mindre egenkapital

Magazine
Go Back   Computer Juice > Computer Software > Virus, Spyware & Sikkerhed
Reload this Page

Virus: iexplore.exe som system proces

Registrer Site Spy Medlem List Donate Søgning Dagens Stillinger Mark Forums Read Forum Regler

Register


 Default 

Virus: iexplore.exe som system proces




Reply
Side 1 af 2 1 2
 
Thread Tools
  #1  
Old 6 november 2008, 02:16
Ny Medlem Gruppen
  
Jeg kan ikke ud til at lukke iexplore.exe, selv når der ikke er Windows Stifinder åbnes. Annoncer altid dukker op fra tid til anden. Jeg vil også høre ad stemmer / lyde i baggrunden. Det er irriterende, og jeg føler som systemets ydeevne havde bremset. Please help. Dette er min HiJackThis log:

Logfile af HijackThis v1.99.1
Scan gemt på 4:15:28, om 11/6/2008
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16735)
Kørende processer:
C: \ WINDOWS \ System32 \ smss.exe
C: \ WINDOWS \ system32 \ Winlogon.exe
C: \ WINDOWS \ system32 \ Services.exe
C: \ WINDOWS \ system32 \ Lsass.exe
C: \ WINDOWS \ system32 \ Svchost.exe
C: \ WINDOWS \ System32 \ Svchost.exe
C: \ Programmer \ Alwil Software \ Avast4 \ aswUpdSv.exe
C: \ Programmer \ Alwil Software \ Avast4 \ ashServ.exe
C: \ WINDOWS \ Explorer.EXE
C: \ Programmer \ ASUS \ Ai Suite \ AiNap \ AiNap.exe
C: \ Programmer \ Common Files \ Ulead Systems \ AutoDetector \ monitor.exe
C: \ WINDOWS \ RTHDCPL.EXE
C: \ Programmer \ Common Files \ Real \ Update_OB \ realsched.exe
C: \ Programmer \ iTunes \ iTunesHelper.exe
C: \ Programmer \ ASUS \ AASP \ 1.00.61 \ aaCenter.exe
C: \ WINDOWS \ system32 \ rundll32.exe
C: \ PROGRA ~ 1 \ ALWILS ~ 1 \ Avast4 \ ashDisp.exe
C: \ WINDOWS \ system32 \ Ctfmon.exe
C: \ Programmer \ Nokia \ Nokia PC Suite 6 \ PcSync2.exe
C: \ PROGRA ~ 1 \ FÆLLES ~ 1 \ Nokia \ MPAPI \ MPAPI3s.exe
C: \ WINDOWS \ system32 \ Spoolsv.exe
C: \ Programmer \ Common Files \ Apple \ Mobile Device Support \ bin \ AppleMobileDeviceService.exe
C: \ Programmer \ Bonjour \ mDNSResponder.exe
C: \ WINDOWS \ system32 \ nvsvc32.exe
C: \ WINDOWS \ System32 \ PSIService.exe
C: \ Programmer \ synspunkt \ Common \ ViewpointService.exe
C: \ Programmer \ Common Files \ pcsuite \ Services \ ServiceLayer.exe
C: \ Programmer \ iPod \ bin \ iPodService.exe
C: \ Programmer \ Alwil Software \ Avast4 \ ashMaiSv.exe
C: \ Programmer \ Alwil Software \ Avast4 \ ashWebSv.exe
C: \ WINDOWS \ System32 \ Svchost.exe
C: \ Programmer \ Winamp \ winamp.exe
C: \ Programmer \ Real \ RealPlayer \ RealPlay.exe
C: \ WINDOWS \ system32 \ s1S8Dh6X.exe
C: \ Programmer \ Internet Explorer \ iexplore.exe
C: \ Programmer \ Internet Explorer \ iexplore.exe
C: \ Programmer \ HijackThis \ HijackThis.exe
O2 - BHO: Adobe PDF Reader Link Helper - (06849E9F-C8D7-4D59-B87D-784B7D6BE0B3) - C: \ Programmer \ Common Files \ Adobe \ Acrobat \ ActiveX \ AcroIEHelper.dll
O2 - BHO: IE2EMBHO Class - (0A0DDBD3-6641-40B9-873F-BBDD26D6C14E) - C: \ Programmer \ eMule \ modules \ IE2EM.dll
O2 - BHO: RealPlayer Download og Record Plugin for Internet Explorer - (3049C3E9-B461-4BC5-8870-4C09146192CA) - C: \ Programmer \ Real \ RealPlayer \ rpbrowserrecordplugin.dll
O2 - BHO: (no name) - (7E853D72-626A-48EC-A868-BA8D5E23E045) - (no file)
O4 - HKLM \ .. \ Run: [PHIME2002ASync] C: \ WINDOWS \ System32 \ IME \ TINTLGNT \ TINTSETP.EXE / SYNC
O4 - HKLM \ .. \ Run: [PHIME2002A] C: \ WINDOWS \ System32 \ IME \ TINTLGNT \ TINTSETP.EXE / IMEName
O4 - HKLM \ .. \ Run: [Ai nap] "C: \ Programmer \ ASUS \ Ai Suite \ AiNap \ AiNap.exe"
O4 - HKLM \ .. \ Run: [CPU Power Monitor] "C: \ Programmer \ ASUS \ Ai Suite \ AiGear3 \ CpuPowerMonitor.exe"
O4 - HKLM \ .. \ Run: [CPU Level Up help] C: \ Programmer \ ASUS \ Ai Suite \ CpuLevelUpHelp.exe
O4 - HKLM \ .. \ Run: [ASUS Energy Saving] "C: \ Programmer \ ASUS \ Ai Suite \ energibesparende \ PwSave.exe"
O4 - HKLM \ .. \ Run: [Ulead AutoDetector v2] C: \ Programmer \ Common Files \ Ulead Systems \ AutoDetector \ monitor.exe
O4 - HKLM \ .. \ Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM \ .. \ Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM \ .. \ Run: [TkBellExe] "C: \ Programmer \ Common Files \ Real \ Update_OB \ realsched.exe"-osboot
O4 - HKLM \ .. \ Run: [QuickTime Task] "C: \ Programmer \ QuickTime \ qttask.exe"-atboottime
O4 - HKLM \ .. \ Run: [iTunesHelper] "C: \ Programmer \ iTunes \ iTunesHelper.exe"
O4 - HKLM \ .. \ Run: [NvCplDaemon] rundll32.exe C: \ WINDOWS \ system32 \ NvCpl.dll, NvStartup
O4 - HKLM \ .. \ Run: [nwiz] nwiz.exe / install
O4 - HKLM \ .. \ Run: [NvMediaCenter] rundll32.exe C: \ WINDOWS \ system32 \ NvMcTray.dll, NvTaskbarInit
O4 - HKLM \ .. \ Run: [Adobe Reader Speed Launcher] "C: \ Programmer \ Adobe \ Reader 8.0 \ Reader \ Reader_sl.exe"
O4 - HKLM \ .. \ Run: [NSLauncher] C: \ Programmer \ Nokia \ Nokia Software Launcher \ NSLauncher.exe / start
O4 - HKLM \ .. \ Run: [avast!] C: \ PROGRA ~ 1 \ ALWILS ~ 1 \ Avast4 \ ashDisp.exe
O4 - HKCU \ .. \ Run: [Ctfmon.exe] C: \ WINDOWS \ system32 \ Ctfmon.exe
O4 - HKCU \ .. \ Run: [\ \ MING3 \ Epson Stylus C120 Series] C: \ WINDOWS \ System32 \ spool \ DRIVERS \ W32X86 \ 3 \ E_FATIC CA.EXE / FU "C: \ DOCUME ~ 1 \ MKJ \ LOCALS ~ 1 \ Temp \ E_S13.tmp "/ EF" HKLM "
O4 - HKCU \ .. \ Run: [PcSync] C: \ Programmer \ Nokia \ Nokia PC Suite 6 \ PcSync2.exe / NoDialog
O8 - Extra sammenhæng menupunkt: Add to Google Photos Screensa & ver - res: / / C: \ WINDOWS \ system32 \ GPhotos.scr/200
O8 - Extra context menu item: Download af easyMule - C: \ Programmer \ eMule \ IE2EM.htm
O9 - Extra knappen: (no name) - (e2e2dd38-d088-4134-82b7-f2ba38496583) -% windir% \ Network Diagnostic \ xpnetdiag.exe (file mangler)
O9 - Extra 'Tools' MENUITEM: @ xpsp3res.dll, -20001 - (e2e2dd38-d088-4134-82b7-f2ba38496583) -% windir% \ Network Diagnostic \ xpnetdiag.exe (file mangler)
O9 - Ekstra knap: Messenger - (FB5F1910-F110-11D2-BB9E-00C04F795683) - C: \ Programmer \ Messenger \ msmsgs.exe
O9 - Extra 'Tools' MENUITEM: Windows Messenger - (FB5F1910-F110-11D2-BB9E-00C04F795683) - C: \ Programmer \ Messenger \ msmsgs.exe
O10 - Ukendt fil i Winsock LSP: c: \ Programmer \ Bonjour \ mdnsnsp.dll
O11 - Valg gruppe: [INTERNATIONAL] International *
O16 - DPF: (0CCA191D-13A6-4E29-B746-314DEE697D83) (Facebook Photo Uploader 5 Control) -- http://upload.facebook.com/controls/...oUploader5.cab
O16 - DPF: (6414512B-B978-451D-A0D8-FCFDF33E833C) (WUWebControl Class) -- http://www.update.microsoft.com/wind...?1224821007296
O16 - DPF: (6E32070A-766D-4EE6-879C-DC1FA91D2FC3) (MUWebControl Class) -- http://www.update.microsoft.com/micr...?1224825458984
O16 - DPF: (D27CDB6E-AE6D-11CF-96B8-444553540000) (Shockwave Flash Object) -- http://fpdownload2.macromedia.com/ge...sh/swflash.cab
O18 - Protocol: livecall - (828030A1-22C1-4009-854F-8E305202313F) - C: \ PROGRA ~ 1 \ MSNMES ~ 1 \ MSGRAP ~ 1.DLL
O18 - Protocol: msnim - (828030A1-22C1-4009-854F-8E305202313F) - C: \ PROGRA ~ 1 \ MSNMES ~ 1 \ MSGRAP ~ 1.DLL
O20 - Winlogon Notify: dimsntfy -% SystemRoot% \ System32 \ dimsntfy.dll (filen mangler)
O20 - Winlogon Notify: WgaLogon - C: \ WINDOWS \ SYSTEM32 \ WgaLogon.dll
O21 - SSODL: WPDShServiceObj - (AAA288BA-9A4C-45B0-95D7-94D524869DB5) - C: \ WINDOWS \ system32 \ WPDShServiceObj.dll
O23 - Service: Apple Mobile Device - Apple Inc. - C: \ Programmer \ Common Files \ Apple \ Mobile Device Support \ bin \ AppleMobileDeviceService.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C: \ Programmer \ Alwil Software \ Avast4 \ aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C: \ Programmer \ Alwil Software \ Avast4 \ ashServ.exe
O23 - Service: avast! Mail Scanner - Unknown ejer - C: \ Programmer \ Alwil Software \ Avast4 \ ashMaiSv.exe "/ service (file mangler)
O23 - Service: avast! Web Scanner - Unknown ejer - C: \ Programmer \ Alwil Software \ Avast4 \ ashWebSv.exe "/ service (file mangler)
O23 - Service: Bonjour Service - Apple Inc. - C: \ Programmer \ Bonjour \ mDNSResponder.exe
O23 - Service: Google Updater Service (gusvc) - Google - C: \ Programmer \ Google \ Common \ Google Updater \ GoogleUpdaterService.exe
O23 - Service: iPod Service - Apple Inc. - C: \ Programmer \ iPod \ bin \ iPodService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C: \ WINDOWS \ system32 \ nvsvc32.exe
O23 - Service: ProtexisLicensing - Ukendt ejer - C: \ WINDOWS \ System32 \ PSIService.exe
O23 - Service: ServiceLayer - Nokia. - C: \ Programmer \ Common Files \ pcsuite \ Services \ ServiceLayer.exe
O23 - Service: synspunkt Manager Service - synspunkt Corporation - C: \ Programmer \ synspunkt \ Common \ ViewpointService.exe
  #2  
Old 6 november 2008, 09:37
Redaktør Gruppen
  
Downloade CCleaner Slim og gemme den til dit skrivebord.
Når filen er gemt, skal du gå til dit skrivebord og dobbeltklik på den ccsetupxxx_slim.exe
Følg anvisningerne for at installere programmet.
Fuldføre installationen derefter:
  • Dobbeltklik på CCleaner genvej på skrivebordet for at starte programmet.
  • Klik på Valg blok til venstre, vælg derefter Cookies.
    • Under Cookies til at Slet, Fremhæve eventuelle cookies, du gerne vil beholde permanent
    • Klik på højrepilen > at flytte dem til Cookies til at holde vinduet.
  • Gå ind Valg > Avanceret unkontrollere Kun slette filer i Windows Temp mapper ældre end 48 timer
  • Klik på Renere på venstre derefter Kør Cleaner om retten til at køre programmet.
  • Vigtigt: Sørg for, at ALLE browser vinduer er lukket før udvælgelsen Kør Cleaner
  • Forsigtig: Det anbefales ikke at du bruger 'Registry' funktion, medmindre du er meget fortrolig med registreringsdatabasen.
  • Afslut CCleaner efter at det har afsluttet sit proces.

----------

Nu installere den nye version af HijackThis og post loggen fra det.

Downloade TrendMicro HijackThis.exe (HJT) til skrivebordet.
  • Dobbeltklik på HJTInstall.
  • Klik på Installer knappen.
  • Det vil automatisk placere HJT i C: \ Programmer \ TrendMicro \ HijackThis \ HijackThis.exe.
  • Efter installere, HijackThis bør åbne for dig.
  • Klik på Må en systemscanning og gemme en logfil knappen
  • HijackThis scanner og derefter en log åbnes i Notesblok.
  • Kopier og derefter indsætte hele indholdet i loggen i dit indlæg.
  • Må ikke har HijackThis fastsætte noget endnu. Det meste af det, det finder er ufarlige eller ligefrem nødvendig.
__________________
  #3  
Old 6 november 2008, 16:19
Ny Medlem Gruppen
  
Jeg kørte CCleaner og geninstalleret den nye version af HiJackThis.

