hehe glemte at lægge logs med...
ComboFix:
ComboFix 08-08-09.06 - moesby 2008-08-10 16:10:59.1 - NTFSx86
Microsoft Windows XP Home Edition 5.1.2600.3.1252.1.1030.18.346 [GMT 2:00]
Running from: e:\combofix\combofix.exe
* Created a new restore point
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
C:\WINDOWS\Downloaded Program Files\setup.inf
C:\WINDOWS\system32\byXnKDUM.dll
C:\WINDOWS\system32\drivers\425d84ae.sys
C:\WINDOWS\system32\efcCuTlJ.dll
C:\WINDOWS\system32\ineunh.dll
C:\WINDOWS\system32\mcrh.tmp
C:\WINDOWS\system32\MUDKnXyb.ini
C:\WINDOWS\system32\MUDKnXyb.ini2
C:\WINDOWS\system32\oupsmvbl.dll
C:\WINDOWS\system32\winhdn32.dll
C:\WINDOWS\system32\wqnfwjap.dll
E:\Autorun.inf
.
((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.
-------\Service_425d84ae
((((((((((((((((((((((((( Files Created from 2008-07-10 to 2008-08-10 )))))))))))))))))))))))))))))))
.
2008-08-10 11:06 . 2007-05-30 14:10 10,872 --a------ C:\WINDOWS\system32\drivers\AvgAsCln.sys
2008-08-07 02:16 . 2008-08-07 03:05 <DIR> d-------- C:\Programmer\Enigma Software Group
2008-08-07 00:42 . 2008-08-07 00:42 <DIR> d-------- C:\Documents and Settings\moesby\Application Data\Grisoft
2008-08-07 00:37 . 2008-08-07 00:37 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Grisoft
2008-08-07 00:16 . 2008-08-07 00:16 2,048 --a------ C:\WINDOWS\system32\bmjdlxml.exe
2008-08-06 23:29 . 2008-08-09 23:06 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\services
2008-08-06 23:20 . 2008-08-06 23:20 2,048 --a------ C:\WINDOWS\system32\olndoilf.exe
2008-08-06 01:36 . 2008-08-06 01:36 <DIR> d-------- C:\Documents and Settings\moesby\Application Data\Malwarebytes
2008-08-06 01:35 . 2008-08-06 01:35 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Malwarebytes
2008-08-06 01:35 . 2008-07-30 20:07 38,472 --a------ C:\WINDOWS\system32\drivers\mbamswissarmy.sys
2008-08-06 01:35 . 2008-07-30 20:07 17,144 --a------ C:\WINDOWS\system32\drivers\mbam.sys
2008-08-06 00:33 . 2008-08-06 23:48 1,014,272 --a------ C:\WINDOWS\system32\dllcache\kernel32.dll
2008-08-06 00:33 . 2008-08-06 23:48 21,504 --a------ C:\WINDOWS\system32\dllcache\powrprof.dll
2008-08-06 00:28 . 2008-04-14 09:05 1,306,624 --------- C:\WINDOWS\system32\dllcache\msxml6.dll
2008-08-06 00:28 . 2008-04-14 08:42 83,456 --------- C:\WINDOWS\system32\dllcache\msxml6r.dll
2008-08-06 00:20 . 2008-04-13 09:36 144,384 --------- C:\WINDOWS\system32\drivers\hdaudbus.sys
2008-08-06 00:20 . 2008-04-13 11:40 10,240 --------- C:\WINDOWS\system32\drivers\sffp_mmc.sys
2008-08-06 00:17 . 2006-12-28 12:01 19,569 --a------ C:\WINDOWS\
003449_.tmp
2008-08-01 18:47 . 2008-08-01 18:47 136 --a------ C:\WINDOWS\system32\srvblck.tmp
2008-08-01 18:22 . 2008-08-04 02:19 <DIR> d-------- C:\WINDOWS\system32\dtw5d
2008-08-01 18:22 . 2008-08-01 18:22 <DIR> d-------- C:\WINDOWS\system32\cks
2008-08-01 17:52 . 2004-04-20 23:28 <DIR> d-------- C:\Documents and Settings\Administrator\WINDOWS
2008-08-01 17:52 . 2004-04-20 23:28 <DIR> dr------- C:\Documents and Settings\Administrator\Skrivebord
2008-08-01 17:52 . 2004-04-20 23:28 <DIR> d--h----- C:\Documents and Settings\Administrator\Skabeloner
2008-08-01 17:52 . 2004-04-20 23:28 <DIR> d--h----- C:\Documents and Settings\Administrator\Printere
2008-08-01 17:52 . 2004-04-20 23:28 <DIR> dr------- C:\Documents and Settings\Administrator\Menuen Start
2008-08-01 17:52 . 2004-04-20 23:28 <DIR> d--h----- C:\Documents and Settings\Administrator\Lokale indstillinger
2008-08-01 17:52 . 2004-04-20 23:28 <DIR> dr------- C:\Documents and Settings\Administrator\Foretrukne
2008-08-01 17:52 . 2004-04-20 23:28 <DIR> dr------- C:\Documents and Settings\Administrator\Dokumenter
