mindre egenkapital

Magazine
Go Back   Computer Juice > Computer Software > Virus, Spyware & Sikkerhed
Reload this Page

Iexplore.exe spørgsmål

Registrer Site Spy Medlem List Donate Søgning Dagens Stillinger Mark Forums Read Forum Regler

Register


 Default 

Iexplore.exe spørgsmål




Reply
Side 1 af 2 1 2
 
Thread Tools
  #1  
Old 27 september 2008, 18:16
Ny Medlem Gruppen
  
Default Iexplore.exe spørgsmål

iexplore.exe holder popping op på min Task Manager, trods det faktum, at jeg ikke bruger IE. Det er at gøre computeren langsom, der er pop-ups, nogle gange er der ingen pop up, bare en stemme sige: "Tillykke, du har vundet ____" (så syret), eller lyder som en fejl vindue vises, eller noget at klikke på, når jeg er at gøre noget og intet vises på skærmen (faktisk er dette at gøre min computer lyd hjemsøgt! Haha alligevel)

Logfile af Trend Micro HijackThis v2.0.2
Scan gemt på 9:12:42, den 9/27/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16705)
Boot mode: Normal

Kørende processer:
C: \ WINDOWS \ System32 \ smss.exe
C: \ WINDOWS \ system32 \ Winlogon.exe
C: \ WINDOWS \ system32 \ Services.exe
C: \ WINDOWS \ system32 \ Lsass.exe
C: \ WINDOWS \ system32 \ Svchost.exe
C: \ Programmer \ Windows Defender \ MsMpEng.exe
C: \ WINDOWS \ System32 \ Svchost.exe
C: \ Programmer \ Intel \ Wireless \ Bin \ EvtEng.exe
C: \ Programmer \ Intel \ Wireless \ Bin \ S24EvMon.exe
C: \ Programmer \ Intel \ Wireless \ Bin \ WLKeeper.exe
C: \ WINDOWS \ system32 \ LEXBCES.EXE
C: \ WINDOWS \ system32 \ Spoolsv.exe
C: \ WINDOWS \ system32 \ LEXPPS.EXE
C: \ Programmer \ Fælles filer \ AOL \ ACS \ AOLAcsd.exe
C: \ Programmer \ Fælles filer \ AOL \ TopSpeed \ 2.0 \ aoltsmon.exe
C: \ Programmer \ Common Files \ Apple \ Mobile Device Support \ bin \ AppleMobileDeviceService.exe
C: \ Programmer \ PrevxCSI \ prevxcsi.exe
C: \ WINDOWS \ system32 \ dlcxcoms.exe
C: \ Programmer \ PrevxCSI \ prevxcsi.exe
C: \ WINDOWS \ System32 \ Svchost.exe
C: \ Programmer \ Common Files \ Microsoft Shared \ VS7DEBUG \ MDM.EXE
C: \ Programmer \ Dell \ QuickSet \ NICCONFIGSVC.exe
C: \ WINDOWS \ system32 \ nvsvc32.exe
C: \ Programmer \ Intel \ Wireless \ Bin \ RegSrvc.exe
C: \ WINDOWS \ system32 \ rpcnet.exe
C: \ WINDOWS \ system32 \ Svchost.exe
C: \ Programmer \ synspunkt \ Common \ ViewpointService.exe
C: \ Programmer \ Webroot \ Erhverv \ Spy Sweeper \ spysweeper.exe
C: \ Programmer \ Webroot \ Erhverv \ Spy Sweeper \ commagent.exe
C: \ WINDOWS \ Explorer.EXE
C: \ WINDOWS \ system32 \ wscntfy.exe
C: \ Programmer \ Dell \ QuickSet \ quickset.exe
C: \ WINDOWS \ system32 \ rundll32.exe
C: \ WINDOWS \ system32 \ spool \ drivers \ w32x86 \ 3 \ hpztsb0 3.exe
C: \ Programmer \ iTunes \ iTunesHelper.exe
C: \ Programmer \ Java \ jre1.6.0_07 \ bin \ jusched.exe
C: \ Programmer \ Windows Defender \ MSASCui.exe
C: \ WINDOWS \ system32 \ Ctfmon.exe
C: \ Programmer \ Cisco Systems \ Clean Access Agent \ CCAAgent.exe
C: \ Programmer \ iPod \ bin \ iPodService.exe
C: \ Programmer \ synspunkt \ synspunkt Manager \ ViewMgr.exe
C: \ WINDOWS \ system32 \ wuauclt.exe
C: \ WINDOWS \ system32 \ SJv56bM4.exe
C: \ Programmer \ Mozilla Firefox \ firefox.exe
C: \ WINDOWS \ system32 \ Ctfmon.exe
C: \ Programmer \ ErrorSmart \ ErrorSmart.exe
C: \ Programmer \ Common Files \ AOL \ 1155864818 \ ee \ aolsoftware.exe
C: \ Programmer \ Adobe \ Acrobat 7.0 \ Reader \ AcroRd32.exe
C: \ Programmer \ America Online 9.0 \ shellmon.exe
C: \ Programmer \ SUPERAntiSpyware \ SUPERAntiSpyware.exe
C: \ Programmer \ Trend Micro \ HijackThis \ HijackThis.exe

R0 - HKCU \ Software \ Microsoft \ Internet Explorer \ Main, Start Page = http://www.bridgew.edu/
R1 - HKLM \ Software \ Microsoft \ Internet Explorer \ Main, Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM \ Software \ Microsoft \ Internet Explorer \ Main, Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM \ Software \ Microsoft \ Internet Explorer \ Main, Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM \ Software \ Microsoft \ Internet Explorer \ Main, Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU \ Software \ Microsoft \ Internet Connection Wizard, ShellNext = http://www.bridgew.edu/
O2 - BHO: Adobe PDF Reader Link Helper - (06849E9F-C8D7-4D59-B87D-784B7D6BE0B3) - C: \ Programmer \ Adobe \ Acrobat 7.0 \ ActiveX \ AcroIEHelper.dll
O2 - BHO: SSVHelper Class - (761497BB-D6F0-462C-B6EB-D4DAF1D92D43) - C: \ Programmer \ Java \ jre1.6.0_07 \ bin \ ssv.dll
O2 - BHO: opløsning Class - (99C6D1BB-7555-474C-91DA-D8FB62A9CC75) - C: \ WINDOWS \ system32 \ 58VayB0u.dll
O2 - BHO: Viewpoint Toolbar BHO - (A7327C09-B521-4EDB-8509-7D2660C9EC98) - C: \ Programmer \ Viewpoint \ Viewpoint Toolbar \ 3.8.0 \ ViewBarBHO.dll
O3 - Toolbar: AOL Toolbar - (4982D40A-C53B-4615-B15B-B5B5E98D167C) - C: \ Programmer \ AOL Toolbar \ toolbar.dll
O3 - Toolbar: synspunkt Toolbar - (F8AD5AA5-D966-4667-9DAF-2561D68B2012) - C: \ Programmer \ Common Files \ synspunkt \ Toolbar Runtime \ 3.8.0 \ IEViewBar.dll
O4 - HKLM \ .. \ Run: [NvCplDaemon] rundll32.exe C: \ WINDOWS \ system32 \ NvCpl.dll, NvStartup
O4 - HKLM \ .. \ Run: [Dell QuickSet] C: \ Programmer \ Dell \ QuickSet \ quickset.exe
O4 - HKLM \ .. \ Run: [NvMediaCenter] rundll32.exe NvMCTray.dll, NvTaskbarInit
O4 - HKLM \ .. \ Run: [HPDJ Taskbar Utility] C: \ WINDOWS \ system32 \ spool \ drivers \ w32x86 \ 3 \ hpztsb0 3.exe
O4 - HKLM \ .. \ Run: [QuickTime Task] "C: \ Programmer \ QuickTime \ qttask.exe"-atboottime
O4 - HKLM \ .. \ Run: [iTunesHelper] "C: \ Programmer \ iTunes \ iTunesHelper.exe"
O4 - HKLM \ .. \ Run: [DLCXCATS] rundll32 C: \ WINDOWS \ System32 \ spool \ DRIVERS \ W32X86 \ 3 \ DLCXtim e.dll, _RunDLLEntry @ 16
O4 - HKLM \ .. \ Run: [SunJavaUpdateSched] "C: \ Programmer \ Java \ jre1.6.0_07 \ bin \ jusched.exe"
O4 - HKLM \ .. \ Run: [Windows Defender] "C: \ Programmer \ Windows Defender \ MSASCui.exe"-hide
O4 - HKLM \ .. \ Run: [ErrorSmart] C: \ Programmer \ ErrorSmart \ ErrorSmart.exe
O4 - HKCU \ .. \ Run: [Ctfmon.exe] C: \ WINDOWS \ system32 \ Ctfmon.exe
O4 - HKCU \ .. \ Run: [AOL Fast Start] "C: \ Programmer \ America Online 9.0 \ AOL.EXE"-b
O4 - HKUS \ S-1-5-18 \ .. \ RunOnce: [RunNarrator] Narrator.exe (User 'SYSTEM')
O4 - HKUS \. DEFAULT \ .. \ RunOnce: [RunNarrator] Narrator.exe (User 'Default user')
O4 -. DEFAULT User Startup: Clean Access Agent.lnk = C: \ Programmer \ Cisco Systems \ Clean Access Agent \ CCAAgent.exe (User 'Default user')
O4 - Startup: Clean Access Agent.lnk = C: \ Programmer \ Cisco Systems \ Clean Access Agent \ CCAAgent.exe
O6 - HKCU \ Software \ Policies \ Microsoft \ Internet Explorer \ Control Panel stede
O8 - Extra sammenhæng menupunktet: & AOL Toolbar søgning - res: / / C: \ Programmer \ AOL Toolbar \ toolbar.dll / SEARCH.HTML
O8 - Extra sammenhæng menupunktet: E & ksporter til Microsoft Excel - res: / / C: \ PROGRA ~ 1 \ mikroer ~ 2 \ Office11 \ EXCEL.EXE/3000
O8 - Extra context menu item: Abonner i standard RSS-læser - C: \ Documents and Settings \ Administrator \ Application Data \ RssBandit \ iecontext_subscribefeed.htm
O9 - Extra knappen: (no name) - (08B0E5C0-4FCB-11CF-AAA5-00401C608501) - C: \ Programmer \ Java \ jre1.6.0_07 \ bin \ ssv.dll
O9 - Extra 'Tools' MENUITEM: Sun Java Console - (08B0E5C0-4FCB-11CF-AAA5-00401C608501) - C: \ Programmer \ Java \ jre1.6.0_07 \ bin \ ssv.dll
O9 - Ekstra knap: AOL Toolbar - (4982D40A-C53B-4615-B15B-B5B5E98D167C) - C: \ Programmer \ AOL Toolbar \ toolbar.dll
O9 - Extra 'Tools' MENUITEM: AOL Toolbar - (4982D40A-C53B-4615-B15B-B5B5E98D167C) - C: \ Programmer \ AOL Toolbar \ toolbar.dll
O9 - Ekstra knap: Research - (92780B25-18CC-41C8-B9BE-3C9C571A8263) - C: \ PROGRA ~ 1 \ mikroer ~ 2 \ Office11 \ REFIEBAR.DLL
O9 - Ekstra knap: Real.com - (CD67F990-D8E9-11d2-98FE-00C0F0318AFE) - C: \ WINDOWS \ system32 \ Shdocvw.dll
O9 - Extra knappen: (no name) - (e2e2dd38-d088-4134-82b7-f2ba38496583) - C: \ WINDOWS \ Network Diagnostic \ xpnetdiag.exe
O9 - Extra 'Tools' MENUITEM: @ xpsp3res.dll, -20001 - (e2e2dd38-d088-4134-82b7-f2ba38496583) - C: \ WINDOWS \ Network Diagnostic \ xpnetdiag.exe
O9 - Ekstra knap: PokerStars.net - (FA9B9510-9FCB-4ca0-818C-5D0987B47C4D) - C: \ Programmer \ PokerStars.NET \ PokerStarsUpdate.exe
O9 - Ekstra knap: Messenger - (FB5F1910-F110-11D2-BB9E-00C04F795683) - C: \ Programmer \ Messenger \ msmsgs.exe
O9 - Extra 'Tools' MENUITEM: Windows Messenger - (FB5F1910-F110-11D2-BB9E-00C04F795683) - C: \ Programmer \ Messenger \ msmsgs.exe
O15 - Trusted Zone: *. bridgew.edu
O16 - DPF: (01A88BB1-1174-41EC-ACCB-963509EAE56B) (SysProWmi klasse) -- http://support.dell.com/systemprofiler/SysPro.CAB
O16 - DPF: (17492023-C23A-453E-A040-C7C580BBF700) (Windows Genuine Advantage Validation Tool) -- http://go.microsoft.com/fwlink/?link...67&clcid=0x409
O16 - DPF: (5e2a3510-4371-11d6-b64c-00c04faedb18) (Oracle JInitiator 1.1.8.18) -- http://frmserv.bridgew.edu/jinitiator/jinit.exe
O16 - DPF: (6414512B-B978-451D-A0D8-FCFDF33E833C) (WUWebControl Class) -- http://update.microsoft.com/windowsu...?1121111428606
O16 - DPF: (6E32070A-766D-4EE6-879C-DC1FA91D2FC3) (MUWebControl Class) -- http://update.microsoft.com/microsof...?1121873156643
O16 - DPF: (BAE1D8DF-0B35-47E3-A1E7-EEB3FF2ECD19) (CPlayFirstddfotgControl Object) -- http://aolsvc.aol.com/onlinegames/fr...g.1.0.0.33.cab
O20 - Winlogon Notify:! SASWinLogon - C: \ Programmer \ SUPERAntiSpyware \ SASWINLO.dll
O23 - Service: Adobe LM Service - Adobe Systems - C: \ Programmer \ Common Files \ Adobe Systems Shared \ Service \ Adobelmsvc.exe
O23 - Service: AOL Tilslutningsmuligheder Service (AOL ACS) - AOL LLC - C: \ Programmer \ Fælles filer \ AOL \ ACS \ AOLAcsd.exe
O23 - Service: AOL TopSpeed Monitor (AOL TopSpeedMonitor) - America Online, Inc - C: \ Programmer \ Fælles filer \ AOL \ TopSpeed \ 2.0 \ aoltsmon.exe
O23 - Service: Apple Mobile Device - Apple, Inc. - C: \ Programmer \ Common Files \ Apple \ Mobile Device Support \ bin \ AppleMobileDeviceService.exe
O23 - Service: Ati Genvejstast Poller - Unknown ejer - C: \ WINDOWS \ System32 \ Ati2evxx.exe
O23 - Service: CSIScanner - Prevx - C: \ Programmer \ PrevxCSI \ prevxcsi.exe
O23 - Service: dlcx_device - - C: \ WINDOWS \ system32 \ dlcxcoms.exe
O23 - Service: Intel (R) PROSet / Wireless Event Log (EvtEng) - Intel Corporation - C: \ Programmer \ Intel \ Wireless \ Bin \ EvtEng.exe
O23 - Service: InstallDriver Tabel Manager (IDriverT) - Macrovision Corporation - C: \ Programmer \ Common Files \ InstallShield \ Driver \ 11 \ Intel 32 \ IDriverT.exe
O23 - Service: iPod Service - Apple Inc. - C: \ Programmer \ iPod \ bin \ iPodService.exe
O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C: \ WINDOWS \ system32 \ LEXBCES.EXE
O23 - Service: NICCONFIGSVC - Dell Inc. - C: \ Programmer \ Dell \ QuickSet \ NICCONFIGSVC.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C: \ WINDOWS \ system32 \ nvsvc32.exe
O23 - Service: Intel (R) PROSet / Wireless Registry Service (RegSrvc) - Intel Corporation - C: \ Programmer \ Intel \ Wireless \ Bin \ RegSrvc.exe
O23 - Service: Remote Procedure Call (RPC) Net (Rpcnet) - Unknown owner - C: \ WINDOWS \ system32 \ rpcnet.exe
O23 - Service: Intel (R) PROSet / Wireless Service (S24EventMonitor) - Intel Corporation - C: \ Programmer \ Intel \ Wireless \ Bin \ S24EvMon.exe
O23 - Service: synspunkt Manager Service - synspunkt Corporation - C: \ Programmer \ synspunkt \ Common \ ViewpointService.exe
O23 - Service: Webroot CommAgent Service (WebrootCommAgentService) - Webroot Software, Inc. - C: \ Programmer \ Webroot \ Erhverv \ Spy Sweeper \ commagent.exe
O23 - Service: Webroot Spy Sweeper Engine (WebrootSpySweeperService) - Webroot Software, Inc. - C: \ Programmer \ Webroot \ Erhverv \ Spy Sweeper \ spysweeper.exe
O23 - Service: Intel (R) PROSet / Wireless SSO Service (WLANKEEPER) - Intel (R) Corporation - C: \ Programmer \ Intel \ Wireless \ Bin \ WLKeeper.exe