Logfile af Trend Micro HijackThis v2.0.2
Scan gemt på 6:18:15, om 11/6/2008
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16735)
Boot mode: Normal
Kørende processer:
C: \ WINDOWS \ System32 \ smss.exe
C: \ WINDOWS \ system32 \ Winlogon.exe
C: \ WINDOWS \ system32 \ Services.exe
C: \ WINDOWS \ system32 \ Lsass.exe
C: \ WINDOWS \ system32 \ Svchost.exe
C: \ WINDOWS \ System32 \ Svchost.exe
C: \ Programmer \ Alwil Software \ Avast4 \ aswUpdSv.exe
C: \ Programmer \ Alwil Software \ Avast4 \ ashServ.exe
C: \ WINDOWS \ Explorer.EXE
C: \ Programmer \ ASUS \ Ai Suite \ AiNap \ AiNap.exe
C: \ Programmer \ Common Files \ Ulead Systems \ AutoDetector \ monitor.exe
C: \ WINDOWS \ RTHDCPL.EXE
C: \ Programmer \ Common Files \ Real \ Update_OB \ realsched.exe
C: \ Programmer \ iTunes \ iTunesHelper.exe
C: \ Programmer \ ASUS \ AASP \ 1.00.61 \ aaCenter.exe
C: \ WINDOWS \ system32 \ rundll32.exe
C: \ PROGRA ~ 1 \ ALWILS ~ 1 \ Avast4 \ ashDisp.exe
C: \ WINDOWS \ system32 \ Ctfmon.exe
C: \ WINDOWS \ system32 \ Spoolsv.exe
C: \ Programmer \ Common Files \ Apple \ Mobile Device Support \ bin \ AppleMobileDeviceService.exe
C: \ Programmer \ Bonjour \ mDNSResponder.exe
C: \ WINDOWS \ system32 \ nvsvc32.exe
C: \ WINDOWS \ System32 \ PSIService.exe
C: \ Programmer \ synspunkt \ Common \ ViewpointService.exe
C: \ Programmer \ Common Files \ pcsuite \ Services \ ServiceLayer.exe
C: \ Programmer \ iPod \ bin \ iPodService.exe
C: \ Programmer \ Alwil Software \ Avast4 \ ashMaiSv.exe
C: \ Programmer \ Alwil Software \ Avast4 \ ashWebSv.exe
C: \ WINDOWS \ System32 \ Svchost.exe
C: \ WINDOWS \ system32 \ s1S8Dh6X.exe
C: \ Programmer \ Adobe \ Reader 8.0 \ Reader \ AcroRd32.exe
C: \ PROGRA ~ 1 \ FÆLLES ~ 1 \ pcsuite \ DATALA ~ 1 \ DATALA ~ 1.exe
C: \ WINDOWS \ system32 \ conime.exe
C: \ Programmer \ CCleaner \ CCleaner.exe
C: \ Programmer \ Internet Explorer \ iexplore.exe
C: \ WINDOWS \ system32 \ wuauclt.exe
C: \ Programmer \ Trend Micro \ HijackThis \ HijackThis.exe
O2 - BHO: Adobe PDF Reader Link Helper - (06849E9F-C8D7-4D59-B87D-784B7D6BE0B3) - C: \ Programmer \ Common Files \ Adobe \ Acrobat \ ActiveX \ AcroIEHelper.dll
O2 - BHO: IE2EMBHO Class - (0A0DDBD3-6641-40B9-873F-BBDD26D6C14E) - C: \ Programmer \ eMule \ modules \ IE2EM.dll
O2 - BHO: RealPlayer Download og Record Plugin for Internet Explorer - (3049C3E9-B461-4BC5-8870-4C09146192CA) - C: \ Programmer \ Real \ RealPlayer \ rpbrowserrecordplugin.dll
O2 - BHO: (no name) - (7E853D72-626A-48EC-A868-BA8D5E23E045) - (no file)
O4 - HKLM \ .. \ Run: [PHIME2002ASync] C: \ WINDOWS \ System32 \ IME \ TINTLGNT \ TINTSETP.EXE / SYNC
O4 - HKLM \ .. \ Run: [PHIME2002A] C: \ WINDOWS \ System32 \ IME \ TINTLGNT \ TINTSETP.EXE / IMEName
O4 - HKLM \ .. \ Run: [Ai nap] "C: \ Programmer \ ASUS \ Ai Suite \ AiNap \ AiNap.exe"
O4 - HKLM \ .. \ Run: [CPU Power Monitor] "C: \ Programmer \ ASUS \ Ai Suite \ AiGear3 \ CpuPowerMonitor.exe"
O4 - HKLM \ .. \ Run: [CPU Level Up help] C: \ Programmer \ ASUS \ Ai Suite \ CpuLevelUpHelp.exe
O4 - HKLM \ .. \ Run: [ASUS Energy Saving] "C: \ Programmer \ ASUS \ Ai Suite \ energibesparende \ PwSave.exe"
O4 - HKLM \ .. \ Run: [Ulead AutoDetector v2] C: \ Programmer \ Common Files \ Ulead Systems \ AutoDetector \ monitor.exe
O4 - HKLM \ .. \ Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM \ .. \ Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM \ .. \ Run: [TkBellExe] "C: \ Programmer \ Common Files \ Real \ Update_OB \ realsched.exe"-osboot
O4 - HKLM \ .. \ Run: [QuickTime Task] "C: \ Programmer \ QuickTime \ qttask.exe"-atboottime
O4 - HKLM \ .. \ Run: [iTunesHelper] "C: \ Programmer \ iTunes \ iTunesHelper.exe"
O4 - HKLM \ .. \ Run: [NvCplDaemon] rundll32.exe C: \ WINDOWS \ system32 \ NvCpl.dll, NvStartup
O4 - HKLM \ .. \ Run: [nwiz] nwiz.exe / install
O4 - HKLM \ .. \ Run: [NvMediaCenter] rundll32.exe C: \ WINDOWS \ system32 \ NvMcTray.dll, NvTaskbarInit
O4 - HKLM \ .. \ Run: [Adobe Reader Speed Launcher] "C: \ Programmer \ Adobe \ Reader 8.0 \ Reader \ Reader_sl.exe"
O4 - HKLM \ .. \ Run: [NSLauncher] C: \ Programmer \ Nokia \ Nokia Software Launcher \ NSLauncher.exe / start
O4 - HKLM \ .. \ Run: [avast!] C: \ PROGRA ~ 1 \ ALWILS ~ 1 \ Avast4 \ ashDisp.exe
O4 - HKCU \ .. \ Run: [Ctfmon.exe] C: \ WINDOWS \ system32 \ Ctfmon.exe
O4 - HKCU \ .. \ Run: [\ \ MING3 \ Epson Stylus C120 Series] C: \ WINDOWS \ System32 \ spool \ DRIVERS \ W32X86 \ 3 \ E_FATIC CA.EXE / FU "C: \ DOCUME ~ 1 \ MKJ \ LOCALS ~ 1 \ Temp \ E_S13.tmp "/ EF" HKLM "
O4 - HKCU \ .. \ Run: [PcSync] C: \ Programmer \ Nokia \ Nokia PC Suite 6 \ PcSync2.exe / NoDialog
O4 - HKCU \ .. \ Run: [Uniblue RegistryBooster 2009] C: \ Programmer \ Uniblue \ RegistryBooster \ RegistryBooster.exe / S
O4 - HKUS \ S-1-5-19 \ .. \ Run: [Ctfmon.exe] C: \ WINDOWS \ System32 \ Ctfmon.exe (User 'LOCAL SERVICE')
O4 - HKUS \ S-1-5-20 \ .. \ Run: [Ctfmon.exe] C: \ WINDOWS \ System32 \ Ctfmon.exe (User 'NETWORK SERVICE')
O4 - HKUS \ S-1-5-18 \ .. \ Run: [Ctfmon.exe] C: \ WINDOWS \ System32 \ Ctfmon.exe (User 'SYSTEM')
O4 - HKUS \. DEFAULT \ .. \ Run: [Ctfmon.exe] C: \ WINDOWS \ System32 \ Ctfmon.exe (User 'Default user')
O8 - Extra sammenhæng menupunkt: Add to Google Photos Screensa & ver - res: / / C: \ WINDOWS \ system32 \ GPhotos.scr/200
O8 - Extra context menu item: Download af easyMule - C: \ Programmer \ eMule \ IE2EM.htm
O9 - Extra knappen: (no name) - (e2e2dd38-d088-4134-82b7-f2ba38496583) - C: \ WINDOWS \ Network Diagnostic \ xpnetdiag.exe
O9 - Extra 'Tools' MENUITEM: @ xpsp3res.dll, -20001 - (e2e2dd38-d088-4134-82b7-f2ba38496583) - C: \ WINDOWS \ Network Diagnostic \ xpnetdiag.exe
O9 - Ekstra knap: Messenger - (FB5F1910-F110-11D2-BB9E-00C04F795683) - C: \ Programmer \ Messenger \ msmsgs.exe
O9 - Extra 'Tools' MENUITEM: Windows Messenger - (FB5F1910-F110-11D2-BB9E-00C04F795683) - C: \ Programmer \ Messenger \ msmsgs.exe
O15 - ESC Trusted Zone: http:// *. update.microsoft.com
O16 - DPF: (0CCA191D-13A6-4E29-B746-314DEE697D83) (Facebook Photo Uploader 5 Control) -- http://upload.facebook.com/controls/...oUploader5.cab
O16 - DPF: (6414512B-B978-451D-A0D8-FCFDF33E833C) (WUWebControl Class) -- http://www.update.microsoft.com/wind...?1224821007296
O16 - DPF: (6E32070A-766D-4EE6-879C-DC1FA91D2FC3) (MUWebControl Class) -- http://www.update.microsoft.com/micr...?1224825458984
O16 - DPF: (D27CDB6E-AE6D-11CF-96B8-444553540000) (Shockwave Flash Object) -- http://fpdownload2.macromedia.com/ge...sh/swflash.cab
O23 - Service: Apple Mobile Device - Apple Inc. - C: \ Programmer \ Common Files \ Apple \ Mobile Device Support \ bin \ AppleMobileDeviceService.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C: \ Programmer \ Alwil Software \ Avast4 \ aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C: \ Programmer \ Alwil Software \ Avast4 \ ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C: \ Programmer \ Alwil Software \ Avast4 \ ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C: \ Programmer \ Alwil Software \ Avast4 \ ashWebSv.exe
O23 - Service: Bonjour Service - Apple Inc. - C: \ Programmer \ Bonjour \ mDNSResponder.exe
O23 - Service: Google Updater Service (gusvc) - Google - C: \ Programmer \ Google \ Common \ Google Updater \ GoogleUpdaterService.exe
O23 - Service: iPod Service - Apple Inc. - C: \ Programmer \ iPod \ bin \ iPodService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C: \ WINDOWS \ system32 \ nvsvc32.exe
O23 - Service: ProtexisLicensing - Ukendt ejer - C: \ WINDOWS \ System32 \ PSIService.exe
O23 - Service: ServiceLayer - Nokia. - C: \ Programmer \ Common Files \ pcsuite \ Services \ ServiceLayer.exe
O23 - Service: synspunkt Manager Service - synspunkt Corporation - C: \ Programmer \ synspunkt \ Common \ ViewpointService.exe
--
End of file - 7422 bytes



Hvad er det næste skridt?

Tak for din hjælp.
  #4  
Old 6 november 2008, 16:53
Redaktør Gruppen
  
Mistænkelige filer for at scanne

Gå til VirSCAN.org gratis online scanning service
(Hvis mere end én fil behov scannet de skal ske særskilt og logfiler indsendt for hver en)

1. Kopier og indsæt følgende filstien i Mistænkelige filer for at scanne rubrik på toppen af siden.
Code:
C: \ WINDOWS \ system32 \ s1S8Dh6X.exe
2. Ved upload site, klik en gang inde i vinduet ved siden af Browse.
3. Tryk Ctrl + V på tastaturet (begge dele på samme tid) for at indsætte filstien i vinduet.
4. Klik på Upload knappen.
Dette vil foretage en scanning på tværs af flere forskellige virusscanningen motorer.
Din fil vil muligvis være trådt i en kø, der normalt tager mindre end et minut til at klare.
Vigtigt: Vent, til alle de scanning motorer til at fuldføre.
5. Når scanningen er fuldført skal du rulle ned og klikke på Kopier til Udklipsholder knappen. Dette vil kopiere linket af rapporten i Udklipsholder.
6. Indsæt indholdet af Udklipsholder i dit næste svar.
__________________
  #5  
Old 6. november 2008, 17:19
Ny Medlem Gruppen
  
Her er klippebordet info for filen s1S8Dh6X.exe.

Fil information Filnavn: s1S8Dh6X.exeFile Størrelse: 62.464 byteFile Type: PE32 eksekverbare til MS Windows (GUI) Intel 80386 32-bitMD5: 895f4e2eed5a30e317460e66989042d0SHA1: 8d133ba222ce2d511ff28d900586e79041a8b4cfScanner resultater Scanner resultater: 8% Scanner (3 / 39) fundet malware! Time: 2008 / 11/06 19:15:08 (EST)ScannerEngine VerSig VerSig DatoScan resultatTida-squared4.0.0.232008.11.032008-11-03--
1.832AhnLab V32008.11.07.012008.11.072008-11-07--
0.987AntiVir7.9.0.267.1.0.492008-11-06--
1.503Antiy2.0.1820081106.15602992008-11-06--
0.122Arcavir1.0.52008110611442008-11-06--
1.227Authentium5.1.12008110611422008-11-06--
1.367AVAST! 3.0.1081106-02008-11-06--
0.725AVG7.5.52.442270.9.0/17722008-11-06Clicker.TXO
1.691BitDefender7.60825.20709477.217192008-11-07--
3.401CA (EUD) 9.0.0.14331.6.61952008-11-06--
7.230ClamAV0.9485842008-11-07--
0.021Comodo2.112.0.0.6992008-11-06--
0.422CP Secure1.1.0.7152008.11.062008-11-06--
6.447Dr.Web4.44.0.91702008.11.062008-11-06--
3.465ewido4.0.0.22008.11.062008-11-06--
3.024F-Prot4.4.4.56200811062008-11-06--
1.293F-Secure5.51.61002008.11.06.112008-11-06--
3.681Fortinet2.81-3.1179.6922008-11-06--
0.215GData19.1393/19.94200811072008-11-07--
2.739IkarusT3.1.01.452008.11.06.718072008-11-06--
3.517JiangMin11.0.7062008.11.062008-11-06--
1.312Kaspersky5.5.102008.11.062008-11-06--
0.034KingSoft2008.9.8.182008.11.6.202008-11-06--
0.690McAfee5.3.0054262008-11-06--
2.352Microsoft1.41042008.11.072008-11-07--
8.785mks_vir2.012008.11.062008-11-06--
2.720Norman5.93.015.93.002008-11-06--
5.480nProtect2008-11-06,0023828662008-11-06--
5.379Panda9.05.012008.11.062008-11-06--
3.744Quick Heal9.502008.09.122008-09-12--
2.520Rising20.021.02.32.002008-11-06--
3.054Sophos2.80.04.352008-11-07Mal / EncPk-CZ
1.881Sunbelt3.1.1783.223742008-11-04--
1.058Symantec1.3.0.2420081106.0042008-11-06Infostealer
0.046The Hacker6.3.1.1v001432008-11-06--
0.445Trend Micro8.700-10045.642.172008-11-06--
0.028VBA323.12.8.920081106.17172008-11-06--
1.390ViRobot200811052008.11.052008-11-05--
0.398VirusBuster4.5.11.1010.90.27/6712492008-11-06--
0.876Thanks
  #6  
Old 6 november 2008, 17:30
Ny Medlem Gruppen
  
http://virscan.org/report/3510c11282...b9674c0c1.html

Thats linket til den scannede fil.
  #7  
Old 6 november 2008, 17:39
Redaktør Gruppen
  
Download ComboFix ved Subs fra et af nedenstående links. Vær sikker på toppen gemme den til Desktop.

Link # 1
Link # 2

** Note: Det er vigtigt, at den er gemt direkte til dit skrivebord

Luk alle åbne Internet-browsere. (Firefox, Internet Explorer, osv.), før du begynder ComboFix.

Midlertidigt deaktivere din antivirus, Og enhver antispyware realtid beskyttelse før udførelse af en scanning. Klik på dette link at se en liste over sikkerhedsprogrammer, der skal være slået fra, og hvordan du deaktivere dem.

Dobbeltklik combofix.exe & følg instruktionerne.

For Windows XP Systems installere genoprettelseskonsollen:

- Hvis du bruger Windows XP og ikke allerede har Genoprettelseskonsol installeret, skal du sikre, at din internetforbindelse er aktiv (hvis muligt) og klik Ja.
- Hvis der af en eller anden grund din internetudbyder ikke fungerer klik Nej.
-- Hvis du ikke bruger Windows XP, vil du ikke blive bedt.
- Når du bliver bedt om at acceptere slutbrugerlicensaftalen klik OK.
- Accepter Microsofts EULA (Klik Ja).
- Når du får at vide, at de RC er installeret korrekt klik JA at fortsætte med at scanne for malware.

Når du er færdig ComboFix vil udarbejde en log for dig.
Post den ComboFix log i dit næste svar.

Vigtigt: Må ikke mouseclick ComboFix vindue mens den kører. Det kan få det til at stå.

