Rensning for virus via log
Er der nogen der har tid til at se på denne / disse logsMalwarebytes' Anti-Malware 1.40
Database version: 2551
Windows 5.1.2600 Service Pack 3 (Safe Mode)
23-08-2009 18:29:37
mbam-log-2009-08-23 (18-29-37).txt
Skan type: Fuldstændig skanning (C:\|D:\|)
Objekter skannet: 288682
Tid tilbagelagt: 2 hour(s), 55 minute(s), 40 second(s)
Inficerede Hukommelses Processer: 0
Inficerede Hukommelses Moduler: 0
Inficerede Registeringsdatabase Nøgler: 9
Inficerede Registeringsdatabase Værdier: 3
Inficerede Registeringsdatabase Filer: 1
Inficerede Mapper: 0
Inficerede Filer: 4
Inficerede Hukommelses Processer:
(Ingen mistænkelige filer fundet)
Inficerede Hukommelses Moduler:
(Ingen mistænkelige filer fundet)
Inficerede Registeringsdatabase Nøgler:
HKEY_CLASSES_ROOT\minibugtransporter.minibugtransporterx (Adware.Minibug) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\TypeLib\{3c2d2a1e-031f-4397-9614-87c932a848e0} (Adware.Minibug) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{04a38f6b-006f-4247-ba4c-02a139d5531c} (Adware.Minibug) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{2b96d5cc-c5b5-49a5-a69d-cc0a30f9028c} (Adware.Minibug) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\minibugtransporter.minibugtransporterx.1 (Adware.Minibug) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\popcaploader.popcaploaderctrl2 (Adware.PopCap) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\popcaploader.popcaploaderctrl2.1 (Adware.PopCap) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Trymedia Systems (Adware.Trymedia) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\AdobeAlerter (Trojan.Downloader) -> Quarantined and deleted successfully.
Inficerede Registeringsdatabase Værdier:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs\C:\Program Files\Common Files\Real\WeatherBug\MiniBugTransporter.dll (Adware.Minibug) -> Quarantined and deleted successfully.
HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\MyID (Malware.Trace) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RList (Malware.Trace) -> Quarantined and deleted successfully.
Inficerede Registeringsdatabase Filer:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\FirewallDisableNotify (Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.
Inficerede Mapper:
(Ingen mistænkelige filer fundet)
Inficerede Filer:
C:\Program Files\Common Files\Real\WeatherBug\MiniBugTransporter.dll (Adware.Minibug) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\SKYNETlog.dat (Trojan.Agent) -> Delete on reboot.
C:\WINDOWS\system32\drivers\str.sys (Rootkit.Agent) -> Quarantined and deleted successfully.
C:\Iexplore987.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
ComboFix 09-08-22.06 - HP_Administrator 23-08-2009 20:47.2.1 - NTFSx86 MINIMAL
Microsoft Windows XP Professional 5.1.2600.3.1252.45.1033.18.2046.1765 [GMT 2:00]
Kører fra: c:\documents and settings\HP_Administrator\Desktop\ComboFix.exe
.
((((((((((((((((((((((((((((((((((((((( Andet, der er slettet )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
---- Forrige Kørsel -------
.
c:\program files\WinPCap\rpcapd.exe
c:\windows\Downloaded Program Files\popcaploader.inf
c:\windows\Installer\1bee3fd.msp
c:\windows\kb913800.exe
c:\windows\system32\drivers\npf.sys
c:\windows\system32\drivers\olpht.sys
c:\windows\system32\drivers\SKYNETqdwmnkds.sys
c:\windows\system32\drivers\Sonyhcp.dll
c:\windows\system32\drivers\str.sys
c:\windows\system32\Packet.dll
c:\windows\system32\pthreadVC.dll
c:\windows\system32\SKYNETewgowric.dat
c:\windows\system32\SKYNETlog.dat
c:\windows\system32\SKYNETmqrntoed.dll
c:\windows\system32\SKYNETspyrjaad.dll
c:\windows\system32\SKYNETwtujntow.dat
c:\windows\system32\WanPacket.dll
c:\windows\system32\wpcap.dll
D:\Autorun.inf
.
((((((((((((((((((((((((((((((((((((((( Drivers/Tjenester )))))))))))))))))))))))))))))))))))))))))))))))))
.
-------\Legacy_BOONTY_GAMES
-------\Legacy_NPF
-------\Legacy_PIAWYBLEJKN
-------\Legacy_SKYNETvxdowkat
-------\Service_Boonty Games
-------\Service_npf
-------\Service_piawyblejkn
-------\Service_SKYNETvxdowkat
((((((((((((((((((((((((((((( Filer skabt fra 2009-07-23 til 2009-08-23 )))))))))))))))))))))))))))))))))))
.