--
End of file - 10.609 bytes
  #2  
Old 27 september 2008, 19:15
Redaktør Gruppen
  
Default Iexplore.exe spørgsmål

Velkommen til CJ.

Please udskrive disse instruktioner, som de vil blive behov for senere, når Internet adgang er ikke tilgængelig.

Downloade SDFix af AndyManchesta og gemme den på dit skrivebord.

Når du bruger dette værktøj, skal du bruge Administrator's konto eller en konto med Administrative rettigheder
  • Dobbeltklik SDFix.exe og det vil udpakke filerne til% systemdrive%
  • (dette er det drev, der indeholder Windows-mappen, typisk C: \ SDFix).
  • Brug det ikke blot endnu.
Genstart computeren i Fejlsikret tilstand ved hjælp af F8 metode. For at gøre dette, skal du genstarte computeren og efter at have hørt din computer Enkelt bip under start (men før Windows-ikonet vises) tryk på F8 flere gange. En menu vil komme frem med flere muligheder. Brug piletasterne til at navigere og vælge den mulighed for at køre Windows i "Fejlsikret tilstand".

Åbn SDFix mappe og dobbeltklik på RunThis.bat for at starte scriptet.
  • Type Y for at begynde Tilfældig proces.
  • Det vil fjerne enhver Trojan Services eller registreringsdatabaseposter findes derefter bede dig om at trykke på en tast for at genstarte.
  • Tryk på en tast og det vil genstarte pc'en.
  • Når pc'en genstartes, er Fixtool vil løbe igen og færdiggøre processen til fjernelse derefter vise FinishedTryk på en vilkårlig tast for at afslutte scriptet og belastning skrivebordet ikoner.
  • Når skrivebordet ikoner indlæse SDFix rapport vil åbne på skærmen og også gemme i SDFix mappe som Report.txt.
  • Kopier og indsæt indholdet af resultaterne fil Report.txt i dit næste svar, sammen med en ny HijackThis log.
__________________
  #3  
Old 27 september 2008, 20:24
Ny Medlem Gruppen
  
Default Iexplore.exe spørgsmål

SDFix: Version 1,229
Run by Administrator on Sat 09/27/2008 kl 10:50

Microsoft Windows XP [Version 5.1.2600]
Running From: C: \ SDFix

Kontrol Services :


Retablering Default Security Values
Retablering Default Hosts File

Genstart


Checking Files :

Nr. Trojan Files Found






Removing Temp Files

ADS Check :



Final Check :

catchme 0.3.1361.2 W2K/XP/Vista - rootkit / stealth malware detector ved Gmer, http://www.gmer.net
Rootkit scan 2008-09-27 23:14:36
Windows 5.1.2600 Service Pack 2 NTFS

scanning skjulte processer ...

scanning skjulte tjenesteydelser & system hive ...

scanning skjulte registreringsdatabaseposter ...

scanning skjulte filer ...

scanning afsluttet med succes
skjulte processer: 0
skjulte tjenester: 0
skjulte filer: 0


Resterende Services :




Authorized Application Key Export:

[HKEY_LOCAL_MACHINE \ SYSTEM \ CurrentControlSet \ servic es \ sharedaccess \ Parameters \ firewallpolicy \ standard profil \ authorizedapplications \ list]
"% windir% \ \ system32 \ \ sessmgr.exe" = "% windir% \ \ syste m32 \ \ sessmgr.exe: *: Enabled: @ Xpsp2res.dll, -22019"
"C: \ \ Programmer \ \ RssBandit \ \ RSSBandit.exe" = "C: \ \ Programmer \ \ RssBandit \ \ RSSBandit.exe: *: Enabled: RSS Bandit"
"E: \ \ CtmWeb27155-48482 \ \ ctmweb.exe" = "E: \ \ CtmWeb27155-48482 \ \ ctmweb.exe: *: Enabled: ctmweb.exe"
"C: \ \ Programmer \ \ Common Files \ \ AOL \ \ Loader \ \ aolload.exe" = "C: \ \ Programmer \ \ Common Files \ \ AOL \ \ Loader \ \ aolload.exe: *: Enabled : AOL Application Loader "
"C: \ \ Programmer \ \ Common Files \ \ AOL \ \ ACS \ \ AOLDial.exe" = "C: \ \ Programmer \ \ Common Files \ \ AOL \ \ ACS \ \ AOLDial.exe: *: Enabled : AOL "
"C: \ \ Programmer \ \ Common Files \ \ AOL \ \ ACS \ \ AOLacsd.exe" = "C: \ \ Programmer \ \ Common Files \ \ AOL \ \ ACS \ \ AOLacsd.exe: *: Enabled : AOL "
"C: \ \ Programmer \ \ America Online 9.0 \ \ waol.exe" = "C: \ \ Programmer \ \ America Online 9.0 \ \ waol.exe: *: Enabled: AOL"
"C: \ \ Programmer \ \ Common Files \ \ AOL \ \ TopSpeed \ \ 2.0 \ \ aoltsmon.exe" = "C: \ \ Prog ram Files \ \ Common Files \ \ AOL \ \ TopSpeed \ \ 2.0 \ \ aoltsmon.exe: *: Enabled: AOLTsMon "
"C: \ \ Programmer \ \ Common Files \ \ AOL \ \ TopSpeed \ \ 2.0 \ \ aoltpspd.exe" = "C: \ \ Prog ram Files \ \ Common Files \ \ AOL \ \ TopSpeed \ \ 2.0 \ \ aoltpspd.exe: *: Enabled: AOLTopSpeed "
"C: \ \ Program Files \ \ Common Files \ \ AOL \ \ 1155864818 \ \ EE \ \ AOLServiceHost.exe" = "C: \ \ Program Files \ \ Common Files \ \ AOL \ \ 1155864818 \ \ EE \ \ AOLServiceHost . exe: *: nabled E: AOL "
"C: \ \ Programmer \ \ Common Files \ \ AOL \ \ System Information \ \ sinf.exe" = "C: \ \ Programmer \ \ Common Files \ \ AOL \ \ System Information \ \ sinf.exe: * : Enabled: AOL "
"C: \ \ Programmer \ \ Common Files \ \ AOL \ \ AOL Spywarebeskyttelse \ \ AOLSP Scheduler.exe" = "C: \ \ Programmer \ \ Common Files \ \ AOL \ \ AOL Spywarebeskyttelse \ \ AOLSP Scheduler . exe: *: Enabled: AOL "
"C: \ \ Programmer \ \ Common Files \ \ AOL \ \ AOL Spywarebeskyttelse \ \ Asp.exe" = "C: \ \ Programmer \ \ Common Files \ \ AOL \ \ AOL Spywarebeskyttelse \ \ Asp.exe : *: Enabled: AOL "
"C: \ \ Programmer \ \ Common Files \ \ AolCoach \ \ en_en \ \ Player \ \ AOLNySEV.exe" = "C: \ \ Programmer \ \ Common Files \ \ AolCoach \ \ en_en \ \ Player \ \ AOLNySEV . exe: *: Ena afblødt: AOL "
"C: \ \ Programmer \ \ FTP Commander Pro \ \ cftp.exe" = "C: \ \ Programmer \ \ FTP Commander Pro \ \ cftp.exe: *: Enabled: cftp"
"C: \ \ Programmer \ \ FTP Commander \ \ ftpcomm.exe" = "C: \ \ Programmer \ \ FTP Commander \ \ ftpcomm.exe: *: Enabled: ftpcomm"
"C: \ \ Programmer \ \ Real \ \ RealPlayer \ \ realplay.exe" = "C: \ \ Progra m Files \ \ Real \ \ RealPlayer \ \ realplay.exe: *: Enabled: Re alPlayer"
"C: \ \ StubInstaller.exe" = "C: \ \ StubInstaller.exe: *: E nabled: LimeWire swarmed installer"
"C: \ \ Programmer \ \ LimeWire \ \ LimeWire.exe" = "C: \ \ Programmer \ \ LimeWire \ \ LimeWire.exe: *: Enabled: LimeWire"
"C: \ \ Programmer \ \ SmartFTP Client 2.0 \ \ SmartFTP.exe" = "C: \ \ Programmer \ \ SmartFTP Client 2.0 \ \ SmartFTP.exe: *: Enabled: SmartFTP Client 2.0"
"C: \ \ Programmer \ \ BitTornado \ \ btdownloadgui.exe" = "C: \ \ Programmer \ \ BitTornado \ \ btdownloadgui.exe: *: Enabled: Btd ownloadgui"
"C: \ \ Program Files \ \ Common Files \ \ AOL \ \ 1155864818 \ \ EE \ \ aolsoftware.exe" = "C: \ \ Program Files \ \ Common Files \ \ AOL \ \ 1155864818 \ \ EE \ \ aolsoftware . exe: *: Enab førte: AOL Service "
"C: \ \ Programmer \ \ Mozilla Firefox \ \ firefox.exe" = "C: \ \ Programmer \ \ Mozilla Firefox \ \ firefox.exe: *: Enabled: Firefox"
"C: \ \ Programmer \ \ Get-Torrent \ \ Get-Torrent.exe" = "C: \ \ Programmer \ \ Get-Torrent \ \ Get-Torrent.exe: *: Enabled: Torrent P2P-program"
"C: \ \ Programmer \ \ Restaurant Empire \ \ re.exe" = "C: \ \ Programmer \ \ Restaurant Empire \ \ re.exe: *: Enabled: re"
"C: \ \ Programmer \ \ BitZip \ \ bitzip.exe" = "C: \ \ Programmer \ \ BitZip \ \ bitzip.exe: *: Enabled: BitZip"
"C: \ \ Programmer \ \ uTorrent \ \ uTorrent.exe" = "C: \ \ Programmer \ \ uTorrent \ \ uTorrent.exe: *: Enabled: æTorrent"
"C: \ \ Programmer \ \ iTunes \ \ iTunes.exe" = "C: \ \ Programmer \ \ iTunes \ \ iTunes.exe: *: Enabled: iTunes"
"% windir% \ \ Network Diagnostic \ \ xpnetdiag.exe" = "% windir% \ \ Network Diagnostic \ \ xpnetdiag.exe: *: Enabled: @ xpsp3res.dll, -20000"
"C: \ \ WINDOWS \ \ system32 \ \ dlcxcoms.exe" = "C: \ \ WINDOWS \ \ system32 \ \ dlcxcoms.exe: *: Enabled: Dell 926 Server"

[HKEY_LOCAL_MACHINE \ SYSTEM \ CurrentControlSet \ servic es \ sharedaccess \ Parameters \ firewallpolicy \ domainpr ofile \ authorizedapplications \ list]
"% windir% \ \ system32 \ \ sessmgr.exe" = "% windir% \ \ syste m32 \ \ sessmgr.exe: *: Enabled: @ Xpsp2res.dll, -22019"
"E: \ \ CtmWeb27155-48482 \ \ ctmweb.exe" = "E: \ \ CtmWeb27155-48482 \ \ ctmweb.exe: *: Enabled: ctmweb Computrace Installation / Management Application"
"% windir% \ \ Network Diagnostic \ \ xpnetdiag.exe" = "% windir% \ \ Network Diagnostic \ \ xpnetdiag.exe: *: Enabled: @ xpsp3res.dll, -20000"

