pr0xZen Skrevet 7. september 2008 Rapporter Del Skrevet 7. september 2008 Trenger kyndig hjelp gjennomgang av 2 sett logger. Her er stasjonæren - laptop følger i egen tråd. Har hatt endel småproblemer tidligere, og nylig dukket upp noe msn-spam saker i huset. Vet ikke om jeg ble kvitt det. MBAM-logg Klikk for å se/fjerne innholdet nedenfor Malwarebytes' Anti-Malware 1.26Database versjon: 1122 Windows 5.1.2600 Service Pack 1 07.09.2008 16:00:55 mbam-log-2008-09-07 (16-00-55).txt Skanntype: Rask Skann Objekter skannet: 50867 Tid tilbakelagt: 1 minute(s), 51 second(s) Minneprosesser infisert: 0 Minnemoduler infisert: 0 Registernøkler infisert: 0 Registerverdier infisert: 0 Registerfiler infisert: 1 Mapper infisert: 0 Filer infisert: 0 Minneprosesser infisert: (Ingen mistenkelige filer funnet) Minnemoduler infisert: (Ingen mistenkelige filer funnet) Registernøkler infisert: (Ingen mistenkelige filer funnet) Registerverdier infisert: (Ingen mistenkelige filer funnet) Registerfiler infisert: HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\NoFolderOptions (Hijack.FolderOptions) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully. Mapper infisert: (Ingen mistenkelige filer funnet) Filer infisert: (Ingen mistenkelige filer funnet) Combofix logg Klikk for å se/fjerne innholdet nedenfor ComboFix 08-09-05.03 - Smiley 2008-09-07 16:03:16.1 - NTFSx86 Microsoft Windows XP Professional 5.1.2600.1.1252.1.1044.18.487 [GMT 2:00] Running from: E:\Nedlastinger\ComboFix.exe * Created a new restore point WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !! . ((((((((((((((((((((((((((((((((((((((( Other Deletions ))))))))))))))))))))))))))))))))))))))))))))))))) . C:\Documents and Settings\Administrator\Lokale innstillinger\Programdata\Microsoft\Windows Media\10.0\WMSDKNSD.XML C:\Documents and Settings\Cecilie\Cookies\cecilie@bizrate[2].txt C:\WINDOWS\system32\drivers\npf.sys C:\WINDOWS\system32\packet.dll C:\WINDOWS\system32\pthreadVC.dll C:\WINDOWS\system32\wpcap.dll . ((((((((((((((((((((((((((((((((((((((( Drivers/Services ))))))))))))))))))))))))))))))))))))))))))))))))) . -------\Legacy_NPF -------\Service_NPF ((((((((((((((((((((((((( Files Created from 2008-08-07 to 2008-09-07 ))))))))))))))))))))))))))))))) . 2008-09-07 15:56 . 2008-09-07 15:56 <DIR> d-------- C:\Programfiler\Malwarebytes' Anti-Malware 2008-09-07 15:56 . 2008-09-07 15:56 <DIR> d-------- C:\Documents and Settings\Smiley\Programdata\Malwarebytes 2008-09-07 15:56 . 2008-09-07 15:56 <DIR> d-------- C:\Documents and Settings\All Users\Programdata\Malwarebytes 2008-09-07 15:56 . 2008-09-02 00:16 38,528 --a------ C:\WINDOWS\system32\drivers\mbamswissarmy.sys 2008-09-07 15:56 . 2008-09-02 00:16 17,200 --a------ C:\WINDOWS\system32\drivers\mbam.sys 2008-09-07 15:49 . 2008-09-07 16:01 <DIR> dr-h----- C:\Documents and Settings\Smiley\Siste 2008-09-07 15:46 . 2008-09-07 15:46 <DIR> d-------- C:\Programfiler\CCleaner 2008-08-30 16:58 . 2008-09-01 22:39 98 --a------ C:\WINDOWS\unpack.bat 2008-08-30 16:56 . 2005-12-14 23:23 29,696 --a------ C:\WINDOWS\UnpackCL.exe 2008-08-14 19:23 . 2008-08-14 19:23 <DIR> d-------- C:\Programfiler\Fellesfiler\eSellerate 2008-08-14 19:23 . 2008-08-14 19:23 <DIR> d-------- C:\Programfiler\docXConverter3 2008-08-14 19:23 . 