CIO Tech Eksperten IT-JOB IT-Kurser Events Podcast Søg
Cookie ikon
Avatar billede john5 Nybegynder
13. august 2009 - 13:38 Der er 4 kommentarer og
1 løsning

Nogle der gider tjekke mine logs?

Malwarebytes' Anti-Malware 1.40
Database version: 2615
Windows 5.1.2600 Service Pack 3

13-08-2009 12:51:13
mbam-log-2009-08-13 (12-51-13).txt

Skan type: Fuldstændig skanning (C:\|D:\|)
Objekter skannet: 249445
Tid tilbagelagt: 1 hour(s), 8 minute(s), 3 second(s)

Inficerede Hukommelses Processer: 0
Inficerede Hukommelses Moduler: 0
Inficerede Registeringsdatabase Nøgler: 0
Inficerede Registeringsdatabase Værdier: 0
Inficerede Registeringsdatabase Filer: 0
Inficerede Mapper: 0
Inficerede Filer: 3

Inficerede Hukommelses Processer:
(Ingen mistænkelige filer fundet)

Inficerede Hukommelses Moduler:
(Ingen mistænkelige filer fundet)

Inficerede Registeringsdatabase Nøgler:
(Ingen mistænkelige filer fundet)

Inficerede Registeringsdatabase Værdier:
(Ingen mistænkelige filer fundet)

Inficerede Registeringsdatabase Filer:
(Ingen mistænkelige filer fundet)

Inficerede Mapper:
(Ingen mistænkelige filer fundet)

Inficerede Filer:
C:\Documents and Settings\Chris Petersen\Dokumenter\Downloads\UltraISO Premium Edition v9.3.3.2685 Retail-SHAREGO\UltraISO Premium Edition v9.3.3.2685 Retail-SHAREGO\Core\keygen.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
D:\UltraISO Premium Edition v9.3.3.2685 Retail-SHAREGO\Core\keygen.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
D:\UltraISO Premium Edition v9.3.3.2685 Retail-SHAREGO\UltraISO Premium Edition v9.3.3.2685 Retail-SHAREGO\Core\keygen.exe (Trojan.Downloader) -> Quarantined and deleted successfully.



COMBOFIX::


ComboFix 09-08-10.06 - Chris Petersen 13-08-2009 13:17.1.1 - NTFSx86
Microsoft Windows XP Professional  5.1.2600.3.1252.45.1030.18.2046.1625 [GMT 2:00]
Kører fra: c:\documents and settings\Chris Petersen\Skrivebord\Virus eksperten\ComboFix.exe
Kommandoer benyttet :: c:\documents and settings\Chris Petersen\Skrivebord\Virus eksperten\CFScript.txt
AV: AVG Anti-Virus *On-access scanning disabled* (Updated) {17DDD097-36FF-435F-9E1B-52D74245D6BF}

advarsel -DENNE MASKINE HAR IKKE GENOPRETTELSESKONSOL INSTALLERET !!
.

(((((((((((((((((((((((((((((  Filer skabt fra 2009-07-13 til 2009-08-13  )))))))))))))))))))))))))))))))))))
.