2008-08-01 17:52 . 2004-04-20 23:28 <DIR> d-------- C:\Documents and Settings\Administrator\Application Data\Sonic
2008-08-01 17:52 . 2004-04-20 23:28 <DIR> d--h----- C:\Documents and Settings\Administrator\Andre computere
2008-08-01 17:52 . 2008-08-01 17:52 <DIR> d-------- C:\Documents and Settings\Administrator
2008-08-01 16:34 . 2008-08-06 23:48 1,014,272 --a------ C:\WINDOWS\system32\nwklr.ini
2008-08-01 16:34 . 2008-04-14 09:05 1,006,080 --a------ C:\WINDOWS\system32\korlg.ini
2008-08-01 16:34 . 2008-08-06 23:48 846,848 --a------ C:\WINDOWS\system32\nwwlnt.ini
2008-08-01 16:34 . 2008-04-23 09:20 826,368 --a------ C:\WINDOWS\system32\worlg.ini
2008-08-01 16:34 . 2008-08-06 23:48 34,816 --a------ C:\WINDOWS\system32\ldshyr.old
2008-08-01 16:34 . 2008-08-06 23:48 21,504 --a------ C:\WINDOWS\system32\nwpp.ini
2008-08-01 16:34 . 2008-04-14 09:05 17,408 --a------ C:\WINDOWS\system32\pporlg.ini
2008-08-01 16:34 . 2008-08-01 16:34 2 --a------ C:\-667614855
2008-08-01 16:21 . 2008-07-09 05:05 129,520 --------- C:\WINDOWS\system32\pxafs.dll
2008-08-01 16:21 . 2008-07-09 05:05 9,200 --------- C:\WINDOWS\system32\drivers\cdralw2k.sys
2008-08-01 16:21 . 2008-07-09 05:05 9,072 --------- C:\WINDOWS\system32\drivers\cdr4_xp.sys
2008-07-28 17:14 . <DIR> C:\Programmer\Fælles filer\Application
2008-07-28 17:14 . <DIR> C:\Programmer\Fælles filer\Ankiro
2008-07-19 21:15 . 2008-08-03 22:35 69 --a------ C:\WINDOWS\NeroDigital.ini
2008-07-17 15:19 . 2008-08-10 15:16 54,156 --ah----- C:\WINDOWS\QTFont.qfn
2008-07-17 15:19 . 2008-07-17 15:19 1,409 --a------ C:\WINDOWS\QTFont.for
2008-07-15 20:40 . 2008-07-15 20:40 <DIR> d-------- C:\Programmer\Sun
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-08-10 13:51 --------- d-----w C:\Programmer\Norton Security Scan
2008-08-10 13:10 --------- d--h--w C:\Programmer\InstallShield Installation Information
2008-08-10 13:07 --------- d-----w C:\Programmer\Google
2008-08-05 21:39 --------- d---a-w C:\Documents and Settings\All Users\Application Data\TEMP
2008-08-05 20:47 --------- d-----w C:\Documents and Settings\All Users\Application Data\Symantec
2008-08-02 08:15 --------- d-----w C:\Programmer\Symantec
2008-08-02 08:14 805 ----a-w C:\WINDOWS\system32\drivers\SYMEVENT.INF
2008-08-02 08:14 123,952 ----a-w C:\WINDOWS\system32\drivers\SYMEVENT.SYS
2008-08-02 08:14 10,671 ----a-w C:\WINDOWS\system32\drivers\SYMEVENT.CAT
2008-08-02 08:04 --------- d-----w C:\Programmer\Fælles filer\Symantec Shared
2008-07-30 15:42 23,888 ----a-w C:\WINDOWS\system32\drivers\COH_Mon.sys
2008-07-30 15:28 706 ----a-w C:\WINDOWS\system32\drivers\COH_Mon.inf
2008-07-30 15:28 10,537 ----a-w C:\WINDOWS\system32\drivers\coh_mon.cat
2008-07-27 23:02 --------- d-----w C:\Programmer\Fælles filer\Adobe
2008-07-23 07:48 --------- d-----w C:\Documents and Settings\moesby\Application Data\gtk-2.0
2008-07-15 18:39 --------- d-----w C:\Programmer\Java
2008-07-09 03:05 43,872 ------w C:\WINDOWS\system32\drivers\pxhelp20.sys
2008-07-08 18:56 --------- d-----w C:\Documents and Settings\moesby\Application Data\FileZilla
2008-06-27 16:14 --------- d-----w C:\Programmer\MSXML 6.0
2008-06-26 23:13 --------- d-----w C:\Documents and Settings\moesby\Application Data\Canneverbe_Limited
2008-06-26 22:50 --------- d-----w C:\Programmer\MSBuild
2008-06-26 22:36 --------- d-----w C:\Programmer\Reference Assemblies
2008-06-20 20:47 --------- d-----w C:\Programmer\SpeedBit Video Accelerator
2008-06-20 11:51 361,600 ----a-w C:\WINDOWS\system32\drivers\tcpip.sys
2008-06-20 11:40 138,496 ----a-w C:\WINDOWS\system32\drivers\afd.sys
2008-06-20 11:08 225,856 ----a-w C:\WINDOWS\system32\drivers\tcpip6.sys
2008-06-18 20:39 --------- d-----w C:\Programmer\Norton AntiVirus