2008-08-14 19:23 360,580 --a------ C:\WINDOWS\eSellerateEngine.dll 2008-08-14 19:23 . 2008-08-14 19:24 132 --ah----- C:\Documents and Settings\Smiley\Programdata\lakerda1967.sys 2008-08-13 04:57 . 2008-09-07 16:06 1,461,611 --a------ C:\WINDOWS\system32\oodbs.lor 2008-08-13 04:53 . 2008-08-13 04:53 0 --a------ C:\WINDOWS\oodcnt.INI 2008-08-13 04:52 . 2008-08-17 23:38 <DIR> d-------- C:\WINDOWS\system32\oodag 2008-08-13 04:50 . 2008-08-13 04:50 <DIR> d-------- C:\Programfiler\OO Software 2008-08-10 20:17 . 2002-08-29 02:01 134,272 --a------ C:\WINDOWS\system32\drivers\portcls.sys 2008-08-10 20:17 . 2002-08-29 02:01 134,272 --a--c--- C:\WINDOWS\system32\dllcache\portcls.sys 2008-08-10 20:17 . 2002-08-29 01:32 57,856 --a------ C:\WINDOWS\system32\drivers\drmk.sys 2008-08-10 20:17 . 2002-08-29 01:32 57,856 --a--c--- C:\WINDOWS\system32\dllcache\drmk.sys 2008-08-09 23:38 . 2008-08-10 00:43 94,208 --a------ C:\WINDOWS\ScUnin.exe 2008-08-09 23:38 . 2008-08-10 00:43 29,488 --a------ C:\WINDOWS\scunin.dat 2008-08-09 23:38 . 2008-08-10 00:43 967 --a------ C:\WINDOWS\ScUnin.pif . (((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2008-09-07 14:04 --------- d-----w C:\Documents and Settings\Smiley\Programdata\uTorrent 2008-09-07 00:34 --------- d-----w C:\Programfiler\DC++ 2008-09-06 21:06 --------- d-----w C:\Programfiler\Paint Shop Pro 6 2008-08-05 14:58 --------- d-----w C:\Documents and Settings\Smiley\Programdata\GrabIt 2008-08-05 14:57 --------- d-----w C:\Documents and Settings\Smiley\Programdata\mIRC 2008-08-05 14:24 --------- d-----w C:\Programfiler\mIRC 2008-08-05 13:43 --------- d-----w C:\Programfiler\NewsBin 2008-08-05 13:43 --------- d-----w C:\Documents and Settings\All Users\Programdata\NewsBin 2008-08-05 13:06 --------- d-----w C:\Programfiler\GrabIt 2008-08-01 21:44 --------- d-----w C:\Programfiler\Resize Pictures Plus 2008-07-18 08:12 --------- d-----w C:\Documents and Settings\Cecilie\Programdata\LockTime 2008-07-13 22:46 --------- d-----w C:\Documents and Settings\Smiley\Programdata\Skype . ((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))))) . . *Note* empty entries & legit default entries are not shown REGEDIT4 [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "MessengerPlus3"="C:\Programfiler\MessengerPlus! 3\MsgPlus.exe" [2006-09-30 190024] "H/PC Connection Agent"="C:\Programfiler\Microsoft ActiveSync\wcescomm.exe" [2006-06-27 1211176] "swg"="C:\Programfiler\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2007-09-24 68856] "DAEMON Tools"="C:\Programfiler\DAEMON Tools\daemon.exe" [2007-12-06 167368] "CTZDetec.exe"="C:\Programfiler\Creative\Creative Media Lite\CTZDetec.exe" [2007-12-18 401408] "Steam"="d:\games\steam\steam.exe" [2008-03-28 1271032] "msnmsgr"="C:\Programfiler\MSN Messenger\msnmsgr.exe" [2007-01-19 5674352] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "AudioHQ"="C:\Programfiler\Creative\SBPCI5122K\AudioHQ\AHQTB.EXE" [1999-11-30 204800] "DU Meter"="C:\Programfiler\DU Meter\DUMeter.exe" [2001-11-28 1123328] "NeroFilterCheck"="C:\WINDOWS\System32\NeroCheck.exe" [2001-07-09 155648] "DAEMON Tools-1033"="C:\Programfiler\D-Tools\daemon.exe" [2004-08-22 81920] "MessengerPlus3"="C:\Programfiler\MessengerPlus! 