2009-08-23 13:29 . 2009-08-23 13:29 -------- d-----w- c:\documents and settings\HP_Administrator\Application Data\Malwarebytes
2009-08-23 13:29 . 2009-08-03 11:36 38160 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2009-08-23 13:29 . 2009-08-23 13:29 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2009-08-23 13:29 . 2009-08-23 13:29 -------- d-----w- c:\documents and settings\All Users\Application Data\Malwarebytes
2009-08-23 13:29 . 2009-08-03 11:36 19096 ----a-w- c:\windows\system32\drivers\mbam.sys
2009-08-23 13:09 . 2009-08-23 13:09 -------- d-----w- c:\program files\CCleaner
2009-08-19 14:20 . 2009-08-19 14:20 13312 --sha-w- c:\windows\system32\adsmsexty.dll
2009-08-14 14:40 . 2009-08-14 14:40 13312 --sha-w- c:\windows\system32\AddPortc.dll
2009-08-14 09:09 . 2009-08-14 09:09 152576 ----a-w- c:\documents and settings\HP_Administrator\Application Data\Sun\Java\jre1.6.0_15\lzma.dll
2009-08-13 23:09 . 2009-08-13 23:09 -------- d-----w- c:\windows\system32\XPSViewer
2009-08-13 23:09 . 2009-08-13 23:09 -------- d-----w- c:\program files\Reference Assemblies
2009-08-13 23:08 . 2009-08-13 23:09 -------- d-----w- C:\da766a1977f409e4db14f1
2009-08-13 23:08 . 2008-07-06 12:06 89088 ------w- c:\windows\system32\dllcache\filterpipelineprintproc.dll
2009-08-13 23:08 . 2008-07-06 12:06 575488 ------w- c:\windows\system32\xpsshhdr.dll
2009-08-13 23:08 . 2008-07-06 12:06 575488 ------w- c:\windows\system32\dllcache\xpsshhdr.dll
2009-08-13 23:08 . 2008-07-06 12:06 1676288 ------w- c:\windows\system32\xpssvcs.dll
2009-08-13 23:08 . 2008-07-06 12:06 1676288 ------w- c:\windows\system32\dllcache\xpssvcs.dll
2009-08-13 23:08 . 2008-07-06 12:06 117760 ------w- c:\windows\system32\prntvpt.dll
2009-08-13 23:08 . 2008-07-06 10:50 597504 ------w- c:\windows\system32\dllcache\printfilterpipelinesvc.exe
2009-08-13 23:08 . 2009-08-14 06:56 -------- d-----w- c:\windows\SxsCaPendDel
2009-08-13 15:03 . 2009-08-13 15:03 13312 --sha-w- c:\windows\system32\acctresx.dll
2009-08-13 14:53 . 2009-07-10 13:27 1315328 ------w- c:\windows\system32\dllcache\msoe.dll
2009-08-05 09:01 . 2009-08-05 09:01 204800 ------w- c:\windows\system32\dllcache\mswebdvd.dll
2009-07-25 15:50 . 2009-08-19 14:20 1586 --s-a-w- c:\windows\system32\2580572604.dat
.
(((((((((((((((((((((((((((((((((((((((( Find3M Rapport ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-08-23 11:40 . 2008-09-04 05:40 1324 ----a-w- c:\windows\system32\d3d9caps.dat
2009-08-23 11:23 . 2009-06-06 15:56 -------- d-----w- c:\program files\TeamViewer
2009-08-23 11:12 . 2006-10-12 21:37 -------- d-----w- c:\program files\7 Wonders
2009-08-23 11:06 . 2006-09-16 07:58 -------- d-----w- c:\program files\GrabIt
2009-08-23 11:05 . 2007-03-09 11:59 -------- d-----w- c:\program files\SlySoft
2009-08-23 10:07 . 2007-01-15 13:58 -------- d-----w- c:\program files\SPAMfighter
2009-08-22 19:35 . 2007-08-01 21:25 -------- d-----w- c:\program files\BoontyGames
2009-08-22 19:35 . 2007-04-03 11:22 -------- d-----w- c:\program files\Luxor
2009-08-22 19:34 . 2006-09-16 08:47 -------- d-----w- c:\program files\eMule
2009-08-19 19:36 . 2006-09-15 23:45 12 ----a-w- c:\windows\bthservsdp.dat
2009-08-14 07:00 . 2006-09-15 21:17 85376 ----a-w- c:\documents and settings\HP_Administrator\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
2009-08-13 23:09 . 2007-10-18 10:40 -------- d-----w- c:\program files\MSBuild
2009-08-13 16:03 . 2007-10-18 10:29 -------- d-----w- c:\documents and settings\All Users\Application Data\Microsoft Help
2009-08-05 09:01 . 2004-08-10 04:00 204800 ----a-w- c:\windows\system32\mswebdvd.dll
2009-07-25 07:45 . 2009-07-24 16:05 -------- d-----w- c:\documents and settings\All Users\Application Data\NOS
2009-07-25 07:45 . 2009-07-24 16:05 -------- d-----w- c:\program files\NOS
