på Computerworld Eksperten skal du være logget ind.

Det er heldigvis nemt at oprette en bruger: Det tager to minutter og du kan vælge at bruge enten e-mail, Facebook eller Google som login.

Opret Log ind

Du kan også logge ind via nedenstående tjenester

Alle kategorier på Eksperten
Seneste spørgsmål Seneste aktivitet
I dag 13:59 2 skærme til en stationær computer Af BIRGER i Skærme
I går 19:26 Opstart af ny computer Af Bent i Windows
25/0120:06 Hjemmeside der virker både på mobil og computer Af Strawberry i PHP
25/0117:08 Problemer med borger.dk Af valby i Windows
25/0114:19 Fejl Af buls i Windows
White papers
Flere white papers »