3\MsgPlus.exe" [2006-09-30 190024] "pdfFactory Pro Dispatcher v2"="C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\fppdis2a.exe" [2004-08-25 442368] "ISUSPM Startup"="C:\PROGRA~1\FELLES~1\INSTAL~1\UPDATE~1\ISUSPM.exe" [2004-06-16 221184] "ISUSScheduler"="C:\Programfiler\Fellesfiler\InstallShield\UpdateService\issch.exe" [2004-06-16 81920] "SunJavaUpdateSched"="C:\Programfiler\Java\jre1.6.0_03\bin\jusched.exe" [2007-09-25 132496] "!AVG Anti-Spyware"="C:\Programfiler\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" [2007-06-11 6731312] "SSBkgdUpdate"="C:\Programfiler\Fellesfiler\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" [2003-10-14 155648] "PaperPort PTD"="C:\Programfiler\ScanSoft\PaperPort\pptd40nt.exe" [2005-03-18 57393] "IndexSearch"="C:\Programfiler\ScanSoft\PaperPort\IndexSearch.exe" [2005-03-18 40960] "BrMfcWnd"="C:\Programfiler\Brother\Brmfcmon\BrMfcWnd.exe" [2006-03-28 622592] "SetDefPrt"="C:\Programfiler\Brother\Brmfl06a\BrStDvPt.exe" [2005-01-26 49152] "ControlCenter3"="C:\Programfiler\Brother\ControlCenter3\brctrcen.exe" [2006-04-10 61440] "Adobe Reader Speed Launcher"="C:\Programfiler\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2008-01-11 39792] "NvCplDaemon"="C:\WINDOWS\System32\NvCpl.dll" [2007-12-05 8523776] "NvMediaCenter"="C:\WINDOWS\System32\NvMcTray.dll" [2007-12-05 81920] "RivaTunerStartupDaemon"="C:\Programfiler\RivaTuner v2.06\RivaTuner.exe" [2007-10-30 2650112] "QuickTime Task"="C:\Programfiler\QuickTime\qttask.exe" [2006-09-01 282624] "MBBalloon"="C:\Programfiler\HOTALBUMMyBOX\MBBalloon.exe" [2007-12-21 791392] "PCSuiteTrayApplication"="C:\Programfiler\Nokia\Nokia PC Suite 6\LaunchApplication.exe" [2006-11-08 222208] "OODefragTray"="C:\WINDOWS\System32\oodtray.exe" [2007-05-11 2512392] "MSConfig"="C:\WINDOWS\PCHealth\HelpCtr\Binaries\MSConfig.exe" [2002-09-09 145408] "nwiz"="nwiz.exe" [2007-12-05 C:\WINDOWS\system32\nwiz.exe] [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run] "PcSync"="C:\Programfiler\Nokia\Nokia PC Suite 6\PcSync2.exe" [2006-11-09 1634304] C:\Documents and Settings\All Users\Start-meny\Programmer\Oppstart\ Adobe Gamma Loader.lnk - C:\Programfiler\Fellesfiler\Adobe\Calibration\Adobe Gamma Loader.exe [2008-04-28 113664] BTTray.lnk - C:\Programfiler\WIDCOMM\Bluetooth-programvare\BTTray.exe [2004-01-20 507965] MediaChecker.lnk - C:\Programfiler\HOTALBUMMyBOX\MediaChecker.exe [2007-12-21 917344] [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer] "NoBandCustomize"= 0 (0x0) [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32] "msacm.g723"= g723.acm "vidc.I263"= I263_32.drv "SENTINEL"= snti386.dll "aux"= ctwdm32.dll [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SsAAD.exe] --a------ 2006-05-08 06:17 81920 C:\PROGRA~1\Sony\SONICS~1\SSAAD.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\UpdReg] --a------ 1999-11-12 02:00 86016 C:\WINDOWS\Updreg.exe R0 PzWDM;PzWDM;C:\WINDOWS\System32\Drivers\PzWDM.sys [2008-04-20 15172] R0 SI3112r;Silicon Image SiI 3112 SATARaid Controller;C:\WINDOWS\System32\DRIVERS\SI3112r.sys [2004-08-27 97920] R1 aswSP;avast! Self Protection;C:\WINDOWS\System32\drivers\aswSP.sys [2008-07-19 78416] R2 COSIDS_TB;COSIDS_TB;D:\APPZ\COSIDS\BIN\TbMux32.exe [2001-11-20 165376] R2 DLPortIO;DriverLINX Port I/O Driver;C:\WINDOWS\System32\drivers\DLPortIO.sys [1996-09-27 3584] S2 Fswsclds;F-Secure Windows Security Center Legacy Detection Service;C:\Programfiler\F-Secure Anti-Virus\fswsclds.exe [ ] S3 fsbl;F-Secure BlackLight Engine Driver;C:\DOCUME~1\ADMINI~1\LOKALE~1\Temp\OnlineScanner\Anti-Virus\fsbldrv.sys [ ] S3 P1120VID;Creative WebCam NX Ultra;C:\WINDOWS\System32\DRIVERS\P1120Vid.sys [2004-01-12 1252474] S3 vim;vim;C:\WINDOWS\System32\drivers\vim.sys [2005-02-08 5248] Unknown2 canio;canio;C:\WINDOWS\System32\canio.sys [2002-07-14 3441] *Newly Created Service* - ALG *Newly Created Service* - IPNAT . Contents of the 'Scheduled Tasks' folder . - - - - ORPHANS REMOVED - - - - WebBrowser-{EEE6C35B-6118-11DC-9C72-001320C79847} - (no file) HKLM-Run-cc2_config - C:\Programfiler\CrystalControl2\cc2-config\cc2_config.exe HKLM-Run-POINTER - point32.exe . ------- Supplementary Scan ------- . FireFox -: Profile - C:\Documents and Settings\Smiley\Programdata\Mozilla\Firefox\Profiles\w7wb89iz.default\ FireFox -: prefs.js - STARTUP.HOMEPAGE - hxxp://www.google.com/ . . ------- File Associations (Beta) ------- . regfile=regedit.exe "%1" %* scrfile="%1" %* . ************************************************************************** catchme 0.3.1361 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2008-09-07 16:07:05 Windows 5.1.2600 Service Pack 1 NTFS scanning hidden processes ... scanning hidden autostart entries ... scanning hidden files ... scan completed successfully hidden files: 0 ************************************************************************** . --------------------- DLLs Loaded Under Running Processes --------------------- PROCESS: C:\WINDOWS\system32\lsass.exe -> C:\Programfiler\NetLimiter\nl_lsp.dll -> C:\WINDOWS\system32\nl_msgc.dll . ------------------------ Other Running Processes ------------------------ . C:\Programfiler\Alwil Software\Avast4\aswUpdSv.exe C:\Programfiler\Alwil Software\Avast4\ashServ.exe C:\Programfiler\GRISOFT\AVG Anti-Spyware 7.5\guard.exe C:\WINDOWS\system32\devldr32.exe C:\Programfiler\WIDCOMM\Bluetooth-programvare\bin\btwdins.exe C:\WINDOWS\system32\CTSVCCDA.EXE C:\Programfiler\Creative\Shared Files\CTDevSrv.exe C:\WINDOWS\system32\nvsvc32.exe C:\WINDOWS\system32\oodag.exe C:\WINDOWS\system32\spnsrvnt.exe C:\WINDOWS\system32\wdfmgr.exe C:\Programfiler\Microsoft Hardware\Mouse\point32.exe C:\WINDOWS\system32\rundll32.exe C:\Programfiler\Alwil Software\Avast4\ashWebSv.exe C:\PROGRA~1\MICROS~4\rapimgr.exe C:\Programfiler\PC Connectivity Solution\ServiceLayer.exe C:\Programfiler\MSN Messenger\usnsvc.exe . ************************************************************************** . Completion time: 2008-09-07 16:11:18 - machine was rebooted ComboFix-quarantined-files.txt 2008-09-07 14:11:12 Pre-Run: 1,379,041,280 byte ledig Post-Run: 1,437,114,368 byte ledig 191 Hijackthis logg Klikk for å se/fjerne innholdet nedenfor Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 16:15:12, on 07.09.2008 Platform: Windows XP SP1 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\Programfiler\Alwil Software\Avast4\aswUpdSv.exe C:\Programfiler\Alwil Software\Avast4\ashServ.exe C:\Programfiler\Grisoft\AVG Anti-Spyware 7.5\guard.exe C:\WINDOWS\System32\devldr32.exe C:\Programfiler\WIDCOMM\Bluetooth-programvare\bin\btwdins.exe D:\APPZ\COSIDS\BIN\TbMux32.exe C:\WINDOWS\System32\CTsvcCDA.exe C:\Programfiler\Creative\Shared Files\CTDevSrv.exe C:\WINDOWS\System32\nvsvc32.exe C:\WINDOWS\System32\oodag.