2009-08-13 09:40 . 2009-08-13 09:40    --------    d-----w-    c:\documents and settings\Chris Petersen\Application Data\Malwarebytes
2009-08-13 09:40 . 2009-08-03 11:36    38160    ----a-w-    c:\windows\system32\drivers\mbamswissarmy.sys
2009-08-13 09:40 . 2009-08-13 09:40    --------    d-----w-    c:\programmer\Malwarebytes' Anti-Malware
2009-08-13 09:40 . 2009-08-13 09:40    --------    d-----w-    c:\documents and settings\All Users\Application Data\Malwarebytes
2009-08-13 09:40 . 2009-08-03 11:36    19096    ----a-w-    c:\windows\system32\drivers\mbam.sys
2009-08-13 09:36 . 2009-08-13 09:36    --------    d-----w-    c:\programmer\CCleaner
2009-08-12 16:27 . 2009-08-12 16:28    --------    d-----w-    c:\documents and settings\Chris Petersen\Lokale indstillinger\Application Data\Temp
2009-08-12 16:27 . 2009-08-12 16:28    --------    d-----w-    c:\documents and settings\Chris Petersen\Lokale indstillinger\Application Data\Google
2009-08-12 16:27 . 2009-08-12 16:27    --------    d-----w-    c:\documents and settings\Chris Petersen\Lokale indstillinger\Application Data\Deployment
2009-08-09 09:13 . 2009-08-09 09:13    154312    ----a-w-    c:\documents and settings\LocalService\Lokale indstillinger\Application Data\FontCache3.0.0.0.dat
2009-08-07 09:23 . 2008-04-13 09:47    25856    -c--a-w-    c:\windows\system32\dllcache\usbprint.sys
2009-08-07 09:23 . 2008-04-13 09:47    25856    ----a-w-    c:\windows\system32\drivers\usbprint.sys
2009-08-07 09:23 . 2008-04-13 09:45    15104    -c--a-w-    c:\windows\system32\dllcache\usbscan.sys
2009-08-07 09:23 . 2008-04-13 09:45    15104    ----a-w-    c:\windows\system32\drivers\usbscan.sys
2009-07-31 15:30 . 2009-07-31 15:30    --------    d-----w-    C:\636b56bcc64ced870c23188a
2009-07-31 15:27 . 2009-07-31 15:27    --------    d-----w-    c:\programmer\Microsoft CAPICOM 2.1.0.2
2009-07-31 11:38 . 2005-07-12 12:44    15872    ----a-w-    c:\windows\system32\InsDrvZD64.dll
2009-07-31 11:38 . 2004-10-28 17:24    36352    ----a-w-    c:\windows\system32\uninst_Zyxel.exe
2009-07-31 11:38 . 2004-03-23 14:38    28672    ----a-w-    c:\windows\system32\InsDrvZD.dll
2009-07-31 11:38 . 2004-01-14 09:30    17151    ----a-w-    c:\windows\system32\ZDPNDIS5.sys
2009-07-31 11:38 . 2004-01-14 09:25    81920    ----a-w-    c:\windows\system32\ZDPN50.dll
2009-07-31 11:38 . 2003-03-14 10:24    24576    ----a-w-    c:\windows\system32\ZyDelReg.exe
2009-07-31 11:38 . 2009-07-31 11:38    --------    d-----w-    c:\programmer\ZyXEL Communications Corporation
2009-07-31 11:38 . 2005-08-16 12:50    278016    ----a-w-    c:\windows\system32\drivers\ZD1211U.sys
2009-07-30 20:17 . 2009-07-30 20:17    --------    d-----w-    c:\documents and settings\All Users\Application Data\FLEXnet
2009-07-30 20:06 . 2009-07-30 20:06    --------    d-----w-    c:\documents and settings\All Users\Application Data\ALM
2009-07-30 19:59 . 2008-04-07 03:38    22872    ----a-r-    c:\windows\system32\AdobePDFUI.dll
2009-07-30 19:59 . 2008-04-07 03:38    45392    ----a-r-    c:\windows\system32\AdobePDF.dll
2009-07-30 19:50 . 2009-07-30 19:50    --------    d-----w-    c:\programmer\Fælles filer\Adobe AIR
2009-07-30 19:45 . 2009-07-30 19:45    --------    d-----w-    c:\programmer\Fælles filer\Macrovision Shared
2009-07-29 14:21 . 2009-07-29 14:23    --------    d-----w-    c:\programmer\Fælles filer\Autodesk Shared
2009-07-29 14:21 . 2009-08-09 08:36    --------    d-----w-    c:\documents and settings\Chris Petersen\Application Data\Autodesk
2009-07-29 14:21 . 2009-07-29 14:22    --------    d-----w-    c:\programmer\AutoCAD 2009
2009-07-29 14:21 . 2009-07-29 14:21    --------    d-----w-    c:\documents and settings\All Users\Application Data\Autodesk
2009-07-29 14:21 . 2009-07-29 14:21    --------    d-----w-    c:\documents and settings\Chris Petersen\Lokale indstillinger\Application Data\Autodesk
2009-07-29 14:17 . 2009-07-31 15:30    --------    d-----w-    c:\windows\system32\XPSViewer
2009-07-29 14:16 . 2009-07-29 14:16    --------    d-----w-    c:\programmer\Reference Assemblies
2009-07-29 14:16 . 2006-06-29 11:07    14048    ------w-    c:\windows\system32\spmsg2.dll
2009-07-29 12:13 . 2009-07-29 12:13    --------    d-----w-    c:\documents and settings\Chris Petersen\Application Data\DivX
2009-07-29 10:33 . 2009-07-03 16:59    55296    -c----w-    c:\windows\system32\dllcache\msfeedsbs.dll
2009-07-29 10:33 . 2009-07-03 16:59    594432    -c----w-    c:\windows\system32\dllcache\msfeeds.dll
2009-07-28 23:53 . 2009-07-28 23:53    --------    d-----w-    c:\programmer\Fælles filer\DivX Shared
2009-07-28 23:53 . 2009-07-28 23:54    --------    d-----w-    c:\programmer\DivX
2009-07-28 19:55 . 2008-04-15 12:00    26624    ----a-w-    c:\documents and settings\LocalService\Application Data\Microsoft\UPnP Device Host\upnphost\udhisapi.dll
2009-07-28 19:50 . 2008-04-15 12:00    221184    ----a-w-    c:\windows\system32\wmpns.dll
2009-07-28 19:50 . 2009-07-28 19:50    --------    d-----w-    c:\programmer\Windows Media Connect 2
2009-07-28 19:49 . 2009-07-28 19:50    --------    d-----w-    c:\windows\system32\drivers\UMDF
2009-07-28 19:49 . 2009-07-28 19:49    --------    d-----w-    c:\windows\system32\LogFiles
2009-07-26 19:41 . 2009-07-26 19:41    --------    d--h--w-    c:\documents and settings\All Users\Application Data\CanonBJ
2009-07-26 19:41 . 2008-04-03 03:00    198656    ----a-w-    c:\windows\system32\CNMLM7I.DLL
2009-07-26 19:41 . 2009-07-26 19:41    --------    d--h--w-    c:\windows\system32\CanonIJ Uninstaller Information
2009-07-26 19:41 . 2008-02-07 13:59    195072    ----a-w-    c:\windows\system32\CNCC450.DLL
2009-07-26 19:41 . 2008-02-07 13:59    37888    ----a-w-    c:\windows\system32\CNCI450.DLL
2009-07-26 19:41 . 2006-06-29 12:29    106496    ----a-w-    c:\windows\system32\cncisco.dll
2009-07-26 19:41 . 2005-05-30 17:46    139264    ----a-w-    c:\windows\system32\CNCL450.DLL
2009-07-26 19:41 . 2009-07-26 19:41    --------    d--h--w-    c:\programmer\CanonBJ
2009-07-20 19:34 . 2009-07-20 19:34    --------    d-----w-    c:\documents and settings\Chris Petersen\Application Data\Ubisoft
2009-07-20 19:34 . 2009-07-20 19:34    --------    d-----w-    c:\documents and settings\All Users\Application Data\Tages
2009-07-20 19:32 . 2009-07-20 19:32    281760    ----a-w-    c:\windows\system32\drivers\atksgt.sys
2009-07-20 19:32 . 2009-07-20 19:32    25888    ----a-w-    c:\windows\system32\drivers\lirsgt.sys
2009-07-20 17:36 . 2009-07-20 17:36    152576    ----a-w-    c:\documents and settings\Chris Petersen\Application Data\Sun\Java\jre1.6.0_11\lzma.dll
2009-07-20 17:34 . 2009-07-20 17:37    --------    d-----w-    c:\programmer\LimeWire
2009-07-20 10:43 . 2009-07-20 10:43    --------    d-----w-    c:\documents and settings\Chris Petersen\Application Data\LucasArts
2009-07-20 10:36 . 2009-07-20 10:38    --------    d-----w-    c:\programmer\Secret Of Monkey Island SE
2009-07-19 15:52 . 2009-07-30 21:12    --------    d-----w-    c:\programmer\Fælles filer\Adobe
2009-07-19 15:51 . 2009-07-30 19:45    --------    d-----w-    c:\documents and settings\Chris Petersen\Lokale indstillinger\Application Data\Adobe
2009-07-17 13:55 . 2009-07-17 13:55    --------    d-sh--w-    c:\documents and settings\Default User\IETldCache
2009-07-16 22:06 . 2009-07-16 22:06    --------    d-----w-    c:\windows\Logs
2009-07-16 22:06 . 2009-07-16 22:09    --------    d--h--w-    c:\windows\msdownld.tmp
2009-07-16 20:18 . 2008-11-10 09:41    32656    ----a-w-    c:\windows\system32\msonpmon.dll
2009-07-16 20:18 . 2009-07-20 11:04    --------    d-----w-    c:\programmer\Microsoft Works
2009-07-16 20:17 . 2009-07-29 14:19    --------    d-----w-    c:\programmer\MSBuild
2009-07-16 20:15 . 2009-07-16 20:17    --------    d-----w-    c:\windows\SHELLNEW
2009-07-16 20:15 . 2009-07-16 20:15    --------    d-----w-    c:\documents and settings\Chris Petersen\Lokale indstillinger\Application Data\Microsoft Help
2009-07-16 20:15 . 2009-08-12 12:50    --------    d-----w-    c:\documents and settings\All Users\Application Data\Microsoft Help
2009-07-16 20:15 . 2009-07-16 20:15    --------    d--h--r-    C:\MSOCache
2009-07-16 18:23 . 2009-07-16 18:23    --------    d-----w-    c:\programmer\UltraISO
2009-07-16 18:23 . 2009-07-16 18:23    --------    d-----w-    c:\programmer\Fælles filer\EZB Systems