2008-06-18 20:33 --------- d-----w C:\Programmer\Windows Sidebar
2008-06-18 20:17 --------- d-----w C:\Documents and Settings\moesby\Application Data\Symantec
2008-06-17 22:10 --------- d-----w C:\Documents and Settings\moesby\Application Data\Canon
2008-06-17 13:47 --------- d-----w C:\Programmer\Canon
2008-06-17 13:39 --------- d-----w C:\Programmer\Fælles filer\Canon
2008-06-16 22:51 --------- d-----w C:\Documents and Settings\All Users\Application Data\LightScribe
2008-06-16 22:41 --------- d-----w C:\Programmer\Fælles filer\LightScribe
2008-06-16 22:39 --------- d-----w C:\Documents and Settings\moesby\Application Data\Ahead
2008-06-16 22:38 --------- d-----w C:\Documents and Settings\All Users\Application Data\Ahead
2008-06-16 22:36 --------- d-----w C:\Programmer\Fælles filer\Ahead
2008-06-16 22:32 --------- d-----w C:\Programmer\Nero
2008-06-16 22:32 --------- d-----w C:\Documents and Settings\All Users\Application Data\Nero
2008-06-16 22:03 --------- d-----w C:\Programmer\ACW
2008-06-16 20:03 90,112 ----a-w C:\WINDOWS\DUMP6cd3.tmp
2008-06-16 19:52 90,112 ----a-w C:\WINDOWS\DUMP4a38.tmp
2008-06-16 16:49 --------- d-----w C:\Documents and Settings\moesby\Application Data\Uniblue
2008-06-14 17:35 272,256 ------w C:\WINDOWS\system32\drivers\bthport.sys
2008-06-13 12:14 31,280 ----a-w C:\WINDOWS\system32\drivers\SymIM.sys
2008-06-13 12:14 13,093 ----a-w C:\WINDOWS\system32\drivers\SymRedir.cat
2008-06-13 12:14 1,611 ----a-w C:\WINDOWS\system32\drivers\SymRedir.inf
2008-06-13 12:13 96,432 ----a-w C:\WINDOWS\system32\drivers\symfw.sys
2008-06-13 12:13 41,008 ----a-w C:\WINDOWS\system32\drivers\symndisv.sys
2008-06-13 12:13 38,576 ----a-w C:\WINDOWS\system32\drivers\symids.sys
2008-06-13 12:13 37,424 ----a-w C:\WINDOWS\system32\drivers\symndis.sys
2008-06-13 12:13 22,320 ----a-w C:\WINDOWS\system32\drivers\symredrv.sys
2008-06-13 12:13 184,240 ----a-w C:\WINDOWS\system32\drivers\symtdi.sys
2008-06-13 12:13 13,616 ----a-w C:\WINDOWS\system32\drivers\symdns.sys
2008-06-12 22:18 --------- d-----w C:\Programmer\DAP
2006-02-16 18:49 774,144 ----a-w C:\Programmer\RngInterstitial.dll
2005-01-31 19:40 255 ---ha-w C:\Programmer\hpothb07.tif
2005-01-31 19:40 143 ---ha-w C:\Programmer\hpothb07.dat
2005-01-16 13:15 315 ---ha-w C:\Documents and Settings\moesby\hpothb07.dat
2004-10-05 18:56 457 ----a-w C:\Programmer\INSTALL.LOG
1999-04-30 15:00 98,304 ----a-w C:\Programmer\internet explorer\plugins\UPjpeg.dll
.
------- Sigcheck -------
2004-09-29 20:46 658432 c934c5b3b35ed9dc9283730569696a3b C:\WINDOWS\$hf_mig$\KB834707\SP2QFE\wininet.dll
2005-01-27 19:13 659456 3cc06202b9930c58a17f8aa722567c0c C:\WINDOWS\$hf_mig$\KB867282\SP2QFE\wininet.dll
2005-05-02 22:58 660480 cc87712147fc5b8eb890dec908d26812 C:\WINDOWS\$hf_mig$\KB883939\SP2QFE\wininet.dll
2005-03-10 09:48 659456 9431d4017a535efd8ddd17aad23417c4 C:\WINDOWS\$hf_mig$\KB890923\SP2QFE\wininet.dll
2005-09-03 02:08 662016 ca6c0e1ef698128dae9e2322798d08d2 C:\WINDOWS\$hf_mig$\KB896688\SP2QFE\wininet.dll
2005-07-03 04:11 660992 87e146df1315d7e431bccd3abde6fc20 C:\WINDOWS\$hf_mig$\KB896727\SP2QFE\wininet.dll
2005-10-21 05:39 663040 e041b0263b9011977c74db9d95bea544 C:\WINDOWS\$hf_mig$\KB905915\SP2QFE\wininet.dll
2006-03-04 06:00 665088 4ad66aba8e6fb139d469599bb3646e34 C:\WINDOWS\$hf_mig$\KB912812\SP2QFE\wininet.dll
2006-05-10 07:26 665088 2a9d7d10558b3761a0eb6b075240b64a C:\WINDOWS\$hf_mig$\KB916281\SP2QFE\wininet.dll
2006-06-23 13:26 666112 19dba255f2c6457b657407726c7c45ae C:\WINDOWS\$hf_mig$\KB918899\SP2QFE\wininet.dll
2006-09-14 10:37 666112 420efd35f3c662f29983fc6cb42c8bef C:\WINDOWS\$hf_mig$\KB922760\SP2QFE\wininet.dll
2006-10-23 17:35 666112 77bde9d0d69641079b69cc377b114598 C:\WINDOWS\$hf_mig$\KB925454\SP2QFE\wininet.dll
