[antbann]

Logfile af Trend Micro HijackThis v2.0.2
Scan gemt kl 12:00:44 den 01/03/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16608)
Boot mode: Normal
Kørende processer:
C: \ WINDOWS \ System32 \ smss.exe
C: \ WINDOWS \ system32 \ Winlogon.exe
C: \ WINDOWS \ system32 \ Services.exe
C: \ WINDOWS \ system32 \ Lsass.exe
C: \ WINDOWS \ system32 \ Svchost.exe
C: \ WINDOWS \ System32 \ Svchost.exe
C: \ WINDOWS \ system32 \ Spoolsv.exe
C: \ Programmer \ McAfee \ MBK \ MBackMonitor.exe
C: \ PROGRA ~ 1 \ McAfee \ MSC \ mcmscsvc.exe
c: \ Programmer \ Fælles filer \ McAfee \ MNA \ mcnasvc.exe
c: \ PROGRA ~ 1 \ FÆLLES ~ 1 \ McAfee \ mcproxy \ mcproxy.exe
C: \ PROGRA ~ 1 \ McAfee \ VIRUSS ~ 1 \ mcshield.exe
C: \ Programmer \ McAfee \ MPF \ MPFSrv.exe
C: \ Programmer \ McAfee \ MSK \ MskSrver.exe
C: \ WINDOWS \ system32 \ HPZipm12.exe
C: \ WINDOWS \ system32 \ Svchost.exe
C: \ WINDOWS \ Explorer.EXE
c: \ PROGRA ~ 1 \ mcafee.com \ agent \ mcagent.exe
C: \ Programmer \ TomTom HOME 2 \ HOMERunner.exe
C: \ PROGRA ~ 1 \ MYWEBS ~ 1 \ bar \ 1.bin \ m3SrchMn.exe
C: \ PROGRA ~ 1 \ MYWEBS ~ 1 \ bar \ 1.bin \ mwsoemon.exe
C: \ Programmer \ Java \ jre1.5.0_09 \ bin \ jusched.exe
C: \ WINDOWS \ System32 \ rundll32.exe
C: \ WINDOWS \ system32 \ Ctfmon.exe
C: \ Programmer \ Cyberlink \ Power2Go \ Power2GoExpress.exe
C: \ Programmer \ Internet Explorer \ IEXPLORE.EXE
C: \ Programmer \ Belkin \ F5D8053 \ Belkinwcui.exe
C: \ WINDOWS \ System32 \ Svchost.exe
C: \ Programmer \ Internet Explorer \ iexplore.exe
C: \ PROGRA ~ 1 \ McAfee \ VIRUSS ~ 1 \ mcsysmon.exe
C: \ Programmer \ Java \ jre1.5.0_09 \ bin \ jucheck.exe
C: \ WINDOWS \ system32 \ rundll32.exe
C: \ Programmer \ Internet Explorer \ iexplore.exe
C: \ Programmer \ CCleaner \ CCleaner.exe
C: \ Programmer \ Trend Micro \ HijackThis \ HijackThis.exe
R0 - HKCU \ Software \ Microsoft \ Internet Explorer \ Main, Start Page = http://uk.yahoo.com
R1 - HKLM \ Software \ Microsoft \ Internet Explorer \ Main, Default_Page_URL = http://uk.yahoo.com
R1 - HKLM \ Software \ Microsoft \ Internet Explorer \ Main, Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM \ Software \ Microsoft \ Internet Explorer \ Main, Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM \ Software \ Microsoft \ Internet Explorer \ Main, Start Page = http://uk.yahoo.com
R1 - HKCU \ Software \ Microsoft \ Internet Explorer \ SearchURL, (Default) = http://g.msn.co.uk/0SEENGB/SAOS01?FORM=TOOLBR
R0 - HKCU \ Software \ Microsoft \ Internet Explorer \ Main, Local Page =
R1 - HKCU \ Software \ Microsoft \ Windows \ CurrentVersion \ Int ernet Settings, ProxyOverride = 127.0.0.1
R3 - URLSearchHook: (no name) - (00A6FAF6-072E-44cf-8957-5838F569A31D) - C: \ Programmer \ MyWebSearch \ SrchAstt \ 1.bin \ MWSSRCAS.DLL
R3 - URLSearchHook: Yahoo! Toolbar - (EF99BD32-C1FB-11D2-892F-0090271D4F88) - C: \ Programmer \ Yahoo! \ Companion \ Installerer \ CPN \ yt.dll
