Nogen der kan læse disse log filer?

Hej

Min computer blev ved med at lukke, så jeg reinstallerede windows vista med den cd jeg fik med. Synes stadig den opfører sig lidt mærkelig, så jeg har fulgt denne tråd:

http://www.eksperten.dk/artikler/1123

Nu vil jeg gerne bede om lidt hjælp til at læse disse log filer! Er der noget snavs? og kan det fjernes?

På forhånd mange tak!

Mvh.

Martin Henriksen





SUPERAntiSpyware Scan Log
http://www.superantispyware.com

Generated 01/23/2008 at 01:45 PM

Application Version : 3.7.1018

Core Rules Database Version : 3222
Trace Rules Database Version: 1233

Scan type      : Complete Scan
Total Scan Time : 01:32:56

Memory items scanned      : 219
Memory threats detected  : 0
Registry items scanned    : 5014
Registry threats detected : 0
File items scanned        : 117322
File threats detected    : 0



Logfile of HijackThis v1.99.1
Scan saved at 14:36:07, on 23-01-2008
Platform: Unknown Windows (WinNT 6.00.1904)
MSIE: Internet Explorer v7.00 (7.00.6000.16575)

Running processes:
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Windows Defender\MSASCui.exe
C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
C:\Program Files\Grisoft\AVG7\avgcc.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Users\Martin\Desktop\Clean\alternativ.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O1 - Hosts: ::1 localhost
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [ZoneAlarm Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe"
O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVG7\avgcc.exe /STARTUP
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
O10 - Unknown file in Winsock LSP: c:\windows\system32\nlaapi.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\napinsp.dll
O11 - Options group: [INTERNATIONAL] International*
O13 - Gopher Prefix:
O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll
O20 - Winlogon Notify: avgwlntf - C:\Windows\SYSTEM32\avgwlntf.dll
O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
O23 - Service: AVG7 Resident Shield Service (AvgCoreSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgrssvc.exe
O23 - Service: AVG E-mail Scanner (AVGEMS) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgemc.exe
O23 - Service: @%SystemRoot%\ehome\ehstart.dll,-101 (ehstart) - Unknown owner - %windir%\system32\svchost.exe (file missing)
O23 - Service: @%SystemRoot%\system32\qwave.dll,-1 (QWAVE) - Unknown owner - %windir%\system32\svchost.exe (file missing)
O23 - Service: @%SystemRoot%\system32\seclogon.dll,-7001 (seclogon) - Unknown owner - %windir%\system32\svchost.exe (file missing)
O23 - Service: TrueVector Internet Monitor (vsmon) - Check Point Software Technologies LTD - C:\Windows\System32\ZoneLabs\vsmon.exe
O23 - Service: @%ProgramFiles%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - %ProgramFiles%\Windows Media Player\wmpnetwk.exe (file missing)




********************************* ROOTCHK-(28-12-07)-LOG, by ejvindh
23-01-2008 11:29:25,99

The rootkits that are detected by this tool were not found.

********************************* ROOTCHK-LOG-end


catchme 0.3.1333 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-01-23 11:29:26
Windows 6.0.6000
scanning hidden processes ...
IPC error: 2 Den angivne fil blev ikke fundet.

scanning hidden services & system hive ...
IPC error: 2 Den angivne fil blev ikke fundet.

scanning hidden registry entries ...

scanning hidden files ...
IPC error: 2 Den angivne fil blev ikke fundet.

hidden processes: 0
hidden services: 0
hidden files: 0



ComboFix 08-01-23.1 - Martin 2008-01-23 14:42:08.1 - NTFSx86
Microsoft® Windows Vista™ Home Premium  6.0.6000.0.1252.1.1030.18.1361 [GMT 1:00]
Running from: C:\Users\Martin\Desktop\Clean\ComboFix.exe
* Created a new restore point
.

(((((((((((((((((((((((((  Files Created from 2007-12-23 to 2008-01-23  )))))))))))))))))))))))))))))))
.