Husk at genaktivere dine antivirus-og antispyware beskyttelse, når ComboFix er færdig.
__________________
  #8  
Old 6 november 2008, 17:57
Ny Medlem Gruppen
  
ComboFix Log

ComboFix 08-11-05.02 - MKJ 2008-11-06 19:51:34.2 - NTFSx86
Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.3144 [GMT -5:00]
Running from: C: \ Documents and Settings \ MKJ \ Desktop \ ComboFix.exe
.
((((((((((((((((((((((((( Files Created from 2008/10/07 til 2008/11/07 ))))))))))) ))))))))))))))))))))
.
2008-11-06 18:15. 2008-11-06 18:15 <DIR> d -------- C: \ program files \ CCleaner
2008-11-06 03:51. 2008-11-06 03:51 <DIR> d -------- C: \ program files \ Trend Micro
2008-11-06 03:22. 2008-11-06 03:22 <DIR> d -------- C: \ Programmer \ Alwil Software
2008-11-06 02:10. 2008-11-06 02:10 <DIR> d -------- C: \ program files \ Reference Assemblies
2008-11-06 02:07. 2008-11-06 02:07 <DIR> dr-h ----- C: \ AHCache
2008-11-05 23:11. 2008-11-06 02:12 <DIR> d -------- C: \ Documents and Settings \ MKJ \ Application Data \ Uniblue
2008-11-05 22:05. 2008-11-05 22:05 <DIR> d -------- C: \ Documents and Settings \ Administrator \ Application Data \ Malwarebytes
2008-11-05 22:04. 2008-11-05 22:04 <DIR> d -------- C: \ Documents and Settings \ Administrator
2008-11-05 16:34. 2008-11-05 16:34 <DIR> d -------- C: \ program files \ Xanga Uploader
2008-11-05 16:34. 2008-11-05 16:34 <DIR> d -------- C: \ Documents and Settings \ MKJ \ Application Data \. Xuploader
2008-11-05 16:08. 2008-11-05 16:08 <DIR> d -------- C: \ program files \ Malwarebytes 'Anti-Malware
2008-11-05 16:08. 2008-11-05 16:08 <DIR> d -------- C: \ Documents and Settings \ MKJ \ Application Data \ Malwarebytes
2008-11-05 16:08. 2008-11-05 16:08 <DIR> d -------- C: \ Documents and Settings \ All Users \ Application Data \ Malwarebytes
2008-11-05 16:08. 2008-10-22 16:10 38.496 - a ------ C: \ Windows \ system32 \ drivers \ mbamswissarmy.sys
2008-11-05 16:08. 2008-10-22 16:10 15.504 - a ------ C: \ Windows \ system32 \ drivers \ mbam.sys
2008-11-05 15:38. 2008-11-05 15:38 62.464 - a ------ C: \ Windows \ system32 \ s1S8Dh6X.exe
2008-11-01 16:18. 2008-11-01 16:18 <DIR> d -------- C: \ Windows \ system32 \ IOSUBSYS
2008-11-01 16:18. 2008-11-01 16:18 <DIR> d -------- C: \ Programmer \ Google
2008-10-28 02:00. 2008-10-28 02:00 <DIR> d -------- C: \ program files \ MSXML 4.0
2008-10-28 01:19. 2008-10-28 01:19 <DIR> d -------- C: \ Documents and Settings \ MKJ \ Application Data \ Nokia
2008-10-28 01:19. 2008-10-28 01:19 <DIR> d -------- C: \ Documents and Settings \ MKJ \ Application Data \ Datalayer
2008-10-28 01:18. 2008-10-30 05:43 <DIR> d -------- C: \ Documents and Settings \ MKJ \ Phone Browser
2008-10-28 00:55. 2008-10-28 00:55 <DIR> d -------- C: \ Documents and Settings \ MKJ \ Application Data \ DivX
2008-10-28 00:54. 2008-10-28 00:54 <DIR> d -------- C: \ Programmer \ Windows Media Components
2008-10-28 00:54. 2005-06-10 09:43 73.728 - a ------ C: \ Windows \ system32 \ ISUSPM.cpl
2008-10-28 00:50. 2008-10-28 00:50 <DIR> d -------- C: \ program files \ DIFX
2008-10-28 00:50. 2008-10-28 00:50 <DIR> d -------- C: \ Programmer \ Common Files \ Nokia
2008-10-28 00:50. 2008-10-28 00:58 <DIR> d -------- C: \ Documents and Settings \ MKJ \ Application Data \ PC Suite
2008-10-28 00:50. 2008-10-28 00:58 <DIR> d -------- C: \ Documents and Settings \ All Users \ Application Data \ PC Suite
2008-10-28 00:50. 2008-10-28 00:50 <DIR> d -------- C: \ Documents and Settings \ All Users \ Application Data \ Downloaded Installations
2008-10-28 00:50. 2006-05-29 07:26 127.488 - a ------ C: \ Windows \ system32 \ drivers \ nmwcd.sys
2008-10-28 00:50. 2006-05-29 07:26 50.688 - a ------ C: \ Windows \ system32 \ nmwcdcls.dll
2008-10-28 00:50. 2006-05-29 07:26 30.720 - a ------ C: \ Windows \ system32 \ nmwcdcocls.dll
2008-10-28 00:50. 2006-05-29 07:26 13.312 - a ------ C: \ Windows \ system32 \ drivers \ nmwcdcm.sys
2008-10-28 00:50. 2006-05-29 07:26 13.312 - a ------ C: \ Windows \ system32 \ drivers \ nmwcdcj.sys
2008-10-28 00:50. 2006-05-29 07:26 8.704 - a ------ C: \ Windows \ system32 \ drivers \ nmwcdc.sys
2008-10-28 00:50. 2006-05-29 07:26 4.608 - a ------ C: \ Windows \ system32 \ nmwcdlog.dll
2008-10-28 00:49. 2008-10-28 00:49 <DIR> d -------- C: \ Windows \ Downloaded Installations
2008-10-28 00:49. 2008-10-28 00:51 <DIR> d -------- C: \ program files \ Nokia
2008-10-28 00:49. 2008-10-28 00:50 <DIR> d -------- C: \ Program Files \ Common Files \ pcsuite
2008-10-27 23:54. 2008-10-27 23:54 <DIR> d -------- C: \ Documents and Settings \ All Users \ Application Data \ EPSON
2008-10-27 21:55. 2008-10-27 21:55 <DIR> d -------- C: \ program files \ Ventrilo
2008-10-27 21:55. 2008-10-27 21:55 <DIR> d -------- C: \ Program Files \ Common Files \ Wise Installation Wizard
2008-10-27 21:55. 2008-10-27 21:56 <DIR> d -------- C: \ Documents and Settings \ MKJ \ Application Data \ Ventrilo
2008-10-27 21:13. 2008-11-06 19:50 160.100 - a ------ C: \ Windows \ system32 \ nvapps.xml
2008-10-27 21:05. 2008-11-05 16:09 <DIR> da ------ C: \ Documents and Settings \ All Users \ Application Data \ TEMP
2008-10-26 23:48. 2008-11-06 05:29 <DIR> d -------- C: \ program files \ eMule
2008-10-26 13:53. 2008-10-26 13:53 <DIR> d -------- C: \ Documents and Settings \ MKJ \ Application Data \ Viewpoint
2008-10-25 19:37. 2008-10-25 19:37 <DIR> d -------- C: \ program files \ iPod
2008-10-25 19:37. 2008-10-25 19:37 <DIR> d -------- C: \ Documents and Settings \ MKJ \ Application Data \ Apple Computer
2008-10-25 19:37. 2008-04-17 12:12 107.368 - a ------ C: \ Windows \ system32 \ GEARAspi.dll
2008-10-25 19:37. 2008-04-17 12:12 15.464 - a ------ C: \ Windows \ system32 \ drivers \ GEARAspiWDM.sys
2008-10-25 19:36. 2008-10-25 19:36 <DIR> d -------- C: \ Programmer \ QuickTime
2008-10-25 19:36. 2008-10-25 19:37 <DIR> d -------- C: \ program files \ iTunes
2008-10-25 19:36. 2008-10-25 19:36 <DIR> d -------- C: \ program files \ Bonjour
2008-10-25 19:36. 2008-10-25 19:36 <DIR> d -------- C: \ Programmer \ Apple Software Update
2008-10-25 19:36. 2008-10-25 19:36 <DIR> d -------- C: \ Documents and Settings \ All Users \ Application Data \ Apple Computer
2008-10-25 19:36. 2008-10-25 19:37 <DIR> d -------- C: \ Documents and Settings \ All Users \ Application Data \ (3276BE95_AF08_429F_A64F_CA64CB79BCF6)
2008-10-25 19:35. 2008-10-25 19:36 <DIR> d -------- C: \ Programmer \ Common Files \ Apple
2008-10-25 19:35. 2008-10-25 19:35 <DIR> d -------- C: \ Documents and Settings \ All Users \ Application Data \ Apple
2008-10-24 18:11. 2007-07-30 18:19 271.224 - a ------ C: \ Windows \ system32 \ mucltui.dll
2008-10-24 18:11. 2007-07-30 18:19 30.072 - a ------ C: \ Windows \ system32 \ mucltui.dll.mui
2008-10-24 15:39. 2008-10-24 15:39 <DIR> d -------- C: \ Documents and Settings \ All Users \ Application Data \ Blizzard
2008-10-24 14:24. 2008-10-24 14:24 <DIR> d -------- C: \ program files \ Real
2008-10-24 14:24. 2008-10-24 14:24 <DIR> d -------- C: \ Program Files \ Common Files \ xing delt
2008-10-24 14:24. 2008-10-24 14:24 <DIR> d -------- C: \ Program Files \ Common Files \ Real
2008-10-24 14:07. 2008-10-24 14:07 <DIR> d -------- C: \ Documents and Settings \ MKJ \ Logs
2008-10-24 13:59. 2008-10-24 13:59 <DIR> d -------- C: \ Logs
2008-10-24 10:05. 2008-10-27 21:15 <DIR> d -------- C: \ Windows \ nView
2008-10-24 10:05. 2008-01-10 01:30 442.368-ra ------ C: \ Windows \ system32 \ nvusmb.exe
2008-10-24 10:05. 2008-03-06 15:23 442.368 - a ------ C: \ Windows \ system32 \ NVUNINST.EXE
2008-10-24 10:05. 2008-03-19 04:04 442.368 - a ------ C: \ Windows \ system32 \ nvudisp.exe
2008-10-24 10:05. 2007-09-27 22:32 356.352-ra ------ C: \ Windows \ system32 \ nvusmu.exe
2008-10-24 10:05. 2008-01-03 17:26 17.737 - a ------ C: \ Windows \ system32 \ nvdisp.nvu
2008-10-24 10:05. 2007-10-12 03:53 13.312-ra ------ C: \ Windows \ system32 \ drivers \ nvsmu.sys
2008-10-24 10:05. 2007-12-07 03:12 5.836 - a ------ C: \ Windows \ system32 \ nvnrm.nvu
2008-10-24 10:05. 2008-01-16 17:17 3.948-ra ------ C: \ Windows \ system32 \ drivers \ nvphy.bin
2008-10-24 10:05. 2007-12-07 01:34 2.016-ra ------ C: \ Windows \ system32 \ nvsmb.nvu
2008-10-24 10:05. 2007-09-12 01:14 659-ra ------ C: \ Windows \ system32 \ nvsmu.nvu
2008-10-24 10:04. 2008-10-23 22:44 35.647 - a ------ C: \ Windows \ Ascd_log.ini
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))) ))))))))))))))))))))))))))))))))))))))))))))
.
2008-11-06 10:37 --------- d ----- wc: \ program files \ AIMTunes
2008-11-04 21:36 --------- d ----- wc: \ program files \ World of Warcraft
2008-10-28 05:55 --------- d ----- wc: \ program files \ Common Files \ Ulead Systems
2008-10-28 05:55 --------- d ----- wc: \ Documents and Settings \ MKJ \ Application Data \ Ulead Systems
2008-10-28 05:54 --------- d ----- wc: \ program files \ Ulead Systems
2008-10-28 05:54 --------- d ----- wc: \ Documents and Settings \ All Users \ Application Data \ Ulead Systems
2008-10-28 05:53 --------- d - h - wc: \ program files \ InstallShield Installation Information
2008-10-28 05:02 --------- d ----- wc: \ program files \ Common Files \ Adobe
2008-10-24 19:24 499.712 ---- aw C: \ Windows \ system32 \ msvcp71.dll
2008-10-24 19:24 348.160 ---- aw C: \ Windows \ system32 \ msvcr71.dll
2008-10-24 14:51 --------- d ----- wc: \ Programmer \ Microsoft frontpage
2008-10-24 07:55 --------- d ----- wc: \ Programmer \ MSN Messenger
2008-10-24 06:09 --------- d ----- wc: \ Programmer \ Microsoft CAPICOM 2.1.0.2
2008-10-24 05:44 --------- d ----- wc: \ program files \ Winamp
2008-10-24 05:44 --------- d ----- wc: \ Documents and Settings \ MKJ \ Application Data \ Winamp
2008-10-24 05:40 --------- d ----- wc: \ Documents and Settings \ MKJ \ Application Data \ acccore
2008-10-24 05:39 --------- d ----- wc: \ program files \ AIM6
2008-10-24 05:39 --------- d ----- wc: \ Documents and Settings \ All Users \ Application Data \ AOL Downloads
2008-10-24 05:38 --------- d ----- wc: \ program files \ Viewpoint
2008-10-24 05:38 --------- d ----- wc: \ program files \ Common Files \ AOL
2008-10-24 05:38 --------- d ----- wc: \ Documents and Settings \ All Users \ Application Data \ Viewpoint
2008-10-24 05:38 --------- d ----- wc: \ Documents and Settings \ All Users \ Application Data \ AOL OCP
2008-10-24 05:38 --------- d ----- wc: \ Documents and Settings \ All Users \ Application Data \ AOL
2008-10-24 05:38 --------- d ----- wc: \ Documents and Settings \ All Users \ Application Data \ acccore
2008-10-24 05:32 --------- d ----- wc: \ program files \ Common Files \ Blizzard Entertainment
2008-10-24 05:20 --------- d ----- wc: \ Programmer \ Windows Media Connect 2
2008-10-24 05:10 --------- d ----- wc: \ program files \ DivX
2008-10-24 05:08 --------- d ----- wc: \ program files \ DefilerPak
2008-10-24 04:37 --------- d ----- wc: \ program files \ Realtek
2008-10-24 04:33 --------- d ----- wc: \ Documents and Settings \ All Users \ Application Data \ Symantec
2008-10-24 04:18 --------- d ----- wc: \ program files \ Common Files \ Symantec Shared
2008-10-24 03:58 --------- d ----- wc: \ Documents and Settings \ All Users \ Application Data \ InstallShield
2008-10-24 03:57 --------- d ----- wc: \ program files \ Common Files \ InstallShield
2008-10-24 03:54 --------- d ----- wc: \ Documents and Settings \ All Users \ Application Data \ Corel
2008-10-24 03:33 --------- d ----- wc: \ program files \ ASUS
2008-10-24 03:08 315.392 ---- aw C: \ Windows \ HideWin.exe
2008-10-24 03:08 --------- d ----- wc: \ program files \ profil
2008-10-24 00:18 2.302.017 ---- aw C: \ Windows \ system32 \ GPhotos.scr
2008-09-23 22:46 245.408 ---- aw C: \ Windows \ system32 \ unicows.dll
2008-09-15 12:12 1.846.400 ---- aw C: \ Windows \ system32 \ Win32k.sys
2008-09-08 10:41 333.824 ---- aw C: \ Windows \ system32 \ drivers \ Srv.sys
2008-08-29 14:18 87.336 ---- aw C: \ Windows \ system32 \ dns-sd.exe
2008-08-29 13:53 61.440 ---- aw C: \ Windows \ system32 \ dnssd.dll
2008-08-26 07:24 826.368 ---- aw C: \ Windows \ system32 \ Wininet.dll
2008-08-14 10:09 2.145.280 ---- aw C: \ Windows \ system32 \ ntoskrnl.exe
2008-08-14 09:33 2.023.936 ---- aw C: \ Windows \ system32 \ Ntkrnlpa.exe
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))) ))))))))))))))))))))))))))))))))))))))))
.
.
* Note * empty entries & legit default entries er ikke vist
REGEDIT4
[HKEY_LOCAL_MACHINE \ ~ \ Browser Helper Objects \ (0A0DDBD3-6641-40B9-873F-BBDD26D6C14E)]
2008-10-23 02:37 147928 - a ------ C: \ program files \ eMule \ modules \ IE2EM.dll
[HKEY_CURRENT_USER \ SOFTWARE \ Microsoft \ Windows \ Curre ntVersion \ Run]
"CTFMON.EXE" = "c: \ windows \ system32 \ CTFMON.EXE" [2008-04-13 15360]
"\ \ MING3 \ EPSON Stylus C120 Series "=" c: \ Windows \ System32 \ spool \ DRIVERS \ W32X86 \ 3 \ E_FATICCA.EXE "[2007-03-12 182272]
"PcSync" = "c: \ Programmer \ Nokia \ Nokia PC Suite 6 \ PcSync2.exe" [2006-06-27 1449984]
[HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ Windows \ Curr entVersion \ Run]
"PHIME2002ASync" = "c: \ Windows \ System32 \ IME \ TINTLGNT \ TINTSETP.EXE" [2004-08-04 455168]
"PHIME2002A" = "c: \ Windows \ System32 \ IME \ TINTLGNT \ TIN TSETP.EXE" [2004-08-04 455168]
"Ai Nap" = "c: \ program files \ ASUS \ Ai Suite \ AiNap \ AiNap.exe" [2008-01-28 1413120]
"CPU Power Monitor" = "c: \ program files \ ASUS \ Ai Suite \ AiGear3 \ CpuPowerMonitor.exe" [2008-01-09 627200]
"Cpu Level Up help" = "c: \ program files \ ASUS \ Ai Suite \ CpuLevelUpHelp.exe" [2007-11-30 881152]
"ASUS Energy Saving" = "c: \ program files \ ASUS \ Ai Suite \ energibesparende \ PwSave.exe" [2008-01-28 1352704]
"Ulead AutoDetector v2" = "c: \ program files \ Common Files \ Ulead Systems \ AutoDetector \ monitor.exe" [2006-11-29 90112]
"MSMSGS" = "c: \ program files \ Common Files \ Real \ iTunes \ iTunesHelper.exe" [2008-10-24 185872]
"QuickTime Task" = "c: \ Programmer \ QuickTime \ qttask.exe" [2008-09-06 413696]
"iTunesHelper" = "c: \ Programmer \ iTunes \ iTunesHelper.exe" [2008-10-01 289576]
"NvMediaCenter" = "c: \ windows \ system32 \ NvMcTray.dll" [2008-01-03 13508608]
"NvCplDaemon" = "c: \ windows \ system32 \ NvMcTray. Dll" [2008-01-03 86016]
"Adobe Reader Speed Launcher" = "c: \ Programmer \ Adobe \ Reader 8.0 \ Reader \ Reader_sl.exe" [2008-01-11 39792]
"NSLauncher" = "c: \ Programmer \ Nokia \ Nokia Software Launcher \ NSLauncher.exe" [2006-11-28 2658304]
"avast!" = "c: \ progra ~ 1 \ ALWILS ~ 1 \ Avast4 \ ashDisp. exe" [2008-07-19 78008]
"Alcmtr" = "ALCMTR.EXE" [2008/05/07 C: \ Windows \ ALCMTR.EXE]
"NvMediaCenter" = "nwiz.exe" [2008/01/03 c: \ windows \ system32 \ nwiz.exe]
[HKEY_USERS \. DEFAULT \ Software \ Microsoft \ Windows \ Cur rentVersion \ Run]
"CTFMON.EXE" = "c: \ Windows \ System32 \ CTFMON.EXE" [2008-04-13 15360]
[HKEY_LOCAL_MACHINE \ Software \ Microsoft \ Windows NT \ CurrentVersion \ drivers32]
"msacm.dvacm" = c: \ progra ~ 1 \ FÆLLES ~ 1 \ ULEADS ~ 1 \ Vio \ Dvacm.acm
"msacm.divxa32" = DivXa32.acm
"msacm.ulmp3acm" = c: \ progra ~ 1 \ FÆLLES ~ 1 \ ULEADS ~ 1 \ MPEG \ ulmp3acm.acm
"msacm.mpegacm" = c: \ progra ~ 1 \ FÆLLES ~ 1 \ ULEADS ~ 1 \ MPEG \ mpegacm.acm
[HKEY_LOCAL_MACHINE \ Software \ Microsoft \ Windows NT \ CurrentVersion \ billedfil udførelse options \ dotnet3.exe]
"Debugger" = C: \ Windows \ Microsoft.NET \ Framework \ v2.0 ,50727 \ DotNetFxInstallBlock.exe
[HKEY_LOCAL_MACHINE \ Software \ Microsoft \ Windows NT \ CurrentVersion \ billedfil udførelse options \ dotnet3 [1]. Exe]
"Debugger" = C: \ Windows \ Microsoft.NET \ Framework \ v2.0 ,50727 \ DotNetFxInstallBlock.exe
[HKEY_LOCAL_MACHINE \ Software \ Microsoft \ Windows NT \ CurrentVersion \ billedfil udførelse options \ dotnet3 [2]. Exe]
"Debugger" = C: \ Windows \ Microsoft.NET \ Framework \ v2.0 ,50727 \ DotNetFxInstallBlock.exe
[HKEY_LOCAL_MACHINE \ Software \ Microsoft \ Windows NT \ CurrentVersion \ billedfil udførelse options \ dotnetfx.exe]
"Debugger" = C: \ Windows \ Microsoft.NET \ Framework \ v2.0 ,50727 \ DotNetFxInstallBlock.exe
[HKEY_LOCAL_MACHINE \ Software \ Microsoft \ Windows NT \ CurrentVersion \ billedfil udførelse options \ dotnetfx3.exe]
"Debugger" = C: \ Windows \ Microsoft.NET \ Framework \ v2.0 ,50727 \ DotNetFxInstallBlock.exe
[HKEY_LOCAL_MACHINE \ Software \ Microsoft \ Windows NT \ CurrentVersion \ billedfil udførelse options \ dotnetfx30SP1setup.exe]
"Debugger" = C: \ Windows \ Microsoft.NET \ Framework \ v2.0 ,50727 \ DotNetFxInstallBlock.exe
[HKEY_LOCAL_MACHINE \ Software \ Microsoft \ Windows NT \ CurrentVersion \ billedfil udførelse options \ dotnetfx30SP1setup [1]. Exe]
"Debugger" = C: \ Windows \ Microsoft.NET \ Framework \ v2.0 ,50727 \ DotNetFxInstallBlock.exe