2007-01-04 16:05 666624 702ce6fcf3c010ea120ac7e9b98faecf C:\WINDOWS\$hf_mig$\KB928090\SP2QFE\wininet.dll
2007-02-19 17:23 667136 ead008381cbf84f35b6defeb52348691 C:\WINDOWS\$hf_mig$\KB931768\SP2QFE\wininet.dll
2007-04-18 14:46 667136 e2239a1969ec56917ce7c943f88e48c1 C:\WINDOWS\$hf_mig$\KB933566\SP2QFE\wininet.dll
2007-06-26 16:43 667136 3e12bf374cbf64de85db67b7186936cd C:\WINDOWS\$hf_mig$\KB937143\SP2QFE\wininet.dll
2007-08-22 14:57 667136 93a4a24f5f6f06b52cd3c273ae68810a C:\WINDOWS\$hf_mig$\KB939653\SP2QFE\wininet.dll
2007-10-11 01:23 825344 081c26e082490ae3bc24e14dcbed2ef4 C:\WINDOWS\$hf_mig$\KB942615-IE7\SP2QFE\wininet.dll
2007-12-07 03:58 825344 2e10953a4a322abce58fc602d1341c11 C:\WINDOWS\$hf_mig$\KB944533-IE7\SP2QFE\wininet.dll
2008-03-01 14:35 827392 cd10c2876ce742d2d998cffafe976dbc C:\WINDOWS\$hf_mig$\KB947864-IE7\SP2QFE\wininet.dll
2008-04-23 06:21 827392 5a11ff73ab8b92316b23c96ef5ccc950 C:\WINDOWS\$hf_mig$\KB950759-IE7\SP2QFE\wininet.dll
2004-08-27 02:53 657920 d65b07b3a1072b7e2199a50e62472957 C:\WINDOWS\$NtUninstallKB834707$\wininet.dll
2004-02-06 18:07 590848 020f124855d9148b0a469cc4e5aadfa4 C:\WINDOWS\$NtUninstallKB834707-IE6SP1-20040929.091901$\wininet.dll
2004-09-29 20:49 658432 ebb98125fc49bbd4c22c909474114403 C:\WINDOWS\$NtUninstallKB867282$\wininet.dll
2005-03-10 10:04 658432 03aa98848e29be186f23d282b70575ac C:\WINDOWS\$NtUninstallKB883939$\wininet.dll
2005-01-27 19:14 658432 86c94b1caf5d46e08e7082ca20989322 C:\WINDOWS\$NtUninstallKB890923$\wininet.dll
2005-07-03 04:16 659968 d722d7e51dcca29ffc838daaf732eda5 C:\WINDOWS\$NtUninstallKB896688$\wininet.dll
2005-05-02 22:57 659456 f76b2fc2655901484e69752165834d04 C:\WINDOWS\$NtUninstallKB896727$\wininet.dll
2005-09-03 02:05 659968 43f7d84fa93f6999cc7223bd3a8cd1b8 C:\WINDOWS\$NtUninstallKB905915$\wininet.dll
2005-10-21 05:41 659968 a730f6d0d35b869cb2b6878082701340 C:\WINDOWS\$NtUninstallKB912812$\wininet.dll
2006-03-04 05:35 659968 a085b050f3b46fb16d4a3d708251a388 C:\WINDOWS\$NtUninstallKB916281$\wininet.dll
2006-05-10 07:25 659968 e42be334da0ed9daec90c909baf76e5c C:\WINDOWS\$NtUninstallKB918899$\wininet.dll
2006-06-23 13:12 660480 11b2370626e1d6c9c3c239ebe4af6bbc C:\WINDOWS\$NtUninstallKB922760$\wininet.dll
2006-09-14 10:39 660480 d33024d3e65f9ab8fe8b518b40d40c80 C:\WINDOWS\$NtUninstallKB925454$\wininet.dll
2006-10-23 17:19 660480 9a3bb3b523c1fb04c10e7209cea803fb C:\WINDOWS\$NtUninstallKB928090$\wininet.dll
2007-01-04 15:55 660480 2dbf645ac7b13baad4d50ab2bca192a9 C:\WINDOWS\$NtUninstallKB931768$\wininet.dll
2007-02-19 17:05 660480 5e445ba23b245c85fbea2fa7f23f3b5a C:\WINDOWS\$NtUninstallKB933566$\wininet.dll
2007-04-18 14:32 660480 29256170c87c7ba71c70a82bc40ef0c6 C:\WINDOWS\$NtUninstallKB937143$\wininet.dll
2007-06-26 16:13 660480 7f16a1e859de8bd1a402184fce3c5255 C:\WINDOWS\$NtUninstallKB939653$\wininet.dll
2007-08-22 15:14 660480 6f80927d035fc660764113555adf8a98 C:\WINDOWS\ie7\wininet.dll
2007-08-13 19:54 818688 a4a0fc92358f39538a6494c42ef99fe9 C:\WINDOWS\ie7updates\KB942615-IE7\wininet.dll
2007-10-11 01:52 824832 b0cf46acedf41147ec61838ccf7b1600 C:\WINDOWS\ie7updates\KB944533-IE7\wininet.dll
2007-12-07 04:13 824832 1ef69c7e7aba88d5bac2eaf4f8219412 C:\WINDOWS\ie7updates\KB947864-IE7\wininet.dll
2008-03-01 14:58 826368 2226f23358b9974122ba1511c5051716 C:\WINDOWS\ie7updates\KB950759-IE7\wininet.dll
2008-04-14 09:05 667648 14b6321e0c8748c02b5b38ba03fd1b99 C:\WINDOWS\ServicePackFiles\i386\wininet.dll
2007-10-11 01:52 824832 b0cf46acedf41147ec61838ccf7b1600 C:\WINDOWS\SoftwareDistribution\Download\e5d13d68e6b07daf2d1fa36239823e6c\SP2GDR\wininet.dll
