[IANA]

Hej,

Jeg har et problem med en trojansk hest.
Advarselsmeddelelse
'C: \ Windows \ system32 \ crypt32n.dll trojansk hest BHO.CVX

Jeg har kørt AVG og dette identificerer filen flytter det Tom den hvælving, men på re-boot det er der igen.
Jeg har forsøgt at slette filen i Windows, der mislykkedes.
Jeg forsøgte at omdøbe den i Windows (med henblik på at slette det), som mislykkedes.
Jeg har prøvet at gå tilbage og re-indstille min PC, men jeg kan ikke gå tilbage efter starten af måneden og jeg har haft det siden før jul.
Min PC ser ud til at være ok, men jeg er stadig bekymret over, at jeg har en virus!

Er der noget jeg kan gøre?
Hjælp meget værdsat

hilsen

Ian A

[evilfantasy]

Velkommen til CJ.

Download og omdøbe HijackThis (HJT)

• Dobbeltklik på HJTInstall.
• Klik på Installer knappen.
• Det vil automatisk placere HJT i C: \ Programmer \ TrendMicro \ HijackThis \ HijackThis.exe.
• Efter installere, HijackThis bør åbne for dig.
  • Luk HijackThis og omdøb den.
  • Gå til C: \ Programmer \ Trend Micro \HijackThis.exe
  • Højreklik på HijackThis.exe og vælge Omdøb.
  • Skriv sniper.exe og tryk Indtast.
  • Højreklik på på sniper.exe og vælge Send til > Desktop (Opret genvej)
• Fra skrivebordet åbne Hiajckthis.
• Hvis du bruger Windows Vista, Højreklik på og Kør som administrator.
• Klik på Må en systemscanning og gemme en logfil knappen
• Hijackthis vil scanning og derefter en log åbnes i Notesblok.
• Kopier og derefter indsætte hele indholdet i loggen i dit indlæg.
  • Må ikke har Hijackthis fastsætte noget endnu. Det meste af det, det finder er ufarlige eller ligefrem nødvendig.

Selv om vi har omdøbt Hijackthis til snigskytte, vil vi stadig referere til det som Hijackthis eller HJT.

[IANA]

Hi Evil Fantansy

Jeg forsøgte i begyndelsen af måneden her er log.