[HKEY_LOCAL_MACHINE \ Software \ Microsoft \ Windows NT \ CurrentVersion \ billedfil udførelse options \ dotnetfx30SP1setup [2]. Exe]
"Debugger" = C: \ Windows \ Microsoft.NET \ Framework \ v2.0 ,50727 \ DotNetFxInstallBlock.exe
[HKEY_LOCAL_MACHINE \ Software \ Microsoft \ Windows NT \ CurrentVersion \ billedfil udførelse options \ dotnetfx35.exe]
"Debugger" = C: \ Windows \ Microsoft.NET \ Framework \ v2.0 ,50727 \ DotNetFxInstallBlock.exe
[HKEY_LOCAL_MACHINE \ Software \ Microsoft \ Windows NT \ CurrentVersion \ billedfil udførelse options \ dotnetfx35setup.exe]
"Debugger" = C: \ Windows \ Microsoft.NET \ Framework \ v2.0 ,50727 \ DotNetFxInstallBlock.exe
[HKEY_LOCAL_MACHINE \ Software \ Microsoft \ Windows NT \ CurrentVersion \ billedfil udførelse options \ dotnetfx35setup [1]. Exe]
"Debugger" = C: \ Windows \ Microsoft.NET \ Framework \ v2.0 ,50727 \ DotNetFxInstallBlock.exe
[HKEY_LOCAL_MACHINE \ Software \ Microsoft \ Windows NT \ CurrentVersion \ billedfil udførelse options \ dotnetfx35setup [2]. Exe]
"Debugger" = C: \ Windows \ Microsoft.NET \ Framework \ v2.0 ,50727 \ DotNetFxInstallBlock.exe
[HKEY_LOCAL_MACHINE \ Software \ Microsoft \ Windows NT \ CurrentVersion \ billedfil udførelse options \ dotnetfx35 [1]. Exe]
"Debugger" = C: \ Windows \ Microsoft.NET \ Framework \ v2.0 ,50727 \ DotNetFxInstallBlock.exe
[HKEY_LOCAL_MACHINE \ Software \ Microsoft \ Windows NT \ CurrentVersion \ billedfil udførelse options \ dotnetfx35 [2]. Exe]
"Debugger" = C: \ Windows \ Microsoft.NET \ Framework \ v2.0 ,50727 \ DotNetFxInstallBlock.exe
[HKEY_LOCAL_MACHINE \ Software \ Microsoft \ Windows NT \ CurrentVersion \ billedfil udførelse options \ dotnetfx3setup.exe]
"Debugger" = C: \ Windows \ Microsoft.NET \ Framework \ v2.0 ,50727 \ DotNetFxInstallBlock.exe
[HKEY_LOCAL_MACHINE \ Software \ Microsoft \ Windows NT \ CurrentVersion \ billedfil udførelse options \ dotnetfx3setup [1]. Exe]
"Debugger" = C: \ Windows \ Microsoft.NET \ Framework \ v2.0 ,50727 \ DotNetFxInstallBlock.exe
[HKEY_LOCAL_MACHINE \ Software \ Microsoft \ Windows NT \ CurrentVersion \ billedfil udførelse options \ dotnetfx3setup [2]. Exe]
"Debugger" = C: \ Windows \ Microsoft.NET \ Framework \ v2.0 ,50727 \ DotNetFxInstallBlock.exe
[HKEY_LOCAL_MACHINE \ Software \ Microsoft \ Windows NT \ CurrentVersion \ billedfil udførelse options \ dotnetfx3 [1]. Exe]
"Debugger" = C: \ Windows \ Microsoft.NET \ Framework \ v2.0 ,50727 \ DotNetFxInstallBlock.exe
[HKEY_LOCAL_MACHINE \ Software \ Microsoft \ Windows NT \ CurrentVersion \ billedfil udførelse options \ dotnetfx3 [2]. Exe]
"Debugger" = C: \ Windows \ Microsoft.NET \ Framework \ v2.0 ,50727 \ DotNetFxInstallBlock.exe
[HKEY_LOCAL_MACHINE \ Software \ Microsoft \ Windows NT \ CurrentVersion \ billedfil udførelse options \ dotnetfx3_ia64.exe]
"Debugger" = C: \ Windows \ Microsoft.NET \ Framework \ v2.0 ,50727 \ DotNetFxInstallBlock.exe
[HKEY_LOCAL_MACHINE \ Software \ Microsoft \ Windows NT \ CurrentVersion \ billedfil udførelse options \ dotnetfx3_ia64 [1]. Exe]
"Debugger" = C: \ Windows \ Microsoft.NET \ Framework \ v2.0 ,50727 \ DotNetFxInstallBlock.exe
[HKEY_LOCAL_MACHINE \ Software \ Microsoft \ Windows NT \ CurrentVersion \ billedfil udførelse options \ dotnetfx3_ia64 [2]. Exe]
"Debugger" = C: \ Windows \ Microsoft.NET \ Framework \ v2.0 ,50727 \ DotNetFxInstallBlock.exe
[HKEY_LOCAL_MACHINE \ Software \ Microsoft \ Windows NT \ CurrentVersion \ billedfil udførelse options \ dotnetfx3_x64.exe]
"Debugger" = C: \ Windows \ Microsoft.NET \ Framework \ v2.0 ,50727 \ DotNetFxInstallBlock.exe
[HKEY_LOCAL_MACHINE \ Software \ Microsoft \ Windows NT \ CurrentVersion \ billedfil udførelse options \ dotnetfx3_x64 [1]. Exe]
"Debugger" = C: \ Windows \ Microsoft.NET \ Framework \ v2.0 ,50727 \ DotNetFxInstallBlock.exe
[HKEY_LOCAL_MACHINE \ Software \ Microsoft \ Windows NT \ CurrentVersion \ billedfil udførelse options \ dotnetfx3_x64 [2]. Exe]
"Debugger" = C: \ Windows \ Microsoft.NET \ Framework \ v2.0 ,50727 \ DotNetFxInstallBlock.exe
[HKEY_LOCAL_MACHINE \ Software \ Microsoft \ Windows NT \ CurrentVersion \ billedfil udførelse options \ dotnetfx [1]. Exe]
"Debugger" = C: \ Windows \ Microsoft.NET \ Framework \ v2.0 ,50727 \ DotNetFxInstallBlock.exe
[HKEY_LOCAL_MACHINE \ Software \ Microsoft \ Windows NT \ CurrentVersion \ billedfil udførelse options \ dotnetfx [2]. Exe]
"Debugger" = C: \ Windows \ Microsoft.NET \ Framework \ v2.0 ,50727 \ DotNetFxInstallBlock.exe
[HKEY_LOCAL_MACHINE \ Software \ Microsoft \ Windows NT \ CurrentVersion \ billedfil udførelse options \ NetFx20SP1_ia64.exe]
"Debugger" = C: \ Windows \ Microsoft.NET \ Framework \ v2.0 ,50727 \ DotNetFxInstallBlock.exe
[HKEY_LOCAL_MACHINE \ Software \ Microsoft \ Windows NT \ CurrentVersion \ billedfil udførelse options \ NetFx20SP1_ia64 [1]. Exe]
"Debugger" = C: \ Windows \ Microsoft.NET \ Framework \ v2.0 ,50727 \ DotNetFxInstallBlock.exe
[HKEY_LOCAL_MACHINE \ Software \ Microsoft \ Windows NT \ CurrentVersion \ billedfil udførelse options \ NetFx20SP1_ia64 [2]. Exe]
"Debugger" = C: \ Windows \ Microsoft.NET \ Framework \ v2.0 ,50727 \ DotNetFxInstallBlock.exe
[HKEY_LOCAL_MACHINE \ Software \ Microsoft \ Windows NT \ CurrentVersion \ billedfil udførelse options \ NetFx20SP1_x64.exe]
"Debugger" = C: \ Windows \ Microsoft.NET \ Framework \ v2.0 ,50727 \ DotNetFxInstallBlock.exe
[HKEY_LOCAL_MACHINE \ Software \ Microsoft \ Windows NT \ CurrentVersion \ billedfil udførelse options \ NetFx20SP1_x64 [1]. Exe]
"Debugger" = C: \ Windows \ Microsoft.NET \ Framework \ v2.0 ,50727 \ DotNetFxInstallBlock.exe
[HKEY_LOCAL_MACHINE \ Software \ Microsoft \ Windows NT \ CurrentVersion \ billedfil udførelse options \ NetFx20SP1_x64 [2]. Exe]
"Debugger" = C: \ Windows \ Microsoft.NET \ Framework \ v2.0 ,50727 \ DotNetFxInstallBlock.exe
[HKEY_LOCAL_MACHINE \ Software \ Microsoft \ Windows NT \ CurrentVersion \ billedfil udførelse options \ NetFx20SP1_x86.exe]
"Debugger" = C: \ Windows \ Microsoft.NET \ Framework \ v2.0 ,50727 \ DotNetFxInstallBlock.exe
[HKEY_LOCAL_MACHINE \ Software \ Microsoft \ Windows NT \ CurrentVersion \ billedfil udførelse options \ NetFx20SP1_x86 [1]. Exe]
"Debugger" = C: \ Windows \ Microsoft.NET \ Framework \ v2.0 ,50727 \ DotNetFxInstallBlock.exe
[HKEY_LOCAL_MACHINE \ Software \ Microsoft \ Windows NT \ CurrentVersion \ billedfil udførelse options \ NetFx20SP1_x86 [2]. Exe]
"Debugger" = C: \ Windows \ Microsoft.NET \ Framework \ v2.0 ,50727 \ DotNetFxInstallBlock.exe
[HKEY_LOCAL_MACHINE \ Software \ Microsoft \ Windows NT \ CurrentVersion \ billedfil udførelse options \ NetFx20SP2_ia64.exe]
"Debugger" = C: \ Windows \ Microsoft.NET \ Framework \ v2.0 ,50727 \ DotNetFxInstallBlock.exe
[HKEY_LOCAL_MACHINE \ Software \ Microsoft \ Windows NT \ CurrentVersion \ billedfil udførelse options \ NetFx20SP2_ia64 [1]. Exe]
"Debugger" = C: \ Windows \ Microsoft.NET \ Framework \ v2.0 ,50727 \ DotNetFxInstallBlock.exe
[HKEY_LOCAL_MACHINE \ Software \ Microsoft \ Windows NT \ CurrentVersion \ billedfil udførelse options \ NetFx20SP2_ia64 [2]. Exe]
"Debugger" = C: \ Windows \ Microsoft.NET \ Framework \ v2.0 ,50727 \ DotNetFxInstallBlock.exe
[HKEY_LOCAL_MACHINE \ Software \ Microsoft \ Windows NT \ CurrentVersion \ billedfil udførelse options \ NetFx20SP2_x64.exe]
"Debugger" = C: \ Windows \ Microsoft.NET \ Framework \ v2.0 ,50727 \ DotNetFxInstallBlock.exe
[HKEY_LOCAL_MACHINE \ Software \ Microsoft \ Windows NT \ CurrentVersion \ billedfil udførelse options \ NetFx20SP2_x64 [1]. Exe]
"Debugger" = C: \ Windows \ Microsoft.NET \ Framework \ v2.0 ,50727 \ DotNetFxInstallBlock.exe
[HKEY_LOCAL_MACHINE \ Software \ Microsoft \ Windows NT \ CurrentVersion \ billedfil udførelse options \ NetFx20SP2_x64 [2]. Exe]
"Debugger" = C: \ Windows \ Microsoft.NET \ Framework \ v2.0 ,50727 \ DotNetFxInstallBlock.exe
[HKEY_LOCAL_MACHINE \ Software \ Microsoft \ Windows NT \ CurrentVersion \ billedfil udførelse options \ NetFx20SP2_x86.exe]
"Debugger" = C: \ Windows \ Microsoft.NET \ Framework \ v2.0 ,50727 \ DotNetFxInstallBlock.exe
[HKEY_LOCAL_MACHINE \ Software \ Microsoft \ Windows NT \ CurrentVersion \ billedfil udførelse options \ NetFx20SP2_x86 [1]. Exe]
"Debugger" = C: \ Windows \ Microsoft.NET \ Framework \ v2.0 ,50727 \ DotNetFxInstallBlock.exe
[HKEY_LOCAL_MACHINE \ Software \ Microsoft \ Windows NT \ CurrentVersion \ billedfil udførelse options \ NetFx20SP2_x86 [2]. Exe]
"Debugger" = C: \ Windows \ Microsoft.NET \ Framework \ v2.0 ,50727 \ DotNetFxInstallBlock.exe
[HKEY_LOCAL_MACHINE \ Software \ Microsoft \ Windows NT \ CurrentVersion \ billedfil udførelse options \ NetFx30SP1_x64.exe]
"Debugger" = C: \ Windows \ Microsoft.NET \ Framework \ v2.0 ,50727 \ DotNetFxInstallBlock.exe
[HKEY_LOCAL_MACHINE \ Software \ Microsoft \ Windows NT \ CurrentVersion \ billedfil udførelse options \ NetFx30SP1_x64 [1]. Exe]
"Debugger" = C: \ Windows \ Microsoft.NET \ Framework \ v2.0 ,50727 \ DotNetFxInstallBlock.exe
[HKEY_LOCAL_MACHINE \ Software \ Microsoft \ Windows NT \ CurrentVersion \ billedfil udførelse options \ NetFx30SP1_x64 [2]. Exe]
"Debugger" = C: \ Windows \ Microsoft.NET \ Framework \ v2.0 ,50727 \ DotNetFxInstallBlock.exe
[HKEY_LOCAL_MACHINE \ Software \ Microsoft \ Windows NT \ CurrentVersion \ billedfil udførelse options \ NetFx30SP1_x86.exe]
"Debugger" = C: \ Windows \ Microsoft.NET \ Framework \ v2.0 ,50727 \ DotNetFxInstallBlock.exe
[HKEY_LOCAL_MACHINE \ Software \ Microsoft \ Windows NT \ CurrentVersion \ billedfil udførelse options \ NetFx30SP1_x86 [1]. Exe]
"Debugger" = C: \ Windows \ Microsoft.NET \ Framework \ v2.0 ,50727 \ DotNetFxInstallBlock.exe
[HKEY_LOCAL_MACHINE \ Software \ Microsoft \ Windows NT \ CurrentVersion \ billedfil udførelse options \ NetFx30SP1_x86 [2]. Exe]
"Debugger" = C: \ Windows \ Microsoft.NET \ Framework \ v2.0 ,50727 \ DotNetFxInstallBlock.exe
[HKEY_LOCAL_MACHINE \ Software \ Microsoft \ Windows NT \ CurrentVersion \ billedfil udførelse options \ NetFx35_ia64.exe]
"Debugger" = C: \ Windows \ Microsoft.NET \ Framework \ v2.0 ,50727 \ DotNetFxInstallBlock.exe
[HKEY_LOCAL_MACHINE \ Software \ Microsoft \ Windows NT \ CurrentVersion \ billedfil udførelse options \ NetFx35_ia64 [1]. Exe]
"Debugger" = C: \ Windows \ Microsoft.NET \ Framework \ v2.0 ,50727 \ DotNetFxInstallBlock.exe
[HKEY_LOCAL_MACHINE \ Software \ Microsoft \ Windows NT \ CurrentVersion \ billedfil udførelse options \ NetFx35_ia64 [2]. Exe]
"Debugger" = C: \ Windows \ Microsoft.NET \ Framework \ v2.0 ,50727 \ DotNetFxInstallBlock.exe
[HKEY_LOCAL_MACHINE \ Software \ Microsoft \ Windows NT \ CurrentVersion \ billedfil udførelse options \ NetFx35_x64.exe]
"Debugger" = C: \ Windows \ Microsoft.NET \ Framework \ v2.0 ,50727 \ DotNetFxInstallBlock.exe
[HKEY_LOCAL_MACHINE \ Software \ Microsoft \ Windows NT \ CurrentVersion \ billedfil udførelse options \ NetFx35_x64 [1]. Exe]
"Debugger" = C: \ Windows \ Microsoft.NET \ Framework \ v2.0 ,50727 \ DotNetFxInstallBlock.exe
[HKEY_LOCAL_MACHINE \ Software \ Microsoft \ Windows NT \ CurrentVersion \ billedfil udførelse options \ NetFx35_x64 [2]. Exe]
"Debugger" = C: \ Windows \ Microsoft.NET \ Framework \ v2.0 ,50727 \ DotNetFxInstallBlock.exe
[HKEY_LOCAL_MACHINE \ Software \ Microsoft \ Windows NT \ CurrentVersion \ billedfil udførelse options \ NetFx35_x86.exe]
"Debugger" = C: \ Windows \ Microsoft.NET \ Framework \ v2.0 ,50727 \ DotNetFxInstallBlock.exe
[HKEY_LOCAL_MACHINE \ Software \ Microsoft \ Windows NT \ CurrentVersion \ billedfil udførelse options \ NetFx35_x86 [1]. Exe]
"Debugger" = C: \ Windows \ Microsoft.NET \ Framework \ v2.0 ,50727 \ DotNetFxInstallBlock.exe
[HKEY_LOCAL_MACHINE \ Software \ Microsoft \ Windows NT \ CurrentVersion \ billedfil udførelse options \ NetFx35_x86 [2]. Exe]
"Debugger" = C: \ Windows \ Microsoft.NET \ Framework \ v2.0 ,50727 \ DotNetFxInstallBlock.exe
[HKEY_LOCAL_MACHINE \ Software \ Microsoft \ Windows NT \ CurrentVersion \ billedfil udførelse options \ NetFx64.exe]
"Debugger" = C: \ Windows \ Microsoft.NET \ Framework \ v2.0 ,50727 \ DotNetFxInstallBlock.exe
[HKEY_LOCAL_MACHINE \ Software \ Microsoft \ Windows NT \ CurrentVersion \ billedfil udførelse options \ NetFx64 [1]. Exe]
"Debugger" = C: \ Windows \ Microsoft.NET \ Framework \ v2.0 ,50727 \ DotNetFxInstallBlock.exe
[HKEY_LOCAL_MACHINE \ Software \ Microsoft \ Windows NT \ CurrentVersion \ billedfil udførelse options \ NetFx64 [2]. Exe]
"Debugger" = C: \ Windows \ Microsoft.NET \ Framework \ v2.0 ,50727 \ DotNetFxInstallBlock.exe
[HKLM \ ~ \ Services \ sharedaccess \ Parameters \ firewallpo licy \ standardprofile \ AuthorizedApplications \ List]
"% windir% \ \ system32 \ \ sessmgr.exe" =
"% windir% \ \ Network Diagnostic \ \ xpnetdiag.exe" =
"c: \ \ Programmer \ \ Common Files \ \ AOL \ \ Loader \ \ aolload.exe" =
"c: \ \ Programmer \ \ AIM6 \ \ aim6.exe" =
"c: \ \ Programmer \ \ World of Warcraft \ \ WoW-2.3.0-enUS-downloader.exe" =
"c: \ \ Programmer \ \ MSN Messenger \ \ msnmsgr.exe" =
"c: \ \ Programmer \ \ MSN Messenger \ \ livecall.exe" =
"c: \ \ Programmer \ \ Bonjour \ \ mDNSResponder.exe" =
"c: \ \ Programmer \ \ iTunes \ \ iTunes.exe" =
"c: \ \ Programmer \ \ eMule \ \ emule.exe" =
[HKLM \ ~ \ Services \ sharedaccess \ Parameters \ firewallpo licy \ standardprofile \ GloballyOpenPorts \ List]
"3724: TCP" = 3724: TCP: Blizzard Downloader: 3724
"12178: TCP" = 12178: TCP: BitComet 12178 TCP
"12178: UDP" = 12178: UDP: BitComet 12178 UDP
R1 aswSP; avast! Self Protection; c: \ windows \ system32 \ drivers \ aswSP.sys [2008-07-19 78416]
R2 aswFsBlk; aswFsBlk c: \ windows \ system32 \ DRIVERS \ aswF sBlk.sys [2008-07-19 20560]
R2 Viewpoint Manager Service; Viewpoint Manager Service c: \ program files \ Viewpoint \ Common \ ViewpointService.exe [2007-01-04 24652]
R3 NVHDA; Service for NVIDIA High Definition Audio Driver c: \ windows \ system32 \ drivers \ nvhda32.sys [2008-05-04 38560]
.
Indhold af "Planlagte opgaver" mappe
2008/11/01 C: \ Windows \ Tasks \ AppleSoftwareUpdate.job
- C: \ Programmer \ Apple Software Update \ SoftwareUpdate.exe [2008-07-30 11:34]
2008/11/06 C: \ Windows \ Tasks \ At1.job
- C: \ windows \ system32 \ s1S8Dh6X.exe [2008-11-05 15:38]
2008/11/06 C: \ Windows \ Tasks \ At10.job
- C: \ windows \ system32 \ s1S8Dh6X.exe [2008-11-05 15:38]
2008/11/06 C: \ Windows \ Tasks \ At11.job
- C: \ windows \ system32 \ s1S8Dh6X.exe [2008-11-05 15:38]
2008/11/06 C: \ Windows \ Tasks \ At12.job
- C: \ windows \ system32 \ s1S8Dh6X.exe [2008-11-05 15:38]
2008/11/06 C: \ Windows \ Tasks \ At13.job
- C: \ windows \ system32 \ s1S8Dh6X.exe [2008-11-05 15:38]
2008/11/06 C: \ Windows \ Tasks \ At14.job
- C: \ windows \ system32 \ s1S8Dh6X.exe [2008-11-05 15:38]
2008/11/06 C: \ Windows \ Tasks \ At15.job
- C: \ windows \ system32 \ s1S8Dh6X.exe [2008-11-05 15:38]
2008/11/06 C: \ Windows \ Tasks \ At16.job
- C: \ windows \ system32 \ s1S8Dh6X.exe [2008-11-05 15:38]
2008/11/06 C: \ Windows \ Tasks \ At17.job
- C: \ windows \ system32 \ s1S8Dh6X.exe [2008-11-05 15:38]
2008/11/06 C: \ Windows \ Tasks \ At18.job
- C: \ windows \ system32 \ s1S8Dh6X.exe [2008-11-05 15:38]
2008/11/06 C: \ Windows \ Tasks \ At19.job
- C: \ windows \ system32 \ s1S8Dh6X.exe [2008-11-05 15:38]
2008/11/06 C: \ Windows \ Tasks \ At2.job
- C: \ windows \ system32 \ s1S8Dh6X.exe [2008-11-05 15:38]
2008/11/07 C: \ Windows \ Tasks \ At20.job
- C: \ windows \ system32 \ s1S8Dh6X.exe [2008-11-05 15:38]
2008/11/06 C: \ Windows \ Tasks \ At21.job
- C: \ windows \ system32 \ s1S8Dh6X.exe [2008-11-05 15:38]
2008/11/06 C: \ Windows \ Tasks \ At22.job
- C: \ windows \ system32 \ s1S8Dh6X.exe [2008-11-05 15:38]
2008/11/06 C: \ Windows \ Tasks \ At23.job
- C: \ windows \ system32 \ s1S8Dh6X.exe [2008-11-05 15:38]
2008/11/06 C: \ Windows \ Tasks \ At24.job
- C: \ windows \ system32 \ s1S8Dh6X.exe [2008-11-05 15:38]
2008/11/06 C: \ Windows \ Tasks \ At3.job
- C: \ windows \ system32 \ s1S8Dh6X.exe [2008-11-05 15:38]
2008/11/06 C: \ Windows \ Tasks \ At4.job
- C: \ windows \ system32 \ s1S8Dh6X.exe [2008-11-05 15:38]
2008/11/06 C: \ Windows \ Tasks \ At5.job
- C: \ windows \ system32 \ s1S8Dh6X.exe [2008-11-05 15:38]
2008/11/06 C: \ Windows \ Tasks \ At6.job
- C: \ windows \ system32 \ s1S8Dh6X.exe [2008-11-05 15:38]
2008/11/06 C: \ Windows \ Tasks \ At7.job
- C: \ windows \ system32 \ s1S8Dh6X.exe [2008-11-05 15:38]
2008/11/06 C: \ Windows \ Tasks \ At8.job
- C: \ windows \ system32 \ s1S8Dh6X.exe [2008-11-05 15:38]
2008/11/06 C: \ Windows \ Tasks \ At9.job
- C: \ windows \ system32 \ s1S8Dh6X.exe [2008-11-05 15:38]
.
- - - - Forældreløse FJERNES - - - --
HKCU-Run-Uniblue RegistryBooster 2009 - c: \ Programmer \ Uniblue \ RegistryBooster \ RegistryBooster.exe
MSConfigStartUp-Uniblue RegistryBooster 2009 - c: \ program files \ Uniblue \ RegistryBooster \ RegistryBooster.exe