O3 - Toolbar: My Web Search - (07B18EA9-A523-4961-B6BB-170DE4475CCA) - C: \ Programmer \ MyWebSearch \ bar \ 1.bin \ MWSBAR.DLL
O3 - Toolbar: Yahoo! Toolbar - (EF99BD32-C1FB-11D2-892F-0090271D4F88) - C: \ Programmer \ Yahoo! \ Companion \ Installerer \ CPN \ yt.dll
O4 - HKLM \ .. \ Run: [MBkLogOnHook] C: \ Programmer \ McAfee \ MBK \ LogOnHook.exe
O4 - HKLM \ .. \ Run: [TomTomHOME.exe] "C: \ Programmer \ TomTom HOME 2 \ HOMERunner.exe"-s
O4 - HKLM \ .. \ Run: [My Web Search Bar Search Anvendelsesområde Monitor] "C: \ PROGRA ~ 1 \ MYWEBS ~ 1 \ bar \ 1.bin \ m3SrchMn.exe" / m = 2 / w
O4 - HKLM \ .. \ Run: [MyWebSearch Email Plugin] C: \ PROGRA ~ 1 \ MYWEBS ~ 1 \ bar \ 1.bin \ mwsoemon.exe
O4 - HKLM \ .. \ Run: [SunJavaUpdateSched] "C: \ Programmer \ Java \ jre1.5.0_09 \ bin \ jusched.exe"
O4 - HKLM \ .. \ Run: [mcagent_exe] C: \ Programmer \ McAfee.com \ Agent \ mcagent.exe / runkey
O4 - HKLM \ .. \ Run: [postSetupCheck] C: \ WINDOWS \ System32 \ rundll32.exe "C: \ WINDOWS \ system32 \ gzmrt.dll" DllStart
O4 - HKCU \ .. \ Run: [Ctfmon.exe] C: \ WINDOWS \ system32 \ Ctfmon.exe
O4 - HKCU \ .. \ Run: [msnmsgr] "C: \ Programmer \ MSN Messenger \ msnmsgr.exe" / baggrund
O4 - HKCU \ .. \ Run: [MyWebSearch Email Plugin] C: \ PROGRA ~ 1 \ MYWEBS ~ 1 \ bar \ 1.bin \ mwsoemon.exe
O4 - HKCU \ .. \ Run: [Power2GoExpress] "C: \ Programmer \ Cyberlink \ Power2Go \ Power2GoExpress.exe" / Start
O4 - HKUS \ S-1-5-18 \ .. \ Run: [Ctfmon.exe] C: \ WINDOWS \ system32 \ Ctfmon.exe (User 'SYSTEM')
O4 - HKUS \. DEFAULT \ .. \ Run: [Ctfmon.exe] C: \ WINDOWS \ system32 \ Ctfmon.exe (User 'Default user')
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C: \ Programmer \ Adobe \ Acrobat 7.0 \ Reader \ reader_sl.exe
O4 - Global Startup: Belkin F5D8053 N Wireless USB Adapter Utility.lnk = C: \ Programmer \ Belkin \ F5D8053 \ Belkinwcui.exe
O4 - Global Startup: Microsoft Office.lnk = C: \ Programmer \ Microsoft Office \ Office10 \ OSA.EXE
O8 - Extra sammenhæng menupunktet: & Search -- http://edits.mywebsearch.com/toolbar...rch.jhtml?p=ZJ
O8 - Extra sammenhæng menupunktet: E & ksporter til Microsoft Excel - res: / / C: \ PROGRA ~ 1 \ mikroer ~ 3 \ Office10 \ EXCEL.EXE/3000
O9 - Extra knappen: (no name) - (08B0E5C0-4FCB-11CF-AAA5-00401C608501) - C: \ Programmer \ Java \ jre1.5.0_09 \ bin \ ssv.dll
O9 - Extra 'Tools' MENUITEM: Sun Java Console - (08B0E5C0-4FCB-11CF-AAA5-00401C608501) - C: \ Programmer \ Java \ jre1.5.0_09 \ bin \ ssv.dll
O9 - Extra knappen: (no name) - (e2e2dd38-d088-4134-82b7-f2ba38496583) - C: \ WINDOWS \ Network Diagnostic \ xpnetdiag.exe
O9 - Extra 'Tools' MENUITEM: @ xpsp3res.dll, -20001 - (e2e2dd38-d088-4134-82b7-f2ba38496583) - C: \ WINDOWS \ Network Diagnostic \ xpnetdiag.exe
O9 - Ekstra knap: Messenger - (FB5F1910-F110-11D2-BB9E-00C04F795683) - C: \ Programmer \ Messenger \ msmsgs.exe