Håber, det betyder noget for dig

Mine fingre er krydsede

Ta Ian A

StartupList rapport, 05/03/2008, 14:49:42
StartupList version: 1.52.2
Started from: C: \ Documents and Settings \ IANA \ Desktop \ HijackThis.EXE
Detekterede funktioner: Windows XP SP2 (WinNT 5.01.2600)
Detected: Internet Explorer v7.00 (7.00.6000.16608)
* Brug af standard-indstillinger
* Inklusive tom og uinteressant sektioner
* Vises sjældent vigtige sektioner
==========================================\u0
Kørende processer:
C: \ WINDOWS \ System32 \ smss.exe
C: \ WINDOWS \ system32 \ Winlogon.exe
C: \ WINDOWS \ system32 \ Services.exe
C: \ WINDOWS \ system32 \ Lsass.exe
C: \ WINDOWS \ system32 \ Ati2evxx.exe
C: \ WINDOWS \ system32 \ Svchost.exe
C: \ WINDOWS \ System32 \ Svchost.exe
C: \ WINDOWS \ system32 \ brsvc01a.exe
C: \ WINDOWS \ system32 \ Spoolsv.exe
C: \ WINDOWS \ system32 \ brss01a.exe
C: \ Programmer \ Grisoft \ AVG Anti-Spyware 7.5 \ guard.exe
C: \ PROGRA ~ 1 \ Grisoft \ AVG7 \ avgamsvr.exe
C: \ PROGRA ~ 1 \ Grisoft \ AVG7 \ avgupsvc.exe
C: \ Programmer \ TOSHIBA \ ConfigFree \ CFSvcs.exe
C: \ WINDOWS \ system32 \ Svchost.exe
C: \ WINDOWS \ System32 \ Svchost.exe
C: \ WINDOWS \ system32 \ Ati2evxx.exe
C: \ WINDOWS \ Explorer.EXE
C: \ Programmer \ Synaptics \ SynTP \ SynTPEnh.exe
C: \ Programmer \ Toshiba \ Windows Utilities \ Hotkey.exe
C: \ WINDOWS \ system32 \ TPSMain.exe
C: \ Programmer \ Synaptics \ SynTP \ Toshiba.exe
C: \ Programmer \ TOSHIBA \ ConfigFree \ NDSTray.exe
C: \ WINDOWS \ system32 \ TPSBattM.exe
C: \ Programmer \ TOSHIBA \ TOSHIBA Zooming Utility \ SmoothView.exe
C: \ Programmer \ TOSHIBA \ Touch og Launch \ PadExe.exe
C: \ WINDOWS \ System32 \ DLA \ DLACTRLW.EXE
C: \ Programmer \ TOSHIBA \ ConfigFree \ CFSServ.exe
C: \ Programmer \ Atheros \ ACU.exe
C: \ Programmer \ Common Files \ Real \ Update_OB \ realsched.exe
C: \ Programmer \ QuickTime \ qttask.exe
C: \ Programmer \ Grisoft \ AVG Anti-Spyware 7.5 \ avgas.exe
C: \ PROGRA ~ 1 \ Grisoft \ AVG7 \ avgcc.exe
C: \ Programmer \ TOSHIBA \ ConfigFree \ CFXFER.exe
C: \ Programmer \ Java \ jre1.6.0_05 \ bin \ jusched.exe
C: \ Programmer \ ScanSoft \ OmniPageSE2.0 \ OpwareSE2.exe
C: \ Programmer \ TOSHIBA \ TOSCDSPD \ toscdspd.exe
C: \ WINDOWS \ system32 \ Ctfmon.exe
C: \ Programmer \ Messenger \ msmsgs.exe
C: \ Programmer \ FinePixViewer \ QuickDCF.exe
C: \ Documents and Settings \ IANA \ Desktop \ HijackThis.exe
--------------------------------------------------
Notering af startprocessen mapper:
Shell mapper Start:
[C: \ Documents and Settings \ IANA \ Menuen Start \ Programmer \ Start]
* Ingen filer *
Shell mapper AltStartup:
* Folder not found *
User Shell Folders Startup:
* Folder not found *
User Shell Folders AltStartup:
* Folder not found *
Shell mapper fælles Startup:
[C: \ Documents and Settings \ All Users \ Menuen Start \ Programmer \ Start]
Exif Launcher.lnk = C: \ Programmer \ FinePixViewer \ QuickDCF.exe
Microsoft Office.lnk = C: \ Programmer \ Microsoft Office \ Office \ OSA9.EXE
Shell mapper fælles AltStartup:
* Folder not found *
User Shell Folders fælles Startup:
* Folder not found *
User Shell Folders Alternate fælles Startup:
* Folder not found *
--------------------------------------------------
Checking Windows NT UserInit:
[HKLM \ Software \ Microsoft \ Windows NT \ CurrentVersion \ Winlogon]
UserInit = C: \ WINDOWS \ system32 \ userinit.exe,
[HKLM \ Software \ Microsoft \ Windows \ CurrentVersion \ Win logon]
* Registreringsnøgle ikke fundet *
[HKCU \ Software \ Microsoft \ Windows NT \ CurrentVersion \ Winlogon]
* Værdi i registreringsdatabasen ikke fundet *
[HKCU \ Software \ Microsoft \ Windows \ CurrentVersion \ Win logon]
* Registreringsnøgle ikke fundet *
--------------------------------------------------
Autorun poster fra registreringsdatabasen:
HKLM \ Software \ Microsoft \ Windows \ CurrentVersion \ Run
SynTPEnh = C: \ Programmer \ Synaptics \ SynTP \ SynTPEnh.exe
Toshiba Genvejstast Utility = "C: \ Programmer \ Toshiba \ Windows Utilities \ Hotkey.exe" / lang da
TPSMain = TPSMain.exe
NDSTray.exe = NDSTray.exe
SmoothView = C: \ Programmer \ TOSHIBA \ TOSHIBA Zooming Utility \ SmoothView.exe
PadTouch = C: \ Programmer \ TOSHIBA \ Touch og Launch \ PadExe.exe
DLA = C: \ WINDOWS \ System32 \ DLA \ DLACTRLW.EXE
CFSServ.exe = CFSServ.exe-NoClient
REGSHAVE = C: \ Programmer \ REGSHAVE \ REGSHAVE.EXE / AutoRun
ACU = "C: \ Programmer \ Atheros \ ACU.exe"-nogui
TkBellExe = "C: \ Programmer \ Common Files \ Real \ Update_OB \ realsched.exe"-osboot
QuickTime Task = "C: \ Programmer \ QuickTime \ qttask.exe"-atboottime
! AVG anti-spyware = "C: \ Programmer \ Grisoft \ AVG Anti-Spyware 7.5 \ avgas.exe" / minimeret
AVG7_CC = C: \ PROGRA ~ 1 \ Grisoft \ AVG7 \ avgcc.exe / START
SunJavaUpdateSched = "C: \ Programmer \ Java \ jre1.6.0_05 \ bin \ jusched.exe"
Salestart = "C: \ Programmer \ Common Files \ AVSystemCare \ bm.exe" dm = http://avsystemcare.com; ad = http://avsystemcare.com
Adobe Reader Speed Launcher = "C: \ Programmer \ Adobe \ Reader 8.0 \ Reader \ Reader_sl.exe"
OpwareSE2 = "C: \ Programmer \ ScanSoft \ OmniPageSE2.0 \ OpwareSE2.exe"
OPSE påmindelse = "C: \ Programmer \ ScanSoft \ OmniPageSE2.0 \ EregEng \ Ereg.exe"-r "C: \ Programmer \ ScanSoft \ OmniPageSE2.0 \ EregEng \ ereg.ini"
--------------------------------------------------
Autorun poster fra registreringsdatabasen:
HKLM \ Software \ Microsoft \ Windows \ CurrentVersion \ Run Når
* Ingen værdier fundet *
--------------------------------------------------
Autorun poster fra registreringsdatabasen:
HKLM \ Software \ Microsoft \ Windows \ CurrentVersion \ Run OnceEx
* Ingen værdier fundet *
--------------------------------------------------
Autorun poster fra registreringsdatabasen:
HKLM \ Software \ Microsoft \ Windows \ CurrentVersion \ Run Services
* Ingen værdier fundet *
--------------------------------------------------
Autorun poster fra registreringsdatabasen:
HKLM \ Software \ Microsoft \ Windows \ CurrentVersion \ Run ServicesOnce
* Ingen værdier fundet *
--------------------------------------------------
Autorun poster fra registreringsdatabasen:
HKCU \ Software \ Microsoft \ Windows \ CurrentVersion \ Run
TOSCDSPD = C: \ Programmer \ TOSHIBA \ TOSCDSPD \ toscdspd.exe
Ctfmon.exe = C: \ WINDOWS \ system32 \ Ctfmon.exe
PnPUI Registrator = C: \ Programmer \ Common Files \ Sitecom Shared \ PnP Universal Installer \ PnPUIReg.exe-s
MSMSGS = "C: \ Programmer \ Messenger \ msmsgs.exe" / baggrund
--------------------------------------------------
Autorun poster fra registreringsdatabasen:
HKCU \ Software \ Microsoft \ Windows \ CurrentVersion \ Run Når
* Ingen værdier fundet *
--------------------------------------------------
Autorun poster fra registreringsdatabasen:
HKCU \ Software \ Microsoft \ Windows \ CurrentVersion \ Run OnceEx
* Ingen værdier fundet *
--------------------------------------------------
Autorun poster fra registreringsdatabasen:
HKCU \ Software \ Microsoft \ Windows \ CurrentVersion \ Run Services
* Ingen værdier fundet *
--------------------------------------------------
Autorun poster fra registreringsdatabasen:
HKCU \ Software \ Microsoft \ Windows \ CurrentVersion \ Run ServicesOnce
* Ingen værdier fundet *
--------------------------------------------------
Autorun poster fra registreringsdatabasen:
HKLM \ Software \ Microsoft \ Windows NT \ CurrentVersion \ Run
* Registreringsnøgle ikke fundet *
--------------------------------------------------
Autorun poster fra registreringsdatabasen:
HKCU \ Software \ Microsoft \ Windows NT \ CurrentVersion \ Run
* Registreringsnøgle ikke fundet *
--------------------------------------------------
Autorun poster i undernøgler i registreringsdatabasen for:
HKLM \ Software \ Microsoft \ Windows \ CurrentVersion \ Run
[OptionalComponents]
=
--------------------------------------------------
Autorun poster i undernøgler i registreringsdatabasen for:
HKLM \ Software \ Microsoft \ Windows \ CurrentVersion \ Run Når
[Setup]
* Ingen værdier fundet *
--------------------------------------------------
Autorun poster i undernøgler i registreringsdatabasen for:
HKLM \ Software \ Microsoft \ Windows \ CurrentVersion \ Run OnceEx
* Ingen undernøgler fundet *
--------------------------------------------------
Autorun poster i undernøgler i registreringsdatabasen for:
HKLM \ Software \ Microsoft \ Windows \ CurrentVersion \ Run Services
* Ingen undernøgler fundet *
--------------------------------------------------
Autorun poster i undernøgler i registreringsdatabasen for:
HKLM \ Software \ Microsoft \ Windows \ CurrentVersion \ Run ServicesOnce
* Ingen undernøgler fundet *
--------------------------------------------------
Autorun poster i undernøgler i registreringsdatabasen for:
HKCU \ Software \ Microsoft \ Windows \ CurrentVersion \ Run
* Ingen undernøgler fundet *
--------------------------------------------------
Autorun poster i undernøgler i registreringsdatabasen for:
HKCU \ Software \ Microsoft \ Windows \ CurrentVersion \ Run Når
[Setup]
* Ingen værdier fundet *
--------------------------------------------------
Autorun poster i undernøgler i registreringsdatabasen for:
HKCU \ Software \ Microsoft \ Windows \ CurrentVersion \ Run OnceEx
* Ingen undernøgler fundet *
--------------------------------------------------
Autorun poster i undernøgler i registreringsdatabasen for:
HKCU \ Software \ Microsoft \ Windows \ CurrentVersion \ Run Services
* Ingen undernøgler fundet *
--------------------------------------------------
Autorun poster i undernøgler i registreringsdatabasen for:
HKCU \ Software \ Microsoft \ Windows \ CurrentVersion \ Run ServicesOnce
* Ingen undernøgler fundet *
--------------------------------------------------
Autorun poster i undernøgler i registreringsdatabasen for:
HKLM \ Software \ Microsoft \ Windows NT \ CurrentVersion \ Run
* Registreringsnøgle ikke fundet *
--------------------------------------------------
Autorun poster i undernøgler i registreringsdatabasen for:
HKCU \ Software \ Microsoft \ Windows NT \ CurrentVersion \ Run
* Registreringsnøgle ikke fundet *
--------------------------------------------------
Filtilknytningen henfoersel. EXE:
HKEY_CLASSES_ROOT \ exefile \ Shell \ Open \ Command
(Default) = "% 1"% *
--------------------------------------------------
Filtilknytningen indrejse til. Com:
HKEY_CLASSES_ROOT \ comfile \ Shell \ Open \ Command
(Default) = "% 1"% *
--------------------------------------------------
Filtilknytningen henfoersel. BAT:
HKEY_CLASSES_ROOT \ batfile \ Shell \ Open \ Command
(Default) = "% 1"% *
--------------------------------------------------
Filtilknytningen henfoersel. BFI:
HKEY_CLASSES_ROOT \ piffile \ Shell \ Open \ Command
(Default) = "% 1"% *
--------------------------------------------------
Filtilknytningen henfoersel. SCR:
HKEY_CLASSES_ROOT \ scrfile \ Shell \ Open \ Command
(Default) = "% 1" / S
--------------------------------------------------
Filtilknytningen henfoersel. HTA:
HKEY_CLASSES_ROOT \ htafile \ Shell \ Open \ Command
(Default) = C: \ WINDOWS \ system32 \ Mshta.exe "% 1"% *
--------------------------------------------------
Filtilknytningen henfoersel. TXT:
HKEY_CLASSES_ROOT \ NetLog.Document \ shell \ open \ komma nd
(Default) = C: \ EPICOM ~ 1.02 \ EPICom2.02 \ EPICOM ~ 1.EXE / DDE
--------------------------------------------------
Opregner Active Setup stub paths:
HKLM \ Software \ Microsoft \ Active Setup \ Installed Components
(* = Deaktiveret af HKCU twin)
[<(12d0ed0d-0ee0-4f90-8827-78cefb8f4988)] *
StubPath = C: \ WINDOWS \ system32 \ ieudinit.exe
[> (22d6f312-b0f6-11d0-94ab-0080c74c7e95)]
StubPath = C: \ Windows \ Inf \ unregmp2.exe / ShowWMP
[> (26923b43-4d38-484f-9b9e-de460746276c)] *
StubPath = C: \ WINDOWS \ system32 \ ie4uinit.exe-UserIconConfig
[> (881dd1c5-3dcf-431b-b061-f3f88e8be88a)] *
StubPath =% systemroot% \ system32 \ shmgrate.exe OCInstallUserConfigOE
[(2C7339CF-2B09-4501-B3F3-F3508C9228ED)] *
StubPath =% SystemRoot% \ system32 \ regsvr32.exe / s / n / i: / UserInstall% SystemRoot% \ system32 \ themeui.dll
[(44BBA840-CC51-11CF-AAFA-00AA00B6015C)] *
StubPath = "% ProgramFiles% \ Outlook Express \ setup50.exe" / APP: OE / OPKALD: WINNT / user / install
[(7790769C-0471-11d2-AF11-00C04FA35D02)] *
StubPath = "% ProgramFiles% \ Outlook Express \ setup50.exe" / APP: WAB / OPKALD: WINNT / user / install
[(89820200-ECBD-11cf-8B85-00AA005B4340)] *
StubPath = regsvr32.exe / s / n / i: U shell32.dll
[(89820200-ECBD-11cf-8B85-00AA005B4383)] *
StubPath = C: \ WINDOWS \ system32 \ ie4uinit.exe-BaseSettings
--------------------------------------------------
Opregner ICQ Agent Autostart apps:
HKCU \ Software \ mirabilis \ ICQ \ Agent \ Apps
* Registreringsnøgle ikke fundet *
--------------------------------------------------
Belastning / Run nøgler fra C: \ WINDOWS \ Win.ini:
belastning =* INI afsnittet ikke fundet *
run =* INI afsnittet ikke fundet *
Belastning / Run nøgler fra registreringsdatabasen:
HKLM \ .. \ Windows NT \ CurrentVersion \ Winlogon: belastning =* Registry værdi ikke fundet *
HKLM \ .. \ Windows NT \ CurrentVersion \ WinLogon: run =* Registry værdi ikke fundet *
HKLM \ .. \ Windows \ CurrentVersion \ Winlogon: belastning =* Registry Key ikke fundet *
HKLM \ .. \ Windows \ CurrentVersion \ WinLogon: run =* Registry Key ikke fundet *
HKCU \ .. \ Windows NT \ CurrentVersion \ Winlogon: belastning =* Registry værdi ikke fundet *
HKCU \ .. \ Windows NT \ CurrentVersion \ WinLogon: run =* Registry værdi ikke fundet *
HKCU \ .. \ Windows \ CurrentVersion \ Winlogon: belastning =* Registry Key ikke fundet *
HKCU \ .. \ Windows \ CurrentVersion \ WinLogon: run =* Registry Key ikke fundet *
HKCU \ .. \ Windows NT \ CurrentVersion \ Windows: belastning =
HKCU \ .. \ Windows NT \ CurrentVersion \ Windows: run =* Registry værdi ikke fundet *
HKLM \ .. \ Windows NT \ CurrentVersion \ Windows: belastning =* Registry værdi ikke fundet *
HKLM \ .. \ Windows NT \ CurrentVersion \ Windows: run =* Registry værdi ikke fundet *
HKLM \ .. \ Windows NT \ CurrentVersion \ Windows: AppInit_DLLs =
--------------------------------------------------
Shell & screensaver key fra C: \ Windows \ System.ini:
Shell =* INI afsnittet ikke fundet *
SCRNSAVE.EXE =* INI afsnittet ikke fundet *
drivers =* INI afsnittet ikke fundet *
Shell & screensaver nøglen fra registreringsdatabasen:
Shell = Explorer.exe
SCRNSAVE.EXE = C: \ WINDOWS \ system32 \ logon.scr
drivers =* Registry værdi ikke fundet *
Politikker Shell nøgle:
HKCU \ .. \ Policies: Shell =* Registry værdi ikke fundet *
HKLM \ .. \ Policies: Shell =* Registry værdi ikke fundet *
--------------------------------------------------
Kontrol for Explorer.EXE tilfælde:
C: \ WINDOWS \ Explorer.exe: PRESENT!
C: \ Explorer.exe: ikke til stede
C: \ WINDOWS \ Explorer \ Explorer.exe: ikke til stede
C: \ Windows \ System \ Explorer.exe: ikke til stede
C: \ WINDOWS \ System32 \ Explorer.exe: ikke til stede
C: \ WINDOWS \ Command \ Explorer.exe: ikke til stede
C: \ WINDOWS \ Fonts \ Explorer.exe: ikke til stede
--------------------------------------------------
Kontrol for superhidden extensions:
. lnk: HIDDEN! (pilen overlay: ja)
. pif: HIDDEN! (pilen overlay: ja)
. exe: ikke skjult
. com: ikke skjult
. bat: ikke skjult
. hta: ikke skjult
. scr: ikke skjult
. shs: HIDDEN!
. shb: HIDDEN!
. vbs: ikke skjult
. vbe: ikke skjult
. wsh: ikke skjult
. scf: HIDDEN! (arrow overlay: NO!)
. url: HIDDEN! (pilen overlay: ja)
. js: ikke skjult
. jse: ikke skjult
--------------------------------------------------
Bekræftelse REGEDIT.EXE integritet:
- Regedit.exe findes i C: \ WINDOWS
-. Reg åbne kommando er normal (regedit.exe% 1)
- Firmanavn OK: 'Microsoft Corporation «
- Original filename OK: 'REGEDIT.EXE'
- File description: 'Registreringseditor'
Registry check bestået
--------------------------------------------------
Opregner Browser Helper Objects:
(intet navn) - C: \ Windows \ system32 \ athcfg11c.dll (filen mangler) - (51610169-C280-4F36-84AB-82D92ED1F68B)
(intet navn) - C: \ Programmer \ Java \ jre1.6.0_05 \ bin \ ssv.dll - (761497BB-D6F0-462C-B6EB-D4DAF1D92D43)
(intet navn) - c: \ program files \ google \ googletoolbar1.dll - (AA58ED58-01DD-4d91-8333-CF10577473F7)
(intet navn) - C: \ WINDOWS \ system32 \ crypt32n.dll - (EA389261-1100-451F-8582-815CAB488AE6)
--------------------------------------------------
Opregner Task Scheduler jobs:
AppleSoftwareUpdate.job
At1.job
Norton Security Scan.job
RegCure Program Check.job
RegCure.job
--------------------------------------------------
Opregner Download Program Files:
[Microsoft XML Parser for Java]
CODEBASE = file: / / / C: / WINDOWS / Java / klasser / xmldso.cab
OSD = C: \ WINDOWS \ Downloaded Program Files \ Microsoft XML Parser for Java.osd
[iPIX ActiveX Control]
InprocServer32 = C: \ WINDOWS \ DOWNLO ~ 1 \ ipixx.ocx
CODEBASE = http://www.ipix.com/download/ipixx.cab
[Shockwave ActiveX Control]
InprocServer32 = C: \ WINDOWS \ system32 \ Macromed \ Director \ SwDir.dll
CODEBASE = http://fpdownload.macromedia.com/get...irector/sw.cab
[MUWebControl Class]
InprocServer32 = C: \ WINDOWS \ system32 \ muweb.dll
CODEBASE = http://www.update.microsoft.com/micr...?1197453622703
[Java Plug-in 1.6.0_05]
InprocServer32 = C: \ Programmer \ Java \ jre1.6.0_05 \ bin \ ssv.dll
CODEBASE = http://javadl-esd.sun.com/update/1.6...ws-i586-jc.cab
[(8FFBE65D-2C9C-4669-84BD-5829DC0B603C)]
CODEBASE = http://fpdownload.macromedia.com/get.../ultrashim.cab
[a-squared Scanner]
InprocServer32 = C: \ WINDOWS \ DOWNLO ~ 1 \ asquared.ocx
CODEBASE = http://ax.emsisoft.com/asquared.cab
[Java Plug-in 1.5.0_06]
InprocServer32 = C: \ Programmer \ Java \ jre1.6.0_05 \ bin \ ssv.dll
CODEBASE = http://java.sun.com/update/1.5.0/jin...ndows-i586.cab
[Java Plug-in 1.5.0_11]
InprocServer32 = C: \ Programmer \ Java \ jre1.6.0_05 \ bin \ ssv.dll
CODEBASE = http://java.sun.com/update/1.5.0/jin...ndows-i586.cab
[Java Plug-in 1.6.0_03]
InprocServer32 = C: \ Programmer \ Java \ jre1.6.0_05 \ bin \ ssv.dll
CODEBASE = http://java.sun.com/update/1.6.0/jin...ndows-i586.cab
[Java Plug-in 1.6.0_05]
InprocServer32 = C: \ Programmer \ Java \ jre1.6.0_05 \ bin \ ssv.dll
CODEBASE = http://java.sun.com/update/1.6.0/jin...ndows-i586.cab
[Java Plug-in 1.6.0_05]
InprocServer32 = C: \ Programmer \ Java \ jre1.6.0_05 \ bin \ npjpi160_05.dll
CODEBASE = http://java.sun.com/update/1.6.0/jin...ndows-i586.cab
[Shockwave Flash Object]
InprocServer32 = C: \ WINDOWS \ system32 \ Macromed \ Flash \ Flash9e.ocx
CODEBASE = http://fpdownload2.macromedia.com/ge...sh/swflash.cab
--------------------------------------------------
Opregner Winsock LSP filer:
Namespace # 1: C: \ WINDOWS \ System32 \ mswsock.dll
Namespace # 2: C: \ WINDOWS \ System32 \ winrnr.dll
Namespace # 3: C: \ WINDOWS \ System32 \ mswsock.dll
Namespace # 4: C: \ WINDOWS \ System32 \ nwprovau.dll
Protokol # 1: C: \ WINDOWS \ system32 \ mswsock.dll
Protokol # 2: C: \ WINDOWS \ system32 \ mswsock.dll
Protokol # 3: C: \ WINDOWS \ system32 \ mswsock.dll
Protokol # 4: C: \ WINDOWS \ system32 \ rsvpsp.dll
Protokol # 5: C: \ WINDOWS \ system32 \ rsvpsp.dll
Protokol # 6: C: \ WINDOWS \ system32 \ mswsock.dll