2007-10-11 01:23 825344 081c26e082490ae3bc24e14dcbed2ef4 C:\WINDOWS\SoftwareDistribution\Download\e5d13d68e6b07daf2d1fa36239823e6c\SP2QFE\wininet.dll
2008-08-06 23:48 846848 def7cebe0cd173f3efe41ee0a437f9d5 C:\WINDOWS\system32\wininet.dll
2008-08-06 23:48 846848 def7cebe0cd173f3efe41ee0a437f9d5 C:\WINDOWS\system32\dllcache\wininet.dll
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [2008-04-14 09:05 15360]
"swg"="C:\Programmer\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2008-04-07 23:08 68856]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"AS00_Netgear"="C:\Programmer\NETGEAR\Wireless Smart Configuration\Utility\NetgearAG.exe" [2003-05-16 13:59 389120]
"MimBoot"="C:\PROGRA~1\MUSICM~1\MUSICM~1\mimboot.exe" [2005-05-10 16:04 11776]
"SunJavaUpdateSched"="C:\Programmer\Java\jre1.6.0_07\bin\jusched.exe" [2008-06-10 04:27 144784]
"QuickTime Task"="c:\programmer\quicktime\qttask.exe" [2008-02-01 00:13 385024]
"iTunesHelper"="E:\Programmer\iTunes\iTunesHelper.exe" [2008-02-19 14:10 267048]
"SecurDisc"="C:\Programmer\Nero\Nero 7\InCD\NBHGui.exe" [2007-06-25 08:47 1629480]
"InCD"="C:\Programmer\Nero\Nero 7\InCD\InCD.exe" [2007-06-25 08:47 1057064]
"osCheck"="C:\Programmer\Norton AntiVirus\osCheck.exe" [2008-02-07 00:49 718704]
"SPAMfighter Agent"="E:\Programmer\SPAMfighter\SFAgent.exe" [2008-07-14 18:38 321160]
"!AVG Anti-Spyware"="E:\Programmer\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" [2007-06-11 11:25 6731312]
"EssSpkPhone"="essspk.exe" [2001-10-19 04:49 49152 C:\WINDOWS\essspk.exe]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\System32\CTFMON.EXE" [2008-04-14 09:05 15360]
C:\Documents and Settings\moesby\Menuen Start\Programmer\Start\
Adobe Gamma.lnk - C:\Programmer\F‘lles filer\Adobe\Calibration\Adobe Gamma Loader.exe [2004-04-30 23:26:53 113664]
C:\Documents and Settings\All Users\Menuen Start\Programmer\Start\
Acrobat Assistant.lnk - E:\Programmer\Adobe\Acrobat 6.0\Distillr\acrotray.exe [2003-10-24 06:37:56 217194]
Adobe Reader Hurtigstart.lnk - C:\Programmer\Adobe\Acrobat 7.0\Reader\reader_sl.exe [2008-04-23 03:38:16 29696]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"VIDC.UV12"= SCDeluxe.ax
"MSVideo8"= CoVFW.dll
"VIDC.JPEG"= jpegCode.dll
"VIDC.MJPG"= pvmjpg21.dll
[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"AntiVirusDisableNotify"=dword:00000001
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring]
"DisableMonitoring"=dword:00000001
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]
"DisableMonitoring"=dword:00000001
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]
"DisableMonitoring"=dword:00000001
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"C:\\Programmer\\Messenger\\msmsgs.exe"=
"E:\\Programmer\\Skype\\Phone\\Skype.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"C:\\Programmer\\Windows Live\\Messenger\\msnmsgr.exe"=
"C:\\Programmer\\Windows Live\\Messenger\\livecall.exe"=
"E:\\Programmer\\iTunes\\iTunes.exe"=
R1 Asapi;Asapi;C:\WINDOWS\system32\drivers\Asapi.sys [2002-08-06 09:48]
R2 NMSAccessU;NMSAccessU;E:\Programmer\CDBurnerXP\NMSAccessU.exe [2008-06-15 15:34]
R2 sbbotdi;sbbotdi;C:\PROGRA~1\SPEEDB~1\sbbotdi.sys [2008-06-12 23:59]
R2 SPAMfighter Update Service;SPAMfighter Update Service;E:\Programmer\SPAMfighter\sfus.exe [2008-07-14 18:39]
R2 VideoAcceleratorService;VideoAcceleratorService;C:\PROGRA~1\SPEEDB~1\VideoAcceleratorService.exe [2008-06-12 23:59]
R2 Viewpoint Manager Service;Viewpoint Manager Service;C:\Programmer\Viewpoint\Common\ViewpointService.exe [2007-01-04 23:38]
R3 AWINDIS5;AWINDIS5 Protocol Driver;C:\WINDOWS\system32\AWINDIS5.SYS [2002-04-11 17:43]
R3 STAC97NA;SigmaTel 3D Environmental Audio;C:\WINDOWS\system32\drivers\stac97na.sys [2002-09-20 19:42]