.
((((((((((((((((((((((((((((((((((((((((  Find3M Rapport  ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-08-13 08:52 . 2009-07-16 15:49    --------    d-----w-    c:\programmer\Steam
2009-08-06 12:47 . 2009-07-16 15:33    64856    ----a-w-    c:\documents and settings\Chris Petersen\Lokale indstillinger\Application Data\GDIPFONTCACHEV1.DAT
2009-08-05 09:00 . 2008-04-15 12:00    204800    ----a-w-    c:\windows\system32\mswebdvd.dll
2009-08-02 01:25 . 2009-07-16 16:01    --------    d-----w-    c:\documents and settings\Chris Petersen\Application Data\uTorrent
2009-08-01 23:58 . 2009-07-20 17:37    --------    d-----w-    c:\documents and settings\Chris Petersen\Application Data\LimeWire
2009-08-01 12:23 . 2009-07-16 15:19    11952    ----a-w-    c:\windows\system32\avgrsstx.dll
2009-08-01 12:23 . 2009-07-16 15:19    27784    ----a-w-    c:\windows\system32\drivers\avgmfx86.sys
2009-08-01 12:23 . 2009-07-16 15:19    335240    ----a-w-    c:\windows\system32\drivers\avgldx86.sys
2009-07-31 15:32 . 2008-04-15 12:00    78812    ----a-w-    c:\windows\system32\perfc006.dat
2009-07-31 15:32 . 2008-04-15 12:00    450326    ----a-w-    c:\windows\system32\perfh006.dat
2009-07-31 11:38 . 2009-07-16 15:32    --------    d--h--w-    c:\programmer\InstallShield Installation Information
2009-07-19 16:02 . 2009-07-16 15:53    --------    d-----w-    c:\documents and settings\All Users\Application Data\NOS
2009-07-19 16:02 . 2009-07-16 15:53    --------    d-----w-    c:\programmer\NOS
2009-07-17 19:03 . 2008-04-15 12:00    58880    ----a-w-    c:\windows\system32\atl.dll
2009-07-16 16:02 . 2009-07-16 16:02    --------    d-----w-    c:\programmer\uTorrent
2009-07-16 15:37 . 2009-07-16 15:37    --------    d-----w-    c:\programmer\Windows Live
2009-07-16 15:37 . 2009-07-16 15:37    --------    d-----w-    c:\programmer\Microsoft
2009-07-16 15:33 . 2009-07-16 15:33    --------    d-----w-    c:\documents and settings\All Users\Application Data\e-Safekey
2009-07-16 15:33 . 2009-07-16 15:33    --------    d-----w-    c:\programmer\Fælles filer\Windows Live
2009-07-16 15:32 . 2009-07-16 15:32    --------    d-----w-    c:\programmer\Realtek AC97
2009-07-16 15:32 . 2009-07-16 15:32    --------    d-----w-    c:\programmer\Fælles filer\InstallShield
2009-07-16 15:25 . 2009-07-16 15:19    108552    ----a-w-    c:\windows\system32\drivers\avgtdix.sys
2009-07-16 15:25 . 2009-07-16 15:19    12552    ----a-w-    c:\windows\system32\drivers\avgrkx86.sys
2009-07-16 15:19 . 2009-07-16 15:19    --------    d-----w-    c:\programmer\AVG
2009-07-16 15:19 . 2009-07-16 15:19    --------    d-----w-    c:\documents and settings\All Users\Application Data\avg8
2009-07-16 14:50 . 2009-07-16 14:50    --------    d-----w-    c:\documents and settings\All Users\Application Data\Office Genuine Advantage
2009-07-16 14:45 . 2009-07-16 14:45    --------    d-----w-    c:\documents and settings\Chris Petersen\Application Data\InstallShield
2009-07-16 14:40 . 2009-07-16 14:40    --------    d-----w-    c:\programmer\microsoft frontpage
2009-07-16 14:39 . 2009-07-16 14:39    86327    ----a-w-    c:\windows\pchealth\helpctr\OfflineCache\index.dat
2009-07-16 14:38 . 2009-07-16 14:38    --------    d-----w-    c:\programmer\Onlinetjenester
2009-07-16 14:37 . 2009-07-16 14:37    --------    d-----w-    c:\programmer\Fælles filer\Tjenester
2009-07-16 14:36 . 2009-07-16 14:36    21644    ----a-w-    c:\windows\system32\emptyregdb.dat
2009-07-13 21:43 . 2008-04-15 12:00    286208    ----a-w-    c:\windows\system32\wmpdxm.dll
2009-07-03 16:59 . 2008-04-15 12:00    915456    ----a-w-    c:\windows\system32\wininet.dll
2009-06-16 14:39 . 2008-04-15 12:00    81920    ----a-w-    c:\windows\system32\fontsub.dll
2009-06-16 14:39 . 2008-04-15 12:00    119808    ----a-w-    c:\windows\system32\t2embed.dll
2009-06-15 10:44 . 2008-04-15 12:00    77824    ----a-w-    c:\windows\system32\telnet.exe
2009-06-15 10:44 . 2008-04-15 12:00    81920    ----a-w-    c:\windows\system32\tlntsess.exe
2009-06-10 14:15 . 2008-04-15 12:00    85504    ----a-w-    c:\windows\system32\avifil32.dll
2009-06-10 07:21 . 2009-07-16 14:35    2066432    ----a-w-    c:\windows\system32\mstscax.dll
2009-06-10 06:16 . 2008-04-15 12:00    132096    ----a-w-    c:\windows\system32\wkssvc.dll
2009-06-03 19:11 . 2008-04-15 12:00    1295360    ----a-w-    c:\windows\system32\quartz.dll
.