Protokol # 7: C: \ WINDOWS \ system32 \ mswsock.dll
Protokol # 8: C: \ WINDOWS \ system32 \ mswsock.dll
Protokol # 9: C: \ WINDOWS \ system32 \ mswsock.dll
Protokol # 10: C: \ WINDOWS \ system32 \ mswsock.dll
Protokol # 11: C: \ WINDOWS \ system32 \ mswsock.dll
Protokol # 12: C: \ WINDOWS \ system32 \ mswsock.dll
Protokol # 13: C: \ WINDOWS \ system32 \ mswsock.dll
Protokol # 14: C: \ WINDOWS \ system32 \ mswsock.dll
Protokol # 15: C: \ WINDOWS \ system32 \ mswsock.dll
Protokol # 16: C: \ WINDOWS \ system32 \ mswsock.dll
Protokol # 17: C: \ WINDOWS \ system32 \ mswsock.dll
Protokol # 18: C: \ WINDOWS \ system32 \ mswsock.dll
Protokol # 19: C: \ WINDOWS \ system32 \ mswsock.dll
Protokol # 20: C: \ WINDOWS \ system32 \ mswsock.dll
Protokol # 21: C: \ WINDOWS \ system32 \ mswsock.dll
Protokol # 22: C: \ WINDOWS \ system32 \ mswsock.dll
Protokol # 23: C: \ WINDOWS \ system32 \ mswsock.dll
Protokol # 24: C: \ WINDOWS \ system32 \ mswsock.dll
--------------------------------------------------
Opregner Windows NT/2000/XP tjenester
Microsoft ACPI-driver: System32 \ Drivers \ ACPI.sys (system)
Microsoft Embedded Controller Driver: system32 \ DRIVERS \ ACPIEC.sys (system)
Atheros Configuration Service: C: \ WINDOWS \ system32 \ acs.exe (autostart)
Microsoft Kernel Acoustic Echo Canceller: system32 \ drivers \ aec.sys (manuel start)
AFD: \ SystemRoot \ System32 \ drivers \ afd.sys (system)
Alerter:% SystemRoot% \ system32 \ Svchost.exe-k LocalService (handicappede)
Application Layer Gateway Service:% SystemRoot% \ System32 \ alg.exe (manual start)
Application Management:% SystemRoot% \ system32 \ Svchost.exe-k netsvcs (manual start)
Atheros Wireless Network Adapter Service: system32 \ DRIVERS \ ar5211.sys (manuel start)
ASP.NET stat Service:% SystemRoot% \ Microsoft.NET \ Framework \ v1.1.4322 \ asp net_state.exe (manuel start)
RAS Asynchronous Media Driver: system32 \ DRIVERS \ asyncmac.sys (manuel start)
Standard IDE / ESDI Hard Disk Controller: system32 \ DRIVERS \ Atapi.sys (system)
Ati Genvejstast Poller:% SystemRoot% \ system32 \ Ati2evxx.exe (autostart)
ati2mtag: system32 \ DRIVERS \ ati2mtag.sys (manuel start)
ATM ARP Client Protocol: system32 \ DRIVERS \ atmarpc.sys (manuel start)
Windows Audio:% SystemRoot% \ System32 \ Svchost.exe-k netsvcs (autostart)
Audio Stub Driver: system32 \ DRIVERS \ audstub.sys (manuel start)
AVG Anti-Spyware Driver: \? \ C: \ Programmer \ Grisoft \ AVG Anti-Spyware 7.5 \ guard.sys (system)
AVG Anti-Spyware Guard: C: \ Programmer \ Grisoft \ AVG Anti-Spyware 7.5 \ guard.exe (autostart)
AVG7 Alert Manager Server: C: \ PROGRA ~ 1 \ Grisoft \ AVG7 \ avgamsvr.exe (autostart)
AVG7 Kernel: \ SystemRoot \ System32 \ Drivers \ avg7core.sys (system)
AVG7 Ombryd Driver: \ SystemRoot \ System32 \ Drivers \ avg7rsw.sys (system)
AVG7 Resident Driver XP: \ SystemRoot \ System32 \ Drivers \ avg7rsxp.sys (system)
AVG7 Update Service: C: \ PROGRA ~ 1 \ Grisoft \ AVG7 \ avgupsvc.exe (autostart)
AVG Anti-Spyware Clean Driver: System32 \ DRIVERS \ AvgAsCln.sys (system)
AVG7 Clean Driver: \ SystemRoot \ System32 \ Drivers \ avgclean.sys (system)
Background Intelligent Transfer Service:% SystemRoot% \ system32 \ Svchost.exe-k netsvcs (autostart)
Access 32bits INT15 rutinemæssige: system32 \ drivers \ BoiHwSetup.sys (manuel start)
BrSplService: C: \ WINDOWS \ system32 \ brsvc01a.exe (autostart)
Computer Browser:% SystemRoot% \ system32 \ Svchost.exe-k netsvcs (autostart)
Logical Disk Manager Skærm:% SystemRoot% \ System32 \ Svchost.exe-k netsvcs (autostart)
Conexant AMC 3D Environmental Audio: system32 \ drivers \ camc6aud.sys (manuel start)
CAMCHALA: system32 \ drivers \ camc6hal.sys (manuel start)
CD-ROM Driver: system32 \ DRIVERS \ cdrom.sys (system)
ConfigFree Service: C: \ Programmer \ TOSHIBA \ ConfigFree \ CFSvcs.exe (autostart)
Indekserer Service:% SystemRoot% \ system32 \ cisvc.exe (manual start)
ClipBook:% SystemRoot% \ system32 \ clipsrv.exe (deaktiveret)
Microsoft ACPI Control Method Battery Driver: system32 \ DRIVERS \ CmBatt.sys (manuel start)
Microsoft Composite Battery Driver: system32 \ DRIVERS \ compbatt.sys (system)
COM + System Application: C: \ WINDOWS \ system32 \ dllhost.exe / Processid: (02D4B3F1-FD88-11D1-960D-00805FC79235) (manual start)
Kryptografiske Service:% SystemRoot% \ system32 \ Svchost.exe-k netsvcs (autostart)
DCOM Server Process Launcher:% SystemRoot% \ system32 \ Svchost-k DcomLaunch (autostart)
DHCP Client:% SystemRoot% \ system32 \ Svchost.exe-k netsvcs (autostart)
Disk Driver: system32 \ DRIVERS \ disk.sys (system)
DLABOIOM: System32 \ DLA \ DLABOIOM.SYS (autostart)
DLACDBHM: System32 \ Drivers \ DLACDBHM.SYS (system)
DLADResN: System32 \ DLA \ DLADResN.SYS (autostart)
DLAIFS_M: System32 \ DLA \ DLAIFS_M.SYS (autostart)
DLAOPIOM: System32 \ DLA \ DLAOPIOM.SYS (autostart)
DLAPoolM: System32 \ DLA \ DLAPoolM.SYS (autostart)
DLARTL_N: System32 \ Drivers \ DLARTL_N.SYS (system)
DLAUDFAM: System32 \ DLA \ DLAUDFAM.SYS (autostart)
DLAUDF_M: System32 \ DLA \ DLAUDF_M.SYS (autostart)
Logical Disk Manager Administrative Service:% SystemRoot% \ System32 \ dmadmin.exe / com (manual start)
dmboot: System32 \ drivers \ dmboot.sys (deaktiveret)
Logical Disk Manager Driver: System32 \ drivers \ dmio.sys (system)
dmload: System32 \ drivers \ dmload.sys (system)
Logical Disk Manager:% SystemRoot% \ System32 \ Svchost.exe-k netsvcs (autostart)
Microsoft Kernel DLS Syntheiszer: system32 \ drivers \ DMusic.sys (manuel start)
DNINDIS5 midlertidige NDIS protokol Driver: \? \ C: \ PROGRA ~ 1 \ Belkin \ Belkin ~ 1.11G \ DNINDIS5.SYS (manuel start)
DNS Client:% SystemRoot% \ system32 \ Svchost.exe-k NetworkService (autostart)
Microsoft Kernel DRM Audio Descrambler: system32 \ drivers \ drmkaud.sys (manuel start)
DRVMCDB: System32 \ Drivers \ DRVMCDB.SYS (system)
DRVNDDM: System32 \ Drivers \ DRVNDDM.SYS (autostart)
Error Reporting Service:% SystemRoot% \ System32 \ Svchost.exe-k netsvcs (autostart)
Event Log:% SystemRoot% \ system32 \ Services.exe (autostart)
COM + Event System: C: \ WINDOWS \ system32 \ Svchost.exe-k netsvcs (manual start)
Hurtigt brugerskift Compatibility:% SystemRoot% \ System32 \ Svchost.exe-k netsvcs (manual start)
FltMgr: system32 \ DRIVERS \ fltMgr.sys (system)
Bind Manager Driver: system32 \ DRIVERS \ ftdisk.sys (system)
Generic Packet classifier: system32 \ DRIVERS \ msgpc.sys (manuel start)
GTNDIS5 midlertidige NDIS protokol Driver: \? \ C: \ WINDOWS \ system32 \ GTNDIS5.SYS (manuel start)
Google Updater Service: "C: \ Programmer \ Google \ Common \ Google Updater \ GoogleUpdaterService.exe" (manual start)
Hjælp og support:% SystemRoot% \ System32 \ Svchost.exe-k netsvcs (autostart)
Human Interface Device Access:% SystemRoot% \ System32 \ Svchost.exe-k netsvcs (handicappede)
Microsoft HID Class Driver: system32 \ DRIVERS \ Hidusb.sys (manuel start)
hlkvythd: system32 \ drivers \ vzrpdamf.dat (system)
HSFHWATI: system32 \ DRIVERS \ HSFHWATI.sys (manuel start)
HSF_DPV: system32 \ DRIVERS \ HSF_DPV.sys (manuel start)
HTTP: System32 \ Drivers \ HTTP.SYS (manuel start)
HTTP SSL:% SystemRoot% \ System32 \ Svchost.exe-k HTTPFilter (manuel start)
i8042 Keyboard og PS/2-museport Driver: system32 \ DRIVERS \ i8042prt.sys (system)
InstallDriver Tabel Manager: "C: \ Programmer \ Common Files \ InstallShield \ Driver \ 11 \ Intel 32 \ IDriverT.exe" (manual start)
CD-Burning Filter Driver: system32 \ DRIVERS \ imapi.sys (system)
IMAPI CD-Burning COM Service: C: \ WINDOWS \ system32 \ imapi.exe (manuel start)
Intel Processor Driver: system32 \ DRIVERS \ intelppm.sys (system)
IPv6 Windows Firewall Driver: system32 \ DRIVERS \ Ip6Fw.sys (manuel start)
IP Traffic Filter Driver: system32 \ DRIVERS \ ipfltdrv.sys (manuel start)
IP i IP Tunnel Driver: system32 \ DRIVERS \ ipinip.sys (manuel start)
IP Network Address Translator: system32 \ DRIVERS \ ipnat.sys (manuel start)
IPSEC driver: system32 \ DRIVERS \ ipsec.sys (system)
IR Enumerator Service: system32 \ DRIVERS \ irenum.sys (manuel start)
PnP ISA / EISA Bus Driver: system32 \ DRIVERS \ isapnp.sys (system)
IVI ASPI Shell: system32 \ drivers \ iviaspi.sys (manuel start)
Keyboard Class Driver: system32 \ DRIVERS \ kbdclass.sys (system)
Microsoft Kernel Wave Audio Mixer: system32 \ drivers \ Kmixer.sys (manuel start)
Server:% SystemRoot% \ system32 \ Svchost.exe-k netsvcs (autostart)
Arbejdsstation:% SystemRoot% \ system32 \ Svchost.exe-k netsvcs (autostart)
TCP / IP NetBIOS Helper:% SystemRoot% \ system32 \ Svchost.exe-k LocalService (autostart)
mdmxsdk: system32 \ DRIVERS \ mdmxsdk.sys (autostart)
Messenger:% SystemRoot% \ system32 \ Svchost.exe-k netsvcs (handicappede)
NetMeeting Remote Desktop Sharing: C: \ WINDOWS \ system32 \ Mnmsrvc.exe (manuel start)
Mouse Class Driver: system32 \ DRIVERS \ mouclass.sys (system)
Mouse HID Driver: system32 \ DRIVERS \ mouhid.sys (manuel start)
WebDAV Client Redirector: system32 \ DRIVERS \ mrxdav.sys (manuel start)
MrxSmb: system32 \ DRIVERS \ Mrxsmb.sys (system)
Distributed Transaction Coordinator: C: \ WINDOWS \ system32 \ msdtc.exe (manual start)
Windows Installer: C: \ WINDOWS \ system32 \ msiexec.exe / V (manual start)
Microsoft Streaming Service Proxy: system32 \ drivers \ MSKSSRV.sys (manuel start)
Microsoft Streaming Clock Proxy: system32 \ drivers \ MSPCLOCK.sys (manuel start)
Microsoft Streaming Quality Manager Proxy: system32 \ drivers \ MSPQM.sys (manuel start)
Microsoft System Management BIOS Driver: system32 \ DRIVERS \ mssmbios.sys (manuel start)
Remote Access midlertidige NDIS TAPI Driver: system32 \ DRIVERS \ ndistapi.sys (manuel start)
Midlertidige NDIS Usermode I / O Protocol: system32 \ DRIVERS \ ndisuio.sys (manuel start)
Remote Access midlertidige NDIS WAN Driver: system32 \ DRIVERS \ ndiswan.sys (manuel start)
NetBIOS Interface: system32 \ DRIVERS \ netbios.sys (system)
NetBIOS over Tcpip: system32 \ DRIVERS \ Netbt.sys (system)
Network DDE:% SystemRoot% \ system32 \ netdde.exe (deaktiveret)
Network DDE DSDM:% SystemRoot% \ system32 \ netdde.exe (deaktiveret)
TOSHIBA netværksenheden Usermode I / O Protocol: system32 \ DRIVERS \ netdevio.sys (autostart)
Net Logon:% SystemRoot% \ system32 \ Lsass.exe (autostart)
Netværksforbindelser:% SystemRoot% \ System32 \ Svchost.exe-k netsvcs (manual start)
Network Location Awareness (NLA):% SystemRoot% \ system32 \ Svchost.exe-k netsvcs (manual start)
NT LM Security Support Provider:% SystemRoot% \ system32 \ Lsass.exe (manuel start)
Removable Storage:% SystemRoot% \ system32 \ Svchost.exe-k netsvcs (manual start)
Kundeservicerepræsentant for NetWare:% SystemRoot% \ system32 \ Svchost.exe-k netsvcs (autostart)
IPX Traffic Filter Driver: system32 \ DRIVERS \ nwlnkflt.sys (manuel start)
IPX Traffic Forwarder Driver: system32 \ DRIVERS \ nwlnkfwd.sys (manuel start)
NWLink IPX / SPX / NetBIOS Compatible Transport Protocol: system32 \ DRIVERS \ nwlnkipx.sys (autostart)
NWLink NetBIOS: system32 \ DRIVERS \ nwlnknb.sys (autostart)
NWLink SPX / SPXII Protocol: system32 \ DRIVERS \ nwlnkspx.sys (autostart)
NetWare RDR: system32 \ DRIVERS \ nwrdr.sys (manuel start)
Office Source Engine: "C: \ Programmer \ Common Files \ Microsoft Shared \ Source Engine \ Ose.exe" (manual start)
PCI Bus Driver: system32 \ DRIVERS \ pci.sys (system)
PCIIde: system32 \ DRIVERS \ pciide.sys (system)
Pcmcia: system32 \ DRIVERS \ pcmcia.sys (system)
Padus ASPI Shell: system32 \ drivers \ pfc.sys (manuel start)
Plug and Play:% SystemRoot% \ system32 \ Services.exe (autostart)
IPSEC Services:% SystemRoot% \ system32 \ Lsass.exe (autostart)
WAN Miniport (PPTP): system32 \ DRIVERS \ Raspptp.sys (manuel start)
Protected Storage:% SystemRoot% \ system32 \ Lsass.exe (autostart)
QoS Packet Scheduler: system32 \ DRIVERS \ psched.sys (manuel start)
Direct Parallel Link Driver: system32 \ DRIVERS \ ptilink.sys (manuel start)
PxHelp20: System32 \ Drivers \ PxHelp20.sys (system)
Quanta Genvejstast Keyboard Filter Driver: system32 \ drivers \ qkbfiltr.sys (manuel start)
Quanta Genvejstast Mouse Filter Driver: system32 \ drivers \ qmofiltr.sys (manuel start)
Remote Access Auto Connection Driver: system32 \ DRIVERS \ rasacd.sys (system)
Remote Access Auto Connection Manager:% SystemRoot% \ system32 \ Svchost.exe-k netsvcs (manual start)
WAN Miniport (L2TP): system32 \ DRIVERS \ rasl2tp.sys (manuel start)
Remote Access Connection Manager:% SystemRoot% \ system32 \ Svchost.exe-k netsvcs (manual start)
Remote Access PPPoE Driver: system32 \ DRIVERS \ raspppoe.sys (manuel start)
Direct Parallel: system32 \ DRIVERS \ raspti.sys (manuel start)
Rdbss: system32 \ DRIVERS \ rdbss.sys (system)
RDPCDD: System32 \ DRIVERS \ RDPCDD.sys (system)
Terminal Server Device Redirector Driver: system32 \ DRIVERS \ rdpdr.sys (manuel start)
Remote Desktop Help Session Manager: C: \ WINDOWS \ system32 \ sessmgr.exe (manuel start)
Digital CD Audio Playback Filter Driver: system32 \ DRIVERS \ redbook.sys (system)
Routing og Remote Access:% SystemRoot% \ system32 \ Svchost.exe-k netsvcs (handicappede)
Remote Registry:% SystemRoot% \ system32 \ Svchost.exe-k LocalService (autostart)
Remote Procedure Call (RPC) Locator:% SystemRoot% \ System32 \ Locator.exe (manuel start)
Remote Procedure Call (RPC):% SystemRoot% \ system32 \ Svchost-k RPCSS (autostart)
QoS RSVP:% SystemRoot% \ system32 \ rsvp.exe (manuel start)
Belkin RT2500 Wireless Driver: system32 \ DRIVERS \ RT61.sys (manuel start)
Realtek 10/100/1000 NIC Family alle i en midlertidige NDIS XP Driver: system32 \ DRIVERS \ Rtlnicxp.sys (manuel start)
Realtek RTL8139 (A / B / C)-baseret PCI Fast Ethernet Adapter NT Driver: system32 \ DRIVERS \ RTL8139.SYS (manuel start)
Security Accounts Manager:% SystemRoot% \ system32 \ Lsass.exe (autostart)
Smart Card:% SystemRoot% \ System32 \ SCardSvr.exe (manuel start)
Opgavestyring:% SystemRoot% \ System32 \ Svchost.exe-k netsvcs (autostart)
Secdrv: system32 \ DRIVERS \ secdrv.sys (manual start)
Secondary Logon:% SystemRoot% \ System32 \ Svchost.exe-k netsvcs (autostart)
System Event Notification:% SystemRoot% \ system32 \ Svchost.exe-k netsvcs (autostart)
Sitecom Serial port driver: system32 \ DRIVERS \ ser2pl.sys (manuel start)
Serenum Filter Driver: system32 \ DRIVERS \ serenum.sys (manuel start)
Højkapacitetsjernbanekorridor diskettedrevet: system32 \ DRIVERS \ sfloppy.sys (manuel start)
Windows Firewall / Deling af internetforbindelse (ICS):% SystemRoot% \ system32 \ Svchost.exe-k netsvcs (autostart)
Shell Hardware Detection:% SystemRoot% \ System32 \ Svchost.exe-k netsvcs (autostart)
Microsoft Kernel Audio Splitter: system32 \ drivers \ Splitter.sys (manuel start)
Print Spooler:% SystemRoot% \ system32 \ Spoolsv.exe (autostart)
System Restore Filter Driver: system32 \ DRIVERS \ sr.sys (system)
System Restore Service:% SystemRoot% \ system32 \ Svchost.exe-k netsvcs (autostart)
Srv: system32 \ DRIVERS \ srv.sys (manual start)
SSDP Discovery Service:% SystemRoot% \ system32 \ Svchost.exe-k LocalService (manual start)
Stadig Serial Digital Camera Driver: system32 \ DRIVERS \ serscan.sys (manuel start)
Windows Image Acquisition (WIA):% SystemRoot% \ system32 \ Svchost.exe-k imgsvc (autostart)
Software Bus Driver: system32 \ DRIVERS \ swenum.sys (manuel start)
Microsoft Kernel GS Wavetable Synthesizer: system32 \ drivers \ swmidi.sys (manuel start)
MS Software Shadow Copy Provider: C: \ WINDOWS \ system32 \ dllhost.exe / Processid: (6C222AAE-7AD3-43BE-AC4B-02239FF8DEC6) (manual start)
Synaptics touch pad Driver: system32 \ DRIVERS \ SynTP.sys (manuel start)
Microsoft Kernel System Audio Device: system32 \ drivers \ sysaudio.sys (manuel start)
Performance Logs and Alerts:% SystemRoot% \ system32 \ smlogsvc.exe (manuel start)
Telephony:% SystemRoot% \ System32 \ Svchost.exe-k netsvcs (manual start)
TCP / IP protokol Driver: system32 \ DRIVERS \ Tcpip.sys (system)
Terminal Device Driver: system32 \ DRIVERS \ termdd.sys (system)
Terminal Services:% SystemRoot% \ System32 \ Svchost-k DComLaunch (manuel start)
Temaer:% SystemRoot% \ System32 \ Svchost.exe-k netsvcs (autostart)
Telnet: C: \ WINDOWS \ system32 \ tlntsvr.exe (deaktiveret)
tmcomm: \? \ C: \ Windows \ System32 \ Drivers \ tmcomm.sys (autostart)
Distributed Link Tracking Client:% SystemRoot% \ system32 \ Svchost.exe-k netsvcs (autostart)
Microcode Update Driver: system32 \ DRIVERS \ update.sys (manuel start)
Universal Plug and Play Device Host:% SystemRoot% \ system32 \ Svchost.exe-k LocalService (manual start)
Afbrydelsesfri Power Supply:% SystemRoot% \ System32 \ ups.exe (manuel start)
Microsoft USB Generic Parent Driver: system32 \ DRIVERS \ usbccgp.sys (manuel start)
Microsoft USB 2.0 Enhanced Host Controller Miniport Driver: system32 \ DRIVERS \ usbehci.sys (manuel start)
USB2 Enabled Hub: system32 \ DRIVERS \ usbhub.sys (manual start)
Microsoft USB Open Host Controller Miniport Driver: system32 \ DRIVERS \ usbohci.sys (manuel start)
Microsoft USB PRINTER Class: system32 \ DRIVERS \ usbprint.sys (manual start)
USB Scanner Driver: system32 \ DRIVERS \ usbscan.sys (manuel start)
USB Mass Storage Driver: system32 \ DRIVERS \ USBSTOR.SYS (manuel start)
Linksys Wireless-G USB Network Adapter med SpeedBooster Driver v2: system32 \ DRIVERS \ usb8023.sys (manuel start)
VgaSave: \ SystemRoot \ System32 \ drivers \ vga.sys (system)
Bind Shadow Copy:% SystemRoot% \ System32 \ vssvc.exe (manual start)
Windows Time:% SystemRoot% \ System32 \ Svchost.exe-k netsvcs (autostart)
Remote Access IP ARP Driver: system32 \ DRIVERS \ wanarp.sys (manuel start)
Windows CE USB Serial Host Driver: system32 \ DRIVERS \ wceusbsh.sys (manuel start)
Microsoft WINMM WDM Audio Compatibility Driver: system32 \ drivers \ wdmaud.sys (manuel start)
WebClient:% SystemRoot% \ system32 \ Svchost.exe-k LocalService (autostart)
winachsf: system32 \ DRIVERS \ HSF_CNXT.sys (manuel start)
Windows Management Instrumentation:% systemroot% \ system32 \ Svchost.exe-k netsvcs (autostart)
Portable Media Serienummer Service:% SystemRoot% \ System32 \ Svchost.exe-k netsvcs (manual start)
Windows Management Instrumentation Driver Extensions:% SystemRoot% \ System32 \ Svchost.exe-k netsvcs (manual start)
WMI Performance Adapter: C: \ WINDOWS \ system32 \ Wbem \ wmiapsrv.exe (manual start)
Windows Media Player Network Sharing Service: "C: \ Programmer \ Windows Media Player \ WMPNetwk.exe" (manual start)
Windows Socket 2.0 Ikke-IFS Service Provider Support Miljø: \ SystemRoot \ System32 \ drivers \ ws2ifsl.sys (deaktiveret)
Security Center:% SystemRoot% \ System32 \ Svchost.exe-k netsvcs (autostart)
Automatiske opdateringer:% systemroot% \ system32 \ Svchost.exe-k netsvcs (autostart)
Windows Driver Foundation - User-mode Driver Framework Platform Driver: system32 \ DRIVERS \ WudfPf.sys (manuel start)
Windows Driver Foundation - User-mode Driver Framework Reflector: system32 \ DRIVERS \ wudfrd.sys (manuel start)
Windows Driver Foundation - User-mode Driver Framework:% SystemRoot% \ system32 \ Svchost.exe-k WudfServiceGroup (manuel start)
Wireless Zero Configuration:% SystemRoot% \ System32 \ Svchost.exe-k netsvcs (autostart)
Network Leveringsprocedurer Service:% SystemRoot% \ System32 \ Svchost.exe-k netsvcs (manual start)