R3 STAC97NH;STAC97NH;C:\WINDOWS\system32\drivers\stac97nh.sys [2002-09-20 19:43]
S2 Automatisk LiveUpdate-planlægning;Automatisk LiveUpdate-planlægning;C:\Programmer\Symantec\LiveUpdate\ALUSchedulerSvc.exe [2008-02-09 18:06]
S2 CoachWdm;Mustek MDC 3000;C:\WINDOWS\system32\Drivers\CoachWdm.sys []
S3 COH_Mon;COH_Mon;C:\WINDOWS\system32\Drivers\COH_Mon.sys [2008-07-30 17:42]
S3 DUSBTAWAN;miniVigor128 NDISWAN Driver;C:\WINDOWS\system32\DRIVERS\musbwn2k.sys [2002-02-21 12:45]
S3 FakeWDMmdm;DWDMCOMM;C:\WINDOWS\system32\DRIVERS\dusbcomm.sys [2002-02-21 12:45]
S3 mDTA128;miniVigor USB;C:\WINDOWS\system32\DRIVERS\musbta2k.sys [2002-02-21 12:45]
S3 NETGEAR_WG311_SERVICE;NETGEAR WG311 Wireless PCI Adapter Service;C:\WINDOWS\system32\DRIVERS\wg311nd5.sys [2003-03-17 20:27]
S3 NPF;NetGroup Packet Filter Driver;C:\WINDOWS\system32\drivers\npf.sys [2007-01-25 19:31]
S3 SCDELUXES;SiPix StyleCam Deluxe (still);C:\WINDOWS\system32\DRIVERS\se402sc.sys []
S3 SCDELUXEV;SiPix StyleCam Deluxe (video);C:\WINDOWS\system32\DRIVERS\se402vc.sys []
Start Pending2 LiveUpdate Notice;LiveUpdate Notice;C:\Programmer\Fælles filer\Symantec Shared\ccSvcHst.exe []
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{10880D85-AAD9-4558-ABDC-2AB1552D831F}]
"C:\Programmer\Fælles filer\LightScribe\LSRunOnce.exe"
.
Contents of the 'Scheduled Tasks' folder
.
- - - - ORPHANS REMOVED - - - -
HKCU-Run-BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA} - C:\Programmer\Fælles filer\Ahead\Lib\NMBgMonitor.exe
HKCU-Run-Sonic RecordNow! - (no file)
HKLM-Run-SiS KHooker - C:\WINDOWS\System32\khooker.exe
HKLM-Run-UpdateManager - c:\Programmer\Fælles filer\Sonic\Update Manager\sgtray.exe
HKLM-Run-TkBellExe - C:\Programmer\Fælles filer\Real\Update_OB\realsched.exe
HKLM-Run-NeroFilterCheck - C:\Programmer\Fælles filer\Ahead\Lib\NeroCheck.exe
HKLM-Run-ccApp - C:\Programmer\Fælles filer\Symantec Shared\ccApp.exe
HKLM-Run-mswspl - (no file)
Notify-winhdn32 - winhdn32.dll
.
------- Supplementary Scan -------
.
FireFox -: Profile - C:\Documents and Settings\moesby\Application Data\Mozilla\Firefox\Profiles\g9n7xn75.default\
FireFox -: prefs.js - STARTUP.HOMEPAGE -
hxxp://www.vesterskovmark.dk/**************************************************************************
catchme 0.3.1361 W2K/XP/Vista - rootkit/stealth malware detector by Gmer,
http://www.gmer.netRootkit scan 2008-08-10 16:29:29
Windows 5.1.2600 Service Pack 3 NTFS
scanning hidden processes ...
scanning hidden autostart entries ...
scanning hidden files ...
scan completed successfully
hidden files: 0
**************************************************************************
.
--------------------- DLLs Loaded Under Running Processes ---------------------
PROCESS: C:\WINDOWS\system32\winlogon.exe
-> C:\WINDOWS\system32\tsd32.dll
.
------------------------ Other Running Processes ------------------------
.
E:\EASYPH~1\apache\apache.exe
C:\Programmer\Fælles filer\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
E:\EASYPH~1\apache\apache.exe
E:\Programmer\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\Programmer\Nero\Nero 7\InCD\InCDsrv.exe
C:\Programmer\Fælles filer\LightScribe\LSSrvc.exe
E:\EASYPH~1\mysql\bin\mysqld.exe
C:\Programmer\Canon\CAL\CALMAIN.exe
C:\Programmer\Viewpoint\Viewpoint Manager\ViewMgr.exe
C:\PROGRA~1\SPEEDB~1\VideoAcceleratorEngine.exe
C:\PROGRA~1\MUSICM~1\MUSICM~1\MMDiag.exe
C:\Programmer\Fælles filer\Ahead\Lib\NMIndexingService.exe
C:\Programmer\Musicmatch\Musicmatch Jukebox\mim.exe
C:\WINDOWS\system32\msiexec.exe
C:\Programmer\Fælles filer\Ahead\Lib\NMIndexStoreSvr.exe
C:\Programmer\iPod\bin\iPodService.exe
.
**************************************************************************
.