(((((((((((((((((((((((((((((((((((  Start steder i reg.basen  ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Bemærk* tomme linier & lovlige standard linier vises ikke 
REGEDIT4

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2009-01-15 13680640]
"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2009-01-15 86016]
"nwiz"="nwiz.exe" - c:\windows\system32\nwiz.exe [2009-01-15 1657376]
"SoundMan"="SOUNDMAN.EXE" - c:\windows\soundman.exe [2007-04-16 577536]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-15 15360]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\avgrsstarter]
2009-08-01 12:23    11952    ----a-w-    c:\windows\system32\avgrsstx.dll

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menuen Start^Programmer^Start^ZyXEL G-220 Utility GUI.lnk]
path=c:\documents and settings\All Users\Menuen Start\Programmer\Start\ZyXEL G-220 Utility GUI.lnk
backup=c:\windows\pss\ZyXEL G-220 Utility GUI.lnkCommon Startup

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"%windir%\\system32\\sessmgr.exe"=
"c:\\Programmer\\AVG\\AVG8\\avgam.exe"=
"c:\\Programmer\\AVG\\AVG8\\avgdiag.exe"=
"c:\\Programmer\\AVG\\AVG8\\avgdiagex.exe"=
"c:\\Programmer\\AVG\\AVG8\\avgemc.exe"=
"c:\\Programmer\\AVG\\AVG8\\avgupd.exe"=
"c:\\Programmer\\AVG\\AVG8\\avgnsx.exe"=
"c:\\Programmer\\Windows Live\\Messenger\\msnmsgr.exe"=
"c:\\Programmer\\uTorrent\\uTorrent.exe"=
"c:\\Programmer\\Steam\\steamapps\\cpumpgun\\counter-strike source\\hl2.exe"=
"c:\\Programmer\\Microsoft Office\\Office12\\OUTLOOK.EXE"=
"c:\\Programmer\\Microsoft Office\\Office12\\GROOVE.EXE"=
"c:\\Programmer\\Microsoft Office\\Office12\\ONENOTE.EXE"=
"c:\\Documents and Settings\\Chris Petersen\\Skrivebord\\Left 4 Dead\\left4dead.exe"=
"c:\\Programmer\\Fælles filer\\Adobe\\CS4ServiceManager\\CS4ServiceManager.exe"=

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"5353:TCP"= 5353:TCP:Adobe CSI CS4

R0 AvgRkx86;avgrkx86.sys;c:\windows\system32\drivers\avgrkx86.sys [16-07-2009 17:19 12552]
R1 AvgLdx86;AVG AVI Loader Driver x86;c:\windows\system32\drivers\avgldx86.sys [16-07-2009 17:19 335240]
R1 AvgTdiX;AVG8 Network Redirector;c:\windows\system32\drivers\avgtdix.sys [16-07-2009 17:19 108552]
R2 avg8emc;AVG8 E-mail Scanner;c:\progra~1\AVG\AVG8\avgemc.exe [16-07-2009 17:25 908056]
R2 avg8wd;AVG8 WatchDog;c:\progra~1\AVG\AVG8\avgwdsvc.exe [16-07-2009 17:25 297752]
S3 ZD1211U(ZyXEL);ZyAIR G-220 IEEE 802.11b+g Wireless LAN Driver (USB)(ZyXEL);c:\windows\system32\drivers\ZD1211U.sys [31-07-2009 13:38 278016]

[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\>{60B49E34-C7CC-11D0-8953-00A0C90347FF}]
"c:\windows\system32\rundll32.exe" "c:\windows\system32\iedkcs32.dll",BrandIEActiveSetup SIGNUP
.
Indhold af mappen 'Planlagte Opgaver'

2009-08-12 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1275210071-1284227242-682003330-1003Core.job
- c:\documents and settings\Chris Petersen\Lokale indstillinger\Application Data\Google\Update\GoogleUpdate.exe [2009-08-12 16:27]

2009-08-13 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1275210071-1284227242-682003330-1003UA.job
- c:\documents and settings\Chris Petersen\Lokale indstillinger\Application Data\Google\Update\GoogleUpdate.exe [2009-08-12 16:27]
.
.
------- Yderligere scanning -------
.
uStart Page = hxxp://www.google.dk/ig
IE: Append Link Target to Existing PDF - c:\programmer\Fælles filer\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
IE: Append to Existing PDF - c:\programmer\Fælles filer\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppend.html
IE: Convert Link Target to Adobe PDF - c:\programmer\Fælles filer\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
IE: Convert to Adobe PDF - c:\programmer\Fælles filer\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECapture.html
IE: E&ksporter til Microsoft Excel - c:\progra~1\MICROS~3\Office12\EXCEL.EXE/3000
TCP: {53BF75BA-D6CA-453D-A14B-4D7D547D1A8F} = 208.67.222.222,208.67.220.220
TCP: {9013115F-C9E5-4B50-9608-D7E2726C5D75} = 208.67.222.222,208.67.220.220
DPF: {3D2CB570-D425-11D5-ABD0-00008369C46F} - hxxps://netbank.danskebank.dk/html/activex/DB/Menu.cab
DPF: {D8575CE3-3432-4540-88A9-85A1325D3375} - hxxps://netbank.danskebank.dk/html/activex/e-Safekey/DB/e-Safekey.cab
DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
.