O9 - Extra 'Tools' MENUITEM: Windows Messenger - (FB5F1910-F110-11D2-BB9E-00C04F795683) - C: \ Programmer \ Messenger \ msmsgs.exe
O14 - IERESET.INF: START_PAGE_URL = http://www.pcservicecall.co.uk
O16 - DPF: (30528230-99f7-4bb4-88d8-fa1d4f56a2ab) (YInstStarter Class) - C: \ Programmer \ Yahoo! \ Common \ yinsthelper.dll
O16 - DPF: (4C39376E-FA9D-4349-BACC-D305C1750EF3) (EPUImageControl klasse) -- http://sell-vehicle.ebay.co.uk/image..._v1-0-3-50.cab
O16 - DPF: (56762DEC-6B0D-4AB4-A8AD-989993B5D08B) -- http://www.eset.eu/buxus/docs/OnlineScanner.cab
O16 - DPF: (A90A5822-F108-45AD-8482-9BC8B12DD539) (Crucial cpcScan) -- http://www.crucial.com/controls/cpcScanner.cab
O16 - DPF: (F04A8AE2-A59D-11D2-8792-00C04F8EF29D) (Hotmail Attachments Control) -- http://by121fd.bay121.hotmail.msn.co...x/HMAtchmt.ocx
O17 - HKLM \ System \ CCS \ Services \ Tcpip \ .. \ (5D3D0EC7-51D8-414D-81B8-BB319A5A73C4): NameServer = 192.168.0.1
O23 - Service: McAfee Application Installer Cleanup (0287341204362868) (0287341204362868mcinstcleanup) - McAfee, Inc. - C: \ Windows \ Temp \ 028734 ~ 1.EXE
O23 - Service: Google Updater Service (gusvc) - Google - C: \ Programmer \ Google \ Common \ Google Updater \ GoogleUpdaterService.exe
O23 - Service: InstallDriver Tabel Manager (IDriverT) - Macrovision Corporation - C: \ Programmer \ Common Files \ InstallShield \ Driver \ 11 \ Intel 32 \ IDriverT.exe
O23 - Service: MBackMonitor - McAfee - C: \ Programmer \ McAfee \ MBK \ MBackMonitor.exe
O23 - Service: McAfee Services (mcmscsvc) - McAfee, Inc. - C: \ PROGRA ~ 1 \ McAfee \ MSC \ mcmscsvc.exe
O23 - Service: McAfee Network Agent (McNASvc) - McAfee, Inc. - c: \ Programmer \ Fælles filer \ McAfee \ MNA \ mcnasvc.exe
O23 - Service: McAfee Scanner (McODS) - McAfee, Inc. - C: \ PROGRA ~ 1 \ McAfee \ VIRUSS ~ 1 \ mcods.exe
O23 - Service: McAfee Proxy Service (McProxy) - McAfee, Inc. - c: \ PROGRA ~ 1 \ FÆLLES ~ 1 \ McAfee \ mcproxy \ mcproxy.exe
O23 - Service: McAfee Real-time Scanner (McShield) - McAfee, Inc. - C: \ PROGRA ~ 1 \ McAfee \ VIRUSS ~ 1 \ mcshield.exe
O23 - Service: McAfee SystemGuards (McSysmon) - McAfee, Inc. - C: \ PROGRA ~ 1 \ McAfee \ VIRUSS ~ 1 \ mcsysmon.exe
O23 - Service: McAfee Personal Firewall Service (MpfService) - McAfee, Inc. - C: \ Programmer \ McAfee \ MPF \ MPFSrv.exe
O23 - Service: McAfee SpamKiller Service (MSK80Service) - McAfee, Inc. - C: \ Programmer \ McAfee \ MSK \ MskSrver.exe
O23 - Service: MSSQLServerADHelper - Ukendt ejer - C: \ Programmer \ Microsoft SQL Server \ 80 \ Tools \ Binn \ sqladhlp.exe (filen mangler)
O23 - Service: Pml Driver HPZ12 - HP - C: \ WINDOWS \ system32 \ HPZipm12.exe
--
End of file - 7858 bytes

RENGØRING COMPLETE - (3,135 sek)
-------------------------------------------------- ----------------------------------------
5.71MB fjernet.