2009-07-22 18:45 . 2009-07-22 18:45 -------- d-----w- c:\documents and settings\All Users\Application Data\GARMIN
2009-07-22 18:38 . 2008-07-12 10:15 -------- d-----w- c:\documents and settings\HP_Administrator\Application Data\GARMIN
2009-07-22 18:21 . 2009-07-22 17:26 -------- d-----w- c:\documents and settings\HP_Administrator\Application Data\Download Manager
2009-07-18 14:46 . 2007-05-07 16:14 -------- d-----w- c:\program files\DIFX
2009-07-18 14:46 . 2009-07-18 14:46 -------- d-----w- c:\program files\Garmin
2009-07-17 19:01 . 2004-08-10 04:00 58880 ----a-w- c:\windows\system32\atl.dll
2009-07-13 21:43 . 2004-08-10 04:00 286208 ----a-w- c:\windows\system32\wmpdxm.dll
2009-07-09 19:45 . 2009-07-09 19:45 -------- d-----w- c:\program files\iTunes
2009-07-09 19:45 . 2009-07-09 19:45 -------- d-----w- c:\documents and settings\All Users\Application Data\{8CD7F5AF-ECFA-4793-BF40-D8F42DBFF906}
2009-07-09 19:45 . 2009-07-09 19:45 -------- d-----w- c:\program files\iPod
2009-07-09 19:45 . 2008-07-31 14:55 -------- d-----w- c:\program files\Common Files\Apple
2009-07-09 19:44 . 2009-07-09 19:44 -------- d-----w- c:\program files\Bonjour
2009-07-09 19:44 . 2009-07-09 19:43 -------- d-----w- c:\program files\QuickTime
2009-07-09 19:40 . 2009-07-09 19:40 75048 ----a-w- c:\documents and settings\All Users\Application Data\Apple Computer\Installer Cache\iTunes 8.2.0.23\SetupAdmin.exe
2009-07-03 23:18 . 2009-06-06 13:49 -------- d-----w- c:\documents and settings\HP_Administrator\Application Data\dvdcss
2009-07-03 19:37 . 2009-01-20 15:31 0 ----a-w- c:\documents and settings\HP_Administrator\temp.dat
2009-07-01 20:49 . 2009-06-08 18:26 -------- d-----w- c:\documents and settings\All Users\Application Data\Norton
2009-07-01 17:25 . 2006-01-03 01:03 -------- d-----w- c:\documents and settings\All Users\Application Data\Symantec
2009-07-01 17:24 . 2006-01-03 01:02 -------- d-----w- c:\program files\Common Files\Symantec Shared
2009-06-29 16:12 . 2004-08-10 04:00 827392 ----a-w- c:\windows\system32\wininet.dll
2009-06-29 16:12 . 2004-08-10 04:00 78336 ----a-w- c:\windows\system32\ieencode.dll
2009-06-29 16:12 . 2004-08-10 04:00 17408 ------w- c:\windows\system32\corpol.dll
2009-06-25 21:07 . 2009-06-06 13:38 -------- d-----w- c:\documents and settings\HP_Administrator\Application Data\vlc
2009-06-25 08:25 . 2004-08-10 04:00 730112 ----a-w- c:\windows\system32\lsasrv.dll
2009-06-25 08:25 . 2004-08-10 04:00 56832 ----a-w- c:\windows\system32\secur32.dll
2009-06-25 08:25 . 2004-08-10 04:00 54272 ----a-w- c:\windows\system32\wdigest.dll
2009-06-25 08:25 . 2004-08-10 04:00 301568 ----a-w- c:\windows\system32\kerberos.dll
2009-06-25 08:25 . 2004-08-10 04:00 147456 ----a-w- c:\windows\system32\schannel.dll
2009-06-25 08:25 . 2004-08-10 04:00 136192 ----a-w- c:\windows\system32\msv1_0.dll
2009-06-24 11:18 . 2004-08-10 18:00 92928 ----a-w- c:\windows\system32\drivers\ksecdd.sys
2009-06-16 14:36 . 2004-08-10 04:00 81920 ----a-w- c:\windows\system32\fontsub.dll
2009-06-16 14:36 . 2004-08-10 04:00 119808 ----a-w- c:\windows\system32\t2embed.dll
2009-06-12 12:31 . 2004-08-10 04:00 80896 ----a-w- c:\windows\system32\tlntsess.exe
2009-06-12 12:31 . 2004-08-10 18:00 76288 ----a-w- c:\windows\system32\telnet.exe
2009-06-10 14:13 . 2004-08-10 04:00 84992 ----a-w- c:\windows\system32\avifil32.dll
2009-06-10 07:19 . 2004-08-10 04:00 2066432 ----a-w- c:\windows\system32\mstscax.dll
2009-06-10 06:14 . 2004-08-10 04:00 132096 ----a-w- c:\windows\system32\wkssvc.dll
2009-06-08 21:25 . 2009-06-08 21:25 8192 ----a-w- c:\documents and settings\All Users\Application Data\Installations\{7694EC32-CB0E-4B35-9088-7B320CB1F4FE}\Installer\CommonCustomActions\UninstCCD.exe