**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-08-13 13:23
Windows 5.1.2600 Service Pack 3 NTFS

scanner skjulte processer ... 

scanner skjulte autostarter ...

scanner skjulte filer ... 

scanning gennemført med succes
skjulte filer: 0

**************************************************************************
.
--------------------- DLLs startet under kørende Processer ---------------------

- - - - - - - > 'winlogon.exe'(480)
c:\programmer\Fælles filer\Adobe\Adobe Drive CS4\AdobeDriveCS4_NP.dll

- - - - - - - > 'explorer.exe'(3936)
c:\windows\system32\webcheck.dll
c:\windows\system32\WPDShServiceObj.dll
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
.
------------------------ Andre kørende processer ------------------------
.
c:\progra~1\AVG\AVG8\avgam.exe
c:\programmer\AVG\AVG8\avgrsx.exe
c:\progra~1\AVG\AVG8\avgnsx.exe
c:\programmer\AVG\AVG8\avgcsrvx.exe
c:\windows\system32\wscntfy.exe
c:\windows\system32\rundll32.exe
.
**************************************************************************
.
Gennemført tid: 2009-08-13 13:29 - maskinen blev genstartet
ComboFix-quarantined-files.txt  2009-08-13 11:29

Pre-Kørsel: 147.791.339.520 byte ledig
Post-Kørsel: 147.776.110.592 byte ledig

236    --- E O F ---    2009-08-12 12:50



HIJACKTHIS::


Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 13:34:20, on 13-08-2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
C:\WINDOWS\system32\svchost.exe
C:\PROGRA~1\AVG\AVG8\avgemc.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\WINDOWS\SOUNDMAN.EXE
C:\PROGRA~1\AVG\AVG8\avgam.exe
C:\PROGRA~1\AVG\AVG8\avgrsx.exe
C:\PROGRA~1\AVG\AVG8\avgnsx.exe
C:\PROGRA~1\AVG\AVG8\avgtray.exe
C:\Programmer\AVG\AVG8\avgcsrvx.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Programmer\Internet Explorer\IEXPLORE.EXE
C:\WINDOWS\system32\ctfmon.exe
C:\Programmer\Internet Explorer\IEXPLORE.EXE
C:\WINDOWS\system32\wuauclt.exe
C:\Programmer\Trend Micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.dk/ig
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Hyperlinks
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Programmer\Fælles filer\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Programmer\AVG\AVG8\avgssie.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Programmer\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programmer\Java\jre6\bin\ssv.dll
O2 - BHO: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Programmer\Fælles filer\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Programmer\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Programmer\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O2 - BHO: SmartSelect - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Programmer\Fælles filer\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Programmer\Fælles filer\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [AVG8_TRAY] C:\PROGRA~1\AVG\AVG8\avgtray.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O8 - Extra context menu item: Append Link Target to Existing PDF - res://C:\Programmer\Fælles filer\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
O8 - Extra context menu item: Append to Existing PDF - res://C:\Programmer\Fælles filer\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convert Link Target to Adobe PDF - res://C:\Programmer\Fælles filer\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
O8 - Extra context menu item: Convert to Adobe PDF - res://C:\Programmer\Fælles filer\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: E&ksporter til Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000
O9 - Extra button: Send til OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: S&end til OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programmer\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programmer\Messenger\msmsgs.exe
O16 - DPF: {3D2CB570-D425-11D5-ABD0-00008369C46F} (CSMenu Class) - https://netbank.danskebank.dk/html/activex/DB/Menu.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1247756291328
O16 - DPF: {D8575CE3-3432-4540-88A9-85A1325D3375} (e-Safekey) - https://netbank.danskebank.dk/html/activex/e-Safekey/DB/e-Safekey.cab
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{53BF75BA-D6CA-453D-A14B-4D7D547D1A8F}: NameServer = 208.67.222.222,208.67.220.220
O17 - HKLM\System\CCS\Services\Tcpip\..\{9013115F-C9E5-4B50-9608-D7E2726C5D75}: NameServer = 208.67.222.222,208.67.220.220
O17 - HKLM\System\CS1\Services\Tcpip\..\{53BF75BA-D6CA-453D-A14B-4D7D547D1A8F}: NameServer = 208.67.222.222,208.67.220.220
O17 - HKLM\System\CS2\Services\Tcpip\..\{53BF75BA-D6CA-453D-A14B-4D7D547D1A8F}: NameServer = 208.67.222.222,208.67.220.220
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Programmer\Microsoft Office\Office12\GrooveSystemServices.dll
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Programmer\AVG\AVG8\avgpp.dll
O20 - Winlogon Notify: avgrsstarter - C:\WINDOWS\SYSTEM32\avgrsstx.dll
O23 - Service: Autodesk Licensing Service - Autodesk - C:\Programmer\Fælles filer\Autodesk Shared\Service\AdskScSrv.exe
O23 - Service: AVG8 E-mail Scanner (avg8emc) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgemc.exe
O23 - Service: AVG8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Programmer\Fælles filer\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe

--
End of file - 6958 bytes
Avatar billede f-arn Guru
13. august 2009 - 14:46 #1
D:\UltraISO Premium Edition v9.3.3.2685 Retail-SHAREGO\Core\keygen.exe (Trojan.Downloader) -> Quarantined and deleted successfully. + uTorrent
Det skal gå galt.

Download Lop S&D by Eric_71 og gem det på dit Skrivebord.
http://eric.71.mespages.googlepages.com/lop.sd.en
Klik på - Download knappen til venstre

-- Kør LopSD. Tast e - for Engelsk. Tryk Enter.
Tast så 2 = (Fix + Hosts)
Tryk Enter. Så kører scanningen.
Lad programmet gennemføre en rensning.