Resterende Files :



Filer med Skjult Attributter :

Tue 12 juli 2005 54.872 A.. H. --- "C: \ Programmer \ America Online 9.0 \ AOLphx.exe"
Tue 12 juli 2005 31.832 A.. H. --- "C: \ Programmer \ America Online 9.0 \ rbm.exe"
Ons 13 Oktober 2004 1.694.208 A.. H. --- "C: \ Programmer \ Messenger \ MsnMsgr.Exe"
Wed 17 September 2008 162 A.. H. --- "C: \ Documents and Settings \ Administrator \ Dokumenter \ ~ $ RL3917.tmp"
Fre 23 november 2007 4.840.960 ... H. --- "C: \ Documents and Settings \ Administrator \ Dokumenter \ ~ WRL3917.tmp"
Sun 1 april 2007 247 A.. H. --- "C: \ Programmer \ InterActual \ InterActual Player \ itiC9F.tmp"
Sun 1 juli 2007 0 A.SH. --- "C: \ Documents and Settings \ All Users \ DRM \ Cache \ Indiv01.tmp"
Mon 14 Januar 2008 3.459 ... HR --- "C: \ Documents and Settings \ Administrator \ Application Data \ SecuROM \ UserData \ securom_v7_01.bak"
Sat 27 September 2008 4.750 A.. H. --- "C: \ Documents and Settings \ LocalService \ Application Data \ Webroot \ Spy Sweeper \ Temp \ SSCS00643642-9444-46D7-A0F8-98BCEC733FED.tmp"
Sat 27 September 2008 0 A.. H. --- "C: \ Documents and Settings \ LocalService \ Application Data \ Webroot \ Spy Sweeper \ Temp \ SSCS02319C6A-A321-4C8D-9995-820B7395AC0C.tmp"
Sat 27 September 2008 0 A.. H. --- "C: \ Documents and Settings \ LocalService \ Application Data \ Webroot \ Spy Sweeper \ Temp \ SSCS025EABA1-CC11-4560-8E12-630DDF3DA7B2.tmp"
Sat 27 September 2008 0 A.. H. --- "C: \ Documents and Settings \ LocalService \ Application Data \ Webroot \ Spy Sweeper \ Temp \ SSCS045F4367-E293-4856-99B6-A55965765747.tmp"
Sat 27 September 2008 0 A.. H. --- "C: \ Documents and Settings \ LocalService \ Application Data \ Webroot \ Spy Sweeper \ Temp \ SSCS068F3C9C-D92F-41E5-AF3C-3917DFD07FFB.tmp"
Sat 27 September 2008 0 A.. H. --- "C: \ Documents and Settings \ LocalService \ Application Data \ Webroot \ Spy Sweeper \ Temp \ SSCS0ABE791D-AAB6-45AE-94C0-81FF065FB64C.tmp"
Sat 27 September 2008 0 A.. H. --- "C: \ Documents and Settings \ LocalService \ Application Data \ Webroot \ Spy Sweeper \ Temp \ SSCS0B798094-B44A-427A-B9DC-654E158521EB.tmp"
Sat 27 September 2008 0 A.. H. --- "C: \ Documents and Settings \ LocalService \ Application Data \ Webroot \ Spy Sweeper \ Temp \ SSCS0C1801B8-619C-45EF-A0A9-6FDF58378626.tmp"
Sat 27 September 2008 0 A.. H. --- "C: \ Documents and Settings \ LocalService \ Application Data \ Webroot \ Spy Sweeper \ Temp \ SSCS0DC230DD-648D-4C7A-A46F-125E3BBCACF0.tmp"
Sat 27 September 2008 0 A.. H. --- "C: \ Documents and Settings \ LocalService \ Application Data \ Webroot \ Spy Sweeper \ Temp \ SSCS0FD1D4A0-7A3B-4426-BF06-CBE8A10161D9.tmp"
Sat 27 September 2008 12.540 A.. H. --- "C: \ Documents and Settings \ LocalService \ Application Data \ Webroot \ Spy Sweeper \ Temp \ SSCS12E3E01D-D993-4077-84CD-270FC7998D10.tmp"
Sat 27 September 2008 5.616 A.. H. --- "C: \ Documents and Settings \ LocalService \ Application Data \ Webroot \ Spy Sweeper \ Temp \ SSCS1558A464-A8A5-4699-8AD4-1FD636BA73F0.tmp"
Sat 27 September 2008 0 A.. H. --- "C: \ Documents and Settings \ LocalService \ Application Data \ Webroot \ Spy Sweeper \ Temp \ SSCS16C4CA8E-B45E-4C74-A16A-C6547AC6862A.tmp"
Sat 27 September 2008 0 A.. H. --- "C: \ Documents and Settings \ LocalService \ Application Data \ Webroot \ Spy Sweeper \ Temp \ SSCS171F971D-9918-4BF8-934E-9F971CE3A62E.tmp"
Sat 27 September 2008 0 A.. H. --- "C: \ Documents and Settings \ LocalService \ Application Data \ Webroot \ Spy Sweeper \ Temp \ SSCS18482343-5AA4-4A75-B35E-1DE367BE8DF8.tmp"
Sat 27 September 2008 0 A.. H. --- "C: \ Documents and Settings \ LocalService \ Application Data \ Webroot \ Spy Sweeper \ Temp \ SSCS1F408231-9AD4-4F3A-8F71-E4D1A885E2D9.tmp"
Sat 27 September 2008 0 A.. H. --- "C: \ Documents and Settings \ LocalService \ Application Data \ Webroot \ Spy Sweeper \ Temp \ SSCS22C553D7-9E17-42E7-9BAC-FD08E49F2DA7.tmp"
Sat 27 September 2008 0 A.. H. --- "C: \ Documents and Settings \ LocalService \ Application Data \ Webroot \ Spy Sweeper \ Temp \ SSCS29899F67-1A0A-49C1-BF8C-969C56BFE72D.tmp"
Sat 27 September 2008 40.408 A.. H. --- "C: \ Documents and Settings \ LocalService \ Application Data \ Webroot \ Spy Sweeper \ Temp \ SSCS2CE2DD8D-1B89-4236-8CEB-8AE2092F011D.tmp"
Sat 27 September 2008 0 A.. H. --- "C: \ Documents and Settings \ LocalService \ Application Data \ Webroot \ Spy Sweeper \ Temp \ SSCS2DE8E664-10D0-4BC0-B385-C28929E5600F.tmp"
Sat 27 September 2008 0 A.. H. --- "C: \ Documents and Settings \ LocalService \ Application Data \ Webroot \ Spy Sweeper \ Temp \ SSCS35CD56A6-869F-4E8D-9744-F5243F94B4B1.tmp"
Sat 27 September 2008 0 A.. H. --- "C: \ Documents and Settings \ LocalService \ Application Data \ Webroot \ Spy Sweeper \ Temp \ SSCS3A52BAF2-C6D8-48C5-A517-8F08AFB8035A.tmp"
Sat 27 September 2008 0 A.. H. --- "C: \ Documents and Settings \ LocalService \ Application Data \ Webroot \ Spy Sweeper \ Temp \ SSCS3EC9B69D-3F89-4FC5-B941-1463F3BD2234.tmp"
Sat 27 September 2008 0 A.. H. --- "C: \ Documents and Settings \ LocalService \ Application Data \ Webroot \ Spy Sweeper \ Temp \ SSCS3EADD09D-E99C-4EDA-87E8-14DD31C5A1CA.tmp"
Sat 27 September 2008 0 A.. H. --- "C: \ Documents and Settings \ LocalService \ Application Data \ Webroot \ Spy Sweeper \ Temp \ SSCS3EDF6917-B0B7-4164-BAA8-7013E06D5FCA.tmp"
Sat 27 September 2008 0 A.. H. --- "C: \ Documents and Settings \ LocalService \ Application Data \ Webroot \ Spy Sweeper \ Temp \ SSCS3FF4AFC6-0025-4047-AEFB-7C34313D972F.tmp"
Sat 27 September 2008 0 A.. H. --- "C: \ Documents and Settings \ LocalService \ Application Data \ Webroot \ Spy Sweeper \ Temp \ SSCS4031D191-1F75-49F0-8272-A12ACD39C269.tmp"
Sat 27 September 2008 0 A.. H. --- "C: \ Documents and Settings \ LocalService \ Application Data \ Webroot \ Spy Sweeper \ Temp \ SSCS416C7484-2AC6-4BFE-8364-B3DC9640EB90.tmp"
Sat 27 September 2008 27.677 A.. H. --- "C: \ Documents and Settings \ LocalService \ Application Data \ Webroot \ Spy Sweeper \ Temp \ SSCS42B72C22-0C5B-4053-87A4-D8EB671C2029.tmp"
Sat 27 September 2008 0 A.. H. --- "C: \ Documents and Settings \ LocalService \ Application Data \ Webroot \ Spy Sweeper \ Temp \ SSCS4C83367A-C322-4725-A861-182E13107846.tmp"
Sat 27 September 2008 0 A.. H. --- "C: \ Documents and Settings \ LocalService \ Application Data \ Webroot \ Spy Sweeper \ Temp \ SSCS4DB48154-31C5-424F-B7EB-6337D7279415.tmp"
Sat 27 September 2008 3.393 A.. H. --- "C: \ Documents and Settings \ LocalService \ Application Data \ Webroot \ Spy Sweeper \ Temp \ SSCS4EAE423C-33F9-4D19-AD00-4127948E7F39.tmp"
Sat 27 September 2008 0 A.. H. --- "C: \ Documents and Settings \ LocalService \ Application Data \ Webroot \ Spy Sweeper \ Temp \ SSCS4FE7BDE5-631A-4BEE-BA59-2A86CECDA9DA.tmp"
Sat 27 September 2008 0 A.. H. --- "C: \ Documents and Settings \ LocalService \ Application Data \ Webroot \ Spy Sweeper \ Temp \ SSCS50B44EC6-2F2E-4D16-AC0C-376383467A7C.tmp"
Sat 27 September 2008 0 A.. H. --- "C: \ Documents and Settings \ LocalService \ Application Data \ Webroot \ Spy Sweeper \ Temp \ SSCS56CA220B-41A4-4EBA-B217-FF3A496AA590.tmp"
Sat 27 September 2008 0 A.. H. --- "C: \ Documents and Settings \ LocalService \ Application Data \ Webroot \ Spy Sweeper \ Temp \ SSCS5AF7C2DD-39F4-4B22-8F5A-11FC428681E1.tmp"
Sat 27 September 2008 101.080 A.. H. --- "C: \ Documents and Settings \ LocalService \ Application Data \ Webroot \ Spy Sweeper \ Temp \ SSCS5DCC2C2E-7275-4CC4-9192-B113F353FB5F.tmp"
Sat 27 September 2008 0 A.. H. --- "C: \ Documents and Settings \ LocalService \ Application Data \ Webroot \ Spy Sweeper \ Temp \ SSCS5D528DF5-B79E-4EE1-9D6C-1EC565BBBC62.tmp"
Sat 27 September 2008 0 A.. H. --- "C: \ Documents and Settings \ LocalService \ Application Data \ Webroot \ Spy Sweeper \ Temp \ SSCS6011FD6D-D50D-43A0-AE81-A050DD789327.tmp"
Sat 27 September 2008 0 A.. H. --- "C: \ Documents and Settings \ LocalService \ Application Data \ Webroot \ Spy Sweeper \ Temp \ SSCS62CC7F66-91D7-40E6-9C86-9E1A90363BBD.tmp"
Sat 27 September 2008 0 A.. H. --- "C: \ Documents and Settings \ LocalService \ Application Data \ Webroot \ Spy Sweeper \ Temp \ SSCS6548601C-9BB6-472C-AA53-447B881C2428.tmp"
Sat 27 September 2008 6.247.755 A.. H. --- "C: \ Documents and Settings \ LocalService \ Application Data \ Webroot \ Spy Sweeper \ Temp \ SSCS6946DC39-11B6-4B93-A005-7F3C9D123F87.tmp"
Sat 27 September 2008 0 A.. H. --- "C: \ Documents and Settings \ LocalService \ Application Data \ Webroot \ Spy Sweeper \ Temp \ SSCS69A2BD78-4F53-4EBE-A0E3-D640854156D9.tmp"
Sat 27 September 2008 198.358 A.. H. --- "C: \ Documents and Settings \ LocalService \ Application Data \ Webroot \ Spy Sweeper \ Temp \ SSCS6927849A-B300-4980-AAEB-7DBA1C6E4164.tmp"
Sat 27 September 2008 0 A.. H. --- "C: \ Documents and Settings \ LocalService \ Application Data \ Webroot \ Spy Sweeper \ Temp \ SSCS6945CE07-04BF-439f-987F-028637985DF0.tmp"
Sat 27 September 2008 0 A.. H. --- "C: \ Documents and Settings \ LocalService \ Application Data \ Webroot \ Spy Sweeper \ Temp \ SSCS6FE21A12-C11B-4E43-99E2-FA8F960870E1.tmp"
Sat 27 September 2008 0 A.. H. --- "C: \ Documents and Settings \ LocalService \ Application Data \ Webroot \ Spy Sweeper \ Temp \ SSCS700D83FE-2571-4AE3-89BC-6DD584F68699.tmp"
Sat 27 September 2008 3.195.852 A.. H. --- "C: \ Documents and Settings \ LocalService \ Application Data \ Webroot \ Spy Sweeper \ Temp \ SSCS713A2772-B7C7-4A87-BAEB-E92C67ED4580.tmp"
Sat 27 September 2008 143.110 A.. H. --- "C: \ Documents and Settings \ LocalService \ Application Data \ Webroot \ Spy Sweeper \ Temp \ SSCS71EC4FAD-E45A-4E20-AE13-D864D8CA24A1.tmp"
Sat 27 September 2008 0 A.. H. --- "C: \ Documents and Settings \ LocalService \ Application Data \ Webroot \ Spy Sweeper \ Temp \ SSCS716E87B1-65B4-4487-B09B-19A89B9F5C97.tmp"
Sat 27 September 2008 1.909.332 A.. H. --- "C: \ Documents and Settings \ LocalService \ Application Data \ Webroot \ Spy Sweeper \ Temp \ SSCS7366E027-AE32-4BC8-9360-699C2C95BEB0.tmp"
Sat 27 September 2008 270.314 A.. H. --- "C: \ Documents and Settings \ LocalService \ Application Data \ Webroot \ Spy Sweeper \ Temp \ SSCS75371617-A509-4e33-9F16-118AA8AC2918.tmp"
