CIO Tech Eksperten IT-JOB IT-Kurser Events Podcast Søg
Cookie ikon
Avatar billede thomas69 Nybegynder
25. september 2009 - 21:52 Der er 28 kommentarer og
1 løsning

Genstridig adware/wirus

Hejsa

Lang tid siden :)
Og som altid er der hjælp og hente herinde når pcén driller.

Min pcér er begyndt og kører langsomt, mapper programmer er lang tid om og åbne.

Det startede med, at jeg fik hente et program, og åbenbart et "skummelt" sted :(
Mit virus program (AVG) poppede op med at der var fundet noget, og ja tak til delete osv, men den var ligeglad..

Lige nu er imens jeg skriver dette popper denne op; 19.tmp har fundet en fejl og afsluttes. Vi beklager ulejligheden.

Og den der nr.19 har også tidligere heddet en masse andre nummer :)
Har prøvet i msconfig ikke og få den til og starte op, men igen den bliver ved.

Har prøvet og kører,
- SAS  <---- Finder en masse men kan ikke slette alle
- CCleaner <---- Det samme
- Registry Booster 2009(lige købt licens) <--- Og det samme resultat :(

Håber der er en hjælpsom sjæl :)

Jeg vedhæfter min sidste HJT log.

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 21:39:02, on 25-09-2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Programmer\Creative\Shared Files\CTAudSvc.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\ctfmon.exe
C:\installeret programmer\steam\steam.exe
C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
C:\WINDOWS\system32\svchost.exe
C:\Programmer\Java\jre6\bin\jqs.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\HPZipm12.exe
C:\WINDOWS\system32\PnkBstrA.exe
C:\WINDOWS\system32\PnkBstrB.exe
C:\WINDOWS\System32\svchost.exe
C:\PROGRA~1\AVG\AVG8\avgemc.exe
C:\PROGRA~1\AVG\AVG8\avgrsx.exe
C:\PROGRA~1\AVG\AVG8\avgnsx.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Programmer\AVG\AVG8\avgcsrvx.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\19.tmp
C:\WINDOWS\system32\wscntfy.exe
C:\Documents and Settings\Thomas m\Dokumenter\Hentede filer\Prøve\ALTERNATIV.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.dk/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Hyperlinks
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Programmer\Fælles filer\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Programmer\AVG\AVG8\avgssie.dll
O2 - BHO: Hjælp til tilmelding til Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programmer\Fælles filer\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Programmer\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Programmer\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O4 - HKLM\..\Run: [15752] C:\WINDOWS\system32\19.tmp.exe
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Steam] "c:\installeret programmer\steam\steam.exe" -silent
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'LOKAL TJENESTE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'NETVÆRKSTJENESTE')
O8 - Extra context menu item: E&ksporter til Microsoft Excel - res://C:\INSTAL~1\Office10\EXCEL.EXE/3000
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\INSTAL~1\MICROS~1\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: PartyGammon.com - {59A861EE-32B3-42cd-8CCA-FC130EDF3A44} - C:\WINDOWS\System32\shdocvw.dll
O9 - Extra 'Tools' menuitem: PartyGammon.com - {59A861EE-32B3-42cd-8CCA-FC130EDF3A44} - C:\WINDOWS\System32\shdocvw.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\INSTAL~1\MICROS~1\OFFICE11\REFIEBAR.DLL
O9 - Extra button: PartyCasino - {B4B52284-A248-4c51-9F7C-F0A0C67FCC9D} - C:\Programmer\PartyGaming\PartyCasino\RunApp.exe (file missing)
O9 - Extra 'Tools' menuitem: PartyCasino - {B4B52284-A248-4c51-9F7C-F0A0C67FCC9D} - C:\Programmer\PartyGaming\PartyCasino\RunApp.exe (file missing)
O9 - Extra button: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Programmer\PartyGaming\PartyPoker\RunApp.exe (file missing)
O9 - Extra 'Tools' menuitem: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Programmer\PartyGaming\PartyPoker\RunApp.exe (file missing)
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O16 - DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} (Creative Software AutoUpdate Support Package) - http://ccfiles.creative.com/Web/softwareupdate/su2/ocx/15107/CTPID.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{0D5811EE-D82E-4A93-8352-F3843BEECA99}: NameServer = 208.67.222.222,208.67.220.220
O17 - HKLM\System\CCS\Services\Tcpip\..\{667FD995-CA88-4466-9B19-7B9F5783D96A}: NameServer = 208.67.222.222,208.67.220.220
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Programmer\AVG\AVG8\avgpp.dll
O20 - Winlogon Notify: !SASWinLogon - C:\Installeret Programmer\SUPERAntiSpyware\SASWINLO.DLL
O20 - Winlogon Notify: avgrsstarter - C:\WINDOWS\SYSTEM32\avgrsstx.dll
O23 - Service: AVG Free8 E-mail Scanner (avg8emc) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgemc.exe
O23 - Service: AVG Free8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
O23 - Service: Creative Audio Engine Licensing Service - Creative Labs - C:\Programmer\Fælles filer\Creative Labs Shared\Service\CTAELicensing.exe
O23 - Service: Creative Audio Service (CTAudSvcService) - Creative Technology Ltd - C:\Programmer\Creative\Shared Files\CTAudSvc.exe
O23 - Service: COM-tjenesten IMAPI cd-skrivning (ImapiService) - Unknown owner - C:\WINDOWS\System32\imapi.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Programmer\Java\jre6\bin\jqs.exe
O23 - Service: Lavasoft Ad-Aware Service - Lavasoft - C:\Programmer\Lavasoft\Ad-Aware\AAWService.exe
O23 - Service: NBService - Nero AG - C:\Programmer\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Programmer\Fælles filer\Ahead\Lib\NMIndexingService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe
O23 - Service: PnkBstrB - Unknown owner - C:\WINDOWS\system32\PnkBstrB.exe

