Hej igen
Nu kommer de her
UPERAntiSpyware Scan Log
http://www.superantispyware.comGenerated 11/19/2007 at 05:08 PM
Application Version : 3.9.1008
Core Rules Database Version : 3346
Trace Rules Database Version: 1347
Scan type : Quick Scan
Total Scan Time : 00:00:11
Memory items scanned : 40
Memory threats detected : 0
Registry items scanned : 0
Registry threats detected : 0
File items scanned : 0
File threats detected : 0
--------------
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 17:11:08, on 19-11-2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16544)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\Programmer\Kaspersky Lab\Kaspersky Internet Security 6.0\avp.exe
C:\Acer\Empowering Technology\admServ.exe
C:\Programmer\Synaptics\SynTP\SynTPLpr.exe
C:\Programmer\Synaptics\SynTP\SynTPEnh.exe
C:\Programmer\Arcade\PCMService.exe
C:\Programmer\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\acer\Empowering Technology\ePower\epm-dm.exe
C:\Acer\Empowering Technology\eRecovery\Monitor.exe
C:\Acer\Empowering Technology\admtray.exe
C:\Programmer\Kaspersky Lab\Kaspersky Internet Security 6.0\avp.exe
C:\Programmer\HP\HP Software Update\HPWuSchd2.exe
C:\Programmer\Java\jre1.6.0_03\bin\jusched.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Programmer\HP\Digital Imaging\bin\hpqtra08.exe
C:\Programmer\Logitech\SetPoint\SetPoint.exe
C:\Programmer\Microsoft SQL Server\90\Shared\sqlwriter.exe
C:\WINDOWS\system32\svchost.exe
C:\Programmer\OpenOffice.org 2.3\program\soffice.exe
C:\Programmer\OpenOffice.org 2.3\program\soffice.BIN
C:\Programmer\Fælles filer\Logitech\KhalShared\KHALMNPR.EXE
C:\Programmer\SUPERAntiSpyware\SUPERAntiSpyware.exe
C:\WINDOWS\System32\svchost.exe
C:\Programmer\HP\Digital Imaging\bin\hpqSTE08.exe
C:\Programmer\HJTrenamed.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =
http://www.google.dk/R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
http://go.microsoft.com/fwlink/?LinkId=69157R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
http://go.microsoft.com/fwlink/?LinkId=54896R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =
http://go.microsoft.com/fwlink/?LinkId=54896R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =
http://go.microsoft.com/fwlink/?LinkId=69157R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext =
http://global.acer.com/R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Hyperlinks
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programmer\Fælles filer\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programmer\Java\jre1.6.0_03\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: (no name) - {ADECBED6-0366-4377-A739-E69DFBA04663} - (no file)
O4 - HKLM\..\Run: [LaunchApp] Alaunch
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [SynTPLpr] C:\Programmer\Synaptics\SynTP\SynTPLpr.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Programmer\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [PCMService] "C:\Programmer\Arcade\PCMService.exe"
O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
O4 - HKLM\..\Run: [MSPY2002] C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe /SYNC
O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - HKLM\..\Run: [ATIPTA] C:\Programmer\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [LManager] C:\Programmer\Launch Manager\QtZgAcer.EXE
O4 - HKLM\..\Run: [EPM-DM] c:\acer\Empowering Technology\ePower\epm-dm.exe
O4 - HKLM\..\Run: [Acer ePower Management] C:\Acer\Empowering Technology\ePower\Acer ePower Management.exe boot
O4 - HKLM\..\Run: [eRecoveryService] C:\Acer\Empowering Technology\eRecovery\Monitor.exe
O4 - HKLM\..\Run: [ADMTray.exe] "C:\Acer\Empowering Technology\admtray.exe"
O4 - HKLM\..\Run: [AVP] "C:\Programmer\Kaspersky Lab\Kaspersky Internet Security 6.0\avp.exe"
O4 - HKLM\..\Run: [HP Software Update] C:\Programmer\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Programmer\Java\jre1.6.0_03\bin\jusched.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Programmer\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Kernel and Hardware Abstraction Layer] KHALMNPR.EXE
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Programmer\Fælles filer\Nero\Lib\NeroCheck.exe
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [SUPERAntiSpyware] C:\Programmer\SUPERAntiSpyware\SUPERAntiSpyware.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOKAL TJENESTE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETVÆRKSTJENESTE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: OpenOffice.org 2.3.lnk = C:\Programmer\OpenOffice.org 2.3\program\quickstart.exe
O4 - Global Startup: Adobe Gamma Loader.lnk = ?