-------------------------------------------------- ----------------------------------------
Detaljer om filer slettet
-------------------------------------------------- ----------------------------------------
IE Temporary Internet Files (421 filer) 5.70MB
C: \ Documents and Settings \ Bann \ Cookies \ bann@int.sitestat [1]. Txt 103 bytes
C: \ Documents and Settings \ Bann \ Cookies \ Bann @ mediaplex [2]. Txt 85 bytes
C: \ Documents and Settings \ Bann \ Cookies \ Bann @ computer-juice [2]. Txt 808 bytes
C: \ Documents and Settings \ Bann \ Cookies \ bann@www.burstnet [2]. Txt 77 bytes
C: \ Documents and Settings \ Bann \ Cookies \ Bann @ live [2]. Txt 504 bytes
C: \ Documents and Settings \ Bann \ Cookies \ bann@rad.live [2]. Txt 690 bytes
C: \ Documents and Settings \ Bann \ Cookies \ Bann @ tribalfusion [2]. Txt 330 bytes
C: \ Documents and Settings \ Bann \ Cookies \ Bann @ msn [1]. Txt 345 bytes
C: \ Documents and Settings \ Bann \ Cookies \ Bann @ adecn [1]. Txt 214 bytes
C: \ Documents and Settings \ Bann \ Cookies \ Bann @ reklame [1]. Txt 283 bytes
C: \ Documents and Settings \ Bann \ Cookies \ bann@d3.zedo [1]. Txt 72 bytes
C: \ Documents and Settings \ Bann \ Cookies \ bann@ads.pointroll [1]. Txt 668 bytes
C: \ Documents and Settings \ Bann \ Cookies \ Bann @ Zedo [1]. Txt 408 bytes
C: \ Documents and Settings \ Bann \ Cookies \ Bann @ 888 [2]. Txt 155 bytes
C: \ Documents and Settings \ Bann \ Cookies \ bann@eas.apm.emediate [1]. Txt 289 bytes
C: \ Documents and Settings \ Bann \ Cookies \ Bann @ interclick [2]. Txt 414 bytes
C: \ Documents and Settings \ Bann \ Cookies \ bann@rotator.its.adjuggler [1]. Txt 113 bytes
C: \ Documents and Settings \ Bann \ Cookies \ bann@p.live [1]. Txt 102 bytes
C: \ Documents and Settings \ Bann \ Cookies \ Bann @ yahoo [1]. Txt 82 bytes
C: \ Documents and Settings \ Bann \ Cookies \ Bann @ DoubleClick [1]. Txt 89 bytes
C: \ Documents and Settings \ Bann \ Cookies \ bann@int.sitestat [2]. Txt 99 bytes
C: \ Documents and Settings \ Bann \ Cookies \ bann@login.live [2]. Txt 180 bytes
C: \ Documents and Settings \ Bann \ Cookies \ bann@h.live [1]. Txt 68 bytes
C: \ Documents and Settings \ Bann \ Cookies \ bann@rotator.adjuggler [2]. Txt 205 bytes
C: \ Documents and Settings \ Bann \ Cookies \ bann@www.iefjios [1]. Txt 90 bytes
C: \ Documents and Settings \ Bann \ Cookies \ Bann @ atdmt [2]. Txt 101 bytes
C: \ Documents and Settings \ Bann \ Cookies \ bann@ad.yieldmanager [2]. Txt 1.06KB
C: \ Documents and Settings \ Bann \ Application Data \ søn \ Java \ Deployment \ cache \ javapi \ v1.0 \ jar \ JVM impro.jar-51fad18-787f377f.idx 153 bytes
C: \ Documents and Settings \ Bann \ Application Data \ søn \ Java \ Deployment \ cache \ javapi \ v1.0 \ jar \ JVM vers.jar-4b6e6f5b-4dc46c65.idx 152 bytes
C: \ Documents and Settings \ Bann \ Application Data \ Macromedia \ Flash Player \ # SharedObjects \ 99SH2MHK \ interclick.com \ ud.s ol 139 bytes