.
------- Supplerende Scan -------
.
R0 -: HKCU-Main, Start Page = ca: blank
R1 -: HKCU-Internet Settings, ProxyOverride = *. lokale
O8 -: Add to Google Billeder Screensa & ver - c: \ windows \ system32 \ GPhotos.scr/200
O8 -: Download af easyMule - c: \ program files \ eMule \ IE2EM.htm
.
************************************************** ************************
catchme 0.3.1367 W2K/XP/Vista - rootkit / stealth malware detector ved Gmer, http://www.gmer.net
Rootkit scan 2008-11-06 19:54:20
Windows 5.1.2600 Service Pack 3 NTFS
scanning skjulte processer ...
scanning skjulte autostart entries ...
scanning skjulte filer ...
scanning afsluttet med succes
skjulte filer: 0
************************************************** ************************
.
Completion time: 2008-11-06 19:54:45
ComboFix-quarantined-files.txt 2008-11-07 00:54:42
Pre-Run: 41621639168 bytes fri
Post-Run: 41699291136 bytes fri
396 --- EOF --- 2008-10-28 07:00:21
  #9  
Old 6 november 2008, 18:28
Redaktør Gruppen
  
Bemærk: nedenstående instruktioner var skabt specielt til denne bruger. Hvis du ikke er denne bruger, MÅ IKKE Følg disse anvisninger, som de kunne skade funktionen af dit system

Slet disse filer / mapper, som følger:

1. Gå til Start > Løbe > Type Notepad.exe og klik OK at åbne Notesblok.
Det skal være Notesblok ikke WordPad.
2. Kopier teksten i nedenstående kode boksen ved at markere al teksten og trykke på Ctrl + C

Code:
Killall:: File:: C: \ Windows \ system32 \ s1S8Dh6X.exe C: \ Windows \ Tasks \ At1.job C: \ Windows \ Tasks \ At10.job C: \ Windows \ Tasks \ At11.job C: \ windows \ Tasks \ At12.job C: \ Windows \ Tasks \ At13.job C: \ Windows \ Tasks \ At14.job C: \ Windows \ Tasks \ At15.job C: \ Windows \ Tasks \ At16.job C: \ Windows \ Tasks \ At17.job C: \ Windows \ Tasks \ At18.job C: \ Windows \ Tasks \ At19.job C: \ Windows \ Tasks \ At2.job C: \ Windows \ Tasks \ At20.job C: \ Windows \ Tasks \ At21.job C: \ Windows \ Tasks \ At22.job C: \ Windows \ Tasks \ At23.job C: \ Windows \ Tasks \ At24.job C: \ Windows \ Tasks \ At3.job c: \ windows \ Tasks \ At4.job c: \ Windows \ Tasks \ At5.job c: \ Windows \ Tasks \ At6.job c: \ Windows \ Tasks \ At7.job c: \ Windows \ Tasks \ At8.job c: \ windows \ Tasks \ At9.job
3. Gå til Notesblok-vinduet, og klik Redigér > Paste
4. Klik derefter på Fil > Gemme
5. Navngiv filen CFScript.txt - Gem filen på dit skrivebord
6. Derefter trække CFScript (hold venstre museknap nede, samtidig med at trække filen) og slippe det (release venstre museknap) i ComboFix.exe som du kan se i skærmbilledet nedenunder. Vigtigt: Udfør denne instruktion omhyggeligt!