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Programmer\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: Logitech SetPoint.lnk = C:\Programmer\Logitech\SetPoint\SetPoint.exe
O8 - Extra context menu item: Tilføj til Kaspersky Anti-Banner - C:\Programmer\Kaspersky Lab\Kaspersky Internet Security 6.0\ie_banner_deny.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programmer\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programmer\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra button: Web Anti-Virus - {1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} - C:\Programmer\Kaspersky Lab\Kaspersky Internet Security 6.0\scieplugin.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programmer\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programmer\Messenger\msmsgs.exe
O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) -
http://www.kaspersky.com/kos/eng/partner/default/kavwebscan_unicode.cabO16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) -
http://go.microsoft.com/fwlink/?linkid=39204O16 - DPF: {5ED80217-570B-4DA9-BF44-BE107C0EC166} (Windows Live Safety Center Base Module) -
http://cdn.scan.onecare.live.com/resource/download/scanner/wlscbase4009.cabO16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) -
http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1180796623796O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) -
http://www.update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1185146921109O20 - AppInit_DLLs: C:\PROGRA~1\KASPER~1\KASPER~1.0\adialhk.dll
O20 - Winlogon Notify: !SASWinLogon - C:\Programmer\SUPERAntiSpyware\SASWINLO.dll
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: Kaspersky Internet Security 6.0 (AVP) - Kaspersky Lab - C:\Programmer\Kaspersky Lab\Kaspersky Internet Security 6.0\avp.exe
O23 - Service: AdminWorks Agent X6 (AWService) - Avocent Inc. - C:\Acer\Empowering Technology\admServ.exe
O23 - Service: LVSrvLauncher - Logitech Inc. - C:\Programmer\Fælles filer\LogiShrd\SrvLnch\SrvLnch.exe
O23 - Service: NMIndexingService - Nero AG - C:\Programmer\Fælles filer\Nero\Lib\NMIndexingService.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - Unknown owner - C:\Programmer\WinPcap\rpcapd.exe
--
End of file - 8278 bytes
og så den sidste
ComboFix 07-11-08.1 - Kurt Rasmussen 2007-11-16 19:09:14.4 - NTFSx86
Microsoft Windows XP Professional 5.1.2600.2.1252.1.1030.18.564 [GMT 1:00]
Running from: C:\Gem\ComboFix.exe
.
((((((((((((((((((((((((( Files Created from 2007-10-16 to 2007-11-16 )))))))))))))))))))))))))))))))
.
2007-11-19 16:48 401,720 --a------ C:\Programmer\HJTrenamed.exe
2007-11-19 16:44 <DIR> d-------- C:\Documents and Settings\Kurt Rasmussen\Application Data\SUPERAntiSpyware.com
2007-11-19 16:44 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\SUPERAntiSpyware.com
2007-11-19 12:31 <DIR> d-------- C:\Programmer\FLV Player
2007-11-19 11:32 <DIR> d-------- C:\WINDOWS\system32\Kaspersky Lab
2007-11-18 20:11 <DIR> d-------- C:\Programmer\Fælles filer\SWF Studio
2007-11-18 10:41 <DIR> dr------- C:\Documents and Settings\LocalService\Foretrukne
2007-11-18 00:54 626,688 --a------ C:\WINDOWS\system32\msvcr80.dll
2007-11-08 22:57 1,700,352 --a------ C:\WINDOWS\system32\GdiPlus.dll