--------------------------------------------------
Opregner Windows NT logon / logoff scripts:
* No scripts indstillet til at køre *
Windows NT checkdisk kommando:
BootExecute = AutoCheck autochk *
Windows NT 'Wininit.ini «:
PendingFileRenameOperations: * værdi i registreringsdatabasen ikke fundet *
--------------------------------------------------
Opregner ShellServiceObjectDelayLoad punkter:
PostBootReminder: C: \ WINDOWS \ system32 \ SHELL32.DLL
CDBurn: C: \ WINDOWS \ system32 \ SHELL32.DLL
WebCheck: C: \ WINDOWS \ system32 \ Webcheck.dll
Systray: C: \ WINDOWS \ system32 \ stobject.dll
UPnPMonitor: C: \ WINDOWS \ system32 \ upnpui.dll
WPDShServiceObj: C: \ WINDOWS \ system32 \ WPDShServiceObj.dll
--------------------------------------------------
Autorun poster fra registreringsdatabasen:
HKCU \ Software \ Microsoft \ Windows \ CurrentVersion \ pol icies \ Explorer \ Run
* Ingen værdier fundet *
--------------------------------------------------
Autorun poster fra registreringsdatabasen:
HKLM \ Software \ Microsoft \ Windows \ CurrentVersion \ pol icies \ Explorer \ Run
* Ingen værdier fundet *
--------------------------------------------------
Udgangen af rapporten, 38242 bytes
Rapport genereret på 0.266 sekunder
Kommandolinjeflag valgmuligheder:
/ verbose - for at tilføje yderligere info på hvert afsnit
/ færdigopbygget - til også at omfatte tomme sektioner og unsuspicious data
/ Fuld - for at optage flere sjældent vigtige sektioner
/ force9x - til at omfatte Win9x-only nystartede selvom kører på WinNT
/ forcent - til at omfatte WinNT-only nystartede selvom kører på Win9x
/ forceall - til at omfatte alle Win9x og WinNT nystartede virksomheder, uanset platform
/ historie - til listen version historie kun