2009-06-08 21:25 . 2009-06-08 21:25 61440 ----a-w- c:\documents and settings\All Users\Application Data\Installations\{7694EC32-CB0E-4B35-9088-7B320CB1F4FE}\Installer\CommonCustomActions\UninstPCSFEMsi.exe
2009-06-08 21:25 . 2009-06-08 21:25 10240 ----a-w- c:\documents and settings\All Users\Application Data\Installations\{7694EC32-CB0E-4B35-9088-7B320CB1F4FE}\Installer\CommonCustomActions\UninstPCS.exe
2009-06-08 21:24 . 2009-06-08 21:25 34431608 ----a-w- c:\documents and settings\All Users\Application Data\Installations\{7694EC32-CB0E-4B35-9088-7B320CB1F4FE}\Nokia_PC_Suite_7_1_26_0_dan.exe
2009-06-03 19:09 . 2004-08-10 04:00 1291264 ----a-w- c:\windows\system32\quartz.dll
2006-09-17 18:40 . 2006-09-17 18:40 251 ----a-w- c:\program files\wt3d.ini
2007-09-05 17:12 . 2007-09-05 17:12 22 --sha-w- c:\windows\SMINST\HPCD.sys
2007-03-27 12:25 . 2007-03-21 07:56 4042784 --sha-w- c:\windows\system32\drivers\fidbox.dat
2007-03-27 12:25 . 2007-03-21 07:56 89120 --sha-w- c:\windows\system32\drivers\fidbox2.dat
.
((((((((((((((((((((((((((((((((((( Start steder i reg.basen ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Bemærk* tomme linier & lovlige standard linier vises ikke
REGEDIT4
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"H/PC Connection Agent"="c:\program files\Microsoft ActiveSync\wcescomm.exe" [2006-06-27 1211176]
"PC Suite Tray"="c:\program files\Nokia\Nokia PC Suite 7\PCSuite.exe" [2009-03-20 1312256]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ehTray"="c:\windows\ehome\ehtray.exe" [2005-08-06 64512]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2005-12-14 7323648]
"HPHUPD08"="c:\program files\HP\Digital Imaging\{33D6CC28-9F75-4d1b-A11D-98895B3A3729}\hphupd08.exe" [2005-06-02 49152]
"DMAScheduler"="c:\program files\Sonic\DigitalMedia Plus\DigitalMedia Archive\DMAScheduler.exe" [2005-11-01 90112]
"Recguard"="c:\windows\SMINST\RECGUARD.EXE" [2005-07-22 237568]
"HPBootOp"="c:\program files\Hewlett-Packard\HP Boot Optimizer\HPBootOp.exe" [2005-11-10 249856]
"SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2008-12-08 136600]
"NeroFilterCheck"="c:\windows\system32\NeroCheck.exe" [2001-07-09 155648]
"TkBellExe"="c:\program files\Common Files\Real\Update_OB\realsched.exe" [2006-01-03 180269]
"Acrobat Assistant 7.0"="c:\program files\Adobe\Acrobat 7.0\Distillr\Acrotray.exe" [2008-04-23 483328]
"GrooveMonitor"="c:\program files\Microsoft Office\Office12\GrooveMonitor.exe" [2007-08-24 33648]
"HP Software Update"="c:\program files\HP\HP Software Update\HPWuSchd2.exe" [2007-05-08 54840]
"MaxtorOneTouch"="c:\progra~1\Maxtor\OneTouch\Utils\OneTouch.exe" [2004-08-31 823296]
"ISUSPM Startup"="c:\progra~1\COMMON~1\INSTAL~1\UPDATE~1\isuspm.exe" [2004-07-27 221184]
"AppleSyncNotifier"="c:\program files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe" [2009-05-13 177472]
"SPAMfighter Agent"="c:\program files\SPAMfighter\SFAgent.exe" [2009-03-12 326792]
"QuickTime Task"="c:\program files\QuickTime\qttask.exe" [2009-05-26 413696]
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2009-06-05 292136]
"KBD"="c:\hp\KBD\KBD.EXE" [2005-02-02 61440]
"ftutil2"="ftutil2.dll" - c:\windows\system32\ftutil2.dll [2004-06-07 106496]
"AlwaysReady Power Message APP"="ARPWRMSG.EXE" - c:\windows\arpwrmsg.exe [2005-08-03 77312]
"nwiz"="nwiz.exe" - c:\windows\system32\nwiz.exe [2005-12-14 1519616]
"BluetoothAuthenticationAgent"="bthprops.cpl" - c:\windows\system32\bthprops.cpl [2008-04-14 110592]
c:\documents and settings\HP_Administrator\Start Menu\Programs\Startup\
Screen Clipper and Launcher til OneNote 2007.lnk - c:\program files\Microsoft Office\Office12\ONENOTEM.EXE [2007-12-7 101440]
c:\documents and settings\All Users\Start Menu\Programs\Startup\