2007-11-08 22:57 638,976 --a------ C:\WINDOWS\system32\divx.dll
2007-11-08 22:57 524,288 --a------ C:\WINDOWS\system32\xvidcore.dll
2007-11-08 22:57 438,272 --a------ C:\WINDOWS\system32\vp6vfw.dll
2007-11-08 22:57 413,760 --a------ C:\WINDOWS\system32\mpg4c32.dll
2007-11-08 22:57 261,632 --a------ C:\WINDOWS\system32\mcdvd_32.dll
2007-11-08 22:57 139,264 --a------ C:\WINDOWS\system32\xvidvfw.dll
2007-11-08 22:57 24,576 --a------ C:\WINDOWS\system32\msxml3a.dll
2007-11-06 19:59 <DIR> d-------- C:\Documents and Settings\Kurt Rasmussen\Application Data\vlc
2007-11-06 19:52 <DIR> d-------- C:\Programmer\VideoLAN
2007-11-05 05:46 <DIR> d-------- C:\WINDOWS\Freecorder Toolbar
2007-11-05 05:46 2,293,848 --a------ C:\Programmer\FLV PlayerFCSetup.exe
2007-11-05 05:45 <DIR> d-------- C:\WINDOWS\FLV Player
2007-10-29 13:06 <DIR> d-------- C:\Programmer\Nero
2007-10-29 13:06 <DIR> d-------- C:\Programmer\Fælles filer\Nero
2007-10-29 12:40 <DIR> d-------- C:\Programmer\NeroInstall.bak
2007-10-23 15:26 <DIR> d-------- C:\WINDOWS\Downloaded Installations
2007-10-23 12:24 51,200 --a------ C:\WINDOWS\NirCmd.exe
2007-10-22 11:28 <DIR> d-------- C:\Programmer\Sun
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2007-11-19 16:11 8,279 ----a-w C:\Programmer\hijackthis.log
2007-11-19 15:51 20,733,472 --sha-w C:\WINDOWS\system32\drivers\fidbox.dat
2007-11-19 15:44 1,065,248 --sha-w C:\WINDOWS\system32\drivers\fidbox2.dat
2007-11-19 11:21 --------- d-----w C:\Documents and Settings\All Users\Application Data\Microsoft Help
2007-11-18 21:55 280,064 --sha-w C:\WINDOWS\system32\drivers\fidbox.idx
2007-11-18 21:55 103,424 --sha-w C:\WINDOWS\system32\drivers\fidbox2.idx
2007-11-18 12:23 --------- d-----w C:\Programmer\MSN Messenger
2007-11-18 11:13 --------- d-----w C:\Programmer\Microsoft Visual Studio 8
2007-11-18 00:58 --------- d-----w C:\Programmer\Microsoft Visual Studio 9.0
2007-11-16 18:02 --------- d-----w C:\Documents and Settings\Kurt Rasmussen\Application Data\OpenOffice.org2
2007-11-16 18:02 --------- d-----w C:\Documents and Settings\All Users\Application Data\Kaspersky Lab
2007-11-14 15:23 --------- d-----w C:\Programmer\Mozilla Sunbird
2007-11-08 22:37 --------- d-----w C:\Programmer\Windows Live Safety Center
2007-11-08 22:17 --------- d-----w C:\Programmer\Fælles filer\Tjenester
2007-11-07 15:30 --------- d-----w C:\Programmer\Mozilla Thunderbird
2007-10-29 11:45 --------- d-----w C:\Documents and Settings\All Users\Application Data\Nero
2007-10-28 11:37 --------- d-----w C:\Programmer\Logitech
2007-10-28 11:37 --------- d-----w C:\Programmer\Fælles filer\LogiShrd
2007-10-25 16:43 8,472,064 ----a-w C:\WINDOWS\system32\dllcache\shell32.dll
2007-10-23 14:27 --------- d--h--w C:\Programmer\InstallShield Installation Information
2007-10-23 10:49 --------- d-----w C:\Programmer\RegSupreme Pro
2007-10-22 10:28 --------- d-----w C:\Programmer\Java
2007-10-22 10:03 --------- d-----w C:\Documents and Settings\Kurt Rasmussen\Application Data\Image Zone Express
2007-10-01 23:50 --------- d-----w C:\Documents and Settings\Kurt Rasmussen\Application Data\Nero
2007-10-01 23:39 --------- d-----w C:\Programmer\Fælles filer\Ahead
2007-10-01 22:23 --------- d-----w C:\Documents and Settings\Kurt Rasmussen\Application Data\Ahead