Når scanningen er færdig, ligger der en log fil her C:lopR txt, som du godt må kopiere ind i dit næste svar.
Avatar billede john5 Nybegynder
13. august 2009 - 14:55 #2
here you go:


  --------------------\\  Lop S&D 4.2.5-0  XP/Vista

  Microsoft Windows XP Professional ( v5.1.2600 ) Service Pack 3
  X86-based PC ( Uniprocessor Free : AMD Athlon(tm) 64 Processor 3400+ )
  BIOS : )Phoenix - Award WorkstationBIOS v6.00PG
  USER : Chris Petersen ( Administrator )
  BOOT : Normal boot
  Antivirus : AVG Anti-Virus 8.5 (Activated)
  C:\ (Local Disk) - NTFS - Total:189 Go (Free:166 Go)
  D:\ (Local Disk) - NTFS - Total:74 Go (Free:48 Go)
  E:\ (CD or DVD)
  G:\ (CD or DVD)

  "C:\Lop SD" ( MAJ : 19-12-2008|23:40 )
  Option : [2] ( 13-08-2009|14:53 )


  \\\\\\\\\\\\\\\\\\\\\\\\\\\\\\


  --------------------\\  Listing folders in APPLIC~1

  [13-08-2009|14:12] C:\DOCUME~1\ALLUSE~1\APPLIC~1\{A613CA96-150A-4A1D-90CE-67F81379DF8C}
  [13-08-2009|14:15] C:\DOCUME~1\ALLUSE~1\APPLIC~1\{B46E1EF5-0B37-4DB4-A4E2-9F2B41036185}
  [13-08-2009|14:19] C:\DOCUME~1\ALLUSE~1\APPLIC~1\{D5ABFFAD-D592-4F98-B02B-587125B4801F}
  [30-07-2009|22:00] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Adobe
  [30-07-2009|22:06] C:\DOCUME~1\ALLUSE~1\APPLIC~1\ALM
  [29-07-2009|16:21] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Autodesk
  [16-07-2009|17:19] C:\DOCUME~1\ALLUSE~1\APPLIC~1\avg8
  [26-07-2009|21:41] C:\DOCUME~1\ALLUSE~1\APPLIC~1\CanonBJ
  [13-08-2009|14:20] C:\DOCUME~1\ALLUSE~1\APPLIC~1\DriverScanner
  [16-07-2009|17:33] C:\DOCUME~1\ALLUSE~1\APPLIC~1\e-Safekey
  [30-07-2009|22:17] C:\DOCUME~1\ALLUSE~1\APPLIC~1\FLEXnet
  [13-08-2009|11:40] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Malwarebytes
  [31-07-2009|13:50] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Microsoft
  [12-08-2009|14:50] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Microsoft Help
  [19-07-2009|18:02] C:\DOCUME~1\ALLUSE~1\APPLIC~1\NOS
  [13-08-2009|14:22] C:\DOCUME~1\ALLUSE~1\APPLIC~1\NVIDIA Corporation
  [16-07-2009|16:50] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Office Genuine Advantage
  [20-07-2009|21:34] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Tages
  [16-07-2009|16:50] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Windows Genuine Advantage
  [0|fil(er)] C:\DOCUME~1\ALLUSE~1\APPLIC~1\byte
  [21|mappe(r)] C:\DOCUME~1\ALLUSE~1\APPLIC~1\byte ledig

  [30-07-2009|23:12] C:\DOCUME~1\CHRISP~1\APPLIC~1\Adobe
  [09-08-2009|10:36] C:\DOCUME~1\CHRISP~1\APPLIC~1\Autodesk
  [29-07-2009|14:13] C:\DOCUME~1\CHRISP~1\APPLIC~1\DivX
  [16-07-2009|16:44] C:\DOCUME~1\CHRISP~1\APPLIC~1\Identities
  [16-07-2009|16:45] C:\DOCUME~1\CHRISP~1\APPLIC~1\InstallShield
  [02-08-2009|01:58] C:\DOCUME~1\CHRISP~1\APPLIC~1\LimeWire
  [20-07-2009|12:43] C:\DOCUME~1\CHRISP~1\APPLIC~1\LucasArts
  [16-07-2009|17:54] C:\DOCUME~1\CHRISP~1\APPLIC~1\Macromedia
  [13-08-2009|11:40] C:\DOCUME~1\CHRISP~1\APPLIC~1\Malwarebytes
  [04-08-2009|11:53] C:\DOCUME~1\CHRISP~1\APPLIC~1\Microsoft
  [20-07-2009|19:37] C:\DOCUME~1\CHRISP~1\APPLIC~1\Mozilla
  [20-07-2009|19:34] C:\DOCUME~1\CHRISP~1\APPLIC~1\Sun
  [20-07-2009|21:34] C:\DOCUME~1\CHRISP~1\APPLIC~1\Ubisoft
  [13-08-2009|14:19] C:\DOCUME~1\CHRISP~1\APPLIC~1\uniblue
  [13-08-2009|14:24] C:\DOCUME~1\CHRISP~1\APPLIC~1\uTorrent
  [16-07-2009|18:00] C:\DOCUME~1\CHRISP~1\APPLIC~1\WinRAR
  [0|fil(er)] C:\DOCUME~1\CHRISP~1\APPLIC~1\byte
  [18|mappe(r)] C:\DOCUME~1\CHRISP~1\APPLIC~1\byte ledig

  [16-07-2009|16:39] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Microsoft
  [0|fil(er)] C:\DOCUME~1\DEFAUL~1\APPLIC~1\byte
  [3|mappe(r)] C:\DOCUME~1\DEFAUL~1\APPLIC~1\byte ledig

  [16-07-2009|16:39] C:\DOCUME~1\LOCALS~1\APPLIC~1\Microsoft
  [0|fil(er)] C:\DOCUME~1\LOCALS~1\APPLIC~1\byte
  [3|mappe(r)] C:\DOCUME~1\LOCALS~1\APPLIC~1\byte ledig

  [16-07-2009|16:39] C:\DOCUME~1\NETWOR~1\APPLIC~1\Microsoft
  [0|fil(er)] C:\DOCUME~1\NETWOR~1\APPLIC~1\byte
  [3|mappe(r)] C:\DOCUME~1\NETWOR~1\APPLIC~1\byte ledig