Adobe Acrobat Speed Launcher.lnk - c:\windows\Installer\{AC76BA86-1033-0000-7760-000000000002}\SC_Acrobat.exe [2007-3-9 25214]
Adobe Gamma Loader.lnk - c:\program files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe [2006-9-16 113664]
Adobe Reader Speed Launch.lnk - c:\program files\Adobe\Reader 8.0\Reader\reader_sl.exe [2006-10-23 40048]
Adobe Reader Synchronizer.lnk - c:\program files\Adobe\Reader 8.0\Reader\AdobeCollabSync.exe [2006-10-23 734872]
HP Digital Imaging Monitor.lnk - c:\program files\HP\Digital Imaging\bin\hpqtra08.exe [2006-2-19 288472]
HP Photosmart Premier Hurtig start.lnk - c:\program files\HP\Digital Imaging\bin\hpqthb08.exe [2006-2-10 73728]
Picture Package Menu.lnk - c:\program files\Sony Corporation\Picture Package\Picture Package Menu\SonyTray.exe [2008-3-9 151552]
Picture Package VCD Maker.lnk - c:\program files\Sony Corporation\Picture Package\Picture Package Applications\Residence.exe [2008-3-9 106496]
Windows-pc-s›gning.lnk - c:\program files\Windows Desktop Search\WindowsSearch.exe [2007-2-5 118784]
[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
"{56F9679E-7826-4C84-81F3-532071A8BCC5}"= "c:\program files\Windows Desktop Search\MSNLNamespaceMgr.dll" [2007-02-05 294400]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"
[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"AntiVirusOverride"=dword:00000001
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\program files\Microsoft ActiveSync\rapimgr.exe"= c:\program files\Microsoft ActiveSync\rapimgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync RAPI Manager
"c:\program files\Microsoft ActiveSync\wcescomm.exe"= c:\program files\Microsoft ActiveSync\wcescomm.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Connection Manager
"c:\program files\Microsoft ActiveSync\WCESMgr.exe"= c:\program files\Microsoft ActiveSync\WCESMgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Application
"c:\\Program Files\\Media Center Diagnostic Kit\\MCDiag.exe"=
"c:\\Program Files\\Media Center Diagnostic Kit\\MCEHostRemote.exe"=
"c:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"=
"c:\\Program Files\\Microsoft Office\\Office12\\GROOVE.EXE"=
"c:\\Program Files\\Microsoft Office\\Office12\\ONENOTE.EXE"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqtra08.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqste08.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpofxm08.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hposfx08.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hposid01.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqscnvw.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqkygrp.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqCopy.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpfccopy.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpzwiz01.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\Unload\\HpqPhUnl.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\Unload\\HpqDIA.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpoews01.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqnrs08.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\Messenger\\msmsgs.exe"=
"c:\\Program Files\\Common Files\\Nokia\\Service Layer\\A\\nsl_host_process.exe"=
"c:\\Program Files\\Nokia\\Nokia Software Updater\\nsu_ui_client.exe"=
"c:\\Program Files\\Bonjour\\mDNSResponder.exe"=
"c:\\Program Files\\iTunes\\iTunes.exe"=
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"26675:TCP"= 26675:TCP:169.254.2.0/255.255.255.0:Enabled:ActiveSync Service
R0 dontgo;Promise Removable Disk Control Driver;c:\windows\system32\drivers\dontgo.sys [29-06-2004 22:25 7680]
S2 AdobeAdobeAdobeAlerter;Adobe LM Service AdobeAdobeAdobeAlerter;c:\windows\TEMP\driwwbxpmp.exe service --> c:\windows\TEMP\driwwbxpmp.exe service [?]