Sat 27 September 2008 0 A.. H. --- "C: \ Documents and Settings \ LocalService \ Application Data \ Webroot \ Spy Sweeper \ Temp \ SSCS767A458F-F431-46EB-A2DA-88FB1A7E3E7D.tmp"
Sat 27 September 2008 0 A.. H. --- "C: \ Documents and Settings \ LocalService \ Application Data \ Webroot \ Spy Sweeper \ Temp \ SSCS7A70C6B2-5850-4473-9585-E0C43F090F27.tmp"
Sat 27 September 2008 0 A.. H. --- "C: \ Documents and Settings \ LocalService \ Application Data \ Webroot \ Spy Sweeper \ Temp \ SSCS7B30F8F2-8A4F-42B9-B9F8-625709173611.tmp"
Sat 27 September 2008 0 A.. H. --- "C: \ Documents and Settings \ LocalService \ Application Data \ Webroot \ Spy Sweeper \ Temp \ SSCS7C1354E8-D74C-4AC8-BE8F-7167A5076F4A.tmp"
Sat 27 September 2008 0 A.. H. --- "C: \ Documents and Settings \ LocalService \ Application Data \ Webroot \ Spy Sweeper \ Temp \ SSCS7CBB22C6-4E66-4720-995F-1C2ADC632A9B.tmp"
Sat 27 September 2008 642 A.. H. --- "C: \ Documents and Settings \ LocalService \ Application Data \ Webroot \ Spy Sweeper \ Temp \ SSCS7E1AA5E0-2F18-4CF4-B64E-8EB8F378DF31.tmp"
Sat 27 September 2008 0 A.. H. --- "C: \ Documents and Settings \ LocalService \ Application Data \ Webroot \ Spy Sweeper \ Temp \ SSCS7FEECAB9-C6A6-4302-9AA6-F69FA542ED3D.tmp"
Sat 27 September 2008 0 A.. H. --- "C: \ Documents and Settings \ LocalService \ Application Data \ Webroot \ Spy Sweeper \ Temp \ SSCS840E4E3A-C733-4DC5-A8F3-B248CC83075B.tmp"
Sat 27 September 2008 0 A.. H. --- "C: \ Documents and Settings \ LocalService \ Application Data \ Webroot \ Spy Sweeper \ Temp \ SSCS8716D8FB-A364-4288-8B00-55605E1EF6C0.tmp"
Sat 27 September 2008 0 A.. H. --- "C: \ Documents and Settings \ LocalService \ Application Data \ Webroot \ Spy Sweeper \ Temp \ SSCS89FE094B-45FA-4923-87F1-139238C4F97B.tmp"
Sat 27 September 2008 610 A.. H. --- "C: \ Documents and Settings \ LocalService \ Application Data \ Webroot \ Spy Sweeper \ Temp \ SSCS8A4D2B50-2BB9-4DC6-9E5E-3CB11929C3D2.tmp"
Sat 27 September 2008 4.532 A.. H. --- "C: \ Documents and Settings \ LocalService \ Application Data \ Webroot \ Spy Sweeper \ Temp \ SSCS8E7D97AA-E673-4952-AA06-A468A9C52A7C.tmp"
Sat 27 September 2008 0 A.. H. --- "C: \ Documents and Settings \ LocalService \ Application Data \ Webroot \ Spy Sweeper \ Temp \ SSCS8FB3E905-99BA-4D9E-9C2A-B17FB19F5132.tmp"
Sat 27 September 2008 0 A.. H. --- "C: \ Documents and Settings \ LocalService \ Application Data \ Webroot \ Spy Sweeper \ Temp \ SSCS92FF4DE9-51A7-4FEA-9F94-4984E35FDB14.tmp"
Sat 27 September 2008 0 A.. H. --- "C: \ Documents and Settings \ LocalService \ Application Data \ Webroot \ Spy Sweeper \ Temp \ SSCS94946861-C52C-4360-B5D7-0BAA075D88BB.tmp"
Sat 27 September 2008 674 A.. H. --- "C: \ Documents and Settings \ LocalService \ Application Data \ Webroot \ Spy Sweeper \ Temp \ SSCS9766DA24-0126-49B8-821D-0BBD42716F70.tmp"
Sat 27 September 2008 0 A.. H. --- "C: \ Documents and Settings \ LocalService \ Application Data \ Webroot \ Spy Sweeper \ Temp \ SSCS9CF76AA8-C8DD-426D-8974-7952EA0782D3.tmp"
Sat 27 September 2008 0 A.. H. --- "C: \ Documents and Settings \ LocalService \ Application Data \ Webroot \ Spy Sweeper \ Temp \ SSCS9DE19017-8F84-45F0-8707-3157A64B6CEA.tmp"
Sat 27 September 2008 1.190.410 A.. H. --- "C: \ Documents and Settings \ LocalService \ Application Data \ Webroot \ Spy Sweeper \ Temp \ SSCS9F48133A-1109-42EB-93AA-A3CB3CACBCBF.tmp"
Sat 27 September 2008 0 A.. H. --- "C: \ Documents and Settings \ LocalService \ Application Data \ Webroot \ Spy Sweeper \ Temp \ SSCSABDB0578-02AF-4BA8-A501-9A8992ED7BDB.tmp"
Sat 27 September 2008 2.736 A.. H. --- "C: \ Documents and Settings \ LocalService \ Application Data \ Webroot \ Spy Sweeper \ Temp \ SSCSAD28D6FF-3940-4F08-A657-2E61F69B5449.tmp"
Sat 27 September 2008 75.790 A.. H. --- "C: \ Documents and Settings \ LocalService \ Application Data \ Webroot \ Spy Sweeper \ Temp \ SSCSB18333D4-60E0-438D-B085-7DB36F72F77D.tmp"
Sat 27 September 2008 0 A.. H. --- "C: \ Documents and Settings \ LocalService \ Application Data \ Webroot \ Spy Sweeper \ Temp \ SSCSB74C069F-C392-4F81-8670-212FC280E95D.tmp"
Sat 27 September 2008 0 A.. H. --- "C: \ Documents and Settings \ LocalService \ Application Data \ Webroot \ Spy Sweeper \ Temp \ SSCSB76C1894-7B69-4834-97D3-B402FE20935A.tmp"
Sat 27 September 2008 0 A.. H. --- "C: \ Documents and Settings \ LocalService \ Application Data \ Webroot \ Spy Sweeper \ Temp \ SSCSB73D6FFC-0E8C-41B9-84D3-8810EC6D9228.tmp"
Sat 27 September 2008 0 A.. H. --- "C: \ Documents and Settings \ LocalService \ Application Data \ Webroot \ Spy Sweeper \ Temp \ SSCSB9036DEB-8242-4521-A54E-139AF6A9A190.tmp"
Sat 27 September 2008 0 A.. H. --- "C: \ Documents and Settings \ LocalService \ Application Data \ Webroot \ Spy Sweeper \ Temp \ SSCSBAE9F5F5-FA44-4E05-9A1D-A462CE8AF520.tmp"
Sat 27 September 2008 0 A.. H. --- "C: \ Documents and Settings \ LocalService \ Application Data \ Webroot \ Spy Sweeper \ Temp \ SSCSBBCD6D72-A069-40FF-9AF2-916180E0A88E.tmp"
Sat 27 September 2008 0 A.. H. --- "C: \ Documents and Settings \ LocalService \ Application Data \ Webroot \ Spy Sweeper \ Temp \ SSCSBBCBA3E5-E607-436E-B3EE-A1DEAC925872.tmp"
Sat 27 September 2008 0 A.. H. --- "C: \ Documents and Settings \ LocalService \ Application Data \ Webroot \ Spy Sweeper \ Temp \ SSCSBEC0CEEC-C42B-4B06-A604-EAAD26CE6255.tmp"
Sat 27 September 2008 0 A.. H. --- "C: \ Documents and Settings \ LocalService \ Application Data \ Webroot \ Spy Sweeper \ Temp \ SSCSC5D01365-2009-400C-A9A3-5F990CF4A80D.tmp"
Sat 27 September 2008 0 A.. H. --- "C: \ Documents and Settings \ LocalService \ Application Data \ Webroot \ Spy Sweeper \ Temp \ SSCSC9E0B767-5A0A-47B9-A439-227E2B94F887.tmp"
Sat 27 September 2008 134.148 A.. H. --- "C: \ Documents and Settings \ LocalService \ Application Data \ Webroot \ Spy Sweeper \ Temp \ SSCSD2617AFF-BC61-4BFE-B8E6-6CC988A0F275.tmp"
Sat 27 September 2008 0 A.. H. --- "C: \ Documents and Settings \ LocalService \ Application Data \ Webroot \ Spy Sweeper \ Temp \ SSCSD21BE94F-9EE4-475B-B0A2-24C81FFF173F.tmp"
Sat 27 September 2008 0 A.. H. --- "C: \ Documents and Settings \ LocalService \ Application Data \ Webroot \ Spy Sweeper \ Temp \ SSCSD4AA62E4-9D9E-4B7B-9CD0-686A2C05AEF7.tmp"
Sat 27 September 2008 0 A.. H. --- "C: \ Documents and Settings \ LocalService \ Application Data \ Webroot \ Spy Sweeper \ Temp \ SSCSD729F3FB-EE09-459B-A678-BD9132629FDF.tmp"
Sat 27 September 2008 0 A.. H. --- "C: \ Documents and Settings \ LocalService \ Application Data \ Webroot \ Spy Sweeper \ Temp \ SSCSD8157780-DB4C-464E-B192-D31296C412A8.tmp"
Sat 27 September 2008 0 A.. H. --- "C: \ Documents and Settings \ LocalService \ Application Data \ Webroot \ Spy Sweeper \ Temp \ SSCSD97D795A-5F39-4FDD-A7EF-691DEBB65005.tmp"
Sat 27 September 2008 0 A.. H. --- "C: \ Documents and Settings \ LocalService \ Application Data \ Webroot \ Spy Sweeper \ Temp \ SSCSDA1F438F-BCAF-4452-A79A-167408950654.tmp"
Sat 27 September 2008 0 A.. H. --- "C: \ Documents and Settings \ LocalService \ Application Data \ Webroot \ Spy Sweeper \ Temp \ SSCSDA218F7C-D867-4690-96E2-789F80A7D3E0.tmp"
Sat 27 September 2008 20.968 A.. H. --- "C: \ Documents and Settings \ LocalService \ Application Data \ Webroot \ Spy Sweeper \ Temp \ SSCSDBBDCE8F-1CB9-456D-9A48-B332BFDD4DA3.tmp"
Sat 27 September 2008 0 A.. H. --- "C: \ Documents and Settings \ LocalService \ Application Data \ Webroot \ Spy Sweeper \ Temp \ SSCSDC4DE87E-7FB7-4AAF-9341-074C383E5277.tmp"
Sat 27 September 2008 2.168.120 A.. H. --- "C: \ Documents and Settings \ LocalService \ Application Data \ Webroot \ Spy Sweeper \ Temp \ SSCSDC4805C4-09F4-44DF-953F-40714AC7B32D.tmp"
Sat 27 September 2008 0 A.. H. --- "C: \ Documents and Settings \ LocalService \ Application Data \ Webroot \ Spy Sweeper \ Temp \ SSCSDC54187B-23EE-4C63-A3C1-F95DD71DC749.tmp"
Sat 27 September 2008 0 A.. H. --- "C: \ Documents and Settings \ LocalService \ Application Data \ Webroot \ Spy Sweeper \ Temp \ SSCSE542CE01-559A-4B52-B46E-3ABA034CB806.tmp"
Sat 27 September 2008 0 A.. H. --- "C: \ Documents and Settings \ LocalService \ Application Data \ Webroot \ Spy Sweeper \ Temp \ SSCSE76031B3-69B7-40CD-98AA-1FBADCFD80F9.tmp"
Sat 27 September 2008 538 A.. H. --- "C: \ Documents and Settings \ LocalService \ Application Data \ Webroot \ Spy Sweeper \ Temp \ SSCSE89A2A1E-7243-491E-8713-779584114914.tmp"
Sat 27 September 2008 0 A.. H. --- "C: \ Documents and Settings \ LocalService \ Application Data \ Webroot \ Spy Sweeper \ Temp \ SSCSE9F327DF-50B6-42E2-B361-B1279BCFE655.tmp"
Sat 27 September 2008 0 A.. H. --- "C: \ Documents and Settings \ LocalService \ Application Data \ Webroot \ Spy Sweeper \ Temp \ SSCSEAF8FCDA-0414-40ED-8AC7-F6E8BA990710.tmp"
Sat 27 September 2008 0 A.. H. --- "C: \ Documents and Settings \ LocalService \ Application Data \ Webroot \ Spy Sweeper \ Temp \ SSCSEC43267D-076B-42D7-838C-4A46B1619D44.tmp"
Sat 27 September 2008 0 A.. H. --- "C: \ Documents and Settings \ LocalService \ Application Data \ Webroot \ Spy Sweeper \ Temp \ SSCSED7CFB5E-591C-4B3A-BB59-99AC6B355CE9.tmp"
Sat 27 September 2008 0 A.. H. --- "C: \ Documents and Settings \ LocalService \ Application Data \ Webroot \ Spy Sweeper \ Temp \ SSCSF03658AA-EBC4-437C-8F4E-338B053BBCC5.tmp"
Sat 27 September 2008 0 A.. H. --- "C: \ Documents and Settings \ LocalService \ Application Data \ Webroot \ Spy Sweeper \ Temp \ SSCSF1EE7C84-96F2-4922-8549-E4F727B9B3A5.tmp"
Sat 27 September 2008 0 A.. H. --- "C: \ Documents and Settings \ LocalService \ Application Data \ Webroot \ Spy Sweeper \ Temp \ SSCSF5708FAD-F162-475a-BBD8-590D8EED1563.tmp"
Sat 27 September 2008 1.609.542 A.. H. --- "C: \ Documents and Settings \ LocalService \ Application Data \ Webroot \ Spy Sweeper \ Temp \ SSCSF60C8606-1E32-4C46-9DD9-9591141A47D3.tmp"
Sat 27 September 2008 29.084 A.. H. --- "C: \ Documents and Settings \ LocalService \ Application Data \ Webroot \ Spy Sweeper \ Temp \ SSCSF7DCFFB4-3037-49B4-8FAF-FB62C2892816.tmp"
Sat 27 September 2008 16.965 A.. H. --- "C: \ Documents and Settings \ LocalService \ Application Data \ Webroot \ Spy Sweeper \ Temp \ SSCSFABFD6CE-CC5D-4B27-9BE0-5CE94D2BE9C9.tmp"

Færdig!