C: \ Documents and Settings \ Bann \ Application Data \ Macromedia \ Flash Player \ macromedia.com \ support \ flashplayer \ sys \ # int erclick.com \ settings.sol 84 bytes
C: \ Documents and Settings \ Bann \ Application Data \ Macromedia \ Flash Player \ macromedia.com \ support \ flashplayer \ sys \ Sett ings.sol 380 bytes
-------------------------------------------------- ----------------------------------------

[Axegrinder]

Du har fået MyWebSearch installeret som er adware / spyware, se om du kan fjerne den fra Tilføj / fjern programmer. Hvis ikke

Sæt et hak ved siden af disse og klik på "fix checked"

O4 - HKLM \ .. \ Run: [My Web Search Bar Search Anvendelsesområde Monitor] "C: \ PROGRA ~ 1 \ MYWEBS ~ 1 \ bar \ 1.bin \ m3SrchMn.exe" / m = 2 / w
O4 - HKLM \ .. \ Run: [MyWebSearch Email Plugin] C: \ PROGRA ~ 1 \ MYWEBS ~ 1 \ bar \ 1.bin \ mwsoemon.exe
R3 - URLSearchHook: (no name) - (00A6FAF6-072E-44cf-8957-5838F569A31D) - C: \ Programmer \ MyWebSearch \ SrchAstt \ 1.bin \ MWSSRCAS.DLL
O4 - HKLM \ .. \ Run: [postSetupCheck] C: \ WINDOWS \ System32 \ rundll32.exe "C: \ WINDOWS \ system32 \ gzmrt.dll" DllStart

[evilfantasy]

Derefter sende en ny Hijackthis log.

[antbann]

Logfile af Trend Micro HijackThis v2.0.2
Scan gemt kl 17:37:28 den 01/03/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16608)
Boot mode: Normal
Kørende processer:
C: \ WINDOWS \ System32 \ smss.exe
C: \ WINDOWS \ system32 \ Winlogon.exe
C: \ WINDOWS \ system32 \ Services.exe
C: \ WINDOWS \ system32 \ Lsass.exe
C: \ WINDOWS \ system32 \ Svchost.exe
C: \ WINDOWS \ System32 \ Svchost.exe
C: \ WINDOWS \ system32 \ Spoolsv.exe
C: \ Programmer \ McAfee \ MBK \ MBackMonitor.exe
C: \ PROGRA ~ 1 \ McAfee \ MSC \ mcmscsvc.exe
c: \ Programmer \ Fælles filer \ McAfee \ MNA \ mcnasvc.exe
c: \ PROGRA ~ 1 \ FÆLLES ~ 1 \ McAfee \ mcproxy \ mcproxy.exe
C: \ PROGRA ~ 1 \ McAfee \ VIRUSS ~ 1 \ mcshield.exe
C: \ Programmer \ McAfee \ MPF \ MPFSrv.exe
C: \ Programmer \ McAfee \ MSK \ MskSrver.exe
C: \ WINDOWS \ system32 \ HPZipm12.exe
C: \ WINDOWS \ system32 \ Svchost.exe
C: \ WINDOWS \ Explorer.EXE
c: \ PROGRA ~ 1 \ mcafee.com \ agent \ mcagent.exe
C: \ Programmer \ TomTom HOME 2 \ HOMERunner.exe
C: \ Programmer \ Java \ jre1.5.0_09 \ bin \ jusched.exe
C: \ PROGRA ~ 1 \ MYWEBS ~ 1 \ bar \ 1.bin \ m3SrchMn.exe
C: \ WINDOWS \ System32 \ rundll32.exe
C: \ WINDOWS \ system32 \ Ctfmon.exe
C: \ Programmer \ Internet Explorer \ IEXPLORE.EXE
C: \ Programmer \ Cyberlink \ Power2Go \ Power2GoExpress.exe
C: \ Programmer \ Belkin \ F5D8053 \ Belkinwcui.exe
C: \ WINDOWS \ System32 \ Svchost.exe
C: \ PROGRA ~ 1 \ McAfee \ VIRUSS ~ 1 \ mcsysmon.exe
C: \ Programmer \ Internet Explorer \ iexplore.exe
C: \ Programmer \ Java \ jre1.5.0_09 \ bin \ jucheck.exe
C: \ Programmer \ Trend Micro \ HijackThis \ HijackThis.exe