S2 AdobeAdobeAlerter;Adobe LM Service AdobeAdobeAlerter;c:\windows\TEMP\uhfwsapudn.exe service --> c:\windows\TEMP\uhfwsapudn.exe service [?]
S2 ehMonitor;Media Center Monitor Service;c:\program files\Media Center Diagnostic Kit\Tests\Bin\ehMonitor.exe [07-09-2005 18:18 49336]
S2 NVSvcseclogon;NVIDIA Display Driver Service NVSvcseclogon;c:\windows\system32\34CoInstallerr.exe srv --> c:\windows\system32\34CoInstallerr.exe srv [?]
S2 SPAMfighter Update Service;SPAMfighter Update Service;c:\program files\SPAMfighter\sfus.exe [12-03-2009 10:44 184968]
S3 3xHybrid;3xHybrid service;c:\windows\system32\drivers\3xHybrid.sys [03-01-2006 12:27 2815744]
S3 MaBtPort;MA Bluetooth VCOM Driver;c:\windows\system32\drivers\mabtport.sys [16-09-2006 12:43 120800]
S3 USBAAPL;Apple Mobile USB Driver;c:\windows\system32\drivers\usbaapl.sys [31-07-2008 16:56 32000]
S3 WN5301;LIteon Wireless PCI Network Adapter Service;c:\windows\system32\drivers\wn5301.sys [03-01-2006 12:26 468768]
.
Indhold af mappen 'Planlagte Opgaver'
2009-08-13 c:\windows\Tasks\AppleSoftwareUpdate.job
- c:\program files\Apple Software Update\SoftwareUpdate.exe [2008-07-30 11:34]
2009-08-22 c:\windows\Tasks\WebReg Photosmart C5100 series.job
- c:\program files\HP\Digital Imaging\bin\hpqwrg.exe [2006-02-19 15:45]
.
- - - - TOMME GENVEJE FJERNET - - - -
Toolbar-{CCC7A320-B3CA-4199-B1A6-9F516DD69829} - (no file)
WebBrowser-{CCC7A320-B3CA-4199-B1A6-9F516DD69829} - (no file)
.
------- Yderligere scanning -------
.
uStart Page = hxxp://www.google.dk/
uInternet Settings,ProxyOverride = *.local
IE: Convert link target to Adobe PDF - c:\program files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
IE: Convert link target to existing PDF - c:\program files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
IE: Convert selected links to Adobe PDF - c:\program files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
IE: Convert selected links to existing PDF - c:\program files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
IE: Convert selection to Adobe PDF - c:\program files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
IE: Convert selection to existing PDF - c:\program files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
IE: Convert to Adobe PDF - c:\program files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
IE: Convert to existing PDF - c:\program files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
IE: E&ksporter til Microsoft Excel - c:\progra~1\MICROS~3\Office12\EXCEL.EXE/3000
TCP: {04E4F4AA-1DD3-4222-B0D2-487ACE6AEC49} = 62.61.130.1,62.61.131.1
TCP: {7E1F5EBE-028A-4BC2-B38B-ACEB1D8C78E6} = 62.61.130.1,61.61.131.1
DPF: Garmin Communicator Plug-In - hxxps://my.garmin.com/static/m/cab/2.7.1/GarminAxControl.CAB
DPF: {D216644A-C6DB-49D9-BBCF-D38FE7991BF2} - hxxps://danid.dk/csp/authenticode/digitalsignatur-csp.exe
DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
.
**************************************************************************
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-08-23 21:00
Windows 5.1.2600 Service Pack 3 NTFS
scanner skjulte processer ...
scanner skjulte autostarter ...
scanner skjulte filer ...
scanning gennemført med succes
skjulte filer: 0
**************************************************************************
.
--------------------- LÅSTE REGISTRERINGS NØGLER ---------------------
[HKEY_USERS\S-1-5-21-2664146038-3523203330-969912828-1006\Software\Zepter Software\RegLib*2481e2f5\AnyDVD/1]
"1"=dword:46271686
"2"=dword:46f510e7
[HKEY_USERS\S-1-5-21-2664146038-3523203330-969912828-1006\Software\Zepter Software\RegLib*2481e2f5\CloneDVD2/2]
"1"=dword:46271556
"2"=dword:4a912571
.
--------------------- DLLs startet under kørende Processer ---------------------
- - - - - - - > 'explorer.exe'(1924)
c:\windows\system32\WININET.dll
.