Completion time: 2008-08-10 16:44:07 - machine was rebooted
ComboFix-quarantined-files.txt 2008-08-10 14:43:50
Pre-Run: 3,046,825,984 byte ledig
Post-Run: 5,066,690,560 byte ledig
320 --- E O F --- 2008-07-14 15:50:47
------------------------------------------------------
HJT:
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 22:26:57, on 10-08-2008
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16674)
Boot mode: Safe mode with network support
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
E:\Programmer\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\WINDOWS\Explorer.EXE
e:\hjt\hijackthis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =
www.vesterskovmark.dk/R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
http://go.microsoft.com/fwlink/?LinkId=69157R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
http://go.microsoft.com/fwlink/?LinkId=54896R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =
http://go.microsoft.com/fwlink/?LinkId=54896R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page_bak =
http://www.vesterskovmark.dk/R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Hyperlinks
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programmer\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: CBTB00001 Class - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - E:\PROGRA~1\Skype\toolbars\SKYPEF~1\toolbar.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programmer\Java\jre1.6.0_07\bin\ssv.dll
O2 - BHO: Hjælp til tilmelding til Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programmer\Fælles filer\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Viewpoint Toolbar BHO - {A7327C09-B521-4EDB-8509-7D2660C9EC98} - C:\Programmer\Viewpoint\Viewpoint Toolbar\3.8.0\ViewBarBHO.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\programmer\google\googletoolbar1.dll
O2 - BHO: AcroIEToolbarHelper Class - {AE7CD045-E861-484f-8273-0445EE161910} - E:\Programmer\Adobe\Acrobat 6.0\Acrobat\AcroIEFavClient.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Programmer\Google\GoogleToolbarNotifier\3.0.1225.9868\swg.dll
O2 - BHO: Adobe PDF Reader Link Helper - {B782EDE4-CCB3-4E3E-981F-96C68116F38C} - C:\WINDOWS\system32\AcroIEHelpe.dll
O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - E:\Programmer\Adobe\Acrobat 6.0\Acrobat\AcroIEFavClient.dll
O3 - Toolbar: Skype™ For Internet Explorer - {B13721C7-F507-4982-B2E5-502A71474FED} - E:\Programmer\Skype\toolbars\Skype for Internet Explorer\toolbar.dll
O3 - Toolbar: Viewpoint Toolbar - {F8AD5AA5-D966-4667-9DAF-2561D68B2012} - C:\Programmer\Fælles filer\Viewpoint\Toolbar Runtime\3.8.0\IEViewBar.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\programmer\google\googletoolbar1.dll
O4 - HKLM\..\Run: [EssSpkPhone] essspk.exe
O4 - HKLM\..\Run: [AS00_Netgear] C:\Programmer\NETGEAR\Wireless Smart Configuration\Utility\NetgearAG.exe -hide
O4 - HKLM\..\Run: [MimBoot] C:\PROGRA~1\MUSICM~1\MUSICM~1\mimboot.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Programmer\Java\jre1.6.0_07\bin\jusched.exe"
O4 - HKLM\..\Run: [QuickTime Task] "c:\programmer\quicktime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "E:\Programmer\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [SecurDisc] C:\Programmer\Nero\Nero 7\InCD\NBHGui.exe
O4 - HKLM\..\Run: [InCD] C:\Programmer\Nero\Nero 7\InCD\InCD.exe
O4 - HKLM\..\Run: [osCheck] "C:\Programmer\Norton AntiVirus\osCheck.exe"
O4 - HKLM\..\Run: [SPAMfighter Agent] "E:\Programmer\SPAMfighter\SFAgent.exe" update delay 60
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "e:\programmer\grisoft\avg anti-spyware 7.5\avgas.exe" /minimized
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [swg] C:\Programmer\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
O4 - Startup: Adobe Gamma.lnk = ?
O4 - Global Startup: Acrobat Assistant.lnk = E:\Programmer\Adobe\Acrobat 6.0\Distillr\acrotray.exe
O4 - Global Startup: Adobe Reader Hurtigstart.lnk = C:\Programmer\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O8 - Extra context menu item: &Clean Traces - C:\Programmer\DAP\Privacy Package\dapcleanerie.htm
O8 - Extra context menu item: &Download with &DAP - C:\Programmer\DAP\dapextie.htm
O8 - Extra context menu item: Download &all with DAP - C:\Programmer\DAP\dapextie2.htm
O8 - Extra context menu item: E&ksporter til Microsoft Excel -
res://E:\PROGRA~1\MICROS~1\OFFICE11\EXCEL.EXE/3000O8 - Extra context menu item: Overfør med Star Downloader - E:\Programmer\Star Downloader\sdie.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programmer\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programmer\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra button: ICQ Pro - {6224f700-cba3-4071-b251-47cb894244cd} - E:\PROGRA~1\ICQ\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ - {6224f700-cba3-4071-b251-47cb894244cd} - E:\PROGRA~1\ICQ\ICQ.exe
O9 - Extra button: Opslag - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - E:\PROGRA~1\MICROS~1\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {fb5f1910-f110-11d2-bb9e-00c04f795683} - C:\Programmer\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {fb5f1910-f110-11d2-bb9e-00c04f795683} - C:\Programmer\Messenger\msmsgs.exe