2008-01-23 14:40 . 2000-08-31 08:00    51,200    --a------    C:\Windows\Nircmd.exe
2008-01-23 14:37 . 2008-01-23 14:38    152,065,712    --a------    C:\Windows\MEMORY.DMP
2008-01-23 11:32 . 2008-01-23 12:12    <DIR>    d--------    C:\Program Files\SUPERAntiSpyware
2008-01-23 07:44 . 2008-01-22 22:53    <DIR>    d--------    C:\Windows\Panther
2008-01-23 07:42 . 2008-01-23 14:27    485,600    --a------    C:\Windows\System32\perfh006.dat
2008-01-23 07:42 . 2008-01-23 07:41    300,302    --a------    C:\Windows\System32\perfi006.dat
2008-01-23 07:42 . 2008-01-23 14:27    80,288    --a------    C:\Windows\System32\perfc006.dat
2008-01-23 07:42 . 2008-01-23 07:41    36,364    --a------    C:\Windows\System32\perfd006.dat
2008-01-23 07:41 . 2008-01-23 07:41    <DIR>    d--------    C:\Windows\System32\drivers\da-DK
2008-01-23 07:41 . 2008-01-23 07:41    <DIR>    d--------    C:\Windows\System32\da
2008-01-23 07:41 . 2008-01-23 07:41    <DIR>    d--------    C:\Windows\da-DK
2008-01-23 07:26 . 2008-01-23 07:26    <DIR>    d--------    C:\Windows.old.000
2008-01-23 00:58 . 2008-01-23 00:58    <DIR>    d--------    C:\Windows\System32\Macromed
2008-01-23 00:36 . 2008-01-23 00:36    0    --a------    C:\Windows\nsreg.dat
2008-01-23 00:26 . 2008-01-23 00:26    <DIR>    d--------    C:\Program Files\Lavasoft
2008-01-23 00:25 . 2008-01-23 11:33    <DIR>    d--hs----    C:\Windows\Installer
2008-01-23 00:25 . 2008-01-23 11:32    <DIR>    d--------    C:\Program Files\Common Files\Wise Installation Wizard
2008-01-23 00:19 . 2008-01-23 00:22    <DIR>    d--------    C:\Program Files\SpywareBlaster
2008-01-23 00:18 . 2008-01-23 00:18    <DIR>    d--------    C:\Program Files\CCleaner
2008-01-23 00:07 . 2008-01-23 00:07    <DIR>    d--------    C:\Windows\System32\ZoneLabs
2008-01-23 00:07 . 2007-06-04 05:24    1,087,216    --a------    C:\Windows\System32\zpeng24.dll
2008-01-23 00:06 . 2008-01-23 14:37    350,468    --ah-----    C:\Windows\System32\drivers\vsconfig.xml
2008-01-23 00:06 . 2007-06-04 05:28    270,488    --a------    C:\Windows\System32\drivers\vsdatant.sys
2008-01-23 00:05 . 2008-01-23 14:40    <DIR>    d--------    C:\Windows\Internet Logs
2008-01-22 23:29 . 2008-01-22 23:29    376,320    --a------    C:\Windows\System32\winsrv.dll
2008-01-22 23:29 . 2008-01-22 23:29    205,824    --a------    C:\Windows\System32\msoeacct.dll
2008-01-22 23:29 . 2008-01-22 23:29    87,040    --a------    C:\Windows\System32\msoert2.dll
2008-01-22 23:29 . 2008-01-22 23:29    49,664    --a------    C:\Windows\System32\csrsrv.dll
2008-01-22 23:29 . 2008-01-22 23:29    39,424    --a------    C:\Windows\System32\ACCTRES.dll
2008-01-22 23:28 . 2008-01-22 23:28    804,352    --a------    C:\Windows\System32\drivers\tcpip.sys
2008-01-22 23:28 . 2008-01-22 23:28    217,272    --a------    C:\Windows\System32\drivers\netio.sys
2008-01-22 23:28 . 2008-01-22 23:28    167,424    --a------    C:\Windows\System32\tcpipcfg.dll
2008-01-22 23:28 . 2008-01-22 23:28    24,064    --a------    C:\Windows\System32\netcfg.exe
2008-01-22 23:28 . 2008-01-22 23:28    22,016    --a------    C:\Windows\System32\netiougc.exe
2008-01-22 23:26 . 2008-01-22 23:26    8,147,968    --a------    C:\Windows\System32\wmploc.DLL
2008-01-22 23:26 . 2008-01-22 23:26    7,680    --a------    C:\Windows\System32\spwmp.dll
2008-01-22 23:26 . 2008-01-22 23:26    4,096    --a------    C:\Windows\System32\msdxm.ocx
2008-01-22 23:26 . 2008-01-22 23:26    4,096    --a------    C:\Windows\System32\dxmasf.dll
2008-01-22 23:25 . 2008-01-22 23:25    1,191,936    --a------    C:\Windows\System32\msxml3.dll
2008-01-22 23:25 . 2008-01-22 23:25    104,448    --a------    C:\Windows\System32\DWWIN.EXE
2008-01-22 23:25 . 2008-01-22 23:25    2,048    --a------    C:\Windows\System32\msxml3r.dll
2008-01-22 23:24 . 2008-01-22 23:24    1,335,296    --a------    C:\Windows\System32\msxml6.dll
2008-01-22 23:24 . 2008-01-22 23:24    1,327,104    --a------    C:\Windows\System32\quartz.dll
2008-01-22 23:24 . 2008-01-22 23:24    223,232    --a------    C:\Windows\System32\WMASF.DLL
2008-01-22 23:24 . 2008-01-22 23:24    9,728    --a------    C:\Windows\System32\LAPRXY.DLL
2008-01-22 23:24 . 2008-01-22 23:24    2,048    --a------    C:\Windows\System32\msxml6r.dll
2008-01-22 23:24 . 2008-01-22 23:24    2,048    --a------    C:\Windows\System32\asferror.dll
2008-01-22 23:23 . 2008-01-22 23:23    737,792    --a------    C:\Windows\System32\inetcomm.dll
2008-01-22 23:23 . 2008-01-22 23:23    84,480    --a------    C:\Windows\System32\INETRES.dll
2008-01-22 23:23 . 2008-01-22 23:23    11,776    --a------    C:\Windows\System32\sbunattend.exe
2008-01-22 23:21 . 2008-01-22 23:21    3,504,824    --a------    C:\Windows\System32\ntkrnlpa.exe
2008-01-22 23:20 . 2008-01-22 23:20    750,080    --a------    C:\Windows\System32\qmgr.dll
2008-01-22 23:11 . 2008-01-22 17:45    <DIR>    d--------    C:\Windows.old
2008-01-22 23:08 . 2008-01-22 23:08    1,712,984    --a------    C:\Windows\System32\wuaueng.dll
2008-01-22 23:08 . 2008-01-22 23:08    1,524,224    --a------    C:\Windows\System32\wucltux.dll
2008-01-22 23:08 . 2008-01-22 23:08    53,080    --a------    C:\Windows\System32\wuauclt.exe
2008-01-22 23:08 . 2008-01-22 23:08    43,352    --a------    C:\Windows\System32\wups2.dll
2008-01-22 23:07 . 2008-01-22 23:07    549,720    --a------    C:\Windows\System32\wuapi.dll
2008-01-22 23:07 . 2008-01-22 23:07    80,896    --a------    C:\Windows\System32\wudriver.dll
2008-01-22 23:07 . 2008-01-22 23:07    33,624    --a------    C:\Windows\System32\wups.dll
2008-01-22 23:06 . 2008-01-22 23:06    163,000    --a------    C:\Windows\System32\wuwebv.dll
2008-01-22 23:06 . 2008-01-22 23:06    31,232    --a------    C:\Windows\System32\wuapp.exe
2008-01-22 22:48 . 2008-01-23 00:25    <DIR>    d--------    C:\Windows\Debug