  --------------------\\  Scheduled Tasks located in C:\WINDOWS\Tasks

  [13-08-2009 14:32][--a------] C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1275210071-1284227242-682003330-1003UA.job
  [12-08-2009 18:27][--a------] C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1275210071-1284227242-682003330-1003Core.job
  [13-08-2009 14:33][--ah-----] C:\WINDOWS\tasks\SA.DAT
  [15-04-2008 14:00][-r-h-----] C:\WINDOWS\tasks\desktop.ini

  --------------------\\  Listing Folders in C:\Programmer

  [30-07-2009|22:10] C:\Programmer\Adobe
  [29-07-2009|16:22] C:\Programmer\AutoCAD 2009
  [16-07-2009|17:19] C:\Programmer\AVG
  [26-07-2009|21:41] C:\Programmer\CanonBJ
  [13-08-2009|11:36] C:\Programmer\CCleaner
  [16-07-2009|16:36] C:\Programmer\ComPlus Applications
  [29-07-2009|01:54] C:\Programmer\DivX
  [13-08-2009|13:20] C:\Programmer\F‘lles filer
  [31-07-2009|13:38] C:\Programmer\InstallShield Installation Information
  [31-07-2009|17:29] C:\Programmer\Internet Explorer
  [20-07-2009|19:37] C:\Programmer\Java
  [20-07-2009|19:37] C:\Programmer\LimeWire
  [13-08-2009|11:40] C:\Programmer\Malwarebytes' Anti-Malware
  [16-07-2009|17:06] C:\Programmer\Messenger
  [16-07-2009|17:37] C:\Programmer\Microsoft
  [31-07-2009|17:27] C:\Programmer\Microsoft CAPICOM 2.1.0.2
  [16-07-2009|16:40] C:\Programmer\microsoft frontpage
  [29-07-2009|16:20] C:\Programmer\Microsoft Office
  [16-07-2009|22:17] C:\Programmer\Microsoft Visual Studio
  [20-07-2009|13:04] C:\Programmer\Microsoft Works
  [16-07-2009|16:37] C:\Programmer\Movie Maker
  [29-07-2009|16:19] C:\Programmer\MSBuild
  [16-07-2009|16:36] C:\Programmer\MSN Gaming Zone
  [16-07-2009|16:37] C:\Programmer\NetMeeting
  [19-07-2009|18:02] C:\Programmer\NOS
  [13-08-2009|14:22] C:\Programmer\NVIDIA Corporation
  [16-07-2009|16:38] C:\Programmer\Onlinetjenester
  [12-08-2009|14:49] C:\Programmer\Outlook Express
  [16-07-2009|17:32] C:\Programmer\Realtek AC97
  [29-07-2009|16:16] C:\Programmer\Reference Assemblies
  [20-07-2009|12:38] C:\Programmer\Secret Of Monkey Island SE
  [13-08-2009|13:59] C:\Programmer\Steam
  [13-08-2009|14:04] C:\Programmer\SystemRequirementsLab
  [13-08-2009|13:34] C:\Programmer\Trend Micro
  [16-07-2009|20:23] C:\Programmer\UltraISO
  [13-08-2009|14:19] C:\Programmer\Uniblue
  [16-07-2009|16:44] C:\Programmer\Uninstall Information
  [16-07-2009|18:02] C:\Programmer\uTorrent
  [16-07-2009|17:37] C:\Programmer\Windows Live
  [28-07-2009|21:50] C:\Programmer\Windows Media Connect 2
  [28-07-2009|21:52] C:\Programmer\Windows Media Player
  [16-07-2009|16:36] C:\Programmer\Windows NT
  [16-07-2009|16:38] C:\Programmer\WindowsUpdate
  [16-07-2009|17:32] C:\Programmer\WinRAR
  [16-07-2009|16:40] C:\Programmer\xerox
  [31-07-2009|13:38] C:\Programmer\ZyXEL Communications Corporation
  [0|fil(er)] C:\Programmer\byte
  [48|mappe(r)] C:\Programmer\byte ledig

  --------------------\\  Listing Folders in C:\Programmer\F‘lles filer

  [30-07-2009|23:12] C:\Programmer\F‘lles filer\Adobe
  [30-07-2009|21:50] C:\Programmer\F‘lles filer\Adobe AIR
  [29-07-2009|16:23] C:\Programmer\F‘lles filer\Autodesk Shared
  [29-07-2009|16:20] C:\Programmer\F‘lles filer\DESIGNER
  [29-07-2009|01:53] C:\Programmer\F‘lles filer\DivX Shared
  [16-07-2009|20:23] C:\Programmer\F‘lles filer\EZB Systems
  [16-07-2009|17:32] C:\Programmer\F‘lles filer\InstallShield
  [30-07-2009|21:45] C:\Programmer\F‘lles filer\Macrovision Shared
  [29-07-2009|16:20] C:\Programmer\F‘lles filer\Microsoft Shared
  [16-07-2009|16:37] C:\Programmer\F‘lles filer\MSSoap
  [16-07-2009|18:17] C:\Programmer\F‘lles filer\ODBC
  [16-07-2009|18:17] C:\Programmer\F‘lles filer\SpeechEngines
  [20-07-2009|12:51] C:\Programmer\F‘lles filer\System
  [16-07-2009|16:37] C:\Programmer\F‘lles filer\Tjenester
  [16-07-2009|17:33] C:\Programmer\F‘lles filer\Windows Live
  [0|fil(er)] C:\Programmer\F‘lles filer\byte
  [17|mappe(r)] C:\Programmer\F‘lles filer\byte ledig

  --------------------\\  Process

  ( 30 Processes )

  ... OK !

  --------------------\\  Searching with S_Lop

  No Lop folder found !

  --------------------\\  Searching for Lop Files - Folders

  No Lop folder found !

  --------------------\\  Searching within the Registry

  ..... OK !

  --------------------\\  Checking the Hosts file

  Hosts file CLEAN


  --------------------\\  Searching for hidden files with Catchme

  catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
  Rootkit scan 2009-08-13 14:54:53
  Windows 5.1.2600 Service Pack 3 NTFS
  scanning hidden processes ...
  scanning hidden files ...
  scan completed successfully
  hidden processes: 0
  hidden files: 0

  --------------------\\  Searching for other infections

  --------------------\\  Cracks & Keygens ..