Gennemført tid: 2009-08-23 21:07
ComboFix-quarantined-files.txt 2009-08-23 19:06
Pre-Kørsel: 235.848.536.064 bytes free
Post-Kørsel: 235.803.856.896 byte ledig
Current=1 Default=1 Failed=4 LastKnownGood=2 Sets=,1,2,3,4
281 --- E O F --- 2009-08-14 12:45
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 21:33:38, on 23-08-2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16876)
Boot mode: Safe mode
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\explorer.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.dk/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - (no file)
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
O2 - BHO: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll
O4 - HKLM\..\Run: [ehTray] C:\WINDOWS\ehome\ehtray.exe
O4 - HKLM\..\Run: [ftutil2] rundll32.exe ftutil2.dll,SetWriteCacheMode
O4 - HKLM\..\Run: [AlwaysReady Power Message APP] ARPWRMSG.EXE
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /installquiet /keeploaded /nodetect
O4 - HKLM\..\Run: [HPHUPD08] c:\Program Files\HP\Digital Imaging\{33D6CC28-9F75-4d1b-A11D-98895B3A3729}\hphupd08.exe
O4 - HKLM\..\Run: [DMAScheduler] c:\Program Files\Sonic\DigitalMedia Plus\DigitalMedia Archive\DMAScheduler.exe
O4 - HKLM\..\Run: [Recguard] C:\WINDOWS\SMINST\RECGUARD.EXE
O4 - HKLM\..\Run: [HPBootOp] "C:\Program Files\Hewlett-Packard\HP Boot Optimizer\HPBootOp.exe" /run
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [Acrobat Assistant 7.0] "C:\Program Files\Adobe\Acrobat 7.0\Distillr\Acrotray.exe"
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [MaxtorOneTouch] C:\PROGRA~1\Maxtor\OneTouch\Utils\OneTouch.exe
O4 - HKLM\..\Run: [ISUSPM Startup] C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\isuspm.exe -startup
O4 - HKLM\..\Run: [AppleSyncNotifier] C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe
O4 - HKLM\..\Run: [SPAMfighter Agent] "C:\Program Files\SPAMfighter\SFAgent.exe" update delay 60
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [KBD] C:\HP\KBD\KBD.EXE
O4 - HKCU\..\Run: [H/PC Connection Agent] "C:\Program Files\Microsoft ActiveSync\wcescomm.exe"
O4 - HKCU\..\Run: [PC Suite Tray] "C:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe" -onlytray
O4 - S-1-5-18 Startup: Screen Clipper and Launcher til OneNote 2007.lnk = C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE (User 'SYSTEM')
O4 - .DEFAULT Startup: Screen Clipper and Launcher til OneNote 2007.lnk = C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE (User 'Default user')
O4 - .DEFAULT User Startup: Pin.lnk = C:\hp\bin\CLOAKER.EXE (User 'Default user')
O4 - Startup: Screen Clipper and Launcher til OneNote 2007.lnk = C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
O4 - Global Startup: Adobe Acrobat Speed Launcher.lnk = ?
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Reader 8.0\Reader\reader_sl.exe
O4 - Global Startup: Adobe Reader Synchronizer.lnk = C:\Program Files\Adobe\Reader 8.0\Reader\AdobeCollabSync.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: HP Photosmart Premier Hurtig start.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqthb08.exe
O4 - Global Startup: Picture Package Menu.lnk = ?
O4 - Global Startup: Picture Package VCD Maker.lnk = ?
O4 - Global Startup: Windows-pc-søgning.lnk = C:\Program Files\Windows Desktop Search\WindowsSearch.exe
O8 - Extra context menu item: Convert link target to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convert link target to existing PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convert selected links to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
O8 - Extra context menu item: Convert selected links to existing PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
O8 - Extra context menu item: Convert selection to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convert selection to existing PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convert to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convert to existing PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: E&ksporter til Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000
O9 - Extra button: Send til OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: S&end til OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra button: Create Mobile Favorite - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MICROS~4\INetRepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MICROS~4\INetRepl.dll