[evilfantasy]

Thats en start listen fra HJT, som er nyttig, men jeg har brug for de vigtigste scanning.

Åbn HJT og vælg den Må en systemscanning og gemme en logfil knappen.

Post, at log venligst.

[IANA]

Hej,

Beklager, hvis jeg synes langsomme til at svare, men jeg har vanskeligt ved at spare scanningen!

Jeg har været til HJT køre 'Må en systemscanning og gemme en log-fil, men når den forsøger at åbne en logfil det mislykkes.

Den eneste måde jeg kan se, om at give denne information er, hvis jeg gemme en kopi af skærmbilledet, men for at skrive, at det vil være en stor fil, tror du, det er en god idé, eller er der noget andet jeg kan prøve?

Hilsen
Ian A

[evilfantasy]

Prøv dette i stedet og efter logfilerne fra det.

Downloade Deckard's System Scanner (DSS) til din Desktop.
Bemærk: Du skal være logget ind på en konto med administratorrettigheder.

• Luk alle programmer og vinduer.
• Dobbeltklik på på dss.exe at køre den, og følg instruktionerne.
• Når scanningen er fuldført, to tekstfiler vil åbne
  • main.txt <-- dette vil blive maksimeret
  • extra.txt <-- dette vil blive minimeret
• Tilføj indhold main.txt i dit indlæg.
• Også tilføje extra.txt til dit indlæg.

• Teksten fra disse filer kan overstige den maksimale post længde for dette forum, og kan have behov for at blive sendt over 2 eller flere stillinger. Du bedes sikre, at alle tekster er udstationeret.

Hvad DSS vil gøre:

• Opret et nyt system gendannelsespunkt i Windows XP og Vista.
• Rens din midlertidige filer, Downloaded Program Files, og Internet-cache-filer, og også tømme papirkurven på alle drev.
• Tjek nogle vigtige områder af dit system og udarbejde en rapport til din analytiker til revision. DSS automatisk kører HijackThis for dig, men det vil også installere og sted en genvej til HijackThis på skrivebordet, hvis du ikke allerede har HijackThis installeret.