ComboFix vil begynde at udføre, skal du blot følge instruktionerne.
Efter genstart (når den beder om at genstarte), den vil udarbejde en log for dig.
Post, at log (Combofix.txt) i dit næste svar.

Bemærk: Må ikke mouseclick ComboFix vindue mens den kører. Det kan forårsage dit system til at fryse
__________________
  #10  
Old 6 november 2008, 18:37
Ny Medlem Gruppen
  
ComboFix Log

ComboFix 08-11-05.02 - MKJ 2008-11-06 20:31:01.3 - NTFSx86
Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.2458 [GMT -5:00]
Running from: C: \ Documents and Settings \ MKJ \ Desktop \ ComboFix.exe
Command switches anvendes:: C: \ Documents and Settings \ MKJ \ Desktop \ CFScript.txt
* Skabt et nyt gendannelsespunkt
FILE::
c: \ windows \ system32 \ s1S8Dh6X.exe
C: \ Windows \ Tasks \ At1.job
c: \ Windows \ Tasks \ At10.job
c: \ Windows \ Tasks \ At11.job
c: \ Windows \ Tasks \ At12.job
c: \ Windows \ Tasks \ At13.job
c: \ Windows \ Tasks \ At14.job
c: \ Windows \ Tasks \ At15.job
c: \ Windows \ Tasks \ At16.job
c: \ Windows \ Tasks \ At17.job
c: \ Windows \ Tasks \ At18.job
c: \ Windows \ Tasks \ At19.job
c: \ Windows \ Tasks \ At2.job
c: \ Windows \ Tasks \ At20.job
c: \ Windows \ Tasks \ At21.job
c: \ Windows \ Tasks \ At22.job
c: \ Windows \ Tasks \ At23.job
c: \ Windows \ Tasks \ At24.job
c: \ Windows \ Tasks \ At3.job
c: \ Windows \ Tasks \ At4.job
c: \ Windows \ Tasks \ At5.job
c: \ Windows \ Tasks \ At6.job
c: \ Windows \ Tasks \ At7.job
c: \ Windows \ Tasks \ At8.job
c: \ Windows \ Tasks \ At9.job
.
((((((((((((((((((((((((((((((((((((((( Andre Bortfald ))))))))) ))))))))))))))))))))))))))))))))))))))))
.
c: \ windows \ system32 \ s1S8Dh6X.exe
C: \ Windows \ Tasks \ At1.job
c: \ Windows \ Tasks \ At10.job
c: \ Windows \ Tasks \ At11.job
c: \ Windows \ Tasks \ At12.job
c: \ Windows \ Tasks \ At13.job
c: \ Windows \ Tasks \ At14.job
c: \ Windows \ Tasks \ At15.job
c: \ Windows \ Tasks \ At16.job
c: \ Windows \ Tasks \ At17.job
c: \ Windows \ Tasks \ At18.job
c: \ Windows \ Tasks \ At19.job
c: \ Windows \ Tasks \ At2.job
c: \ Windows \ Tasks \ At20.job
c: \ Windows \ Tasks \ At21.job
c: \ Windows \ Tasks \ At22.job
c: \ Windows \ Tasks \ At23.job
c: \ Windows \ Tasks \ At24.job
c: \ Windows \ Tasks \ At3.job
c: \ Windows \ Tasks \ At4.job
c: \ Windows \ Tasks \ At5.job
c: \ Windows \ Tasks \ At6.job
c: \ Windows \ Tasks \ At7.job
c: \ Windows \ Tasks \ At8.job
c: \ Windows \ Tasks \ At9.job
.
((((((((((((((((((((((((( Files Created from 2008/10/07 til 2008/11/07 ))))))))))) ))))))))))))))))))))
.
2008-11-06 18:15. 2008-11-06 18:15 <DIR> d -------- C: \ program files \ CCleaner
2008-11-06 03:51. 2008-11-06 03:51 <DIR> d -------- C: \ program files \ Trend Micro
2008-11-06 03:22. 2008-11-06 03:22 <DIR> d -------- C: \ Programmer \ Alwil Software
2008-11-06 02:10. 2008-11-06 02:10 <DIR> d -------- C: \ program files \ Reference Assemblies
2008-11-06 02:07. 2008-11-06 02:07 <DIR> dr-h ----- C: \ AHCache
2008-11-05 23:11. 2008-11-06 02:12 <DIR> d -------- C: \ Documents and Settings \ MKJ \ Application Data \ Uniblue
2008-11-05 22:05. 2008-11-05 22:05 <DIR> d -------- C: \ Documents and Settings \ Administrator \ Application Data \ Malwarebytes
2008-11-05 22:04. 2008-11-05 22:04 <DIR> d -------- C: \ Documents and Settings \ Administrator
2008-11-05 16:34. 2008-11-05 16:34 <DIR> d -------- C: \ program files \ Xanga Uploader
2008-11-05 16:34. 2008-11-05 16:34 <DIR> d -------- C: \ Documents and Settings \ MKJ \ Application Data \. Xuploader
2008-11-05 16:08. 2008-11-05 16:08 <DIR> d -------- C: \ program files \ Malwarebytes 'Anti-Malware
2008-11-05 16:08. 2008-11-05 16:08 <DIR> d -------- C: \ Documents and Settings \ MKJ \ Application Data \ Malwarebytes
2008-11-05 16:08. 2008-11-05 16:08 <DIR> d -------- C: \ Documents and Settings \ All Users \ Application Data \ Malwarebytes
2008-11-05 16:08. 2008-10-22 16:10 38.496 - a ------ C: \ Windows \ system32 \ drivers \ mbamswissarmy.sys
2008-11-05 16:08. 2008-10-22 16:10 15.504 - a ------ C: \ Windows \ system32 \ drivers \ mbam.sys
2008-11-01 16:18. 2008-11-01 16:18 <DIR> d -------- C: \ Windows \ system32 \ IOSUBSYS
2008-11-01 16:18. 2008-11-01 16:18 <DIR> d -------- C: \ Programmer \ Google
2008-10-28 02:00. 2008-10-28 02:00 <DIR> d -------- C: \ program files \ MSXML 4.0
2008-10-28 01:19. 2008-10-28 01:19 <DIR> d -------- C: \ Documents and Settings \ MKJ \ Application Data \ Nokia
2008-10-28 01:19. 2008-10-28 01:19 <DIR> d -------- C: \ Documents and Settings \ MKJ \ Application Data \ Datalayer
2008-10-28 01:18. 2008-10-30 05:43 <DIR> d -------- C: \ Documents and Settings \ MKJ \ Phone Browser
2008-10-28 00:55. 2008-10-28 00:55 <DIR> d -------- C: \ Documents and Settings \ MKJ \ Application Data \ DivX
2008-10-28 00:54. 2008-10-28 00:54 <DIR> d -------- C: \ Programmer \ Windows Media Components
2008-10-28 00:54. 2005-06-10 09:43 73.728 - a ------ C: \ Windows \ system32 \ ISUSPM.cpl
2008-10-28 00:50. 2008-10-28 00:50 <DIR> d -------- C: \ program files \ DIFX
2008-10-28 00:50. 2008-10-28 00:50 <DIR> d -------- C: \ Programmer \ Common Files \ Nokia
2008-10-28 00:50. 2008-10-28 00:58 <DIR> d -------- C: \ Documents and Settings \ MKJ \ Application Data \ PC Suite
2008-10-28 00:50. 2008-10-28 00:58 <DIR> d -------- C: \ Documents and Settings \ All Users \ Application Data \ PC Suite
2008-10-28 00:50. 2008-10-28 00:50 <DIR> d -------- C: \ Documents and Settings \ All Users \ Application Data \ Downloaded Installations
2008-10-28 00:50. 2006-05-29 07:26 127.488 - a ------ C: \ Windows \ system32 \ drivers \ nmwcd.sys
2008-10-28 00:50. 2006-05-29 07:26 50.688 - a ------ C: \ Windows \ system32 \ nmwcdcls.dll
2008-10-28 00:50. 2006-05-29 07:26 30.720 - a ------ C: \ Windows \ system32 \ nmwcdcocls.dll
2008-10-28 00:50. 2006-05-29 07:26 13.312 - a ------ C: \ Windows \ system32 \ drivers \ nmwcdcm.sys
2008-10-28 00:50. 2006-05-29 07:26 13.312 - a ------ C: \ Windows \ system32 \ drivers \ nmwcdcj.sys
2008-10-28 00:50. 2006-05-29 07:26 8.704 - a ------ C: \ Windows \ system32 \ drivers \ nmwcdc.sys
2008-10-28 00:50. 2006-05-29 07:26 4.608 - a ------ C: \ Windows \ system32 \ nmwcdlog.dll
2008-10-28 00:49. 2008-10-28 00:49 <DIR> d -------- C: \ Windows \ Downloaded Installations
2008-10-28 00:49. 2008-10-28 00:51 <DIR> d -------- C: \ program files \ Nokia
2008-10-28 00:49. 2008-10-28 00:50 <DIR> d -------- C: \ Program Files \ Common Files \ pcsuite
2008-10-27 23:54. 2008-10-27 23:54 <DIR> d -------- C: \ Documents and Settings \ All Users \ Application Data \ EPSON
2008-10-27 21:55. 2008-10-27 21:55 <DIR> d -------- C: \ program files \ Ventrilo
2008-10-27 21:55. 2008-10-27 21:55 <DIR> d -------- C: \ Program Files \ Common Files \ Wise Installation Wizard
2008-10-27 21:55. 2008-10-27 21:56 <DIR> d -------- C: \ Documents and Settings \ MKJ \ Application Data \ Ventrilo
2008-10-27 21:13. 2008-11-06 20:34 160.100 - a ------ C: \ Windows \ system32 \ nvapps.xml
2008-10-27 21:05. 2008-11-05 16:09 <DIR> da ------ C: \ Documents and Settings \ All Users \ Application Data \ TEMP
2008-10-26 23:48. 2008-11-06 05:29 <DIR> d -------- C: \ program files \ eMule
2008-10-26 13:53. 2008-10-26 13:53 <DIR> d -------- C: \ Documents and Settings \ MKJ \ Application Data \ Viewpoint
2008-10-25 19:37. 2008-10-25 19:37 <DIR> d -------- C: \ program files \ iPod
2008-10-25 19:37. 2008-10-25 19:37 <DIR> d -------- C: \ Documents and Settings \ MKJ \ Application Data \ Apple Computer
2008-10-25 19:37. 2008-04-17 12:12 107.368 - a ------ C: \ Windows \ system32 \ GEARAspi.dll
2008-10-25 19:37. 2008-04-17 12:12 15.464 - a ------ C: \ Windows \ system32 \ drivers \ GEARAspiWDM.sys
2008-10-25 19:36. 2008-10-25 19:36 <DIR> d -------- C: \ Programmer \ QuickTime
2008-10-25 19:36. 2008-10-25 19:37 <DIR> d -------- C: \ program files \ iTunes
2008-10-25 19:36. 2008-10-25 19:36 <DIR> d -------- C: \ program files \ Bonjour
2008-10-25 19:36. 2008-10-25 19:36 <DIR> d -------- C: \ Programmer \ Apple Software Update
2008-10-25 19:36. 2008-10-25 19:36 <DIR> d -------- C: \ Documents and Settings \ All Users \ Application Data \ Apple Computer
2008-10-25 19:36. 2008-10-25 19:37 <DIR> d -------- C: \ Documents and Settings \ All Users \ Application Data \ (3276BE95_AF08_429F_A64F_CA64CB79BCF6)
2008-10-25 19:35. 2008-10-25 19:36 <DIR> d -------- C: \ Programmer \ Common Files \ Apple
2008-10-25 19:35. 2008-10-25 19:35 <DIR> d -------- C: \ Documents and Settings \ All Users \ Application Data \ Apple
2008-10-24 18:11. 2007-07-30 18:19 271.224 - a ------ C: \ Windows \ system32 \ mucltui.dll
2008-10-24 18:11. 2007-07-30 18:19 30.072 - a ------ C: \ Windows \ system32 \ mucltui.dll.mui
2008-10-24 15:39. 2008-10-24 15:39 <DIR> d -------- C: \ Documents and Settings \ All Users \ Application Data \ Blizzard
2008-10-24 14:24. 2008-10-24 14:24 <DIR> d -------- C: \ program files \ Real
2008-10-24 14:24. 2008-10-24 14:24 <DIR> d -------- C: \ Program Files \ Common Files \ xing delt
2008-10-24 14:24. 2008-10-24 14:24 <DIR> d -------- C: \ Program Files \ Common Files \ Real
2008-10-24 14:07. 2008-10-24 14:07 <DIR> d -------- C: \ Documents and Settings \ MKJ \ Logs
2008-10-24 13:59. 2008-10-24 13:59 <DIR> d -------- C: \ Logs
2008-10-24 10:05. 2008-10-27 21:15 <DIR> d -------- C: \ Windows \ nView
2008-10-24 10:05. 2008-01-10 01:30 442.368-ra ------ C: \ Windows \ system32 \ nvusmb.exe
2008-10-24 10:05. 2008-03-06 15:23 442.368 - a ------ C: \ Windows \ system32 \ NVUNINST.EXE
2008-10-24 10:05. 2008-03-19 04:04 442.368 - a ------ C: \ Windows \ system32 \ nvudisp.exe
2008-10-24 10:05. 2007-09-27 22:32 356.352-ra ------ C: \ Windows \ system32 \ nvusmu.exe
2008-10-24 10:05. 2008-01-03 17:26 17.737 - a ------ C: \ Windows \ system32 \ nvdisp.nvu
2008-10-24 10:05. 2007-10-12 03:53 13.312-ra ------ C: \ Windows \ system32 \ drivers \ nvsmu.sys
2008-10-24 10:05. 2007-12-07 03:12 5.836 - a ------ C: \ Windows \ system32 \ nvnrm.nvu
2008-10-24 10:05. 2008-01-16 17:17 3.948-ra ------ C: \ Windows \ system32 \ drivers \ nvphy.bin
2008-10-24 10:05. 2007-12-07 01:34 2.016-ra ------ C: \ Windows \ system32 \ nvsmb.nvu
2008-10-24 10:05. 2007-09-12 01:14 659-ra ------ C: \ Windows \ system32 \ nvsmu.nvu
2008-10-24 10:04. 2008-10-23 22:44 35.647 - a ------ C: \ Windows \ Ascd_log.ini
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))) ))))))))))))))))))))))))))))))))))))))))))))
.
2008-11-06 10:37 --------- d ----- wc: \ program files \ AIMTunes
2008-11-04 21:36 --------- d ----- wc: \ program files \ World of Warcraft
2008-10-28 05:55 --------- d ----- wc: \ program files \ Common Files \ Ulead Systems
2008-10-28 05:55 --------- d ----- wc: \ Documents and Settings \ MKJ \ Application Data \ Ulead Systems
2008-10-28 05:54 --------- d ----- wc: \ program files \ Ulead Systems
2008-10-28 05:54 --------- d ----- wc: \ Documents and Settings \ All Users \ Application Data \ Ulead Systems
2008-10-28 05:53 --------- d - h - wc: \ program files \ InstallShield Installation Information
2008-10-28 05:02 --------- d ----- wc: \ program files \ Common Files \ Adobe
2008-10-24 19:24 499.712 ---- aw C: \ Windows \ system32 \ msvcp71.dll
2008-10-24 19:24 348.160 ---- aw C: \ Windows \ system32 \ msvcr71.dll
2008-10-24 14:51 --------- d ----- wc: \ Programmer \ Microsoft frontpage
2008-10-24 07:55 --------- d ----- wc: \ Programmer \ MSN Messenger
2008-10-24 06:09 --------- d ----- wc: \ Programmer \ Microsoft CAPICOM 2.1.0.2
2008-10-24 05:44 --------- d ----- wc: \ program files \ Winamp
2008-10-24 05:44 --------- d ----- wc: \ Documents and Settings \ MKJ \ Application Data \ Winamp
2008-10-24 05:40 --------- d ----- wc: \ Documents and Settings \ MKJ \ Application Data \ acccore
2008-10-24 05:39 --------- d ----- wc: \ program files \ AIM6