2007-10-01 09:05 --------- d-----w C:\Programmer\OpenOffice.org 2.3
2007-09-25 14:38 --------- d-----w C:\Documents and Settings\Kurt Rasmussen\Application Data\ZoomBrowser EX
2007-08-21 06:17 683,520 ----a-w C:\WINDOWS\system32\inetcomm.dll
2007-08-21 06:17 683,520 ----a-w C:\WINDOWS\system32\dllcache\inetcomm.dll
2007-08-20 10:00 824,832 ----a-w C:\WINDOWS\system32\dllcache\wininet.dll
2007-08-20 10:00 671,232 ----a-w C:\WINDOWS\system32\dllcache\mstime.dll
2007-08-20 10:00 63,488 ------w C:\WINDOWS\system32\dllcache\icardie.dll
2007-08-20 10:00 6,058,496 ----a-w C:\WINDOWS\system32\dllcache\ieframe.dll
2007-08-20 10:00 52,224 ----a-w C:\WINDOWS\system32\dllcache\msfeedsbs.dll
2007-08-20 10:00 477,696 ----a-w C:\WINDOWS\system32\dllcache\mshtmled.dll
2007-08-20 10:00 459,264 ----a-w C:\WINDOWS\system32\dllcache\msfeeds.dll
2007-08-20 10:00 44,544 ----a-w C:\WINDOWS\system32\dllcache\iernonce.dll
2007-08-20 10:00 384,512 ----a-w C:\WINDOWS\system32\dllcache\iedkcs32.dll
2007-08-20 10:00 383,488 ----a-w C:\WINDOWS\system32\dllcache\ieapfltr.dll
2007-08-20 10:00 3,584,512 ----a-w C:\WINDOWS\system32\dllcache\mshtml.dll
2007-08-20 10:00 27,648 ----a-w C:\WINDOWS\system32\dllcache\jsproxy.dll
2007-08-20 10:00 267,776 ----a-w C:\WINDOWS\system32\dllcache\iertutil.dll
2007-08-20 10:00 232,960 ----a-w C:\WINDOWS\system32\dllcache\webcheck.dll
2007-08-20 10:00 230,400 ----a-w C:\WINDOWS\system32\dllcache\ieaksie.dll
2007-08-20 10:00 214,528 ----a-w C:\WINDOWS\system32\dllcache\dxtrans.dll
2007-08-20 10:00 193,024 ----a-w C:\WINDOWS\system32\dllcache\msrating.dll
2007-08-20 10:00 153,088 ----a-w C:\WINDOWS\system32\dllcache\ieakeng.dll
2007-08-20 10:00 132,608 ----a-w C:\WINDOWS\system32\dllcache\extmgr.dll
2007-08-20 10:00 124,928 ----a-w C:\WINDOWS\system32\dllcache\advpack.dll
2007-08-20 10:00 105,984 ----a-w C:\WINDOWS\system32\dllcache\url.dll
2007-08-20 10:00 102,400 ----a-w C:\WINDOWS\system32\dllcache\occache.dll
2007-08-20 10:00 1,152,000 ----a-w C:\WINDOWS\system32\dllcache\urlmon.dll
2007-08-17 10:19 63,488 ----a-w C:\WINDOWS\system32\dllcache\ie4uinit.exe
2007-08-17 10:19 625,152 ----a-w C:\WINDOWS\system32\dllcache\iexplore.exe
2007-08-17 10:19 13,824 ----a-w C:\WINDOWS\system32\dllcache\ieudinit.exe
2007-08-17 07:34 161,792 ----a-w C:\WINDOWS\system32\dllcache\ieakui.dll
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"LaunchApp"="Alaunch" []
"IgfxTray"="C:\WINDOWS\system32\igfxtray.exe" [2005-02-07 18:36]
"HotKeysCmds"="C:\WINDOWS\system32\hkcmd.exe" [2005-02-07 18:32]
"SynTPLpr"="C:\Programmer\Synaptics\SynTP\SynTPLpr.exe" [2004-10-07 22:44]
"SynTPEnh"="C:\Programmer\Synaptics\SynTP\SynTPEnh.exe" [2004-10-07 22:43]
"PCMService"="C:\Programmer\Arcade\PCMService.exe" [2005-03-09 17:59]
"IMJPMIG8.1"="C:\WINDOWS\IME\imjp8_1\IMJPMIG.exe" [2004-08-27 04:00]
"MSPY2002"="C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe" [2004-08-27 13:00]
"PHIME2002ASync"="C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.exe" [2004-08-27 13:00]
"PHIME2002A"="C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.exe" [2004-08-27 13:00]
"ATIPTA"="C:\Programmer\ATI Technologies\ATI Control Panel\atiptaxx.exe" [2005-02-08 20:05]
"LManager"="C:\Programmer\Launch Manager\QtZgAcer.EXE" [2005-10-13 10:33]