[IANA]

Hej

Jeg skal tænke!

Jeg har forsøgt at gå til hot link Deckards scanner, men jeg kan ikke finde den dss.exe.

Deckards spurgt mig for at registrere til et andet websted forum ligner den ene Jeg er allerede på

Forklar

Ian

[evilfantasy]

Brug dette link. http://www.techsupportforum.com/sect...eckard/dss.exe

[IANA]

Hej,
Beklager, hvis det engang, da jeg har tilbage, men jeg har været væk

Jeg har nu formået at gøre scanningen og her er resultatet
System Restore ------------------------------------------------ --------------
Har oprettet en Deckard's System Scanner Restore Point.

- Last 5 Restore Point (s) --
49: 2008-04-07 07:50:49 UTC - RP160 - Deckard's System Scanner gendannelsespunkt
48: 2008-04-07 06:07:59 UTC - RP159 - System Checkpoint
47: 2008-04-01 17:50:42 UTC - RP158 - System Checkpoint
46: 2008-03-28 20:48:03 UTC - RP157 - Installed SUPERAntiSpyware Free Edition
45: 2008-03-28 19:02:25 UTC - RP156 - System Checkpoint

- Første gendannelsespunkt --
1: 2008-01-04 07:54:54 UTC - RP112 - System Checkpoint

Bakkes op registreringsdatabasen bistader.
Udføres Diskoprydning.
Procentdel af hukommelse i brug: 76% (mere end 75%).
Total Physical Memory: 447 MIB (512 MIB anbefales).

- HijackThis (run as iana.exe) ---------------------------------------- --------
Logfile af Trend Micro HijackThis v2.0.2
Scan gemt kl 08:52:30 den 07/04/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16608)
Boot mode: Normal
Kørende processer:
C: \ WINDOWS \ System32 \ smss.exe
C: \ WINDOWS \ system32 \ Winlogon.exe
C: \ WINDOWS \ system32 \ Services.exe
C: \ WINDOWS \ system32 \ Lsass.exe
C: \ WINDOWS \ system32 \ Ati2evxx.exe
C: \ WINDOWS \ system32 \ Svchost.exe
C: \ WINDOWS \ System32 \ Svchost.exe
C: \ WINDOWS \ system32 \ brsvc01a.exe
C: \ WINDOWS \ system32 \ Spoolsv.exe
C: \ WINDOWS \ system32 \ brss01a.exe
C: \ Programmer \ Grisoft \ AVG Anti-Spyware 7.5 \ guard.exe
C: \ PROGRA ~ 1 \ Grisoft \ AVG7 \ avgamsvr.exe
C: \ PROGRA ~ 1 \ Grisoft \ AVG7 \ avgupsvc.exe
C: \ Programmer \ TOSHIBA \ ConfigFree \ CFSvcs.exe
C: \ WINDOWS \ system32 \ Svchost.exe
C: \ WINDOWS \ System32 \ Svchost.exe
C: \ WINDOWS \ system32 \ Ati2evxx.exe
C: \ WINDOWS \ Explorer.EXE
C: \ Programmer \ Synaptics \ SynTP \ SynTPEnh.exe
C: \ Programmer \ Toshiba \ Windows Utilities \ Hotkey.exe
C: \ WINDOWS \ system32 \ TPSMain.exe
C: \ Programmer \ Synaptics \ SynTP \ Toshiba.exe
C: \ Programmer \ TOSHIBA \ ConfigFree \ NDSTray.exe
C: \ Programmer \ TOSHIBA \ TOSHIBA Zooming Utility \ SmoothView.exe
C: \ Programmer \ TOSHIBA \ Touch og Launch \ PadExe.exe
C: \ WINDOWS \ System32 \ DLA \ DLACTRLW.EXE
C: \ Programmer \ TOSHIBA \ ConfigFree \ CFSServ.exe
C: \ Programmer \ Atheros \ ACU.exe
C: \ Programmer \ Common Files \ Real \ Update_OB \ realsched.exe
C: \ Programmer \ QuickTime \ qttask.exe
C: \ Programmer \ Grisoft \ AVG Anti-Spyware 7.5 \ avgas.exe
C: \ PROGRA ~ 1 \ Grisoft \ AVG7 \ avgcc.exe
C: \ Programmer \ Java \ jre1.6.0_05 \ bin \ jusched.exe
C: \ Programmer \ ScanSoft \ OmniPageSE2.0 \ OpwareSE2.exe
C: \ Programmer \ TOSHIBA \ TOSCDSPD \ toscdspd.exe
C: \ WINDOWS \ system32 \ Ctfmon.exe
C: \ Programmer \ Messenger \ msmsgs.exe
C: \ Programmer \ SUPERAntiSpyware \ SUPERAntiSpyware.exe
C: \ WINDOWS \ system32 \ TPSBattM.exe
C: \ Programmer \ FinePixViewer \ QuickDCF.exe
C: \ Programmer \ TOSHIBA \ ConfigFree \ CFXFER.exe
C: \ Programmer \ Internet Explorer \ iexplore.exe
C: \ Programmer \ Adobe \ Acrobat 6.0 \ Reader \ AcroRd32.exe
C: \ WINDOWS \ system32 \ WISPTIS.EXE
C: \ Documents and Settings \ IANA \ Local Settings \ Temporary Internet Files \ Content.IE5 \ EL9EICW6 \ DSS [1]. Exe
C: \ PROGRA ~ 1 \ TRENDM ~ 1 \ kapre ~ 1 \ iana.exe
R1 - HKCU \ Software \ Microsoft \ Internet Explorer \ Main, Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU \ Software \ Microsoft \ Internet Explorer \ Main, Start Page = http://www.google.co.uk/
R1 - HKLM \ Software \ Microsoft \ Internet Explorer \ Main, Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM \ Software \ Microsoft \ Internet Explorer \ Main, Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM \ Software \ Microsoft \ Internet Explorer \ Main, Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM \ Software \ Microsoft \ Internet Explorer \ Main, Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM \ Software \ Microsoft \ Internet Explorer \ Search, SearchAssistant =
R0 - HKLM \ Software \ Microsoft \ Internet Explorer \ Search, CustomizeSearch =
R1 - HKCU \ Software \ Microsoft \ Windows \ CurrentVersion \ Int ernet Settings, ProxyServer = flotechsvr: 8080
O2 - BHO: AcroIEHlprObj Class - (06849E9F-C8D7-4D59-B87D-784B7D6BE0B3) - C: \ Programmer \ Adobe \ Acrobat 6.0 \ Reader \ ActiveX \ AcroIEHelper.dll
O2 - BHO: (no name) - (51610169-C280-4F36-84AB-82D92ED1F68B) - C: \ Windows \ system32 \ athcfg11c.dll (filen mangler)
O2 - BHO: SSVHelper Class - (761497BB-D6F0-462C-B6EB-D4DAF1D92D43) - C: \ Programmer \ Java \ jre1.6.0_05 \ bin \ ssv.dll
O2 - BHO: Google Toolbar Helper - (AA58ED58-01DD-4d91-8333-CF10577473F7) - c: \ program files \ google \ googletoolbar1.dll
O2 - BHO: (no name) - (EA389261-1100-451F-8582-815CAB488AE6) - C: \ WINDOWS \ system32 \ crypt32n.dll
O3 - Toolbar: & Google - (2318C2B1-4965-11D4-9B18-009027A5CD4F) - c: \ program files \ google \ googletoolbar1.dll
O4 - HKLM \ .. \ Run: [SynTPEnh] C: \ Programmer \ Synaptics \ SynTP \ SynTPEnh.exe
O4 - HKLM \ .. \ Run: [Toshiba Genvejstast Utility] "C: \ Programmer \ Toshiba \ Windows Utilities \ Hotkey.exe" / lang da
O4 - HKLM \ .. \ Run: [TPSMain] TPSMain.exe
O4 - HKLM \ .. \ Run: [NDSTray.exe] NDSTray.exe
O4 - HKLM \ .. \ Run: [SmoothView] C: \ Programmer \ TOSHIBA \ TOSHIBA Zooming Utility \ SmoothView.exe
O4 - HKLM \ .. \ Run: [PadTouch] C: \ Programmer \ TOSHIBA \ Touch og Launch \ PadExe.exe
O4 - HKLM \ .. \ Run: [DLA] C: \ WINDOWS \ System32 \ DLA \ DLACTRLW.EXE
O4 - HKLM \ .. \ Run: [CFSServ.exe] CFSServ.exe-NoClient
O4 - HKLM \ .. \ Run: [REGSHAVE] C: \ Programmer \ REGSHAVE \ REGSHAVE.EXE / AutoRun
O4 - HKLM \ .. \ Run: [ACU] "C: \ Programmer \ Atheros \ ACU.exe"-nogui
O4 - HKLM \ .. \ Run: [TkBellExe] "C: \ Programmer \ Common Files \ Real \ Update_OB \ realsched.exe"-osboot
O4 - HKLM \ .. \ Run: [QuickTime Task] "C: \ Programmer \ QuickTime \ qttask.exe"-atboottime
O4 - HKLM \ .. \ Run: [! AVG Anti-Spyware] "C: \ Programmer \ Grisoft \ AVG Anti-Spyware 7.5 \ avgas.exe" / minimeret
O4 - HKLM \ .. \ Run: [AVG7_CC] C: \ PROGRA ~ 1 \ Grisoft \ AVG7 \ avgcc.exe / START
O4 - HKLM \ .. \ Run: [SunJavaUpdateSched] "C: \ Programmer \ Java \ jre1.6.0_05 \ bin \ jusched.exe"
O4 - HKLM \ .. \ Run: [OpwareSE2] "C: \ Programmer \ ScanSoft \ OmniPageSE2.0 \ OpwareSE2.exe"
O4 - HKLM \ .. \ Run: [OPSE reminder] "C: \ Programmer \ ScanSoft \ OmniPageSE2.0 \ EregEng \ Ereg.exe"-r "C: \ Programmer \ ScanSoft \ OmniPageSE2.0 \ EregEng \ ereg . ini "
O4 - HKCU \ .. \ Run: [TOSCDSPD] C: \ Programmer \ TOSHIBA \ TOSCDSPD \ toscdspd.exe
O4 - HKCU \ .. \ Run: [Ctfmon.exe] C: \ WINDOWS \ system32 \ Ctfmon.exe
O4 - HKCU \ .. \ Run: [PnPUI Registrator] C: \ Programmer \ Common Files \ Sitecom Shared \ PnP Universal Installer \ PnPUIReg.exe-s
O4 - HKCU \ .. \ Run: [MSMSGS] "C: \ Programmer \ Messenger \ msmsgs.exe" / baggrund
O4 - HKCU \ .. \ Run: [SUPERAntiSpyware] C: \ Programmer \ SUPERAntiSpyware \ SUPERAntiSpyware.exe
O4 - HKUS \ S-1-5-19 \ .. \ Run: [AVG7_Run] C: \ PROGRA ~ 1 \ Grisoft \ AVG7 \ avgw.exe / RunOnce (User 'LOCAL SERVICE')
O4 - HKUS \ S-1-5-20 \ .. \ Run: [AVG7_Run] C: \ PROGRA ~ 1 \ Grisoft \ AVG7 \ avgw.exe / RunOnce (User 'NETWORK SERVICE')
O4 - HKUS \ S-1-5-18 \ .. \ Run: [AVG7_Run] C: \ PROGRA ~ 1 \ Grisoft \ AVG7 \ avgw.exe / RunOnce (User 'SYSTEM')
O4 - HKUS \. DEFAULT \ .. \ Run: [AVG7_Run] C: \ PROGRA ~ 1 \ Grisoft \ AVG7 \ avgw.exe / RunOnce (User 'Default user')
O4 - Global Startup: Exif Launcher.lnk = C: \ Programmer \ FinePixViewer \ QuickDCF.exe
O4 - Global Startup: Microsoft Office.lnk = C: \ Programmer \ Microsoft Office \ Office \ OSA9.EXE
O9 - Extra knappen: (no name) - (08B0E5C0-4FCB-11CF-AAA5-00401C608501) - C: \ Programmer \ Java \ jre1.6.0_05 \ bin \ ssv.dll
O9 - Extra 'Tools' MENUITEM: Sun Java Console - (08B0E5C0-4FCB-11CF-AAA5-00401C608501) - C: \ Programmer \ Java \ jre1.6.0_05 \ bin \ ssv.dll
O9 - Ekstra knap: Research - (92780B25-18CC-41C8-B9BE-3C9C571A8263) - C: \ PROGRA ~ 1 \ MI05E6 ~ 1 \ Office11 \ REFIEBAR.DLL
O9 - Ekstra knap: Messenger - (FB5F1910-F110-11D2-BB9E-00C04F795683) - C: \ Programmer \ Messenger \ msmsgs.exe
O9 - Extra 'Tools' MENUITEM: Windows Messenger - (FB5F1910-F110-11D2-BB9E-00C04F795683) - C: \ Programmer \ Messenger \ msmsgs.exe
O10 - Ukendt fil i Winsock LSP: c: \ Windows \ system32 \ nwprovau.dll
O14 - IERESET.INF: START_PAGE_URL = http://companyweb
O16 - DPF: (11260943-421B-11D0-8EAC-0000C07D88CF) (iPIX ActiveX Control) -- http://www.ipix.com/download/ipixx.cab
O16 - DPF: (6E32070A-766D-4EE6-879C-DC1FA91D2FC3) (MUWebControl Class) -- http://www.update.microsoft.com/micr...?1197453622703
O16 - DPF: (8AD9C840-044E-11D1-B3E9-00805F499D93) (Java Runtime Environment 1.6.0) -- http://javadl-esd.sun.com/update/1.6...ws-i586-jc.cab
O16 - DPF: (BB21F850-63F4-4EC9-BF9D-565BD30C9AE9) (a-squared Scanner) -- http://ax.emsisoft.com/asquared.cab
O16 - DPF: (D27CDB6E-AE6D-11CF-96B8-444553540000) (Shockwave Flash Object) -- http://fpdownload2.macromedia.com/ge...sh/swflash.cab
O17 - HKLM \ System \ CCS \ Services \ Tcpip \ Parameters: Domain = flotech.local
O17 - HKLM \ Software \ .. \ Telephony: DomainName = flotech.local
O17 - HKLM \ System \ CCS \ Services \ Tcpip \ .. \ (3C838800-1126-48EC-8092-81CB4BD5BA88): NameServer = 208.67.220.220,208.67.222.222
O17 - HKLM \ System \ CS1 \ Services \ Tcpip \ Parameters: Domain = flotech.local
O17 - HKLM \ System \ CS1 \ Services \ Tcpip \ Parameters: NameServer = 208.67.220.220,208.67.222.222
O17 - HKLM \ System \ CS1 \ Services \ Tcpip \ .. \ (3C838800-1126-48EC-8092-81CB4BD5BA88): NameServer = 208.67.220.220,208.67.222.222
O17 - HKLM \ System \ CS3 \ Services \ Tcpip \ Parameters: Domain = flotech.local
O17 - HKLM \ System \ CS3 \ Services \ Tcpip \ Parameters: NameServer = 208.67.220.220,208.67.222.222
O17 - HKLM \ System \ CS3 \ Services \ Tcpip \ .. \ (3C838800-1126-48EC-8092-81CB4BD5BA88): NameServer = 208.67.220.220,208.67.222.222
O17 - HKLM \ System \ CCS \ Services \ Tcpip \ Parameters: NameServer = 208.67.220.220,208.67.222.222
O20 - Winlogon Notify:! SASWinLogon - C: \ Programmer \ SUPERAntiSpyware \ SASWINLO.dll
O20 - Winlogon Notify: detcdzqc - athcfg11c.dll (filen mangler)
O23 - Service: Atheros Configuration Service (ACS) - Unknown ejer - C: \ WINDOWS \ system32 \ acs.exe
O23 - Service: Ati Genvejstast Poller - ATI Technologies Inc. - C: \ WINDOWS \ system32 \ Ati2evxx.exe
O23 - Service: AVG Anti-Spyware Guard - Grisoft sro - C: \ Programmer \ Grisoft \ AVG Anti-Spyware 7.5 \ guard.exe
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - Grisoft, sro - C: \ PROGRA ~ 1 \ Grisoft \ AVG7 \ avgamsvr.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - Grisoft, sro - C: \ PROGRA ~ 1 \ Grisoft \ AVG7 \ avgupsvc.exe
O23 - Service: BrSplService (Brother XP SPL Service) - brother Industries Ltd - C: \ WINDOWS \ system32 \ brsvc01a.exe
O23 - Service: ConfigFree Service (CFSvcs) - TOSHIBA CORPORATION - C: \ Programmer \ TOSHIBA \ ConfigFree \ CFSvcs.exe
O23 - Service: Google Updater Service (gusvc) - Google - C: \ Programmer \ Google \ Common \ Google Updater \ GoogleUpdaterService.exe
O23 - Service: InstallDriver Tabel Manager (IDriverT) - Macrovision Corporation - C: \ Programmer \ Common Files \ InstallShield \ Driver \ 11 \ Intel 32 \ IDriverT.exe
--
End of file - 9862 bytes
- HijackThis Fixed Entries (C: \ PROGRA ~ 1 \ TRENDM ~ 1 \ kapre ~ 1 \ backups \) -----------
backup-20071217-070814-188 O4 - HKLM \ .. \ Run: [\ \ wks-216 \ Epson Stylus C46 Series] C: \ WINDOWS \ System32 \ spool \ DRIVERS \ W32X86 \ 3 \ E_S4I0T 1.EXE / P33 "\ \ Wks-216 \ Epson Stylus C46 Series "/ O6" USB002 "/ M" Stylus C46 "
backup-20071217-071110-763 O16 - DPF: (935F9B04-0C7B-4454-A391-348C54AD7ADD) (Jolly Bear Games Player) -- http://games.bigfishgames.com/en_big...GamePlayer.cab
backup-20071219-071455-100 O20 - Winlogon Notify: detcdzqc - C: \ WINDOWS \ SYSTEM32 \ athcfg11c.dll
backup-20071219-071455-320 O4 - Global Startup: Epson Statusmonitor 3 Miljø Check (3). lnk = C: \ WINDOWS \ system32 \ spool \ drivers \ w32x86 \ 3 \ E_SRCV0 3.EXE
backup-20071219-071455-780 O2 - BHO: (no name) - (EA389261-1100-451F-8582-815CAB488AE6) - C: \ WINDOWS \ system32 \ crypt32n.dll
backup-20080327-194111-931 O2 - BHO: (no name) - (51610169-C280-4F36-84AB-82D92ED1F68B) - C: \ Windows \ system32 \ athcfg11c.dll (filen mangler)
backup-20080327-194139-797 O2 - BHO: (no name) - (EA389261-1100-451F-8582-815CAB488AE6) - C: \ WINDOWS \ system32 \ crypt32n.dll
backup-20080327-194247-663 O2 - BHO: (no name) - (EA389261-1100-451F-8582-815CAB488AE6) - C: \ WINDOWS \ system32 \ crypt32n.dll
- File Associations ---------------------------------------------- -------------
. txt - NetLog.Document - DefaultIcon - C: \ EPICOM ~ 1.02 \ EPICom2.02 \ EPICOM ~ 1.EXE, 8
. txt - NetLog.Document - shell \ open \ command - C: \ EPICOM ~ 1.02 \ EPICom2.02 \ EPICOM ~ 1.EXE / DDE