--
End of file - 6746 bytes

MVH Thomas
Avatar billede Computer Hjælp (Gratis) Mester
25. september 2009 - 21:58 #1
Hent og instalér CCleaner http://www.ccleaner.com/ + http://www.spywarefri.dk/manualer/manual-for-installation-og-brug-af-ccleaner/
Under installationen får du tilbudt [Yahoo Toolbar]. Du kan sige ja eller *NEJ* til den.
http://vistaguide.dk/?Artikler/CCleaner-GuideTilOptimeringAfVista/763
Lad programmet foretage en oprydning...

--------

Hent Malwarebytes Anti-Malware herfra:
http://www.besttechie.net/tools/mbam-setup.exe
Eller herfra ->
http://www.majorgeeks.com/Malwarebytes_Anti-Malware_d5756.html

Installer programmet - når det er gjort skal du lade programmet opdatere sig. Herefter åbner et vindue, hvor du skal flytte prikken til "Kør et fuldstændigt systemscan" - klik på Skan Knappen - lad programmet arbejde. Når det er færdig (det tager lidt tid afhængig af hvor meget du har på computeren).
Derefter - Tryk på "Vis resultater" knappen efter scanningen - og herefter tryk på "Fjern det valgte" - nu åbnes log'en og du skal gemme den et sted, hvor du kan finde den igen.
Kopier indholdet herind sammen med en frisk log fra HiJackThis...

...og her er omtalte HiJackThis ->
http://www.spywareinfo.dk/index.htm#/manualer/hijackthis.htm

Bemærk at HiJackThis.exe programmet skal gemmes i en dertil oprettet mappe og IKKE køres direkte fra nettet...

PS: Brug denne version af HJT -> http://www.trendsecure.com/portal/en-US/_download/HiJackThis.exe
Avatar billede thomas69 Nybegynder
25. september 2009 - 22:41 #2
Har prøvet dog minus "Malware Anti" da det ikke ville starte op.

Men prøver self. igen, men alle disse programmer hentet fra disse links.