Logfile af Trend Micro HijackThis v2.0.2
Scan gemt kl 11:22:30, om 9/27/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16705)
Boot mode: Normal

Kørende processer:
C: \ WINDOWS \ System32 \ smss.exe
C: \ WINDOWS \ system32 \ Winlogon.exe
C: \ WINDOWS \ system32 \ Services.exe
C: \ WINDOWS \ system32 \ Lsass.exe
C: \ WINDOWS \ system32 \ Svchost.exe
C: \ Programmer \ Windows Defender \ MsMpEng.exe
C: \ WINDOWS \ System32 \ Svchost.exe
C: \ Programmer \ Intel \ Wireless \ Bin \ EvtEng.exe
C: \ Programmer \ Intel \ Wireless \ Bin \ S24EvMon.exe
C: \ Programmer \ Intel \ Wireless \ Bin \ WLKeeper.exe
C: \ WINDOWS \ system32 \ LEXBCES.EXE
C: \ WINDOWS \ system32 \ Spoolsv.exe
C: \ WINDOWS \ system32 \ LEXPPS.EXE
C: \ Programmer \ Fælles filer \ AOL \ ACS \ AOLAcsd.exe
C: \ Programmer \ Fælles filer \ AOL \ TopSpeed \ 2.0 \ aoltsmon.exe
C: \ Programmer \ Common Files \ Apple \ Mobile Device Support \ bin \ AppleMobileDeviceService.exe
C: \ Programmer \ PrevxCSI \ prevxcsi.exe
C: \ Programmer \ PrevxCSI \ prevxcsi.exe
C: \ WINDOWS \ system32 \ dlcxcoms.exe
C: \ WINDOWS \ System32 \ Svchost.exe
C: \ Programmer \ Common Files \ Microsoft Shared \ VS7DEBUG \ MDM.EXE
C: \ Programmer \ Dell \ QuickSet \ NICCONFIGSVC.exe
C: \ WINDOWS \ system32 \ nvsvc32.exe
C: \ Programmer \ Intel \ Wireless \ Bin \ RegSrvc.exe
C: \ WINDOWS \ system32 \ rpcnet.exe
C: \ WINDOWS \ system32 \ Svchost.exe
C: \ Programmer \ synspunkt \ Common \ ViewpointService.exe
C: \ Programmer \ Webroot \ Erhverv \ Spy Sweeper \ spysweeper.exe
C: \ WINDOWS \ Explorer.EXE
C: \ Programmer \ Webroot \ Erhverv \ Spy Sweeper \ commagent.exe
C: \ WINDOWS \ system32 \ wscntfy.exe
C: \ Programmer \ synspunkt \ synspunkt Manager \ ViewMgr.exe
C: \ WINDOWS \ system32 \ Notepad.exe
C: \ Programmer \ Dell \ QuickSet \ quickset.exe
C: \ WINDOWS \ system32 \ rundll32.exe
C: \ WINDOWS \ system32 \ spool \ drivers \ w32x86 \ 3 \ hpztsb0 3.exe
C: \ Programmer \ iTunes \ iTunesHelper.exe
C: \ Programmer \ Java \ jre1.6.0_07 \ bin \ jusched.exe
C: \ Programmer \ Windows Defender \ MSASCui.exe
C: \ Programmer \ ErrorSmart \ ErrorSmart.exe
C: \ WINDOWS \ system32 \ Ctfmon.exe
C: \ Programmer \ America Online 9.0 \ waol.exe
C: \ Programmer \ Cisco Systems \ Clean Access Agent \ CCAAgent.exe
C: \ WINDOWS \ system32 \ wuauclt.exe
C: \ Programmer \ iPod \ bin \ iPodService.exe
C: \ Programmer \ America Online 9.0 \ shellmon.exe
C: \ Programmer \ Trend Micro \ HijackThis \ HijackThis.exe

R0 - HKCU \ Software \ Microsoft \ Internet Explorer \ Main, Start Page = http://www.bridgew.edu/
R1 - HKLM \ Software \ Microsoft \ Internet Explorer \ Main, Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM \ Software \ Microsoft \ Internet Explorer \ Main, Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM \ Software \ Microsoft \ Internet Explorer \ Main, Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM \ Software \ Microsoft \ Internet Explorer \ Main, Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU \ Software \ Microsoft \ Internet Connection Wizard, ShellNext = http://www.bridgew.edu/
O2 - BHO: Adobe PDF Reader Link Helper - (06849E9F-C8D7-4D59-B87D-784B7D6BE0B3) - C: \ Programmer \ Adobe \ Acrobat 7.0 \ ActiveX \ AcroIEHelper.dll
O2 - BHO: SSVHelper Class - (761497BB-D6F0-462C-B6EB-D4DAF1D92D43) - C: \ Programmer \ Java \ jre1.6.0_07 \ bin \ ssv.dll
O2 - BHO: Viewpoint Toolbar BHO - (A7327C09-B521-4EDB-8509-7D2660C9EC98) - C: \ Programmer \ Viewpoint \ Viewpoint Toolbar \ 3.8.0 \ ViewBarBHO.dll
O3 - Toolbar: AOL Toolbar - (4982D40A-C53B-4615-B15B-B5B5E98D167C) - C: \ Programmer \ AOL Toolbar \ toolbar.dll
O3 - Toolbar: synspunkt Toolbar - (F8AD5AA5-D966-4667-9DAF-2561D68B2012) - C: \ Programmer \ Common Files \ synspunkt \ Toolbar Runtime \ 3.8.0 \ IEViewBar.dll
O4 - HKLM \ .. \ Run: [NvCplDaemon] rundll32.exe C: \ WINDOWS \ system32 \ NvCpl.dll, NvStartup
O4 - HKLM \ .. \ Run: [Dell QuickSet] C: \ Programmer \ Dell \ QuickSet \ quickset.exe
O4 - HKLM \ .. \ Run: [NvMediaCenter] rundll32.exe NvMCTray.dll, NvTaskbarInit
O4 - HKLM \ .. \ Run: [HPDJ Taskbar Utility] C: \ WINDOWS \ system32 \ spool \ drivers \ w32x86 \ 3 \ hpztsb0 3.exe
O4 - HKLM \ .. \ Run: [QuickTime Task] "C: \ Programmer \ QuickTime \ qttask.exe"-atboottime
O4 - HKLM \ .. \ Run: [iTunesHelper] "C: \ Programmer \ iTunes \ iTunesHelper.exe"
O4 - HKLM \ .. \ Run: [DLCXCATS] rundll32 C: \ WINDOWS \ System32 \ spool \ DRIVERS \ W32X86 \ 3 \ DLCXtim e.dll, _RunDLLEntry @ 16
O4 - HKLM \ .. \ Run: [SunJavaUpdateSched] "C: \ Programmer \ Java \ jre1.6.0_07 \ bin \ jusched.exe"
O4 - HKLM \ .. \ Run: [Windows Defender] "C: \ Programmer \ Windows Defender \ MSASCui.exe"-hide
O4 - HKLM \ .. \ Run: [ErrorSmart] C: \ Programmer \ ErrorSmart \ ErrorSmart.exe
O4 - HKCU \ .. \ Run: [Ctfmon.exe] C: \ WINDOWS \ system32 \ Ctfmon.exe
O4 - HKCU \ .. \ Run: [AOL Fast Start] "C: \ Programmer \ America Online 9.0 \ AOL.EXE"-b
O4 - HKUS \ S-1-5-18 \ .. \ RunOnce: [RunNarrator] Narrator.exe (User 'SYSTEM')
O4 - HKUS \. DEFAULT \ .. \ RunOnce: [RunNarrator] Narrator.exe (User 'Default user')
O4 -. DEFAULT User Startup: Clean Access Agent.lnk = C: \ Programmer \ Cisco Systems \ Clean Access Agent \ CCAAgent.exe (User 'Default user')
O4 - Startup: Clean Access Agent.lnk = C: \ Programmer \ Cisco Systems \ Clean Access Agent \ CCAAgent.exe
O6 - HKCU \ Software \ Policies \ Microsoft \ Internet Explorer \ Control Panel stede
O8 - Extra sammenhæng menupunktet: & AOL Toolbar søgning - res: / / C: \ Programmer \ AOL Toolbar \ toolbar.dll / SEARCH.HTML
O8 - Extra sammenhæng menupunktet: E & ksporter til Microsoft Excel - res: / / C: \ PROGRA ~ 1 \ mikroer ~ 2 \ Office11 \ EXCEL.EXE/3000
O8 - Extra context menu item: Abonner i standard RSS-læser - C: \ Documents and Settings \ Administrator \ Application Data \ RssBandit \ iecontext_subscribefeed.htm
O9 - Extra knappen: (no name) - (08B0E5C0-4FCB-11CF-AAA5-00401C608501) - C: \ Programmer \ Java \ jre1.6.0_07 \ bin \ ssv.dll
O9 - Extra 'Tools' MENUITEM: Sun Java Console - (08B0E5C0-4FCB-11CF-AAA5-00401C608501) - C: \ Programmer \ Java \ jre1.6.0_07 \ bin \ ssv.dll
O9 - Ekstra knap: AOL Toolbar - (4982D40A-C53B-4615-B15B-B5B5E98D167C) - C: \ Programmer \ AOL Toolbar \ toolbar.dll
O9 - Extra 'Tools' MENUITEM: AOL Toolbar - (4982D40A-C53B-4615-B15B-B5B5E98D167C) - C: \ Programmer \ AOL Toolbar \ toolbar.dll
O9 - Ekstra knap: Research - (92780B25-18CC-41C8-B9BE-3C9C571A8263) - C: \ PROGRA ~ 1 \ mikroer ~ 2 \ Office11 \ REFIEBAR.DLL
O9 - Ekstra knap: Real.com - (CD67F990-D8E9-11d2-98FE-00C0F0318AFE) - C: \ WINDOWS \ system32 \ Shdocvw.dll
O9 - Extra knappen: (no name) - (e2e2dd38-d088-4134-82b7-f2ba38496583) - C: \ WINDOWS \ Network Diagnostic \ xpnetdiag.exe
O9 - Extra 'Tools' MENUITEM: @ xpsp3res.dll, -20001 - (e2e2dd38-d088-4134-82b7-f2ba38496583) - C: \ WINDOWS \ Network Diagnostic \ xpnetdiag.exe
O9 - Ekstra knap: PokerStars.net - (FA9B9510-9FCB-4ca0-818C-5D0987B47C4D) - C: \ Programmer \ PokerStars.NET \ PokerStarsUpdate.exe
O9 - Ekstra knap: Messenger - (FB5F1910-F110-11D2-BB9E-00C04F795683) - C: \ Programmer \ Messenger \ msmsgs.exe
O9 - Extra 'Tools' MENUITEM: Windows Messenger - (FB5F1910-F110-11D2-BB9E-00C04F795683) - C: \ Programmer \ Messenger \ msmsgs.exe
O15 - Trusted Zone: *. bridgew.edu
O16 - DPF: (01A88BB1-1174-41EC-ACCB-963509EAE56B) (SysProWmi klasse) -- http://support.dell.com/systemprofiler/SysPro.CAB
O16 - DPF: (17492023-C23A-453E-A040-C7C580BBF700) (Windows Genuine Advantage Validation Tool) -- http://go.microsoft.com/fwlink/?link...67&clcid=0x409
O16 - DPF: (5e2a3510-4371-11d6-b64c-00c04faedb18) (Oracle JInitiator 1.1.8.18) -- http://frmserv.bridgew.edu/jinitiator/jinit.exe
O16 - DPF: (6414512B-B978-451D-A0D8-FCFDF33E833C) (WUWebControl Class) -- http://update.microsoft.com/windowsu...?1121111428606
O16 - DPF: (6E32070A-766D-4EE6-879C-DC1FA91D2FC3) (MUWebControl Class) -- http://update.microsoft.com/microsof...?1121873156643
O16 - DPF: (BAE1D8DF-0B35-47E3-A1E7-EEB3FF2ECD19) (CPlayFirstddfotgControl Object) -- http://aolsvc.aol.com/onlinegames/fr...g.1.0.0.33.cab
O20 - Winlogon Notify:! SASWinLogon - C: \ Programmer \ SUPERAntiSpyware \ SASWINLO.dll
O23 - Service: Adobe LM Service - Adobe Systems - C: \ Programmer \ Common Files \ Adobe Systems Shared \ Service \ Adobelmsvc.exe
O23 - Service: AOL Tilslutningsmuligheder Service (AOL ACS) - AOL LLC - C: \ Programmer \ Fælles filer \ AOL \ ACS \ AOLAcsd.exe
O23 - Service: AOL TopSpeed Monitor (AOL TopSpeedMonitor) - America Online, Inc - C: \ Programmer \ Fælles filer \ AOL \ TopSpeed \ 2.0 \ aoltsmon.exe
O23 - Service: Apple Mobile Device - Apple, Inc. - C: \ Programmer \ Common Files \ Apple \ Mobile Device Support \ bin \ AppleMobileDeviceService.exe
O23 - Service: Ati Genvejstast Poller - Unknown ejer - C: \ WINDOWS \ System32 \ Ati2evxx.exe
O23 - Service: CSIScanner - Prevx - C: \ Programmer \ PrevxCSI \ prevxcsi.exe
O23 - Service: dlcx_device - - C: \ WINDOWS \ system32 \ dlcxcoms.exe
O23 - Service: Intel (R) PROSet / Wireless Event Log (EvtEng) - Intel Corporation - C: \ Programmer \ Intel \ Wireless \ Bin \ EvtEng.exe
O23 - Service: InstallDriver Tabel Manager (IDriverT) - Macrovision Corporation - C: \ Programmer \ Common Files \ InstallShield \ Driver \ 11 \ Intel 32 \ IDriverT.exe
O23 - Service: iPod Service - Apple Inc. - C: \ Programmer \ iPod \ bin \ iPodService.exe
O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C: \ WINDOWS \ system32 \ LEXBCES.EXE
O23 - Service: NICCONFIGSVC - Dell Inc. - C: \ Programmer \ Dell \ QuickSet \ NICCONFIGSVC.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C: \ WINDOWS \ system32 \ nvsvc32.exe
O23 - Service: Intel (R) PROSet / Wireless Registry Service (RegSrvc) - Intel Corporation - C: \ Programmer \ Intel \ Wireless \ Bin \ RegSrvc.exe
O23 - Service: Remote Procedure Call (RPC) Net (Rpcnet) - Unknown owner - C: \ WINDOWS \ system32 \ rpcnet.exe
O23 - Service: Intel (R) PROSet / Wireless Service (S24EventMonitor) - Intel Corporation - C: \ Programmer \ Intel \ Wireless \ Bin \ S24EvMon.exe
O23 - Service: synspunkt Manager Service - synspunkt Corporation - C: \ Programmer \ synspunkt \ Common \ ViewpointService.exe
O23 - Service: Webroot CommAgent Service (WebrootCommAgentService) - Webroot Software, Inc. - C: \ Programmer \ Webroot \ Erhverv \ Spy Sweeper \ commagent.exe
O23 - Service: Webroot Spy Sweeper Engine (WebrootSpySweeperService) - Webroot Software, Inc. - C: \ Programmer \ Webroot \ Erhverv \ Spy Sweeper \ spysweeper.exe
O23 - Service: Intel (R) PROSet / Wireless SSO Service (WLANKEEPER) - Intel (R) Corporation - C: \ Programmer \ Intel \ Wireless \ Bin \ WLKeeper.exe