O9 - Extra 'Tools' menuitem: Opret Foretrukken på den mobile enhed... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MICROS~4\INetRepl.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL
O9 - Extra button: Tilslutningshjælp - {E2D4D26B-0180-43a4-B05F-462D6D54C789} - C:\WINDOWS\PCHEALTH\HELPCTR\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\IEButton\support.htm
O9 - Extra 'Tools' menuitem: Tilslutningshjælp - {E2D4D26B-0180-43a4-B05F-462D6D54C789} - C:\WINDOWS\PCHEALTH\HELPCTR\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\IEButton\support.htm
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: Garmin Communicator Plug-In - https://my.garmin.com/static/m/cab/2.7.1/GarminAxControl.CAB
O16 - DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} (Facebook Photo Uploader 5 Control) - http://upload.facebook.com/controls/2008.10.10_v5.5.8/FacebookPhotoUploader5.cab
O16 - DPF: {149E45D8-163E-4189-86FC-45022AB2B6C9} (SpinTop DRM Control) - file:///C:/Program%20Files/Escape%20Rosecliff%20Island/Images/stg_drm.ocx
O16 - DPF: {4871A87A-BFDD-4106-8153-FFDE2BAC2967} (DLM Control) - http://dlm.tools.akamai.com/dlmanager/versions/activex/dlm-activex-2.2.5.0.cab
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitdefender.com/resources/scanner/sources/en/scan8/oscan8.cab
O16 - DPF: {62789780-B744-11D0-986B-00609731A21D} (Autodesk MapGuide ActiveX Control) - http://kort.viborg.dk/viewer/mgaxctrl.cab
O16 - DPF: {67A5F8DC-1A4B-4D66-9F24-A704AD929EEE} (System Requirements Lab) - http://www.nvidia.com/content/DriverDownload/srl/2.0.0.1/sysreqlab2.cab
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1191262154500
O16 - DPF: {9B17FE0E-51F2-4692-8B32-8EFB805FC0E7} (HPObjectInstaller Class) - http://h30155.www3.hp.com/ediags/dd/install/guidedsolutions.cab
O16 - DPF: {AB86CE53-AC9F-449F-9399-D8ABCA09EC09} (Get_ActiveX Control) - https://h17000.www1.hp.com/ewfrf-JAVA/Secure/HPGetDownloadManager.ocx
O16 - DPF: {CC450D71-CC90-424C-8638-1F2DBAC87A54} (ArmHelper Control) - file:///C:/Program%20Files/Amazing%20Adventures%20Special%20Edition%20Bundle/Images/armhelper.ocx
O16 - DPF: {CE3409C4-9E26-4F8E-83E4-778498F9E7B4} (PB_Uploader Class) - http://www.pixdiscount.com/clients/uploader_v2.1.0.56.cab
O16 - DPF: {D0C0F75C-683A-4390-A791-1ACFD5599AB8} (Oberon Flash Game Host) - http://gamenextus.oberon-media.com/Gameshell/GameHost/1.0/OberonGameHost.cab
O16 - DPF: {D216644A-C6DB-49D9-BBCF-D38FE7991BF2} (Util Class) - https://danid.dk/csp/authenticode/digitalsignatur-csp.exe
O16 - DPF: {D77EF652-9A6B-40C8-A4B9-1C0697C6CF41} (TikGames Online Control) - http://www.gamenext.dk/online2/gold_fever/goldfever.cab
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{04E4F4AA-1DD3-4222-B0D2-487ACE6AEC49}: NameServer = 62.61.130.1,62.61.131.1
O17 - HKLM\System\CCS\Services\Tcpip\..\{7E1F5EBE-028A-4BC2-B38B-ACEB1D8C78E6}: NameServer = 62.61.130.1,61.61.131.1
O17 - HKLM\System\CS1\Services\Tcpip\..\{04E4F4AA-1DD3-4222-B0D2-487ACE6AEC49}: NameServer = 62.61.130.1,62.61.131.1
O17 - HKLM\System\CS2\Services\Tcpip\..\{04E4F4AA-1DD3-4222-B0D2-487ACE6AEC49}: NameServer = 62.61.130.1,62.61.131.1
O17 - HKLM\System\CS4\Services\Tcpip\..\{04E4F4AA-1DD3-4222-B0D2-487ACE6AEC49}: NameServer = 62.61.130.1,62.61.131.1
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Adobe LM Service AdobeAdobeAdobeAlerter (AdobeAdobeAdobeAlerter) - Unknown owner - C:\WINDOWS\TEMP\driwwbxpmp.exe (file missing)
O23 - Service: Adobe LM Service AdobeAdobeAlerter (AdobeAdobeAlerter) - Unknown owner - C:\WINDOWS\TEMP\uhfwsapudn.exe (file missing)
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Bonjour-tjeneste (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: hpdj - Unknown owner - C:\DOCUME~1\HP_ADM~1\LOCALS~1\Temp\hpdj.exe (file missing)
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: iPod-tjeneste (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: NVIDIA Display Driver Service NVSvcseclogon (NVSvcseclogon) - Unknown owner - C:\WINDOWS\system32\34CoInstallerr.exe (file missing)
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: SPAMfighter Update Service - SPAMfighter ApS - C:\Program Files\SPAMfighter\sfus.exe
O23 - Service: StarWind iSCSI Service (StarWindService) - Rocket Division Software - C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe
O24 - Desktop Component 0: (no name) - file:///C:/DOCUME~1/HP_ADM~1/LOCALS~1/Temp/msohtml1/01/clip_image002.jpg
--
End of file - 14105 bytes