.
((((((((((((((((((((((((((((((((((((((((  Find3M Report  ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-01-23 06:41    ---------    d-----w    C:\Program Files\Windows Photo Gallery
2008-01-23 06:41    ---------    d-----w    C:\Program Files\Windows Journal
2008-01-23 06:41    ---------    d-----w    C:\Program Files\Windows Defender
2008-01-23 06:41    ---------    d-----w    C:\Program Files\Windows Collaboration
2008-01-23 06:41    ---------    d-----w    C:\Program Files\Windows Calendar
2008-01-22 23:19    9,216    ----a-w    C:\Windows\System32\avgwlntf.dll
2008-01-22 23:19    55,304    ----a-w    C:\Windows\system32\drivers\avgwfp.sys
2008-01-22 23:19    499,712    ----a-w    C:\Windows\System32\msvcp71.dll
2008-01-22 23:19    348,160    ----a-w    C:\Windows\System32\msvcr71.dll
2008-01-22 22:38    ---------    d-----w    C:\Program Files\Windows Sidebar
2008-01-22 22:38    ---------    d-----w    C:\Program Files\Windows Mail
2008-01-22 22:27    86,016    ----a-w    C:\Windows\System32\icfupgd.dll
2008-01-22 22:27    63,488    ----a-w    C:\Windows\system32\drivers\mpsdrv.sys
2008-01-22 22:27    61,952    ----a-w    C:\Windows\System32\cmifw.dll
2008-01-22 22:27    414,208    ----a-w    C:\Windows\System32\msscp.dll
2008-01-22 22:27    396,800    ----a-w    C:\Windows\System32\MPSSVC.dll
2008-01-22 22:27    392,192    ----a-w    C:\Windows\System32\FirewallAPI.dll
2008-01-22 22:27    374,456    ----a-w    C:\Windows\System32\mcupdate_GenuineIntel.dll
2008-01-22 22:27    23,040    ----a-w    C:\Windows\system32\drivers\tunnel.sys
2008-01-22 22:27    178,688    ----a-w    C:\Windows\System32\iphlpsvc.dll
2008-01-22 22:27    16,896    ----a-w    C:\Windows\System32\wfapigp.dll
2008-01-22 22:27    15,360    ----a-w    C:\Windows\system32\drivers\TUNMP.SYS
2008-01-22 22:22    824,832    ----a-w    C:\Windows\System32\wininet.dll
2008-01-22 22:22    56,320    ----a-w    C:\Windows\System32\iesetup.dll
2008-01-22 22:22    52,736    ----a-w    C:\Windows\AppPatch\iebrshim.dll
2008-01-22 22:22    26,624    ----a-w    C:\Windows\System32\ieUnatt.exe
2008-01-22 22:21    84,992    ----a-w    C:\Windows\system32\drivers\srvnet.sys
2008-01-22 22:21    788,992    ----a-w    C:\Windows\System32\rpcrt4.dll
2008-01-22 22:21    633,856    ----a-w    C:\Windows\System32\user32.dll
2008-01-22 22:21    58,368    ----a-w    C:\Windows\system32\drivers\mrxsmb20.sys
2008-01-22 22:21    5,120    ----a-w    C:\Windows\System32\wmi.dll
2008-01-22 22:21    3,470,520    ----a-w    C:\Windows\System32\ntoskrnl.exe
2008-01-22 22:21    2,026,496    ----a-w    C:\Windows\System32\win32k.sys
2008-01-22 22:21    152,576    ----a-w    C:\Windows\System32\imagehlp.dll
2008-01-22 22:21    130,048    ----a-w    C:\Windows\system32\drivers\srv2.sys
2008-01-22 22:21    12,800    ----a-w    C:\Windows\system32\drivers\fs_rec.sys
2008-01-22 22:21    101,888    ----a-w    C:\Windows\system32\drivers\mrxsmb.sys
2008-01-22 22:04    ---------    d-sh--w    C:\Program Files\Fælles filer
2007-12-14 10:32    12,632    ----a-w    C:\Windows\System32\lsdelete.exe
2006-11-02 12:50    174    --sha-w    C:\Program Files\desktop.ini
.