R0 - HKCU \ Software \ Microsoft \ Internet Explorer \ Main, Start Page = http://uk.yahoo.com
R1 - HKLM \ Software \ Microsoft \ Internet Explorer \ Main, Default_Page_URL = http://uk.yahoo.com
R1 - HKLM \ Software \ Microsoft \ Internet Explorer \ Main, Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM \ Software \ Microsoft \ Internet Explorer \ Main, Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM \ Software \ Microsoft \ Internet Explorer \ Main, Start Page = http://uk.yahoo.com
R1 - HKCU \ Software \ Microsoft \ Internet Explorer \ SearchURL, (Default) = http://g.msn.co.uk/0SEENGB/SAOS01?FORM=TOOLBR
R0 - HKCU \ Software \ Microsoft \ Internet Explorer \ Main, Local Page =
R1 - HKCU \ Software \ Microsoft \ Windows \ CurrentVersion \ Int ernet Settings, ProxyOverride = 127.0.0.1
O4 - HKLM \ .. \ Run: [MBkLogOnHook] C: \ Programmer \ McAfee \ MBK \ LogOnHook.exe
O4 - HKLM \ .. \ Run: [TomTomHOME.exe] "C: \ Programmer \ TomTom HOME 2 \ HOMERunner.exe"-s
O4 - HKLM \ .. \ Run: [SunJavaUpdateSched] "C: \ Programmer \ Java \ jre1.5.0_09 \ bin \ jusched.exe"
O4 - HKLM \ .. \ Run: [mcagent_exe] C: \ Programmer \ McAfee.com \ Agent \ mcagent.exe / runkey
O4 - HKLM \ .. \ Run: [My Web Search Bar Search Anvendelsesområde Monitor] "C: \ PROGRA ~ 1 \ MYWEBS ~ 1 \ bar \ 1.bin \ m3SrchMn.exe" / m = 2 / w
O4 - HKLM \ .. \ Run: [postSetupCheck] C: \ WINDOWS \ System32 \ rundll32.exe "C: \ WINDOWS \ system32 \ gzmrt.dll" DllStart
O4 - HKCU \ .. \ Run: [Ctfmon.exe] C: \ WINDOWS \ system32 \ Ctfmon.exe
O4 - HKCU \ .. \ Run: [msnmsgr] "C: \ Programmer \ MSN Messenger \ msnmsgr.exe" / baggrund
O4 - HKCU \ .. \ Run: [Power2GoExpress] "C: \ Programmer \ Cyberlink \ Power2Go \ Power2GoExpress.exe" / Start
O4 - HKUS \ S-1-5-18 \ .. \ Run: [Ctfmon.exe] C: \ WINDOWS \ system32 \ Ctfmon.exe (User 'SYSTEM')
O4 - HKUS \. DEFAULT \ .. \ Run: [Ctfmon.exe] C: \ WINDOWS \ system32 \ Ctfmon.exe (User 'Default user')
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C: \ Programmer \ Adobe \ Acrobat 7.0 \ Reader \ reader_sl.exe
O4 - Global Startup: Belkin F5D8053 N Wireless USB Adapter Utility.lnk = C: \ Programmer \ Belkin \ F5D8053 \ Belkinwcui.exe
O4 - Global Startup: Microsoft Office.lnk = C: \ Programmer \ Microsoft Office \ Office10 \ OSA.EXE
O8 - Extra sammenhæng menupunktet: & Search -- http://edits.mywebsearch.com/toolbar...rch.jhtml?p=ZJ
O8 - Extra sammenhæng menupunktet: E & ksporter til Microsoft Excel - res: / / C: \ PROGRA ~ 1 \ mikroer ~ 3 \ Office10 \ EXCEL.EXE/3000
O9 - Extra knappen: (no name) - (08B0E5C0-4FCB-11CF-AAA5-00401C608501) - C: \ Programmer \ Java \ jre1.5.0_09 \ bin \ ssv.dll
O9 - Extra 'Tools' MENUITEM: Sun Java Console - (08B0E5C0-4FCB-11CF-AAA5-00401C608501) - C: \ Programmer \ Java \ jre1.5.0_09 \ bin \ ssv.dll
O9 - Extra knappen: (no name) - (e2e2dd38-d088-4134-82b7-f2ba38496583) - C: \ WINDOWS \ Network Diagnostic \ xpnetdiag.exe