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\System32\spnsrvnt.exe C:\Programfiler\Creative\SBPCI5122K\AudioHQ\AHQTB.EXE C:\Programfiler\DU Meter\DUMeter.exe C:\Programfiler\MessengerPlus! 3\MsgPlus.exe C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\fppdis2a.exe C:\Programfiler\Microsoft Hardware\Mouse\point32.exe C:\Programfiler\Fellesfiler\InstallShield\UpdateService\issch.exe C:\Programfiler\Java\jre1.6.0_03\bin\jusched.exe C:\Programfiler\Grisoft\AVG Anti-Spyware 7.5\avgas.exe C:\Programfiler\ScanSoft\PaperPort\pptd40nt.exe C:\Programfiler\Brother\Brmfcmon\BrMfcWnd.exe C:\WINDOWS\System32\RUNDLL32.EXE C:\Programfiler\QuickTime\qttask.exe C:\Programfiler\Alwil Software\Avast4\ashWebSv.exe C:\Programfiler\Nokia\Nokia PC Suite 6\LaunchApplication.exe C:\WINDOWS\System32\oodtray.exe C:\Programfiler\Microsoft ActiveSync\wcescomm.exe C:\Programfiler\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe C:\Programfiler\DAEMON Tools\daemon.exe C:\Programfiler\Creative\Creative Media Lite\CTZDetec.exe D:\games\steam\steam.exe C:\Programfiler\MSN Messenger\msnmsgr.exe C:\PROGRA~1\MICROS~4\rapimgr.exe C:\Programfiler\WIDCOMM\Bluetooth-programvare\BTTray.exe C:\Programfiler\HOTALBUMMyBOX\MediaChecker.exe C:\Programfiler\PC Connectivity Solution\ServiceLayer.exe C:\Programfiler\MSN Messenger\usnsvc.exe C:\WINDOWS\explorer.exe C:\Programfiler\Mozilla Firefox\firefox.exe C:\Appz\TotCmd\TOTALCMD.EXE C:\Documents and Settings\Smiley\Skrivebord\Spyware logger\x\test1.exe R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://home.sweetim.com R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koblinger O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programfiler\Fellesfiler\Adobe\Acrobat\ActiveX\AcroIEHelper.dll O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O2 - BHO: WebCGMHlprObj Class - {56B38F40-4E70-11d4-A076-0080AD86BA2F} - C:\WINDOWS\cgmopenbho.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programfiler\Java\jre1.6.0_03\bin\ssv.dll O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file) O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\programfiler\google\googletoolbar1.dll O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Programfiler\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\programfiler\google\googletoolbar1.dll O4 - HKLM\..\Run: [AudioHQ] C:\Programfiler\Creative\SBPCI5122K\AudioHQ\AHQTB.EXE O4 - HKLM\..\Run: [DU Meter] C:\Programfiler\DU Meter\DUMeter.exe O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\System32\NeroCheck.exe O4 - HKLM\..\Run: [DAEMON Tools-1033] "C:\Programfiler\D-Tools\daemon.exe" -lang 1033 O4 - HKLM\..\Run: [MessengerPlus3] "C:\Programfiler\MessengerPlus! 3\MsgPlus.exe" O4 - HKLM\..\Run: [pdfFactory Pro Dispatcher v2] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\fppdis2a.exe O4 - HKLM\..\Run: [iSUSPM Startup] C:\PROGRA~1\FELLES~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup O4 - HKLM\..