2008-10-24 05:39 --------- d ----- wc: \ Documents and Settings \ All Users \ Application Data \ AOL Downloads
2008-10-24 05:38 --------- d ----- wc: \ program files \ Viewpoint
2008-10-24 05:38 --------- d ----- wc: \ program files \ Common Files \ AOL
2008-10-24 05:38 --------- d ----- wc: \ Documents and Settings \ All Users \ Application Data \ Viewpoint
2008-10-24 05:38 --------- d ----- wc: \ Documents and Settings \ All Users \ Application Data \ AOL OCP
2008-10-24 05:38 --------- d ----- wc: \ Documents and Settings \ All Users \ Application Data \ AOL
2008-10-24 05:38 --------- d ----- wc: \ Documents and Settings \ All Users \ Application Data \ acccore
2008-10-24 05:32 --------- d ----- wc: \ program files \ Common Files \ Blizzard Entertainment
2008-10-24 05:20 --------- d ----- wc: \ Programmer \ Windows Media Connect 2
2008-10-24 05:10 --------- d ----- wc: \ program files \ DivX
2008-10-24 05:08 --------- d ----- wc: \ program files \ DefilerPak
2008-10-24 04:37 --------- d ----- wc: \ program files \ Realtek
2008-10-24 04:33 --------- d ----- wc: \ Documents and Settings \ All Users \ Application Data \ Symantec
2008-10-24 04:18 --------- d ----- wc: \ program files \ Common Files \ Symantec Shared
2008-10-24 03:58 --------- d ----- wc: \ Documents and Settings \ All Users \ Application Data \ InstallShield
2008-10-24 03:57 --------- d ----- wc: \ program files \ Common Files \ InstallShield
2008-10-24 03:54 --------- d ----- wc: \ Documents and Settings \ All Users \ Application Data \ Corel
2008-10-24 03:33 --------- d ----- wc: \ program files \ ASUS
2008-10-24 03:08 315.392 ---- aw C: \ Windows \ HideWin.exe
2008-10-24 03:08 --------- d ----- wc: \ program files \ profil
2008-10-24 00:18 2.302.017 ---- aw C: \ Windows \ system32 \ GPhotos.scr
2008-09-23 22:46 245.408 ---- aw C: \ Windows \ system32 \ unicows.dll
2008-09-15 12:12 1.846.400 ---- aw C: \ Windows \ system32 \ Win32k.sys
2008-09-08 10:41 333.824 ---- aw C: \ Windows \ system32 \ drivers \ Srv.sys
2008-08-29 14:18 87.336 ---- aw C: \ Windows \ system32 \ dns-sd.exe
2008-08-29 13:53 61.440 ---- aw C: \ Windows \ system32 \ dnssd.dll
2008-08-26 07:24 826.368 ---- aw C: \ Windows \ system32 \ Wininet.dll
2008-08-14 10:09 2.145.280 ---- aw C: \ Windows \ system32 \ ntoskrnl.exe
2008-08-14 09:33 2.023.936 ---- aw C: \ Windows \ system32 \ Ntkrnlpa.exe
.
((((((((((((((((((((((((((((( Snapshot@2008-11-06_19.54.31.75 )))))))))) )))))))))))))))))))))))))))))))
.
- 2008-11-06 23:26:54 49.198 ---- aw C: \ Windows \ system32 \ perfc009.dat
+ 2008-11-07 00:54:48 49.198 ---- aw C: \ Windows \ system32 \ perfc009.dat
- 2008-11-06 23:26:54 390.094 ---- aw C: \ Windows \ system32 \ perfh009.dat
+ 2008-11-07 00:54:48 390.094 ---- aw C: \ Windows \ system32 \ perfh009.dat
+ 2008-11-07 01:33:47 16.384 ---- atw C: \ Windows \ Temp \ Perflib_Perfdata_584.dat
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))) ))))))))))))))))))))))))))))))))))))))))
.
.
* Note * empty entries & legit default entries er ikke vist
REGEDIT4
[HKEY_LOCAL_MACHINE \ ~ \ Browser Helper Objects \ (0A0DDBD3-6641-40B9-873F-BBDD26D6C14E)]
2008-10-23 02:37 147928 - a ------ C: \ program files \ eMule \ modules \ IE2EM.dll
[HKEY_CURRENT_USER \ SOFTWARE \ Microsoft \ Windows \ Curre ntVersion \ Run]
"CTFMON.EXE" = "c: \ windows \ system32 \ CTFMON.EXE" [2008-04-13 15360]
"\ \ MING3 \ EPSON Stylus C120 Series "=" c: \ Windows \ System32 \ spool \ DRIVERS \ W32X86 \ 3 \ E_FATICCA.EXE "[2007-03-12 182272]
"PcSync" = "c: \ Programmer \ Nokia \ Nokia PC Suite 6 \ PcSync2.exe" [2006-06-27 1449984]
[HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ Windows \ Curr entVersion \ Run]
"PHIME2002ASync" = "c: \ Windows \ System32 \ IME \ TINTLGNT \ TINTSETP.EXE" [2004-08-04 455168]
"PHIME2002A" = "c: \ Windows \ System32 \ IME \ TINTLGNT \ TIN TSETP.EXE" [2004-08-04 455168]
"Ai Nap" = "c: \ program files \ ASUS \ Ai Suite \ AiNap \ AiNap.exe" [2008-01-28 1413120]
"CPU Power Monitor" = "c: \ program files \ ASUS \ Ai Suite \ AiGear3 \ CpuPowerMonitor.exe" [2008-01-09 627200]
"Cpu Level Up help" = "c: \ program files \ ASUS \ Ai Suite \ CpuLevelUpHelp.exe" [2007-11-30 881152]
"ASUS Energy Saving" = "c: \ program files \ ASUS \ Ai Suite \ energibesparende \ PwSave.exe" [2008-01-28 1352704]
"Ulead AutoDetector v2" = "c: \ program files \ Common Files \ Ulead Systems \ AutoDetector \ monitor.exe" [2006-11-29 90112]
"MSMSGS" = "c: \ program files \ Common Files \ Real \ iTunes \ iTunesHelper.exe" [2008-10-24 185872]
"QuickTime Task" = "c: \ Programmer \ QuickTime \ qttask.exe" [2008-09-06 413696]
"iTunesHelper" = "c: \ Programmer \ iTunes \ iTunesHelper.exe" [2008-10-01 289576]
"NvMediaCenter" = "c: \ windows \ system32 \ NvMcTray.dll" [2008-01-03 13508608]
"NvCplDaemon" = "c: \ windows \ system32 \ NvMcTray. Dll" [2008-01-03 86016]
"Adobe Reader Speed Launcher" = "c: \ Programmer \ Adobe \ Reader 8.0 \ Reader \ Reader_sl.exe" [2008-01-11 39792]
"NSLauncher" = "c: \ Programmer \ Nokia \ Nokia Software Launcher \ NSLauncher.exe" [2006-11-28 2658304]
"Alcmtr" = "ALCMTR.EXE" [2008/05/07 C: \ Windows \ ALCMTR.EXE]
"NvMediaCenter" = "nwiz.exe" [2008/01/03 c: \ windows \ system32 \ nwiz.exe]
[HKEY_USERS \. DEFAULT \ Software \ Microsoft \ Windows \ Cur rentVersion \ Run]
"CTFMON.EXE" = "c: \ Windows \ System32 \ CTFMON.EXE" [2008-04-13 15360]
[HKEY_LOCAL_MACHINE \ Software \ Microsoft \ Windows NT \ CurrentVersion \ drivers32]
"msacm.dvacm" = c: \ progra ~ 1 \ FÆLLES ~ 1 \ ULEADS ~ 1 \ Vio \ Dvacm.acm
"msacm.divxa32" = DivXa32.acm
"msacm.ulmp3acm" = c: \ progra ~ 1 \ FÆLLES ~ 1 \ ULEADS ~ 1 \ MPEG \ ulmp3acm.acm
"msacm.mpegacm" = c: \ progra ~ 1 \ FÆLLES ~ 1 \ ULEADS ~ 1 \ MPEG \ mpegacm.acm
[HKEY_LOCAL_MACHINE \ Software \ Microsoft \ Windows NT \ CurrentVersion \ billedfil udførelse options \ dotnet3.exe]
"Debugger" = C: \ Windows \ Microsoft.NET \ Framework \ v2.0 ,50727 \ DotNetFxInstallBlock.exe
[HKEY_LOCAL_MACHINE \ Software \ Microsoft \ Windows NT \ CurrentVersion \ billedfil udførelse options \ dotnet3 [1]. Exe]
"Debugger" = C: \ Windows \ Microsoft.NET \ Framework \ v2.0 ,50727 \ DotNetFxInstallBlock.exe
[HKEY_LOCAL_MACHINE \ Software \ Microsoft \ Windows NT \ CurrentVersion \ billedfil udførelse options \ dotnet3 [2]. Exe]
"Debugger" = C: \ Windows \ Microsoft.NET \ Framework \ v2.0 ,50727 \ DotNetFxInstallBlock.exe
[HKEY_LOCAL_MACHINE \ Software \ Microsoft \ Windows NT \ CurrentVersion \ billedfil udførelse options \ dotnetfx.exe]
"Debugger" = C: \ Windows \ Microsoft.NET \ Framework \ v2.0 ,50727 \ DotNetFxInstallBlock.exe
[HKEY_LOCAL_MACHINE \ Software \ Microsoft \ Windows NT \ CurrentVersion \ billedfil udførelse options \ dotnetfx3.exe]
"Debugger" = C: \ Windows \ Microsoft.NET \ Framework \ v2.0 ,50727 \ DotNetFxInstallBlock.exe
[HKEY_LOCAL_MACHINE \ Software \ Microsoft \ Windows NT \ CurrentVersion \ billedfil udførelse options \ dotnetfx30SP1setup.exe]
"Debugger" = C: \ Windows \ Microsoft.NET \ Framework \ v2.0 ,50727 \ DotNetFxInstallBlock.exe
[HKEY_LOCAL_MACHINE \ Software \ Microsoft \ Windows NT \ CurrentVersion \ billedfil udførelse options \ dotnetfx30SP1setup [1]. Exe]
"Debugger" = C: \ Windows \ Microsoft.NET \ Framework \ v2.0 ,50727 \ DotNetFxInstallBlock.exe
[HKEY_LOCAL_MACHINE \ Software \ Microsoft \ Windows NT \ CurrentVersion \ billedfil udførelse options \ dotnetfx30SP1setup [2]. Exe]
"Debugger" = C: \ Windows \ Microsoft.NET \ Framework \ v2.0 ,50727 \ DotNetFxInstallBlock.exe
[HKEY_LOCAL_MACHINE \ Software \ Microsoft \ Windows NT \ CurrentVersion \ billedfil udførelse options \ dotnetfx35.exe]
"Debugger" = C: \ Windows \ Microsoft.NET \ Framework \ v2.0 ,50727 \ DotNetFxInstallBlock.exe
[HKEY_LOCAL_MACHINE \ Software \ Microsoft \ Windows NT \ CurrentVersion \ billedfil udførelse options \ dotnetfx35setup.exe]
"Debugger" = C: \ Windows \ Microsoft.NET \ Framework \ v2.0 ,50727 \ DotNetFxInstallBlock.exe
[HKEY_LOCAL_MACHINE \ Software \ Microsoft \ Windows NT \ CurrentVersion \ billedfil udførelse options \ dotnetfx35setup [1]. Exe]
"Debugger" = C: \ Windows \ Microsoft.NET \ Framework \ v2.0 ,50727 \ DotNetFxInstallBlock.exe
[HKEY_LOCAL_MACHINE \ Software \ Microsoft \ Windows NT \ CurrentVersion \ billedfil udførelse options \ dotnetfx35setup [2]. Exe]
"Debugger" = C: \ Windows \ Microsoft.NET \ Framework \ v2.0 ,50727 \ DotNetFxInstallBlock.exe
[HKEY_LOCAL_MACHINE \ Software \ Microsoft \ Windows NT \ CurrentVersion \ billedfil udførelse options \ dotnetfx35 [1]. Exe]
"Debugger" = C: \ Windows \ Microsoft.NET \ Framework \ v2.0 ,50727 \ DotNetFxInstallBlock.exe
[HKEY_LOCAL_MACHINE \ Software \ Microsoft \ Windows NT \ CurrentVersion \ billedfil udførelse options \ dotnetfx35 [2]. Exe]
"Debugger" = C: \ Windows \ Microsoft.NET \ Framework \ v2.0 ,50727 \ DotNetFxInstallBlock.exe
[HKEY_LOCAL_MACHINE \ Software \ Microsoft \ Windows NT \ CurrentVersion \ billedfil udførelse options \ dotnetfx3setup.exe]
"Debugger" = C: \ Windows \ Microsoft.NET \ Framework \ v2.0 ,50727 \ DotNetFxInstallBlock.exe
[HKEY_LOCAL_MACHINE \ Software \ Microsoft \ Windows NT \ CurrentVersion \ billedfil udførelse options \ dotnetfx3setup [1]. Exe]
"Debugger" = C: \ Windows \ Microsoft.NET \ Framework \ v2.0 ,50727 \ DotNetFxInstallBlock.exe
[HKEY_LOCAL_MACHINE \ Software \ Microsoft \ Windows NT \ CurrentVersion \ billedfil udførelse options \ dotnetfx3setup [2]. Exe]
"Debugger" = C: \ Windows \ Microsoft.NET \ Framework \ v2.0 ,50727 \ DotNetFxInstallBlock.exe
[HKEY_LOCAL_MACHINE \ Software \ Microsoft \ Windows NT \ CurrentVersion \ billedfil udførelse options \ dotnetfx3 [1]. Exe]
"Debugger" = C: \ Windows \ Microsoft.NET \ Framework \ v2.0 ,50727 \ DotNetFxInstallBlock.exe
[HKEY_LOCAL_MACHINE \ Software \ Microsoft \ Windows NT \ CurrentVersion \ billedfil udførelse options \ dotnetfx3 [2]. Exe]
"Debugger" = C: \ Windows \ Microsoft.NET \ Framework \ v2.0 ,50727 \ DotNetFxInstallBlock.exe
[HKEY_LOCAL_MACHINE \ Software \ Microsoft \ Windows NT \ CurrentVersion \ billedfil udførelse options \ dotnetfx3_ia64.exe]
"Debugger" = C: \ Windows \ Microsoft.NET \ Framework \ v2.0 ,50727 \ DotNetFxInstallBlock.exe
[HKEY_LOCAL_MACHINE \ Software \ Microsoft \ Windows NT \ CurrentVersion \ billedfil udførelse options \ dotnetfx3_ia64 [1]. Exe]
"Debugger" = C: \ Windows \ Microsoft.NET \ Framework \ v2.0 ,50727 \ DotNetFxInstallBlock.exe
[HKEY_LOCAL_MACHINE \ Software \ Microsoft \ Windows NT \ CurrentVersion \ billedfil udførelse options \ dotnetfx3_ia64 [2]. Exe]
"Debugger" = C: \ Windows \ Microsoft.NET \ Framework \ v2.0 ,50727 \ DotNetFxInstallBlock.exe
[HKEY_LOCAL_MACHINE \ Software \ Microsoft \ Windows NT \ CurrentVersion \ billedfil udførelse options \ dotnetfx3_x64.exe]
"Debugger" = C: \ Windows \ Microsoft.NET \ Framework \ v2.0 ,50727 \ DotNetFxInstallBlock.exe
[HKEY_LOCAL_MACHINE \ Software \ Microsoft \ Windows NT \ CurrentVersion \ billedfil udførelse options \ dotnetfx3_x64 [1]. Exe]
"Debugger" = C: \ Windows \ Microsoft.NET \ Framework \ v2.0 ,50727 \ DotNetFxInstallBlock.exe
[HKEY_LOCAL_MACHINE \ Software \ Microsoft \ Windows NT \ CurrentVersion \ billedfil udførelse options \ dotnetfx3_x64 [2]. Exe]
"Debugger" = C: \ Windows \ Microsoft.NET \ Framework \ v2.0 ,50727 \ DotNetFxInstallBlock.exe
[HKEY_LOCAL_MACHINE \ Software \ Microsoft \ Windows NT \ CurrentVersion \ billedfil udførelse options \ dotnetfx [1]. Exe]
"Debugger" = C: \ Windows \ Microsoft.NET \ Framework \ v2.0 ,50727 \ DotNetFxInstallBlock.exe
[HKEY_LOCAL_MACHINE \ Software \ Microsoft \ Windows NT \ CurrentVersion \ billedfil udførelse options \ dotnetfx [2]. Exe]
"Debugger" = C: \ Windows \ Microsoft.NET \ Framework \ v2.0 ,50727 \ DotNetFxInstallBlock.exe