O9 - Extra 'Tools' MENUITEM: @ xpsp3res.dll, -20001 - (e2e2dd38-d088-4134-82b7-f2ba38496583) - C: \ WINDOWS \ Network Diagnostic \ xpnetdiag.exe
O9 - Ekstra knap: Messenger - (FB5F1910-F110-11D2-BB9E-00C04F795683) - C: \ Programmer \ Messenger \ msmsgs.exe
O9 - Extra 'Tools' MENUITEM: Windows Messenger - (FB5F1910-F110-11D2-BB9E-00C04F795683) - C: \ Programmer \ Messenger \ msmsgs.exe
O14 - IERESET.INF: START_PAGE_URL = http://www.pcservicecall.co.uk
O16 - DPF: (30528230-99f7-4bb4-88d8-fa1d4f56a2ab) (YInstStarter Class) - C: \ Programmer \ Yahoo! \ Common \ yinsthelper.dll
O16 - DPF: (4C39376E-FA9D-4349-BACC-D305C1750EF3) (EPUImageControl klasse) -- http://sell-vehicle.ebay.co.uk/image..._v1-0-3-50.cab
O16 - DPF: (56762DEC-6B0D-4AB4-A8AD-989993B5D08B) -- http://www.eset.eu/buxus/docs/OnlineScanner.cab
O16 - DPF: (A90A5822-F108-45AD-8482-9BC8B12DD539) (Crucial cpcScan) -- http://www.crucial.com/controls/cpcScanner.cab
O16 - DPF: (F04A8AE2-A59D-11D2-8792-00C04F8EF29D) (Hotmail Attachments Control) -- http://by121fd.bay121.hotmail.msn.co...x/HMAtchmt.ocx
O17 - HKLM \ System \ CCS \ Services \ Tcpip \ .. \ (5D3D0EC7-51D8-414D-81B8-BB319A5A73C4): NameServer = 192.168.0.1
O23 - Service: Google Updater Service (gusvc) - Google - C: \ Programmer \ Google \ Common \ Google Updater \ GoogleUpdaterService.exe
O23 - Service: InstallDriver Tabel Manager (IDriverT) - Macrovision Corporation - C: \ Programmer \ Common Files \ InstallShield \ Driver \ 11 \ Intel 32 \ IDriverT.exe
O23 - Service: MBackMonitor - McAfee - C: \ Programmer \ McAfee \ MBK \ MBackMonitor.exe
O23 - Service: McAfee Services (mcmscsvc) - McAfee, Inc. - C: \ PROGRA ~ 1 \ McAfee \ MSC \ mcmscsvc.exe
O23 - Service: McAfee Network Agent (McNASvc) - McAfee, Inc. - c: \ Programmer \ Fælles filer \ McAfee \ MNA \ mcnasvc.exe
O23 - Service: McAfee Scanner (McODS) - McAfee, Inc. - C: \ PROGRA ~ 1 \ McAfee \ VIRUSS ~ 1 \ mcods.exe
O23 - Service: McAfee Proxy Service (McProxy) - McAfee, Inc. - c: \ PROGRA ~ 1 \ FÆLLES ~ 1 \ McAfee \ mcproxy \ mcproxy.exe
O23 - Service: McAfee Real-time Scanner (McShield) - McAfee, Inc. - C: \ PROGRA ~ 1 \ McAfee \ VIRUSS ~ 1 \ mcshield.exe
O23 - Service: McAfee SystemGuards (McSysmon) - McAfee, Inc. - C: \ PROGRA ~ 1 \ McAfee \ VIRUSS ~ 1 \ mcsysmon.exe
O23 - Service: McAfee Personal Firewall Service (MpfService) - McAfee, Inc. - C: \ Programmer \ McAfee \ MPF \ MPFSrv.exe
O23 - Service: McAfee SpamKiller Service (MSK80Service) - McAfee, Inc. - C: \ Programmer \ McAfee \ MSK \ MskSrver.exe
O23 - Service: MSSQLServerADHelper - Ukendt ejer - C: \ Programmer \ Microsoft SQL Server \ 80 \ Tools \ Binn \ sqladhlp.exe (filen mangler)
O23 - Service: Pml Driver HPZ12 - HP - C: \ WINDOWS \ system32 \ HPZipm12.exe
--
End of file - 6847 bytes

[evilfantasy]

Er du sender indlæg om det samme logs / computer i to tråde?