(((((((((((((((((((((((((((((((((((((  Reg Loading Points  ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="C:\Program Files\Windows Sidebar\sidebar.exe" [2008-01-22 23:23 1232896]
"SUPERAntiSpyware"="C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe" [2007-04-23 15:46 1318128]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Windows Defender"="C:\Program Files\Windows Defender\MSASCui.exe" [2006-11-02 13:34 1004136]
"ZoneAlarm Client"="C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe" [2007-06-04 05:24 960240]
"AVG7_CC"="C:\PROGRA~1\Grisoft\AVG7\avgcc.exe" [2008-01-23 00:19 579072]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"AVG7_Run"="C:\PROGRA~1\Grisoft\AVG7\avgw.exe" [2008-01-23 00:19 219136]

[hkey_local_machine\software\microsoft\windows\currentversion\explorer\shellexecutehooks]
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= C:\Program Files\SUPERAntiSpyware\SASSEH.DLL [2006-12-20 13:55 77824]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\!SASWinLogon]
C:\Program Files\SUPERAntiSpyware\SASWINLO.dll 2007-04-19 13:41 294912 C:\Program Files\SUPERAntiSpyware\SASWINLO.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\avgwlntf]
avgwlntf.dll 2008-01-23 00:19 9216 C:\Windows\System32\avgwlntf.dll

R3 AvgWFP;AVG7 Firewall Driver x86;C:\Windows\system32\Drivers\avgwfp.sys [2008-01-23 00:19]
R3 BCM43XV;Driver til Broadcom Extensible 802.11-netværkskort;C:\Windows\system32\DRIVERS\bcmwl6.sys [2006-11-02 08:30]
S3 viaagp;VIA AGP Bus Filter;C:\Windows\system32\drivers\viaagp.sys [2006-11-02 10:49]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
LocalSystemNetworkRestricted    REG_MULTI_SZ      hidserv UxSms WdiSystemHost Netman trkwks AudioEndpointBuilder WUDFSvc irmon sysmain IPBusEnum dot3svc PcaSvc EMDMgmt TabletInputService wlansvc WPDBusEnum

*Newly Created Service* - PROCEXP90
.
**************************************************************************

catchme 0.3.1344 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-01-23 14:45:34
Windows 6.0.6000  NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************
.
Completion time: 2008-01-23 14:46:47
.
2008-01-22 22:30:04    --- E O F --- 



slut!