O12 - Plugin for .spop: C:\Programmer\Internet Explorer\Plugins\NPDocBox.dll
O12 - Plugin for .UVR: C:\Programmer\Internet Explorer\Plugins\NPUPano.dll
O14 - IERESET.INF: START_PAGE_URL=http://www.get2net.dk/
O16 - DPF: {01111C00-3E00-11D2-8470-0060089874ED} (Support.com ActionRunner Class) -
http://netsupport2.tdconline.dk/sdccommon/download/tgctlar.cabO16 - DPF: {07D09E9E-C667-45DD-B035-217BC2A61A3B} (ActiveX sikkerhedssoftware Control) -
https://www.portalbank.dk/package/sdc/external/activex/ActiveXSikkerhedssoftware-prod-1.20.cabO16 - DPF: {14B87622-7E19-4EA8-93B3-97215F77A6BC} (MessengerStatsClient Class) -
http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab31267.cabO16 - DPF: {3a4f9191-65a8-11d5-85c1-0001023952c1} (TE) -
http://130.228.229.80/homeskyline/TEInstall/TE.cabO16 - DPF: {3D2CB570-D425-11D5-ABD0-00008369C46F} (CSMenu Class) -
http://netbank.bgbank.dk/html/activex/BG/Menu.cabO16 - DPF: {6A344D34-5231-452A-8A57-D064AC9B7862} (Symantec Download Manager) -
https://webdl.symantec.com/activex/symdlmgr.cabO16 - DPF: {7E980B9B-8AE5-466A-B6D6-DA8CF814E78A} (MJLauncherCtrl Class) -
http://www.shockwave.com/content/luxor/mjolauncher.cabO16 - DPF: {8EC18CE2-D7B4-11D2-88C8-006008A717FD} (NCSView Class) -
http://www.kortal.dk/ecwplugins/ncs.cabO16 - DPF: {917623D1-D8E5-11D2-BE8B-00104B06BDE3} (CamImage Class) -
http://www.webcam2.dk/activex/AxisCamControl.cabO16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) -
http://messenger.msn.com/download/MsnMessengerSetupDownloader.cabO16 - DPF: {D216644A-C6DB-49D9-BBCF-D38FE7991BF2} (Util Class) -
https://udstedelse.certifikat.tdc.dk/csp/authenticode/tdccsp-0506.exeO16 - DPF: {D821DC4A-0814-435E-9820-661C543A4679} (CRLDownloadWrapper Class) -
http://drmlicense.one.microsoft.com/crlupdate/en/crlocx.ocxO16 - DPF: {D8575CE3-3432-4540-88A9-85A1325D3375} (e-Safekey) -
https://netbank.danskebank.dk/html/activex/e-Safekey/DB/e-Safekey.cabO16 - DPF: {E87F6C8E-16C0-11D3-BEF7-009027438003} (Persits Software XUpload) -
http://www.gangartscupv2.dana10.dk/opdater/pages/images/XUpload.ocxO18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\FLLESF~1\Skype\SKYPE4~1.DLL
O23 - Service: Adobe LM Service - Adobe Systems - C:\Programmer\Fælles filer\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Apache - Unknown owner - E:\EASYPH~1\Apache\apache.exe
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Programmer\Fælles filer\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Automatic LiveUpdate Scheduler - Symantec Corporation - C:\Programmer\Symantec\LiveUpdate\AluSchedulerSvc.exe
O23 - Service: Automatisk LiveUpdate-planlægning - Symantec Corporation - C:\Programmer\Symantec\LiveUpdate\ALUSchedulerSvc.exe
O23 - Service: AVG Anti-Spyware Guard (avg anti-spyware guard) - GRISOFT s.r.o. - E:\Programmer\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: Canon Camera Access Library 8 (CCALib8) - Canon Inc. - C:\Programmer\Canon\CAL\CALMAIN.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Programmer\Fælles filer\Symantec Shared\ccSvcHst.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Programmer\Fælles filer\Symantec Shared\ccSvcHst.exe
O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Symantec Corporation - C:\Programmer\Fælles filer\Symantec Shared\ccSvcHst.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Programmer\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InCD Helper (InCDsrv) - Nero AG - C:\Programmer\Nero\Nero 7\InCD\InCDsrv.exe
O23 - Service: iPod-tjeneste (iPod Service) - Apple Inc. - C:\Programmer\iPod\bin\iPodService.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Programmer\Fælles filer\LightScribe\LSSrvc.exe
O23 - Service: LiveUpdate - Symantec Corporation - C:\Programmer\Symantec\LiveUpdate\LuComServer_3_4.EXE
O23 - Service: LiveUpdate Notice - Symantec Corporation - C:\Programmer\Fælles filer\Symantec Shared\ccSvcHst.exe
O23 - Service: MySql - Unknown owner - E:\EASYPH~1\MySql\bin\mysqld.exe
O23 - Service: NBService - Nero AG - C:\Programmer\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Programmer\Fælles filer\Ahead\Lib\NMIndexingService.exe
O23 - Service: NMSAccessU - Unknown owner - E:\Programmer\CDBurnerXP\NMSAccessU.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\System32\HPZipm12.exe
O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - CACE Technologies - C:\Programmer\WinPcap\rpcapd.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Programmer\Fælles filer\Symantec Shared\SNDSrvc.exe
O23 - Service: SPAMfighter Update Service - SPAMfighter ApS - E:\Programmer\SPAMfighter\sfus.exe
O23 - Service: Symantec Core LC - Unknown owner - C:\PROGRA~1\FLLESF~1\SYMANT~1\CCPD-LC\symlcsvc.exe
O23 - Service: VideoAcceleratorService - Speedbit Ltd. - C:\PROGRA~1\SPEEDB~1\VideoAcceleratorService.exe
O23 - Service: Viewpoint Manager Service - Viewpoint Corporation - C:\Programmer\Viewpoint\Common\ViewpointService.exe
--
End of file - 11325 bytes