\Run: [iSUSScheduler] "C:\Programfiler\Fellesfiler\InstallShield\UpdateService\issch.exe" -start O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Programfiler\Java\jre1.6.0_03\bin\jusched.exe" O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Programfiler\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized O4 - HKLM\..\Run: [sSBkgdUpdate] "C:\Programfiler\Fellesfiler\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" -Embedding -boot O4 - HKLM\..\Run: [PaperPort PTD] C:\Programfiler\ScanSoft\PaperPort\pptd40nt.exe O4 - HKLM\..\Run: [indexSearch] C:\Programfiler\ScanSoft\PaperPort\IndexSearch.exe O4 - HKLM\..\Run: [brMfcWnd] C:\Programfiler\Brother\Brmfcmon\BrMfcWnd.exe /AUTORUN O4 - HKLM\..\Run: [setDefPrt] C:\Programfiler\Brother\Brmfl06a\BrStDvPt.exe O4 - HKLM\..\Run: [ControlCenter3] C:\Programfiler\Brother\ControlCenter3\brctrcen.exe /autorun O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Programfiler\Adobe\Reader 8.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [nwiz] nwiz.exe /install O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\System32\NvMcTray.dll,NvTaskbarInit O4 - HKLM\..\Run: [RivaTunerStartupDaemon] "C:\Programfiler\RivaTuner v2.06\RivaTuner.exe" /S O4 - HKLM\..\Run: [QuickTime Task] "C:\Programfiler\QuickTime\qttask.exe" -atboottime O4 - HKLM\..\Run: [MBBalloon] C:\Programfiler\HOTALBUMMyBOX\MBBalloon.exe O4 - HKLM\..\Run: [PCSuiteTrayApplication] C:\Programfiler\Nokia\Nokia PC Suite 6\LaunchApplication.exe -startup O4 - HKLM\..\Run: [OODefragTray] C:\WINDOWS\System32\oodtray.exe O4 - HKLM\..\Run: [MSConfig] C:\WINDOWS\PCHealth\HelpCtr\Binaries\MSConfig.exe /auto O4 - HKCU\..\Run: [MessengerPlus3] "C:\Programfiler\MessengerPlus! 3\MsgPlus.exe" /WinStart O4 - HKCU\..\Run: [H/PC Connection Agent] "C:\Programfiler\Microsoft ActiveSync\wcescomm.exe" O4 - HKCU\..\Run: [swg] C:\Programfiler\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe O4 - HKCU\..\Run: [DAEMON Tools] "C:\Programfiler\DAEMON Tools\daemon.exe" O4 - HKCU\..\Run: [CTZDetec.exe] C:\Programfiler\Creative\Creative Media Lite\CTZDetec.exe O4 - HKCU\..\Run: [steam] "d:\games\steam\steam.exe" -silent O4 - HKCU\..\Run: [msnmsgr] "C:\Programfiler\MSN Messenger\msnmsgr.exe" /background O4 - HKUS\S-1-5-18\..\Run: [PcSync] C:\Programfiler\Nokia\Nokia PC Suite 6\PcSync2.exe /NoDialog (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [PcSync] C:\Programfiler\Nokia\Nokia PC Suite 6\PcSync2.exe /NoDialog (User 'Default user') O4 - Startup: LCD Smartie.lnk = ? O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Programfiler\Fellesfiler\Adobe\Calibration\Adobe Gamma Loader.exe O4 - Global Startup: BTTray.lnk = ? O4 - Global Startup: MediaChecker.lnk = C:\Programfiler\HOTALBUMMyBOX\MediaChecker.exe O8 - Extra context menu item: Send til &Bluetooth - C:\Programfiler\WIDCOMM\Bluetooth-programvare\btsendto_ie_ctx.htm O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programfiler\Java\jre1.6.0_03\bin\ssv.dll O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programfiler\Java\jre1.6.0_03\bin\ssv.dll O9 - Extra button: Create Mobile Favorite - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MICROS~4\INetRepl.dll O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MICROS~4\INetRepl.dll O9 - Extra 'Tools' menuitem: Opprett mobil favoritt... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MICROS~4\INetRepl.dll O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Programfiler\WIDCOMM\Bluetooth-programvare\btsendto_ie.htm O9 - Extra 'Tools' menuitem: @btrez.dll,-4017 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Programfiler\WIDCOMM\Bluetooth-programvare\btsendto_ie.htm O16 - DPF: {62475759-9E84-458E-A1AB-5D2C442ADFDE} - http://appldnld.m7z.net/qtinstall.info.app...llInstaller.exe O17 - HKLM\System\CCS\Services\Tcpip\..\{43EBD7C9-D4FF-41C1-A925-CA2B7FC8665C}: NameServer = 217.13.4.24,217.13.7.140 O23 - Service: Adobe LM Service - Unknown owner - C:\Programfiler\Fellesfiler\Adobe Systems Shared\Service\Adobelmsvc.exe O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Programfiler\Alwil Software\Avast4\aswUpdSv.exe O23 - Service: avast! Antivirus - ALWIL Software - C:\Programfiler\Alwil Software\Avast4\ashServ.exe O23 - Service: avast! Web Scanner - ALWIL Software - C:\Programfiler\Alwil Software\Avast4\ashWebSv.exe O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Programfiler\Grisoft\AVG Anti-Spyware 7.5\guard.exe O23 - Service: Bluetooth Service (btwdins) - WIDCOMM, Inc. - C:\Programfiler\WIDCOMM\Bluetooth-programvare\bin\btwdins.exe O23 - Service: COSIDS_TB - TransAction Software, D 81737 Munich - D:\APPZ\COSIDS\BIN\TbMux32.exe O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\System32\CTsvcCDA.exe O23 - Service: CT Device Query service (CTDevice_Srv) - Creative Technology Ltd - C:\Programfiler\Creative\Shared Files\CTDevSrv.exe O23 - Service: F-Secure Windows Security Center Legacy Detection Service (Fswsclds) - Unknown owner - C:\Programfiler\F-Secure Anti-Virus\fswsclds.exe (file missing) O23 - Service: Google Updater Service (gusvc) - Google - C:\Programfiler\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Programfiler\Fellesfiler\InstallShield\Driver\1150\Intel 32\IDriverT.exe O23 - Service: MSCSPTISRV - Sony Corporation - C:\Programfiler\Fellesfiler\Sony Shared\AVLib\MSCSPTISRV.exe O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe O23 - Service: O&O Defrag - O&O Software GmbH - C:\WINDOWS\System32\oodag.exe O23 - Service: PACSPTISVR - Sony Corporation - C:\Programfiler\Fellesfiler\Sony Shared\AVLib\PACSPTISVR.exe O23 - Service: PC Tools Auxiliary Service (sdAuxService) - PC Tools - C:\Programfiler\Spyware Doctor\pctsAuxs.exe O23 - Service: PC Tools Security Service (sdCoreService) - PC Tools - C:\Programfiler\Spyware Doctor\pctsSvc.exe O23 - Service: ServiceLayer - Nokia. - C:\Programfiler\PC Connectivity Solution\ServiceLayer.exe O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\Programfiler\Fellesfiler\Sony Shared\AVLib\SPTISRV.exe O23 - Service: SentinelSuperProNet Server (SuperProServer) - Unknown owner - C:\WINDOWS\System32\spnsrvnt.exe -- End of file - 11115 bytes Lenke til kommentar
norbat Skrevet 7. september 2008 Rapporter Del Skrevet 7. september 2008 Denne pc'n må oppdateres. Gå til windows update og last ned/installer de oppdateringene som ligger der (start->alle programmer->windows update) Lenke til kommentar
Anbefalte innlegg
Opprett en konto eller logg inn for å kommentere
Du må være et medlem for å kunne skrive en kommentar
Opprett konto
Det er enkelt å melde seg inn for å starte en ny konto!
Start en kontoLogg inn
Har du allerede en konto? Logg inn her.
Logg inn nå