- Drivers: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled ---------------------
R0 hlkvythd - C: \ Windows \ system32 \ drivers \ vzrpdamf.dat
R1 SASDIFSV - c: \ program files \ superantispyware \ sasdifsv.sys
R1 SASKUTIL - c: \ program files \ superantispyware \ saskutil.sys
R2 MASPINT - C: \ Windows \ system32 \ drivers \ maspint.sys <Ikke Verified; MicroStaff Co.,Ltd.; Aspi32 Driver for WinNT>
R2 mdmxsdk - C: \ Windows \ system32 \ drivers \ mdmxsdk.sys <Ikke Verified; Conexant; Diagnostiske Interface>
R2 Netdevio (TOSHIBA netværksenheden Usermode I / O Protocol) - c: \ Windows \ system32 \ drivers \ netdevio.sys <Ikke Verified; TOSHIBA Corporation.; TOSHIBA netværksenheden Usermode I/O protocol>
R3 AR5211 (Atheros Wireless Network Adapter Service) - C: \ Windows \ system32 \ drivers \ ar5211.sys <Ikke Verified; Atheros Communications, Inc.; Atheros AR5001 Wireless Network Adapter>
R3 BoiHwsetup (Access 32bits INT15 rutinemæssig) - C: \ Windows \ system32 \ drivers \ boihwsetup.sys <Ikke Verified; Quanta Computer Corp; Toshiba HwSetup Driver>
R3 CAMCAUD (Conexant AMC 3D Environmental Audio) - C: \ Windows \ system32 \ drivers \ camc6aud.sys <Ikke Verified; Conexant Systems Inc.; Conexant Audio Driver>
R3 CAMCHALA - C: \ Windows \ system32 \ drivers \ camc6hal.sys <Ikke Verified; Conexant Systems Inc.; Conexant AmcHal Driver>
R3 HSF_DPV - C: \ Windows \ system32 \ drivers \ hsf_dpv.sys <Ikke Verified; Conexant Systems, Inc.; SoftK56 Modem Driver>
R3 HSFHWATI - C: \ Windows \ system32 \ drivers \ hsfhwati.sys <Ikke Verified; Conexant Systems, Inc.; SoftK56 Modem Driver>
R3 Iviaspi (IVI ASPI Shell) - C: \ Windows \ system32 \ drivers \ iviaspi.sys <Ikke Verified; InterVideo, Inc.; InterVideo ASPI Shell>
R3 pfc (padus ASPI Shell) - C: \ Windows \ system32 \ drivers \ pfc.sys <Ikke Verified; Padus, Inc.; Padus(R) ASPI Shell>
R3 qkbfiltr (Quanta Genvejstast Keyboard Filter Driver) - c: \ Windows \ system32 \ drivers \ qkbfiltr.sys <Ikke Verified; Quanta Computer, Inc.; Quanta Genvejstast Keyboard Filter Driver>
R3 qmofiltr (Quanta Genvejstast Mouse Filter Driver) - c: \ Windows \ system32 \ drivers \ qmofiltr.sys <Ikke Verified; Quanta Computer, Inc.; Quanta Mouse Filter Enhed Driver>
R3 SASENUM - c: \ program files \ superantispyware \ sasenum.sys <Ikke Verified; SuperAdBlocker, Inc.; SuperAntiSpyware>
R3 winachsf - C: \ Windows \ system32 \ drivers \ hsf_cnxt.sys <Ikke Verified; Conexant Systems, Inc.; SoftK56 Modem Driver>
S3 DNINDIS5 (DNINDIS5 midlertidige NDIS-protokollen Driver) - c: \ progra ~ 1 \ Belkin \ Belkin ~ 1.11g \ dnindis5.sys (filen mangler)
S3 GTNDIS5 (GTNDIS5 midlertidige NDIS-protokollen Driver) - c: \ Windows \ system32 \ gtndis5.sys (filen mangler)
S3 RT61 (Belkin RT2500 Wireless Driver) - c: \ Windows \ system32 \ drivers \ rt61.sys (filen mangler)
S3 Ser2pl (Sitecom Serial port driver) - c: \ Windows \ system32 \ drivers \ ser2pl.sys <Ikke Verified; Prolific Technology Inc.; Prolific USB-to-Serial Bridge Cable>
S3 wceusbsh (Windows CE USB Serial Host Driver) - c: \ Windows \ system32 \ drivers \ wceusbsh.sys <Ikke Verified; Microsoft Corporation; Windows CE USB Serial Host Driver>

- Services: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled --------------------
R2 CFSvcs (ConfigFree Service) - c: \ Programmer \ Toshiba \ configfree \ cfsvcs.exe <Ikke Verified; TOSHIBA CORPORATION; ConfigFree(TM)>
S2 ACS (Atheros Configuration Service) - C: \ Windows \ system32 \ acs.exe

- Device Manager: Disabled -------------------------------------------- --------
Nr. handicappede udstyr fundet.