  C:\DOCUME~1\CHRISP~1\Application Data\uTorrent\Divx7.1 pro+ Keygen.torrent


  [F:106][D:5]-> C:\DOCUME~1\CHRISP~1\LOKALE~1\Temp
  [F:97][D:0]-> C:\DOCUME~1\CHRISP~1\Cookies
  [F:1433][D:4]-> C:\DOCUME~1\CHRISP~1\LOKALE~1\TEMPOR~1\content.IE5

  1 - "C:\Lop SD\LopR_1.txt" - 13-08-2009|14:55 - Option : [2]

  --------------------\\  Scan completed at 14:55:19
Avatar billede f-arn Guru
13. august 2009 - 17:10 #3
Afinstaller uTorrent og LimeWire via tilføj/fjern programmer i kontrolpanel.

Slet denne: C:\DOCUME~1\CHRISP~1\Application Data\uTorrent\Divx7.1 pro+ Keygen.torrent
 manuelt (hvis den stadig er der)

Er det bare en kontrol, eller oplever du problemmer?
Avatar billede john5 Nybegynder
13. august 2009 - 17:26 #4
Bare kontrol.
Eller jeg syntes mit system var blevet ret sløvt, men det kører OK nu synes jeg.

Du kan bare lægge et svar, tak for hjælpen. :)
Avatar billede f-arn Guru
13. august 2009 - 17:46 #5
:-)
Avatar billede Ny bruger Nybegynder

Din løsning...

Tilladte BB-code-tags: [b]fed[/b] [i]kursiv[/i] [u]understreget[/u] Web- og emailadresser omdannes automatisk til links. Der sættes "nofollow" på alle links.

Loading billede Opret Preview
Kategori
Se alle it-kurser fra Computerworld Kurser
IT-kurser om Microsoft 365, sikkerhed, personlig vækst, udvikling, digital markedsføring, grafisk design, SAP og forretningsanalyse.
Se alle it-kurser

Flere spørgsmål fra Virus kategorien

Titel Indlæg Oprettet Seneste aktivitet
pop up black friday Af Malm i Virus 10 22/11/202420:49 23/11/202410:46
Findes der mon et Antivirus program, som ikke, konstant, reklamerer, for at købe ? Af Ikke-ekspert i Virus 21 22/06/202419:22 23/06/202412:54
Anbefaling af antivirusprogram med firewall Af OnePlusFan i Virus 23 07/05/202421:02 13/05/202419:48
trusler Af gerhardpet i Virus 4 26/01/202410:02 27/01/202408:32
Kan ikke fjerne virus Af mik28 i Virus 16 09/01/202416:37 10/01/202419:59
Se alle spørgsmål i kategorien Opret spørgsmål

Log ind eller opret profil

Hov!

For at kunne deltage på Computerworld Eksperten skal du være logget ind.

Det er heldigvis nemt at oprette en bruger: Det tager to minutter og du kan vælge at bruge enten e-mail, Facebook eller Google som login.

Opret Log ind

Du kan også logge ind via nedenstående tjenester



Alle kategorier på Eksperten
Seneste spørgsmål Seneste aktivitet
I dag 17:06 Sort skærm Af luffe1955 i Windows
I dag 15:18 WM-bus Minomess Single Jet vandmåler Brunata/Zenner Af kulawig i Andet hardware
I dag 14:23 Navn i stifinder til ny bruger: C:\Users\defaultuser100000 Af Jørgen Kirkegaard i Windows
I dag 11:44 Sti og filnavn i sidefod Af boro23 i Word
I dag 11:02 Zyxel Multy U netværk Af jcr18 i Wifi
White papers
Flere white papers »


Premium
Teaser billede
Netcompany udsat for endnu et datalæk
Læs mere »
Leverandør til 50 danske kommuner ramt af ransomware: "Det er ikke sjovt," siger direktør Thomas à Porta
Norlys-kunder har store problemer efter sammenlægning af it-systemer: Internet, tv og telefoni crasher i lange baner
Meldes til politiet for grove GDPR-brud og elendig sikkerhed: Mere end 1.000 tidligere ansatte har haft fri adgang til centralt KMD-system
Se alle »
Computerworld
Teaser billede
Stort Microsoft-nedbrud rammer flere kunder: Problemer med Teams og mails
Læs mere »
Test: Den snusfornuftige Volkswagen ID.3 blevet til lidt af el-bisse
Kæmpe datalæk på hospital: 750.000 patienters fortrolige data lækket
Et ”mareridt for privatlivets fred”: Kontroversiel Windows-funktion er udkommet i en test-version
Se alle »
CIO
Teaser billede
Microsoft hæver priserne på M365: Sådan kommer de nye priser til at ramme
Læs mere »
Stort Microsoft-nedbrud rammer flere kunder: Problemer med Teams og mails
Leverandør til 50 danske kommuner ramt af ransomware: "Det er ikke sjovt," siger direktør Thomas à Porta
Konsulenthus vil rulle Microsoft 365 Copilot ud til 200.000 ansatte
Se alle »
Job & Karriere
Teaser billede
Microsoft klar med ny direktion for den danske forretning: Her er de nye direktører
Læs mere »
Efter skelsættende møde med sportscoach: Stor dansk it-arbejdsplads indfører fredags-fri og isbade i arbejdstiden
Linus Torvalds giver russiske Linux-udviklere sparket: Vil ikke have noget med dem at gøre
Twoday er rykket til et af de dyreste postnumre i Danmark – og det kan betale sig, siger topchef Lars Berthelsen
Se alle »
White paper
Teaser billede
SAP: Skab værdi og minimér omkostninger med effektiv dokumenthåndtering
Læs mere »
Vær proaktiv og prioritér IT-sikkerheden – før det er for sent
SMB og cybertrusler: Brug sikkerhedsressourcerne optimalt
Managed Detection & Response: Forsvar din virksomhed mod cybertrusler døgnet rundt
Se alle »

Events
Flere events »
White papers
Flere white papers »
IT-Kurser
Se alle vores it-kurser »