[HKEY_LOCAL_MACHINE \ Software \ Microsoft \ Windows NT \ CurrentVersion \ billedfil udførelse options \ NetFx20SP1_ia64.exe]
"Debugger" = C: \ Windows \ Microsoft.NET \ Framework \ v2.0 ,50727 \ DotNetFxInstallBlock.exe
[HKEY_LOCAL_MACHINE \ Software \ Microsoft \ Windows NT \ CurrentVersion \ billedfil udførelse options \ NetFx20SP1_ia64 [1]. Exe]
"Debugger" = C: \ Windows \ Microsoft.NET \ Framework \ v2.0 ,50727 \ DotNetFxInstallBlock.exe
[HKEY_LOCAL_MACHINE \ Software \ Microsoft \ Windows NT \ CurrentVersion \ billedfil udførelse options \ NetFx20SP1_ia64 [2]. Exe]
"Debugger" = C: \ Windows \ Microsoft.NET \ Framework \ v2.0 ,50727 \ DotNetFxInstallBlock.exe
[HKEY_LOCAL_MACHINE \ Software \ Microsoft \ Windows NT \ CurrentVersion \ billedfil udførelse options \ NetFx20SP1_x64.exe]
"Debugger" = C: \ Windows \ Microsoft.NET \ Framework \ v2.0 ,50727 \ DotNetFxInstallBlock.exe
[HKEY_LOCAL_MACHINE \ Software \ Microsoft \ Windows NT \ CurrentVersion \ billedfil udførelse options \ NetFx20SP1_x64 [1]. Exe]
"Debugger" = C: \ Windows \ Microsoft.NET \ Framework \ v2.0 ,50727 \ DotNetFxInstallBlock.exe
[HKEY_LOCAL_MACHINE \ Software \ Microsoft \ Windows NT \ CurrentVersion \ billedfil udførelse options \ NetFx20SP1_x64 [2]. Exe]
"Debugger" = C: \ Windows \ Microsoft.NET \ Framework \ v2.0 ,50727 \ DotNetFxInstallBlock.exe
[HKEY_LOCAL_MACHINE \ Software \ Microsoft \ Windows NT \ CurrentVersion \ billedfil udførelse options \ NetFx20SP1_x86.exe]
"Debugger" = C: \ Windows \ Microsoft.NET \ Framework \ v2.0 ,50727 \ DotNetFxInstallBlock.exe
[HKEY_LOCAL_MACHINE \ Software \ Microsoft \ Windows NT \ CurrentVersion \ billedfil udførelse options \ NetFx20SP1_x86 [1]. Exe]
"Debugger" = C: \ Windows \ Microsoft.NET \ Framework \ v2.0 ,50727 \ DotNetFxInstallBlock.exe
[HKEY_LOCAL_MACHINE \ Software \ Microsoft \ Windows NT \ CurrentVersion \ billedfil udførelse options \ NetFx20SP1_x86 [2]. Exe]
"Debugger" = C: \ Windows \ Microsoft.NET \ Framework \ v2.0 ,50727 \ DotNetFxInstallBlock.exe
[HKEY_LOCAL_MACHINE \ Software \ Microsoft \ Windows NT \ CurrentVersion \ billedfil udførelse options \ NetFx20SP2_ia64.exe]
"Debugger" = C: \ Windows \ Microsoft.NET \ Framework \ v2.0 ,50727 \ DotNetFxInstallBlock.exe
[HKEY_LOCAL_MACHINE \ Software \ Microsoft \ Windows NT \ CurrentVersion \ billedfil udførelse options \ NetFx20SP2_ia64 [1]. Exe]
"Debugger" = C: \ Windows \ Microsoft.NET \ Framework \ v2.0 ,50727 \ DotNetFxInstallBlock.exe
[HKEY_LOCAL_MACHINE \ Software \ Microsoft \ Windows NT \ CurrentVersion \ billedfil udførelse options \ NetFx20SP2_ia64 [2]. Exe]
"Debugger" = C: \ Windows \ Microsoft.NET \ Framework \ v2.0 ,50727 \ DotNetFxInstallBlock.exe
[HKEY_LOCAL_MACHINE \ Software \ Microsoft \ Windows NT \ CurrentVersion \ billedfil udførelse options \ NetFx20SP2_x64.exe]
"Debugger" = C: \ Windows \ Microsoft.NET \ Framework \ v2.0 ,50727 \ DotNetFxInstallBlock.exe
[HKEY_LOCAL_MACHINE \ Software \ Microsoft \ Windows NT \ CurrentVersion \ billedfil udførelse options \ NetFx20SP2_x64 [1]. Exe]
"Debugger" = C: \ Windows \ Microsoft.NET \ Framework \ v2.0 ,50727 \ DotNetFxInstallBlock.exe
[HKEY_LOCAL_MACHINE \ Software \ Microsoft \ Windows NT \ CurrentVersion \ billedfil udførelse options \ NetFx20SP2_x64 [2]. Exe]
"Debugger" = C: \ Windows \ Microsoft.NET \ Framework \ v2.0 ,50727 \ DotNetFxInstallBlock.exe
[HKEY_LOCAL_MACHINE \ Software \ Microsoft \ Windows NT \ CurrentVersion \ billedfil udførelse options \ NetFx20SP2_x86.exe]
"Debugger" = C: \ Windows \ Microsoft.NET \ Framework \ v2.0 ,50727 \ DotNetFxInstallBlock.exe
[HKEY_LOCAL_MACHINE \ Software \ Microsoft \ Windows NT \ CurrentVersion \ billedfil udførelse options \ NetFx20SP2_x86 [1]. Exe]
"Debugger" = C: \ Windows \ Microsoft.NET \ Framework \ v2.0 ,50727 \ DotNetFxInstallBlock.exe
[HKEY_LOCAL_MACHINE \ Software \ Microsoft \ Windows NT \ CurrentVersion \ billedfil udførelse options \ NetFx20SP2_x86 [2]. Exe]
"Debugger" = C: \ Windows \ Microsoft.NET \ Framework \ v2.0 ,50727 \ DotNetFxInstallBlock.exe
[HKEY_LOCAL_MACHINE \ Software \ Microsoft \ Windows NT \ CurrentVersion \ billedfil udførelse options \ NetFx30SP1_x64.exe]
"Debugger" = C: \ Windows \ Microsoft.NET \ Framework \ v2.0 ,50727 \ DotNetFxInstallBlock.exe
[HKEY_LOCAL_MACHINE \ Software \ Microsoft \ Windows NT \ CurrentVersion \ billedfil udførelse options \ NetFx30SP1_x64 [1]. Exe]
"Debugger" = C: \ Windows \ Microsoft.NET \ Framework \ v2.0 ,50727 \ DotNetFxInstallBlock.exe
[HKEY_LOCAL_MACHINE \ Software \ Microsoft \ Windows NT \ CurrentVersion \ billedfil udførelse options \ NetFx30SP1_x64 [2]. Exe]
"Debugger" = C: \ Windows \ Microsoft.NET \ Framework \ v2.0 ,50727 \ DotNetFxInstallBlock.exe
[HKEY_LOCAL_MACHINE \ Software \ Microsoft \ Windows NT \ CurrentVersion \ billedfil udførelse options \ NetFx30SP1_x86.exe]
"Debugger" = C: \ Windows \ Microsoft.NET \ Framework \ v2.0 ,50727 \ DotNetFxInstallBlock.exe
[HKEY_LOCAL_MACHINE \ Software \ Microsoft \ Windows NT \ CurrentVersion \ billedfil udførelse options \ NetFx30SP1_x86 [1]. Exe]
"Debugger" = C: \ Windows \ Microsoft.NET \ Framework \ v2.0 ,50727 \ DotNetFxInstallBlock.exe
[HKEY_LOCAL_MACHINE \ Software \ Microsoft \ Windows NT \ CurrentVersion \ billedfil udførelse options \ NetFx30SP1_x86 [2]. Exe]
"Debugger" = C: \ Windows \ Microsoft.NET \ Framework \ v2.0 ,50727 \ DotNetFxInstallBlock.exe
[HKEY_LOCAL_MACHINE \ Software \ Microsoft \ Windows NT \ CurrentVersion \ billedfil udførelse options \ NetFx35_ia64.exe]
"Debugger" = C: \ Windows \ Microsoft.NET \ Framework \ v2.0 ,50727 \ DotNetFxInstallBlock.exe
[HKEY_LOCAL_MACHINE \ Software \ Microsoft \ Windows NT \ CurrentVersion \ billedfil udførelse options \ NetFx35_ia64 [1]. Exe]
"Debugger" = C: \ Windows \ Microsoft.NET \ Framework \ v2.0 ,50727 \ DotNetFxInstallBlock.exe
[HKEY_LOCAL_MACHINE \ Software \ Microsoft \ Windows NT \ CurrentVersion \ billedfil udførelse options \ NetFx35_ia64 [2]. Exe]
"Debugger" = C: \ Windows \ Microsoft.NET \ Framework \ v2.0 ,50727 \ DotNetFxInstallBlock.exe
[HKEY_LOCAL_MACHINE \ Software \ Microsoft \ Windows NT \ CurrentVersion \ billedfil udførelse options \ NetFx35_x64.exe]
"Debugger" = C: \ Windows \ Microsoft.NET \ Framework \ v2.0 ,50727 \ DotNetFxInstallBlock.exe
[HKEY_LOCAL_MACHINE \ Software \ Microsoft \ Windows NT \ CurrentVersion \ billedfil udførelse options \ NetFx35_x64 [1]. Exe]
"Debugger" = C: \ Windows \ Microsoft.NET \ Framework \ v2.0 ,50727 \ DotNetFxInstallBlock.exe
[HKEY_LOCAL_MACHINE \ Software \ Microsoft \ Windows NT \ CurrentVersion \ billedfil udførelse options \ NetFx35_x64 [2]. Exe]
"Debugger" = C: \ Windows \ Microsoft.NET \ Framework \ v2.0 ,50727 \ DotNetFxInstallBlock.exe
[HKEY_LOCAL_MACHINE \ Software \ Microsoft \ Windows NT \ CurrentVersion \ billedfil udførelse options \ NetFx35_x86.exe]
"Debugger" = C: \ Windows \ Microsoft.NET \ Framework \ v2.0 ,50727 \ DotNetFxInstallBlock.exe
[HKEY_LOCAL_MACHINE \ Software \ Microsoft \ Windows NT \ CurrentVersion \ billedfil udførelse options \ NetFx35_x86 [1]. Exe]
"Debugger" = C: \ Windows \ Microsoft.NET \ Framework \ v2.0 ,50727 \ DotNetFxInstallBlock.exe
[HKEY_LOCAL_MACHINE \ Software \ Microsoft \ Windows NT \ CurrentVersion \ billedfil udførelse options \ NetFx35_x86 [2]. Exe]
"Debugger" = C: \ Windows \ Microsoft.NET \ Framework \ v2.0 ,50727 \ DotNetFxInstallBlock.exe
[HKEY_LOCAL_MACHINE \ Software \ Microsoft \ Windows NT \ CurrentVersion \ billedfil udførelse options \ NetFx64.exe]
"Debugger" = C: \ Windows \ Microsoft.NET \ Framework \ v2.0 ,50727 \ DotNetFxInstallBlock.exe
[HKEY_LOCAL_MACHINE \ Software \ Microsoft \ Windows NT \ CurrentVersion \ billedfil udførelse options \ NetFx64 [1]. Exe]
"Debugger" = C: \ Windows \ Microsoft.NET \ Framework \ v2.0 ,50727 \ DotNetFxInstallBlock.exe
[HKEY_LOCAL_MACHINE \ Software \ Microsoft \ Windows NT \ CurrentVersion \ billedfil udførelse options \ NetFx64 [2]. Exe]
"Debugger" = C: \ Windows \ Microsoft.NET \ Framework \ v2.0 ,50727 \ DotNetFxInstallBlock.exe
[HKLM \ ~ \ Services \ sharedaccess \ Parameters \ firewallpo licy \ standardprofile \ AuthorizedApplications \ List]
"% windir% \ \ system32 \ \ sessmgr.exe" =
"% windir% \ \ Network Diagnostic \ \ xpnetdiag.exe" =
"c: \ \ Programmer \ \ Common Files \ \ AOL \ \ Loader \ \ aolload.exe" =
"c: \ \ Programmer \ \ AIM6 \ \ aim6.exe" =
"c: \ \ Programmer \ \ World of Warcraft \ \ WoW-2.3.0-enUS-downloader.exe" =
"c: \ \ Programmer \ \ MSN Messenger \ \ msnmsgr.exe" =
"c: \ \ Programmer \ \ MSN Messenger \ \ livecall.exe" =
"c: \ \ Programmer \ \ Bonjour \ \ mDNSResponder.exe" =
"c: \ \ Programmer \ \ iTunes \ \ iTunes.exe" =
"c: \ \ Programmer \ \ eMule \ \ emule.exe" =
[HKLM \ ~ \ Services \ sharedaccess \ Parameters \ firewallpo licy \ standardprofile \ GloballyOpenPorts \ List]
"3724: TCP" = 3724: TCP: Blizzard Downloader: 3724
"12178: TCP" = 12178: TCP: BitComet 12178 TCP
"12178: UDP" = 12178: UDP: BitComet 12178 UDP
R1 aswSP; avast! Self Protection; c: \ windows \ system32 \ drivers \ aswSP.sys [2008-07-19 78416]
R2 aswFsBlk; aswFsBlk c: \ windows \ system32 \ DRIVERS \ aswF sBlk.sys [2008-07-19 20560]
R2 Viewpoint Manager Service; Viewpoint Manager Service c: \ program files \ Viewpoint \ Common \ ViewpointService.exe [2007-01-04 24652]
R3 NVHDA; Service for NVIDIA High Definition Audio Driver c: \ windows \ system32 \ drivers \ nvhda32.sys [2008-05-04 38560]
.
Indhold af "Planlagte opgaver" mappe
2008/11/01 C: \ Windows \ Tasks \ AppleSoftwareUpdate.job
- C: \ Programmer \ Apple Software Update \ SoftwareUpdate.exe [2008-07-30 11:34]
.
************************************************** ************************
catchme 0.3.1367 W2K/XP/Vista - rootkit / stealth malware detector ved Gmer, http://www.gmer.net
Rootkit scan 2008-11-06 20:34:11
Windows 5.1.2600 Service Pack 3 NTFS
scanning skjulte processer ...
scanning skjulte autostart entries ...
scanning skjulte filer ...
scanning afsluttet med succes
skjulte filer: 0
************************************************** ************************
.
------------------------ Other Running Processes ----------------------- --
.
c: \ Programmer \ Alwil Software \ Avast4 \ aswUpdSv.exe
c: \ Programmer \ Alwil Software \ Avast4 \ ashServ.exe
c: \ Programmer \ Common Files \ Apple \ Mobile Device Support \ bin \ AppleMobileDeviceService.exe
c: \ Programmer \ Bonjour \ mDNSResponder.exe
C: \ Windows \ system32 \ nvsvc32.exe
C: \ Windows \ system32 \ PSIService.exe
c: \ program files \ ASUS \ AASP \ 1.00.61 \ aaCenter.exe
c: \ Programmer \ Alwil Software \ Avast4 \ ashMaiSv.exe
c: \ Programmer \ Alwil Software \ Avast4 \ ashWebSv.exe
C: \ Windows \ system32 \ rundll32.exe
c: \ Programmer \ iPod \ bin \ iPodService.exe
c: \ Programmer \ Common Files \ pcsuite \ Services \ ServiceLayer.exe
c: \ progra ~ 1 \ FÆLLES ~ 1 \ Nokia \ MPAPI \ MPAPI3s.exe
.
************************************************** ************************
.
Completion time: 2008-11-06 20:36:06 - maskinen blev genstartet
ComboFix-quarantined-files.txt 2008-11-07 01:36:02
ComboFix2.txt 2008-11-07 00:54:46
Pre-Run: 41668276224 bytes fri
Post-Run: 41678303232 bytes fri
418 --- EOF --- 2008-10-28 07:00:21

Tak
Reply
Side 1 af 2 1 2

Register
Thread Tools



Arabic Bulgarian Chinese (Simplified) Chinese (Traditional) Croatian Czech Danish Dutch English Finnish French German Greek Hebrew Hungarian Italian Japanese Korean Latvian Lithuanian Norwegian Polish Portuguese Romanian Russian Serbian Slovak Spanish Swedish Thai Turkish Ukrainian

Copyright © 2006 - 2009 Computer Juice.
Kontakt -- Privacy -- Sitemap -- Top

Annoncenetværk baseret på bytteøkonomi ® Copyright © 2000 - 2009 Jelsoft Enterprises Ltd SEO ved vBSEO © 2009, websteds egnethed til webcrawling, Inc.