- Planlagte opgaver ---------------------------------------------- ---------------
2008-04-07 06:48:40 436 - a ------ C: \ WINDOWS \ Tasks \ RegCure Program Check.job
2008-04-04 12:33:04 438 - a ------ C: \ WINDOWS \ Tasks \ At1.job
2008-03-15 17:25:00 284 - a ------ C: \ WINDOWS \ Tasks \ AppleSoftwareUpdate.job
2008-01-31 16:37:13 370 - a ------ C: \ WINDOWS \ Tasks \ RegCure.job

- Filer, der er oprettet mellem 2008-03-07 og 2008-04-07 -----------------------------
2008-03-28 21:48:16 0 d -------- C: \ Documents and Settings \ All Users \ Application Data \ SUPERAntiSpyware.com
2008-03-28 21:48:05 0 d -------- C: \ Programmer \ SUPERAntiSpyware
2008-03-28 21:48:05 0 d -------- C: \ Documents and Settings \ IANA \ Application Data \ SUPERAntiSpyware.com
2008-03-28 21:47:28 0 d -------- C: \ Programmer \ Common Files \ Wise Installation Wizard

- Find3M Report ---------------------------------------------- -----------------
2008-04-07 06:51:23 0 d -------- C: \ Documents and Settings \ IANA \ Application Data \ AVG7
2008-04-04 16:30:58 0 d -------- C: \ Programmer \ Hansa52Client
2008-04-04 15:41:49 0 d -------- C: \ Documents and Settings \ IANA \ Application Data \ AdobeUM
2008-03-28 21:47:28 0 d -------- C: \ Programmer \ Fælles filer
2008-03-25 10:03:27 0 d -------- C: \ Programmer \ Common Files \ Adobe
2008-03-25 09:31:28 0 d -------- C: \ Programmer \ Common Files \ Symantec Shared
2008-03-05 15:04:08 0 d -------- C: \ Programmer \ Canon
2008-03-05 11:57:28 0 d -------- C: \ Programmer \ Java
2008-02-25 09:26:29 0 d -------- C: \ Documents and Settings \ IANA \ Application Data \ ScanSoft
2008-02-25 09:26:26 0 d -------- C: \ Programmer \ Fælles filer \ ScanSoft Shared
2008-02-25 09:25:40 0 d -------- C: \ Programmer \ ScanSoft
2008-02-25 08:32:09 0 d -------- C: \ Programmer \ Google
2008-02-21 18:33:48 0 d -------- C: \ Programmer \ MumbleJumble
2008-02-21 18:10:04 0 d -------- C: \ Programmer \ Mahjong Deluxe
2008-02-21 12:06:28 0 d -------- C: \ Programmer \ RogueRemover FRI
2008-02-21 12:04:40 0 d -------- C: \ Programmer \ vægge Jericho
2008-02-21 12:04:31 0 d -------- C: \ Programmer \ HP Creative Idea CD
2008-02-21 12:04:11 0 d -------- C: \ Programmer \ XviD
2008-02-21 12:03:54 0 d -------- C: \ Programmer \ RegCure
2008-02-21 12:02:55 0 d -------- C: \ Programmer \ Fjernelse Man
2008-02-21 12:02:55 0 d -------- C: \ Programmer \ Polarkubes
2008-02-21 12:01:40 0 d -------- C: \ Programmer \ PopCap Games
2008-02-18 19:38:17 16 - a ------ C: \ WINDOWS \ popcinfot.dat
2008-02-18 19:19:59 0 - a ------ C: \ WINDOWS \ popcreg.dat
2008-02-11 17:53:24 0 d -------- C: \ Programmer \ IDIGICON Limited
2008-01-21 18:36:58 1024 - a ------ C: \ WINDOWS \ jericho_game_ra.dat

- Registry Dump ---------------------------------------------- -----------------
* Note * empty entries & legit default entries er ikke vist

[HKEY_LOCAL_MACHINE \ ~ \ Browser Helper Objects \ (51610169-C280-4F36-84AB-82D92ED1F68B)]
[HKEY_LOCAL_MACHINE \ ~ \ Browser Helper Objects \ (EA389261-1100-451F-8582-815CAB488AE6)]
[HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ Windows \ Curr entVersion \ Run]
"SynTPEnh" = "C: \ Programmer \ Synaptics \ SynTP \ SynTPEnh.exe" [17/12/2005 00:32]
"Toshiba Genvejstast Utility" = "C: \ Programmer \ Toshiba \ Windows Utilities \ Hotkey.exe" [28/01/2006 05:13]
"TPSMain" = "TPSMain.exe" [08/02/2006 16:02 C: \ WINDOWS \ system32 \ TPSMain.exe]
"NDSTray.exe" = "NDSTray.exe" []
"SmoothView" = "C: \ Programmer \ TOSHIBA \ TOSHIBA Zooming Utility \ SmoothView.exe" [12/05/2005 11:31]
"PadTouch" = "C: \ Programmer \ TOSHIBA \ Touch og Launch \ PadExe.exe" [21/12/2005 14:52]
"DLA" = "C: \ WINDOWS \ System32 \ DLA \ DLACTRLW.EXE" [06/10/2005 06:20]
"CFSServ.exe" = "CFSServ.exe" []
"REGSHAVE" = "C: \ Programmer \ REGSHAVE \ REGSHAVE.exe" [04/02/2002 23:32]
"ACU" = "C: \ Programmer \ Atheros \ ACU.exe" [11/07/2005 16:04]
"TkBellExe" = "C: \ Programmer \ Common Files \ Real \ Update_OB \ realsched.exe" [04/03/2007 17:39]
"QuickTime Task" = "C: \ Programmer \ QuickTime \ qttask.exe" [01/09/2006 16:57]
"! AVG Anti-Spyware" = "C: \ Programmer \ Grisoft \ AVG Anti-Spyware 7.5 \ avgas.exe" [11/06/2007 10:25]
"AVG7_CC" = "C: \ PROGRA ~ 1 \ Grisoft \ AVG7 \ avgcc.exe" [02/01/2008 12:20]
"SunJavaUpdateSched" = "C: \ Programmer \ Java \ jre1.6.0_05 \ bin \ jusched.exe" [22/02/2008 05:25]
"OpwareSE2" = "C: \ Programmer \ ScanSoft \ OmniPageSE2.0 \ OpwareSE2.exe" [08/05/2003 12:00]
"OPSE reminder" = "C: \ Programmer \ ScanSoft \ OmniPageSE2.0 \ EregEng \ Ereg.exe" [07/07/2003 10:29]
"RegistryMechanic" = "" []
[HKEY_CURRENT_USER \ SOFTWARE \ Microsoft \ Windows \ Curre ntVersion \ Run]
"TOSCDSPD" = "C: \ Programmer \ TOSHIBA \ TOSCDSPD \ toscdspd.exe" [11/04/2005 12:26]
"Ctfmon.exe" = "C: \ WINDOWS \ system32 \ Ctfmon.exe" [04/08/2004 14:00]
"PnPUI Registrator" = "C: \ Programmer \ Common Files \ Sitecom Shared \ PnP Universal Installer \ PnPUIReg.exe" [22/11/2004 21:04]
"MSMSGS" = "C: \ Programmer \ Messenger \ msmsgs.exe" [13/10/2004 17:24]
"SUPERAntiSpyware" = "C: \ Programmer \ SUPERAntiSpyware \ SUPERAntiSpyware.exe" [27/02/2007 12:39]
C: \ Documents and Settings \ All Users \ Menuen Start \ Programmer \ Start \
Exif Launcher.lnk - C: \ Programmer \ FinePixViewer \ QuickDCF.exe [09/01/2002 22:53:14]
Microsoft Office.lnk - C: \ Programmer \ Microsoft Office \ Office \ OSA9.EXE [21/01/2000 09:15:54]
[HKEY_CURRENT_USER \ Software \ Microsoft \ Windows \ curre ntversion \ policies \ system]
"DisableRegistryTools" = 0 (0x0)
[HKEY_LOCAL_MACHINE \ Software \ Microsoft \ Windows \ Curr entversion \ policies \ Explorer]
"NoWelcomeScreen" = 1 (0x1)
[HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ Windows \ Curr entVersion \ Explorer \ ShellExecuteHooks]
"(5AE067D3-9AFB-48E0-853A-EBB7F4A000DA)" = C: \ Programmer \ SUPERAntiSpyware \ SASSEH.DLL [20/12/2006 13:55 77824]
[HKEY_LOCAL_MACHINE \ Software \ Microsoft \ Windows NT \ CurrentVersion \ Winlogon \ anmelde \! SASWinLogon]
C: \ Programmer \ SUPERAntiSpyware \ SASWINLO.dll 27/02/2007 12:39 282624 C: \ Programmer \ SUPERAntiSpyware \ SASWINLO.dll
[HKEY_LOCAL_MACHINE \ Software \ Microsoft \ Windows NT \ CurrentVersion \ Winlogon \ anmelde \ detcdzqc]
athcfg11c.dll
[HKEY_LOCAL_MACHINE \ SYSTEM \ CurrentControlSet \ contro l \ LSA]
"Authentication Packages" = msv1_0 nwprovau
HKEY_LOCAL_MACHINE \ Software \ Microsoft \ Windows NT \ CurrentVersion \ Svchost - NetSvcs
buznlwxw

[HKEY_CURRENT_USER \ Software \ Microsoft \ Windows \ curre ntversion \ explorer \ mountpoints2 \ (a2fd87dd-a192-11dc-b600-0016e375ed46)]
AutoRun \ command-E: \ LaunchU3.exe


- End of Deckard's System Scanner: færdig på 2008-04-07 08:53:08 ------------


Håber alt dette giver mening for dig

Hilsen
IANA

[evilfantasy]

Du bliver nødt til at gøre de skridt HER.