--
End of file - 10.298 bytes
  #4  
Old 27 september 2008, 20:37
Redaktør Gruppen
  
Default Iexplore.exe spørgsmål

Deaktiver SpySweeper

Du kan genaktivere det efter du er ren.

Du kan deaktivere SpySweeper:

Åben Spysweeper Klik> Valg over til venstre derefter> Program Valg > Fjern markeringen "belastning på vinduer start"

Over til venstre klik "skjolde" og Fjern markeringen alle der.

Fjern markeringen "Hjemmeside skjold"

 Fjern markeringen "automatisk gendanne standard uden anmeldelse"

Efter alle de rettelser er afsluttet, er det meget vigtigt, at du aktiverer Tidstro Beskyttelse igen.

----------

Deaktiver Windows Defender

Vi er nødt til at deaktivere din Windows Defender Real-time beskyttelse, da det kan interferere med de rettelser, vi skal gøre.
  • Åben Windows Defender
  • Klik på Værktøj, Generelle indstillinger
  • Rul ned, og fjern markeringen Tænd realtid beskyttelse (anbefales)
  • Når du fjerner markeringen ved at klikke på Gemme knappen og lukke Windows Defender.
Efter alle de rettelser er afsluttet, er det meget vigtigt, at du aktiverer Tidstro Beskyttelse igen.

----------

Vi er nødt til at fjerne ErrorSmart. Dette betragtes som et rouge program, fordi det er upålidelige, og ofte gange installeret uden brugerens samtykke.

Gå til Tilføj eller fjern programmer og afinstallere ErrorSmart (hvis det er der)

----------

Åbn HijackThis og vælg Må en systemscanning kun.

Anbringe en markering ved siden af følgende poster: (hvis der)
  • O4 - HKLM \ .. \ Run: [ErrorSmart] C: \ Programmer \ ErrorSmart \ ErrorSmart.exe
Vigtigt: Luk alle vinduer undtagen HijackThis og klik derefter på Fix kontrolleres.

Afslut HijackThis.

----------

Bemærk: nedenstående instruktioner var skabt specielt til denne bruger. Hvis du ikke er denne bruger, MÅ IKKE Følg disse anvisninger, som de kunne skade funktionen af dit system

Gå til Start> Kør og type Notepad.exe klik derefter på OK

Kopier og indsæt nedenfor i Notesblok, og gem som fixme.reg til din Desktop

Code:
REGEDIT4 [HKEY_LOCAL_MACHINE \ Software \ Microsoft \ Windows \ CurrentVersion \ Run] "ErrorSmart" =-
Find fixme.reg på dit skrivebord og dobbeltklik på den. Svar Ja når du bliver bedt om at fusionere med topdomæneadministratoren.

Sørg for, at du fortæller mig, hvis du modtager en succes besked om at tilføje ovenstående
til registreringsdatabasen. Hvis du ikke får en succes besked, gjorde det ikke arbejde.

Slet fixme.reg fra skrivebordet.

----------

Downloade CCleaner Slim og gemme den til dit skrivebord.
Når filen er gemt, skal du gå til dit skrivebord og dobbeltklik på den ccsetupxxx_slim.exe
Følg anvisningerne for at installere programmet.
Fuldføre installationen derefter:
  • Dobbeltklik på CCleaner genvej på skrivebordet for at starte programmet.
  • Klik på Valg blok til venstre, vælg derefter Cookies.
    • Under Cookies til at Slet, Fremhæve eventuelle cookies, du gerne vil beholde permanent
    • Klik på højrepilen > at flytte dem til Cookies til at holde vinduet.
  • Gå ind Valg > Avanceret unkontrollere Kun slette filer i Windows Temp mapper ældre end 48 timer
  • Klik på Renere på venstre derefter Kør Cleaner om retten til at køre programmet.
  • Vigtigt: Sørg for, at ALLE browser vinduer er lukket før udvælgelsen Kør Cleaner
  • Forsigtig: Det anbefales ikke at du bruger 'Registry' funktion, medmindre du er meget fortrolig med registreringsdatabasen.
  • Afslut CCleaner efter at det har afsluttet sit proces.
Genstart computeren og køre mbam derefter sende loggen.

----------

Downloade Malwarebytes' Anti-Malware (MBAM)
  • Dobbeltklik på mbam-setup.exe og følg instruktionerne for at installere programmet.
  • Ved udgangen, skal du sørge for en hak er placeret ud for følgende:
    • Update Malwarebytes' Anti-Malware
    • Launch Malwarebytes' Anti-Malware
  • Klik derefter på Udfør.
  • Hvis en opdatering er fundet, vil det at hente og installere den nyeste version.
  • Når programmet er indlæst, skal du vælge Udføre hurtig scanningKlik derefter på Scan.
  • Når scanningen er færdig, skal du klikke på OK, Derefter Vis resultater at se resultaterne.
  • Vær sikker på at alt er markeret, og klik Fjern markering.
  • Når desinfektionen er afsluttet, en log vil åbne i Notesblok, og du kan blive bedt om at genstarte. (Se Ekstra note)
  • Logfilen gemmes automatisk ved MBAM og kan ses ved at klikke på Logs fane i MBAM.
  • Kopier og indsæt hele rapport i dit næste svar.
Ekstra Bemærk: Hvis MBAM støder på en fil, der er vanskelige at fjerne, vil du blive præsenteret med 1 af 2 prompter, klik på OK for at enten og lad MBAM fortsætte med desinfektion processen, hvis bedt om at genstarte computeren, skal du gøre det straks.
__________________
  #5  
Old 27 september 2008, 21:50
Ny Medlem Gruppen
  
Default Iexplore.exe spørgsmål

Jeg fik en succes besked fra registreringsdatabasen.





Malwarebytes' Anti-Malware 1.28
Database version: 1216
Windows 5.1.2600 Service Pack 2

9/28/2008 12:45:51
mbam-log-2008-09-28 (00-45-51). txt

Scan type: Quick Scan
Objekter skannet: 59.369
Tidsforbrug: 10 minut (ter), 46 sekund (s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registreringsdatabasenøgler Inficerede: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 1

Memory Processes Infected:
(Nr. ondsindede elementer opdaget)

Memory Modules Infected:
(Nr. ondsindede elementer opdaget)

Registreringsdatabasenøgler Inficerede:
(Nr. ondsindede elementer opdaget)

Registry Values Infected:
(Nr. ondsindede elementer opdaget)

Registry Data Items Infected:
(Nr. ondsindede elementer opdaget)

Folders Infected:
(Nr. ondsindede elementer opdaget)

Files Infected:
C: \ WINDOWS \ system32 \ SJv56bM4.exe.a_a (Trojan.Agent) -> Quarantined and deleted successfully.
  #6  
Old 27 september 2008, 21:55
Redaktør Gruppen
  
Default Iexplore.exe spørgsmål

Eventuelle ændringer?
__________________
  #7  
Old 27 september 2008, 22:49
Ny Medlem Gruppen
  
Default Iexplore.exe spørgsmål

Nope, der stadig
  #8  
Old 27 september 2008, 22:56
Redaktør Gruppen
  
Default Iexplore.exe spørgsmål

Må ikke bekymre dig så finder vi det.

Download ComboFix ved Subs fra et af nedenstående links. Vær sikker på toppen gemme den til Desktop.

Link # 1
Link # 2

** Note: Det er vigtigt, at den er gemt direkte til dit skrivebord

Luk alle åbne Internet-browsere. (Firefox, Internet Explorer, osv.), før du begynder ComboFix.

Midlertidigt deaktivere din antivirus, Og enhver antispyware realtid beskyttelse før udførelse af en scanning. Klik på dette link at se en liste over sikkerhedsprogrammer, der skal være slået fra, og hvordan du deaktivere dem.

Dobbeltklik combofix.exe & følg instruktionerne.
Når du er færdig ComboFix vil udarbejde en log for dig.
Post den ComboFix log i dit næste svar.

Vigtigt: Må ikke mouseclick ComboFix vindue mens den kører. Det kan få det til at stå.

Husk at genaktivere dine antivirus-og antispyware beskyttelse, når ComboFix er færdig.
__________________
  #9  
Old 28 september 2008, 08:56
Ny Medlem Gruppen
  
Default Iexplore.exe spørgsmål

ComboFix 08-09-27.05 - Administrator 2008-09-28 11:44:34.1 - NTFSx86
Microsoft Windows XP Professional 5.1.2600.2.1252.1.1033.18.615 [GMT -4:00]
Kører fra: C: \ Documents and Settings \ Administrator \ Desktop \ ComboFix.exe
* Skabt et nyt gendannelsespunkt

ADVARSEL-maskinen IKKE HAR RECOVERY CONSOLE INSTALLERET!!
.

((((((((((((((((((((((((((((((((((((((( Andre Bortfald ))))))))) ))))))))))))))))))))))))))))))))))))))))
.

C: \ Documents and Settings \ NetworkService \ Cookies \ system @ trafficmp [1]. Txt
C: \ Windows \ System32 \ Drivers \ fad.sys

.
((((((((((((((((((((((((( Files Created fra 2008-08-28 til 2008-09-28 ))))))))))) ))))))))))))))))))))
.

2008-09-28 01:46. 2008-09-28 01:46 0 - a ------ C: \ WINDOWS \ system32 \ SJv56bM4.exe.a_a
2008-09-27 22:45. 2008-09-27 22:45 <DIR> d -------- C: \ WINDOWS \ ERUNT
2008-09-27 22:20. 2008-09-27 23:19 <DIR> d -------- C: \ SDFix
2008-09-27 21:03. 2008-09-27 21:03 <DIR> d -------- C: \ Programmer \ Trend Micro
2008-09-27 20:48. 2008-09-27 20:48 <DIR> d -------- C: \ Documents and Settings \ NetworkService \ Application Data \ AdobeUM
2008-09-27 20:36. 2008-09-27 20:40 <DIR> d -------- C: \ Documents and Settings \ Administrator \ Application Data \ ErrorSmart
2008-09-27 19:38. 2008-09-27 19:38 <DIR> d -------- C: \ Programmer \ Malwarebytes' Anti-Malware
2008-09-27 19:38. 2008-09-27 19:38 <DIR> d -------- C: \ Documents and Settings \ All Users \ Application Data \ Malwarebytes
2008-09-27 19:38. 2008-09-27 19:38 <DIR> d -------- C: \ Documents and Settings \ Administrator \ Application Data \ Malwarebytes
2008-09-27 19:38. 2008-09-10 00:04 38.528 - a ------ C: \ Windows \ System32 \ Drivers \ mbamswissarmy.sys
2008-09-27 19:38. 2008-09-10 00:03 17.200 - a ------ C: \ Windows \ System32 \ Drivers \ mbam.sys
2008-09-27 15:20. 2008-09-27 15:20 <DIR> d -------- C: \ Programmer \ SUPERAntiSpyware
2008-09-27 15:20. 2008-09-27 15:20 <DIR> d -------- C: \ Programmer \ Common Files \ Wise Installation Wizard
2008-09-27 15:20. 2008-09-27 15:20 <DIR> d -------- C: \ Documents and Settings \ All Users \ Application Data \ SUPERAntiSpyware.com
2008-09-27 15:20. 2008-09-27 15:20 <DIR> d -------- C: \ Documents and Settings \ Administrator \ Application Data \ SUPERAntiSpyware.com
2008-09-27 15:13. 2008-09-27 15:13 <DIR> d -------- C: \ Programmer \ CCleaner
2008-09-27 12:35. 2008-09-27 12:35 <DIR> d -------- C: \ Programmer \ PrevxCSI
2008-09-27 12:35. 2008-09-28 11:36 <DIR> d -------- C: \ Documents and Settings \ All Users \ Application Data \ PrevxCSI
2008-09-27 12:35. 2008-09-27 12:35 17.408 - a ------ C: \ Windows \ System32 \ Drivers \ pxark.sys
2008-09-27 00:48. 2008-09-27 00:47 102.664 - a ------ C: \ Windows \ System32 \ Drivers \ tmcomm.sys
2008-09-27 00:47. 2008-09-27 00:48 <DIR> d -------- C: \ Documents and Settings \ Administrator \. Housecall6.6
2008-09-26 23:23. 2008-09-26 23:22 30.272 - a ------ C: \ WINDOWS \ system32 \0vx55IOc.exe
2008-09-23 19:04. 2008-09-23 22:56 <DIR> d -------- C: \ WINDOWS \ system32 \ CatRoot_bak
2008-09-21 00:19. 2008-09-21 00:19 <DIR> d -------- C: \ Programmer \ Windows Defender
2008-09-12 13:32. 2004-03-29 16:23 90.112 - a ------ C: \ WINDOWS \ unvise32.exe
2008-09-11 12:41. 2008-09-28 11:36 54.156 - ah ----- C: \ Programmer \ QTFont.qfn
2008-09-11 12:41. 2008-09-11 12:41 1.409 - a ------ C: \ WINDOWS \ QTFont.for
2008-09-09 15:33. 2008-09-09 15:56 <DIR> d -------- C: \ Documents and Settings \ All Users \ Application Data \ FarmFrenzy2
2008-09-04 13:39. 2008-09-04 13:39 <DIR> d -------- C: \ Programmer \ Atari
2008-09-03 23:06. 2008-06-10 02:32 73.728 - a ------ C: \ WINDOWS \ system32 \ javacpl.cpl
2008-09-01 20:34. 2008-09-01 20:34 <DIR> d -------- C: \ Documents and Settings \ Administrator \ Application Data \ Eyeblaster
2008-08-28 23:11. 2004-08-04 00:56 159.232 - a ------ C: \ WINDOWS \ system32 \ ptpusd.dll
2008-08-28 23:11. 2001-08-17 22:36 5632 - a ------ C: \ WINDOWS \ system32 \ ptpusb.dll