"EPM-DM"="c:\acer\Empowering Technology\ePower\epm-dm.exe" [2005-07-15 09:53]
"Acer ePower Management"="C:\Acer\Empowering Technology\ePower\Acer ePower Management.exe" [2005-07-15 09:53]
"eRecoveryService"="C:\Acer\Empowering Technology\eRecovery\Monitor.exe" [2005-11-16 15:41]
"ADMTray.exe"="C:\Acer\Empowering Technology\admtray.exe" [2005-10-24 15:45]
"AVP"="C:\Programmer\Kaspersky Lab\Kaspersky Internet Security 6.0\avp.exe" [2007-03-09 19:50]
"HP Software Update"="C:\Programmer\HP\HP Software Update\HPWuSchd2.exe" [2005-05-11 22:12]
"SunJavaUpdateSched"="C:\Programmer\Java\jre1.6.0_03\bin\jusched.exe" [2007-09-25 00:11]
"Adobe Reader Speed Launcher"="C:\Programmer\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2007-10-10 18:51]
"Kernel and Hardware Abstraction Layer"="KHALMNPR.EXE" [2007-04-11 14:32 C:\WINDOWS\KHALMNPR.Exe]
"NeroFilterCheck"="C:\Programmer\Fælles filer\Nero\Lib\NeroCheck.exe" [2007-03-01 15:57]
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-27 11:00]
C:\Documents and Settings\Kurt Rasmussen\Menuen Start\Programmer\Start\
OpenOffice.org 2.3.lnk - C:\Programmer\OpenOffice.org 2.3\program\quickstart.exe [2007-09-11 04:43:54]
C:\Documents and Settings\All Users\Menuen Start\Programmer\Start\
Adobe Gamma Loader.lnk - C:\Programmer\F‘lles filer\Adobe\Calibration\Adobe Gamma Loader.exe [2007-07-01 20:40:14]
HP Digital Imaging Monitor.lnk - C:\Programmer\HP\Digital Imaging\bin\hpqtra08.exe [2005-05-11 22:23:26]
Logitech SetPoint.lnk - C:\Programmer\Logitech\SetPoint\SetPoint.exe [2007-06-25 12:34:41]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=C:\PROGRA~1\KASPER~1\KASPER~1.0\adialhk.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WdfLoadGroup]
@=""
R1 OsaFsLoc;OsaFsLoc;\??\C:\WINDOWS\system32\drivers\OsaFsLoc.sys
R1 UBHelper;UBHelper;C:\WINDOWS\system32\drivers\UBHelper.sys
R2 EpmPsd;Acer EPM Power Scheme Driver;\??\C:\WINDOWS\system32\drivers\epm-psd.sys
R2 EpmShd;Acer EPM System Hardware Driver;\??\C:\WINDOWS\system32\drivers\epm-shd.sys
R2 int15.sys;int15.sys;\??\C:\Acer\Empowering Technology\eRecovery\int15.sys
R2 osaio;osaio;\??\C:\WINDOWS\system32\drivers\osaio.sys
R2 osanbm;osanbm;\??\C:\WINDOWS\system32\drivers\osanbm.sys
R2 SQLWriter;SQL Server VSS Writer;"C:\Programmer\Microsoft SQL Server\90\Shared\sqlwriter.exe"
R3 NdisFilt;OSA NdisFilter Protocol;C:\WINDOWS\system32\Drivers\NdisFilt.sys
S3 DKbFltr;Dritek HotKey Keyboard Filter Driver;C:\WINDOWS\system32\Drivers\DKbFltr.sys
.
Contents of the 'Scheduled Tasks' folder
"2007-11-05 04:33:02 C:\WINDOWS\Tasks\AppleSoftwareUpdate.job"
.
**************************************************************************
catchme 0.3.1250 W2K/XP/Vista - rootkit/stealth malware detector by Gmer,
http://www.gmer.netRootkit scan 2007-11-16 19:11:26
Windows 5.1.2600 Service Pack 2 NTFS
scanning hidden processes ...
scanning hidden autostart entries ...
scanning hidden files ...
scan completed successfully
hidden files: 0
**************************************************************************
.
Completion time: 2007-11-16 19:12:02
C:\ComboFix2.txt ... 2007-10-23 12:41
.
--- E O F ---
Jeg tror det var Kaspersky der blokerede for Combofix
Ny bruger
Nybegynder
Opret
Preview