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))) ))))))))))))))))))))))))))))))))))))))))))))
.
2008-09-28 15:35 31.232 ---- aw C: \ WINDOWS \ system32 \ rpcnet.dll
2008-09-28 15:35 17.408 ---- aw C: \ WINDOWS \ system32 \ Rpcnetp.exe
2008-09-28 03:10 17.408 ---- aw C: \ WINDOWS \ system32 \ rpcnetp.dll
2008-09-28 00:20 --------- d ----- w C: \ Programmer \ RealArcade
2008-09-25 21:30 --------- d ----- w C: \ Programmer \ FTP Commander
2008-09-21 04:33 --------- d ----- w C: \ Programmer \ Common Files \ Adobe
2008-09-11 16:36 --------- d ----- w C: \ Documents and Settings \ Administrator \ Application Data \ uTorrent
2008-09-05 18:19 98.304 ---- aw C: \ WINDOWS \ system32 \ CmdLineExt.dll
2008-09-04 17:39 --------- d - h - w C: \ Programmer \ InstallShield Installation Information
2008-09-04 03:06 --------- d ----- w C: \ Programmer \ Java
2008-08-30 00:32 --------- d ----- w C: \ Programmer \ dl_Cats
2008-08-24 21:28 --------- d ----- w C: \ Documents and Settings \ Administrator \ Application Data \ Flyt Networks
2008-08-24 21:07 --------- d ----- w C: \ Documents and Settings \ Administrator \ Application Data \ Gamelab
2008-07-30 01:59 --------- d ----- w C: \ Documents and Settings \ All Users \ Application Data \ FreshGames
2008-07-19 02:10 94.920 ---- aw C: \ WINDOWS \ system32 \ cdm.dll
2008-07-19 02:10 53.448 ---- aw C: \ WINDOWS \ system32 \ wuauclt.exe
2008-07-19 02:10 45.768 ---- aw C: \ WINDOWS \ system32 \ wups2.dll
2008-07-19 02:10 36.552 ---- aw C: \ WINDOWS \ system32 \ wups.dll
2008-07-19 02:09 563.912 ---- aw C: \ WINDOWS \ system32 \ wuapi.dll
2008-07-19 02:09 325.832 ---- aw C: \ WINDOWS \ system32 \ wucltui.dll
2008-07-19 02:09 205.000 ---- aw C: \ WINDOWS \ system32 \ wuweb.dll
2008-07-19 02:09 1.811.656 ---- aw C: \ WINDOWS \ system32 \ wuaueng.dll
2008-07-19 02:07 270.880 ---- aw C: \ WINDOWS \ system32 \ mucltui.dll
2008-07-19 02:07 210.976 ---- aw C: \ WINDOWS \ system32 \ muweb.dll
2008-07-07 20:32 253.952 ---- aw C: \ WINDOWS \ system32 \ es.dll
2007-10-02 01:01 60.968 ---- aw C: \ Documents and Settings \ Administrator \ GoToAssistDownloadHelper.ex e
2007-01-13 12:49 774.144 ---- aw C: \ Programmer \ RngInterstitial.dll
2007-08-10 19:03 6.275.816 ---- aw C: \ Programmer \ Mozilla Firefox \ plugins \ ScorchPDFWrapper.dll
.

((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))) ))))))))))))))))))))))))))))))))))))))))
.
.
* Note * empty entries & legit default entries er ikke vist
REGEDIT4

[HKEY_CURRENT_USER \ SOFTWARE \ Microsoft \ Windows \ Curre ntVersion \ Run]
"Ctfmon.exe" = "C: \ WINDOWS \ system32 \ Ctfmon.exe" [2004-08-04 15360]
"AOL Fast Start" = "C: \ Programmer \ America Online 9.0 \ AOL.EXE" [2005-07-12 50776]

[HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ Windows \ Curr entVersion \ Run]
"NvCplDaemon" = "C: \ WINDOWS \ system32 \ NvCpl.dll" [2007-04-28 8429568]
"Dell QuickSet" = "C: \ Programmer \ Dell \ QuickSet \ quickset.exe" [2007-07-20 1228800]
"HPDJ Proceslinje Utility" = "C: \ WINDOWS \ system32 \ spool \ drivers \ w32x86 \ 3 \ hpztsb03.exe" [2001-06-12 200704]
"QuickTime Task" = "C: \ Programmer \ QuickTime \ qttask.exe" [2008-01-10 385024]
"iTunesHelper" = "C: \ Programmer \ iTunes \ iTunesHelper.exe" [2008-01-15 267048]
"DLCXCATS" = "C: \ WINDOWS \ System32 \ spool \ DRIVERS \ W32X 86 \ 3 \ DLCXtime.dll" [2006-10-16 106496]
"SunJavaUpdateSched" = "C: \ Programmer \ Java \ jre1.6.0_07 \ bin \ jusched.exe" [2008-06-10 144784]
"NvMediaCenter" = "NvMCTray.dll" [2007-04-28 C: \ WINDOWS \ system32 \ nvmctray.dll]

[HKEY_USERS \. DEFAULT \ Software \ Microsoft \ Windows \ Cur rentVersion \ RunOnce]
"RunNarrator" = "Narrator.exe" [2004-08-04 C: \ WINDOWS \ system32 \ narrator.exe]

C: \ Documents and Settings \ Administrator \ Menuen Start \ Programmer \ Start \
Clean Access Agent.lnk - C: \ Programmer \ Cisco Systems \ Clean Access Agent \ CCAAgent.exe [2007-06-28 2056266]

[HKEY_CURRENT_USER \ Software \ Microsoft \ Windows \ curre ntversion \ policies \ Explorer]
"NoSMBalloonTip" = 1 (0x1)
"NoAutoTrayNotify" = 1 (0x1)

[HKEY_USERS \. DEFAULT \ Software \ Microsoft \ Windows \ valu rentversion \ policies \ Explorer]
"NoActiveDesktopChanges" = 0 (0x0)

[HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ Windows \ Curr entversion \ Explorer \ ShellExecuteHooks]
"(5AE067D3-9AFB, 48E0-853A-EBB7F4A000DA)" = "C: \ Programmer \ SUPERAntiSpyware \ SASSEH.DLL" [2008-05-13 77824]

[HKEY_LOCAL_MACHINE \ Software \ Microsoft \ Windows NT \ CurrentVersion \ Winlogon \ anmelde \! SASWinLogon]
2008-07-23 16:28 352256 C: \ Programmer \ SUPERAntiSpyware \ SASWINLO.dll

[HKLM \ ~ \ startupfolder \ C: ^ Documents and Settings ^ Administrator ^ Start Menu ^ Programs ^ Startup ^ Adobe Gamma.lnk]
path = C: \ Documents and Settings \ Administrator \ Menuen Start \ Programmer \ Start \ Adobe Gamma.lnk
backup = C: \ WINDOWS \ PSS \ Adobe Gamma.lnkStartup

[HKLM \ ~ \ startupfolder \ C: ^ Documents and Settings ^ All Users ^ Start Menu ^ Programs ^ Startup ^ Adobe Reader Speed Launch.lnk]
path = C: \ Documents and Settings \ All Users \ Menuen Start \ Programmer \ Start \ Adobe Reader Speed Launch.lnk
backup = C: \ WINDOWS \ PSS \ Adobe Reader Speed Launch.lnkCommon Startup

[HKEY_LOCAL_MACHINE \ Software \ Microsoft \ Shared Tools \ msconfig \ startupreg \ AOLDialer]
-ra ------ 2006-10-23 08:50 71216 C: \ Programmer \ Fælles filer \ AOL \ ACS \ AOLDial.exe

[HKEY_LOCAL_MACHINE \ Software \ Microsoft \ Shared Tools \ msconfig \ startupreg \ Apoint]
- a ------ 2003-08-20 20:24 151552 C: \ Programmer \ Apoint \ Apoint.exe

[HKEY_LOCAL_MACHINE \ Software \ Microsoft \ Shared Tools \ msconfig \ startupreg \ Ctfmon.exe]
- a ------ 2004-08-04 00:56 15360 C: \ WINDOWS \ system32 \ Ctfmon.exe

[HKEY_LOCAL_MACHINE \ Software \ Microsoft \ Shared Tools \ msconfig \ startupreg \ HostManager]
- a ------ 2006-09-25 20:52 50736 C: \ Programmer \ Fælles filer \ AOL \ 1155864818 \ EE \ aolsoftware.exe

[HKEY_LOCAL_MACHINE \ Software \ Microsoft \ Shared Tools \ msconfig \ startupreg \ igfxhkcmd]
- a ------ 2006-07-14 18:04 77824 C: \ WINDOWS \ system32 \ hkcmd.exe

[HKEY_LOCAL_MACHINE \ Software \ Microsoft \ Shared Tools \ msconfig \ startupreg \ igfxpers]
- a ------ 2006-07-14 18:08 118784 C: \ WINDOWS \ system32 \ igfxpers.exe

[HKEY_LOCAL_MACHINE \ Software \ Microsoft \ Shared Tools \ msconfig \ startupreg \ igfxtray]
- a ------ 2006-07-14 18:07 94208 C: \ WINDOWS \ system32 \ igfxtray.exe

[HKEY_LOCAL_MACHINE \ Software \ Microsoft \ Shared Tools \ msconfig \ startupreg \ IntelWireless]
- a ------ 2006-08-02 01:32 696320 C: \ Programmer \ Intel \ Wireless \ Bin \ iFrmewrk.exe

[HKEY_LOCAL_MACHINE \ Software \ Microsoft \ Shared Tools \ msconfig \ startupreg \ IntelZeroConfig]
- a ------ 2006-08-02 01:38 802816 C: \ Programmer \ Intel \ Wireless \ Bin \ ZCfgSvc.exe

[HKEY_LOCAL_MACHINE \ Software \ Microsoft \ Shared Tools \ msconfig \ startupreg \ iTunesHelper]
- a ------ 2008-01-15 04:22 267048 C: \ Programmer \ iTunes \ iTunesHelper.exe

[HKEY_LOCAL_MACHINE \ Software \ Microsoft \ Shared Tools \ msconfig \ startupreg \ MSMSGS]
- ah ----- 2004-10-13 12:24 1694208 C: \ Programmer \ Messenger \ msmsgs.exe

[HKEY_LOCAL_MACHINE \ Software \ Microsoft \ Shared Tools \ msconfig \ startupreg \ NvCplDaemon]
- a ------ 2007-04-28 19:05 8429568 C: \ WINDOWS \ system32 \ nvcpl.dll

[HKEY_LOCAL_MACHINE \ Software \ Microsoft \ Shared Tools \ msconfig \ startupreg \ NvMediaCenter]
- a ------ 2007-04-28 19:05 81920 C: \ WINDOWS \ system32 \ nvmctray.dll

[HKEY_LOCAL_MACHINE \ Software \ Microsoft \ Shared Tools \ msconfig \ startupreg \ QuickTime Task]
- a ------ 2008-01-10 16:27 385024 C: \ Programmer \ QuickTime \ QTTask.exe

[HKEY_LOCAL_MACHINE \ Software \ Microsoft \ Shared Tools \ msconfig \ startupreg \ RealTray]
- a ------ 2006-08-17 21:34 26112 C: \ Programmer \ Real \ RealPlayer \ realplay.exe

[HKEY_LOCAL_MACHINE \ Software \ Microsoft \ Shared Tools \ msconfig \ startupreg \ SunJavaUpdateSched]
- a ------ 2006-12-15 04:23 75520 C: \ Programmer \ Java \ jre1.5.0_11 \ bin \ jusched.exe

[HKEY_LOCAL_MACHINE \ Software \ Microsoft \ Shared Tools \ msconfig \ startupreg \ WMPNSCFG]
--------- 2006-10-18 20:05 204288 C: \ Programmer \ Windows Media Player \ wmpnscfg.exe

[HKEY_LOCAL_MACHINE \ Software \ Microsoft \ Shared Tools \ msconfig \ startupreg \ NVHotkey]
- a ------ 2007-04-28 19:05 67584 C: \ WINDOWS \ system32 \ nvhotkey.dll

[HKEY_LOCAL_MACHINE \ Software \ Microsoft \ Shared Tools \ msconfig \ startupreg \ nwiz]
- a ------ 2007-04-28 19:05 1626112 C: \ WINDOWS \ system32 \ nwiz.exe

[HKEY_LOCAL_MACHINE \ Software \ Microsoft \ Shared Tools \ msconfig \ startupreg \ SigmatelSysTrayApp]
- a - c --- 2005-11-16 15:35 397312 C: \ WINDOWS \ stsystra.exe

[HKLM \ ~ \ Services \ sharedaccess \ Parameters \ firewallpo licy \ standardprofile \ AuthorizedApplications \ List]
"% windir% \ \ system32 \ \ sessmgr.exe" =
"C: \ \ Programmer \ \ RssBandit \ \ RSSBandit.exe" =
"C: \ \ Programmer \ \ Common Files \ \ AOL \ \ Loader \ \ aolload.exe" =
"C: \ \ Programmer \ \ Common Files \ \ AOL \ \ ACS \ \ AOLDial.exe" =
"C: \ \ Programmer \ \ Common Files \ \ AOL \ \ ACS \ \ AOLacsd.exe" =
"C: \ \ Programmer \ \ America Online 9.0 \ \ waol.exe" =
"C: \ \ Programmer \ \ Common Files \ \ AOL \ \ TopSpeed \ \ 2.0 \ \ aoltsmon.exe" =
"C: \ \ Programmer \ \ Common Files \ \ AOL \ \ TopSpeed \ \ 2.0 \ \ aoltpspd.exe" =
"C: \ \ Programmer \ \ Common Files \ \ AOL \ \ 1155864818 \ \ EE \ \ AOLServiceHost.exe" =
"C: \ \ Programmer \ \ Common Files \ \ AOL \ \ System Information \ \ sinf.exe" =
"C: \ \ Programmer \ \ Common Files \ \ AOL \ \ AOL Spywarebeskyttelse \ \ AOLSP Scheduler.exe" =
"C: \ \ Programmer \ \ Common Files \ \ AOL \ \ AOL Spywarebeskyttelse \ \ Asp.exe" =
"C: \ \ Programmer \ \ Common Files \ \ AolCoach \ \ en_en \ \ Player \ \ AOLNySEV.exe" =
"C: \ \ Programmer \ \ FTP Commander \ \ ftpcomm.exe" =
"C: \ \ Programmer \ \ Real \ \ RealPlayer \ \ realplay.exe" =
"C: \ \ StubInstaller.exe" =
"C: \ \ Programmer \ \ SmartFTP Client 2.0 \ \ SmartFTP.exe" =
"C: \ \ Programmer \ \ BitTornado \ \ btdownloadgui.exe" =
"C: \ \ Programmer \ \ Common Files \ \ AOL \ \ 1155864818 \ \ EE \ \ aolsoftware.exe" =
"C: \ \ Programmer \ \ Mozilla Firefox \ \ firefox.exe" =
"C: \ \ Programmer \ \ BitZip \ \ bitzip.exe" =
"C: \ \ Programmer \ \ uTorrent \ \ uTorrent.exe" =
"C: \ \ Programmer \ \ iTunes \ \ iTunes.exe" =
"% windir% \ \ Network Diagnostic \ \ xpnetdiag.exe" =
"C: \ \ WINDOWS \ \ system32 \ \ dlcxcoms.exe" =

[HKLM \ ~ \ Services \ sharedaccess \ Parameters \ firewallpo licy \ standardprofile \ GloballyOpenPorts \ List]
"50001: TCP" = 50001: TCP: webroots
"50002: TCP" = 50002: TCP: webroots2
"3389: TCP" = 3389: TCP: @ Xpsp2res.dll, -22009

[HKLM \ ~ \ Services \ sharedaccess \ Parameters \ firewallpo licy \ standardprofile \ IcmpSettings]
"AllowInboundEchoRequest" = 1 (0x1)

R0 a320raid; a320raid; C: \ Windows \ System32 \ Drivers \ A320 raid.sys [2006-04-04 251578]
R0 pxark; pxark; C: \ Windows \ System32 \ Drivers \ pxark.sys [2008-09-27 17408]
R1 SAVOnAccess Control; SAVOnAccess Control; C: \ Windows \ System32 \ Drivers \ savonaccesscon trol.sys [2006-04-14 80128]
R1 SAVOnAccess Filter; SAVOnAccess Filter; C: \ Windows \ System32 \ Drivers \ savonaccessfilt er.sys [2006-04-14 24064]
R2 CSIScanner; CSIScanner; C: \ Programmer \ PrevxCSI \ prevxcsi.exe [2008-09-27 618040]
R2 dlcx_device; dlcx_device; C: \ WINDOWS \ system32 \ dlcxco ms.exe [2006-11-03 537480]
R2 synspunkt Manager Service; synspunkt Manager Service; C: \ Programmer \ synspunkt \ Common \ ViewpointService.exe [2007-01-04 24652]
S2 ousbehci; NEC PCI til USB Enhanced Host Controller; C: \ Windows \ System32 \ Drivers \ ousbehci.sy s [2003-08-01 41600]
S3 GTIPCI21; GTIPCI21; C: \ Windows \ System32 \ Drivers \ gtip ci21.sys [2004-05-03 80384]
S3 NWADI; NWADI Bus Enumerator; C: \ Windows \ System32 \ Drivers \ NWADIenum.s ys [2005-12-09 67840]
S3 ousb2hub; OrangeWare USB 2.0 Root Hub Support; C: \ Windows \ System32 \ Drivers \ ousb2hub.sys [2003-08-01 55552]
S3 whfltr2k; WheelMouse USB Lower Filter Driver; C: \ Windows \ System32 \ Drivers \ whfltr2k.sys [2007-01-25 6784]
S3 whmice2k; Advanced Wheel Mouse Upper Filter Driver; C: \ Windows \ System32 \ Drivers \ whmice2k.sys [2004-04-25 6885]

[HKEY_CURRENT_USER \ Software \ Microsoft \ Windows \ curre ntversion \ explorer \ mountpoints2 \ D]
\ Shell \ AutoRun \ command - D: \ autorun.exe

[HKEY_CURRENT_USER \ Software \ Microsoft \ Windows \ curre ntversion \ explorer \ mountpoints2 \ (64d8acf2-5f84-11db-b756-00038a000015)]
\ Shell \ AutoRun \ command - E: \ Installer.exe

[HKEY_CURRENT_USER \ Software \ Microsoft \ Windows \ curre ntversion \ explorer \ mountpoints2 \ (7aebf132-2e3f-11db-b6e0-0015c547091a)]
\ Shell \ AutoRun \ command - E: \ wd_windows_tools \ setup.exe

[HKEY_CURRENT_USER \ Software \ Microsoft \ Windows \ curre ntversion \ explorer \ mountpoints2 \ (c4f3f4e1-2c11-11d9-8305-806d6172696f)]
\ Shell \ AutoRun \ command - D: \ Programmer \ nu2menu \ nu2menu.exe

* Nyoprettede Service * - PROCEXP90
.
Indhold af "Planlagte opgaver" mappe
.
- - - - Forældreløse FJERNES - - - --

MSConfigStartUp-AVG Anti-Spyware - C: \ Programmer \ Grisoft \ AVG Anti-Spyware 7.5 \ avgas.exe
MSConfigStartUp-DVDLauncher - C: \ Programmer \ CyberLink \ PowerDVD \ DVDLauncher.exe
MSConfigStartUp-SpySweeperEnterprise - C: \ Programmer \ Webroot \ Erhverv \ Spy Sweeper \ SpySweeperUI.exe
MSConfigStartUp-SpysweeperUI - C: \ Programmer \ Webroot \ Erhverv \ Spy Sweeper \ SpySweeperUI.exe
MSConfigStartUp-UpdateManager - C: \ Programmer \ Common Files \ Sonic \ Update Manager \ sgtray.exe


.
------- Supplerende Scan -------
.
FireFox -: Profile - C: \ Documents and Settings \ Administrator \ Application Data \ Mozilla \ Firefox \ Profiles \ dlc1hobz.default \
FireFox -: prefs.js - STARTUP.HOMEPAGE - hxxp: / / www.broadway.com/
FF -: plugin - C: \ Documents and Settings \ Administrator \ Application Data \ Mozilla \ Firefox \ Profiles \ dlc1hobz.default \ ext ensions \ npmozax@real.com \ plugins \ npmozax.dll
FF -: plugin - C: \ Programmer \ Adobe \ Acrobat 7.0 \ Reader \ browser \ nppdf32.dll
FF -: plugin - C: \ Programmer \ iTunes \ Mozilla Plugins \ npitunes.dll
FF -: plugin - C: \ Programmer \ Mozilla Firefox \ plugins \ npagent.dll
FF -: plugin - C: \ Programmer \ Mozilla Firefox \ plugins \ npmozax.dll
FF -: plugin - C: \ Programmer \ Mozilla Firefox \ plugins \ npmusicn.dll
FF -: plugin - C: \ Programmer \ Mozilla Firefox \ plugins \ npracplug.dll
FF -: plugin - C: \ Programmer \ Mozilla Firefox \ plugins \ nptgeqplugin.dll
FF -: plugin - C: \ Programmer \ Mozilla Firefox \ plugins \ npunagi2.dll
FF -: plugin - C: \ Programmer \ Real \ RealArcade \ Plugins \ Mozilla \ npracplug.dl l
FF -: plugin - C: \ Programmer \ Viewpoint \ Viewpoint Oplev Technology \ npViewpoint.dll
.

************************************************** ************************

catchme 0.3.1361 W2K/XP/Vista - rootkit / stealth malware detector ved Gmer, http://www.gmer.net
Rootkit scan 2008-09-28 11:48:43
Windows 5.1.2600 Service Pack 2 NTFS

scanning skjulte processer ...

scanning skjulte autostart entries ...

HKLM \ Software \ Microsoft \ Windows \ CurrentVersion \ Run
DLCXCATS = rundll32 C: \ WINDOWS \ System32 \ spool \ DRIVERS \ W32X86 \ 3 \ DLCXtim e.dll, _RunDLLEntry @ 16 ???????????????????????? ????? ?????????????????????????????????????????????????? ?????????????????????????????????????????????????? ??????????????????????????????????????????????????

scanning skjulte filer ...

scanning afsluttet med succes
skjulte filer: 0

************************************************** ************************
.
--------------------- DLL'er Loaded Under Running Processes ---------------------

PROCESS: C: \ WINDOWS \ system32 \ Winlogon.exe
-> C: \ WINDOWS \ system32 \ Ati2evxx.dll
.
Completion time: 2008-09-28 11:50:56
ComboFix-quarantined-files.txt 2008-09-28 15:50:52

Pre-Run: 25918537728 bytes fri
Post-Run: 25986658304 bytes fri

255 --- EOF --- 2008-09-26 12:22:29
  #10  
Old 28 september 2008, 10:25
Redaktør Gruppen
  
Default Iexplore.exe spørgsmål

Bemærk: nedenstående instruktioner var skabt specielt til denne bruger. Hvis du ikke er denne bruger, MÅ IKKE Følg disse anvisninger, som de kunne skade funktionen af dit system

Slet disse filer / mapper, som følger:

1. Gå til Start > Løbe > Type Notepad.exe og klik OK at åbne Notesblok.
Det skal være Notesblok ikke WordPad.
2. Kopier teksten i nedenstående kode boksen ved at markere al teksten og trykke på Ctrl + C

Code:
Killall:: File:: C: \ WINDOWS \ system32 \ SJv56bM4.exe.a_a C: \ WINDOWS \ system32 \ 0vx55IOc.exe Folder:: C: \ Documents and Settings \ Administrator \ Application Data \ ErrorSmart
3. Gå til Notesblok-vinduet, og klik Redigér > Paste
4. Klik derefter på Fil > Gemme
5. Navngiv filen CFScript.txt - Gem filen på dit skrivebord
6. Derefter trække CFScript (hold venstre museknap nede, samtidig med at trække filen) og slippe det (release venstre museknap) i ComboFix.exe som du kan se i skærmbilledet nedenunder. Vigtigt: Udfør denne instruktion omhyggeligt!



ComboFix vil begynde at udføre, skal du blot følge instruktionerne.
Efter genstart (når den beder om at genstarte), den vil udarbejde en log for dig.
Post, at log (Combofix.txt) i dit næste svar.

Bemærk: Må ikke mouseclick ComboFix vindue mens den kører. Det kan forårsage dit system til at fryse
__________________
Reply
Side 1 af 2 1 2

Register

Bogmærker

Lignende Tråde
Tråd Thread Starter Forum Svar Last Post
Iexplore.exe electra369 Virus, Spyware & Sikkerhed 1 12 januar 2009 00:16
Winzix adware iexplore.exe spørgsmål. Please help! winzix idiot Virus, Spyware & Sikkerhed 35 18th Dec 2008 16:47
Iexplore.exe # 3 jman8700 Virus, Spyware & Sikkerhed 8 29. maj 2008 10:39
En anden iexplore>. < forstand Virus, Spyware & Sikkerhed 20 18 januar 2008 08:15
Iexplore.exe rsteenoven Virus, Spyware & Sikkerhed 19 16 januar 2008 14:02
Thread Tools



Arabic Bulgarian Chinese (Simplified) Chinese (Traditional) Croatian Czech Danish Dutch English Finnish French German Greek Hebrew Hungarian Italian Japanese Korean Latvian Lithuanian Norwegian Polish Portuguese Romanian Russian Serbian Slovak Spanish Swedish Thai Turkish Ukrainian

Copyright © 2006 - 2009 Computer Juice.
Kontakt -- Privacy -- Sitemap -- Top

Annoncenetværk baseret på bytteøkonomi ® Copyright © 2000 - 2009 Jelsoft Enterprises Ltd SEO ved vBSEO © 2009, websteds egnethed til webcrawling, Inc.