Logfiler kommer på senere iaften, lige så snart jeg har fået dem kørt :)
Så tak for hjælpen endtil videre.
Avatar billede Computer Hjælp (Gratis) Mester
25. september 2009 - 22:50 #3
PS: Jeg ka' godt se 'snavset' samt en masse andet relevant 'oprydning'.
Nævnte [MalwareBytes] bør/plejer at kunne nappe det.
Alternativ kan du bruge denne procedure ->

-- Hent Combofix fra et af disse links, og gem den på dit skrivebord:
NB NB: Gem den med et helt andet navn end Combofix.exe

http://download.bleepingcomputer.com/sUBs/ComboFix.exe
http://download.bleepingcomputer.com/sUBs/Beta/ComboFix.exe

-- Kør så combofix.exe (eller det som du nu har kaldt den!), som du hentede tidligere, og følg anvisningerne.
Du bør ikke klikke på vinduet imens værktøjet kører, idet det kan få din computer til at fryse.
Når combofix er færdig, og efter det har genstartet, skulle der gerne åbnes en logfil: combofix.txt
Indholdet af denne fil må du gerne lægge herind.
Avatar billede thomas69 Nybegynder
25. september 2009 - 23:25 #4
Ok, cool... Jeg har ikke kunne DL malware på nogen af de links, om det er pga. virus eller hvad ved jeg ikke.

Men jeg fik det hentet på min bærbar og overført hertil.

Den er nu igang med at scanne.
Og har lige kørt CC, fandt 17 filer som er væk.

Skal nok vende tilbage igen med logfiler når jeg også har kørt "combo"
Avatar billede thomas69 Nybegynder
25. september 2009 - 23:47 #5
Malware kører endnu, har fundet 22 objekter endtil videre..:)
Avatar billede thomas69 Nybegynder
26. september 2009 - 00:38 #6
Sådan, langt om længe :)

Men desværre, igen poppede den der op; "19.tmp har fundet en fejl og afsluttes. Vi beklager ulejligheden."

Plus jeg igen har fået 3 stk "porno ikoner" på skrivebordet :(

Malware fandt 434 filer
CC fandt 17 filer
Og begge log filer kommer her.

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 00:32:15, on 26-09-2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Programmer\Creative\Shared Files\CTAudSvc.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\ctfmon.exe
C:\installeret programmer\steam\steam.exe
C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
C:\Programmer\Java\jre6\bin\jqs.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\HPZipm12.exe
C:\WINDOWS\system32\PnkBstrA.exe
C:\WINDOWS\system32\PnkBstrB.exe
C:\PROGRA~1\AVG\AVG8\avgrsx.exe
C:\WINDOWS\System32\svchost.exe
C:\PROGRA~1\AVG\AVG8\avgnsx.exe
C:\PROGRA~1\AVG\AVG8\avgemc.exe
C:\Programmer\AVG\AVG8\avgcsrvx.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\TEMP\VRT3.tmp
C:\WINDOWS\TEMP\VRT4.tmp
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\sofatnet.exe
C:\WINDOWS\system32\wscntfy.exe
C:\WINDOWS\system32\lsm32.sys
C:\Documents and Settings\Thomas m\Dokumenter\Hentede filer\Ny\ny2.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.dk/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Hyperlinks
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Programmer\Fælles filer\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Programmer\AVG\AVG8\avgssie.dll
O2 - BHO: Hjælp til tilmelding til Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programmer\Fælles filer\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Programmer\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Programmer\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O4 - HKLM\..\Run: [30052] C:\WINDOWS\system32\9.tmp.exe
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Steam] "c:\installeret programmer\steam\steam.exe" -silent
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'LOKAL TJENESTE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'NETVÆRKSTJENESTE')
O8 - Extra context menu item: E&ksporter til Microsoft Excel - res://C:\INSTAL~1\Office10\EXCEL.EXE/3000
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\INSTAL~1\MICROS~1\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: PartyGammon.com - {59A861EE-32B3-42cd-8CCA-FC130EDF3A44} - C:\WINDOWS\System32\shdocvw.dll
O9 - Extra 'Tools' menuitem: PartyGammon.com - {59A861EE-32B3-42cd-8CCA-FC130EDF3A44} - C:\WINDOWS\System32\shdocvw.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\INSTAL~1\MICROS~1\OFFICE11\REFIEBAR.DLL
O9 - Extra button: PartyCasino - {B4B52284-A248-4c51-9F7C-F0A0C67FCC9D} - C:\Programmer\PartyGaming\PartyCasino\RunApp.exe (file missing)
O9 - Extra 'Tools' menuitem: PartyCasino - {B4B52284-A248-4c51-9F7C-F0A0C67FCC9D} - C:\Programmer\PartyGaming\PartyCasino\RunApp.exe (file missing)
O9 - Extra button: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Programmer\PartyGaming\PartyPoker\RunApp.exe (file missing)
O9 - Extra 'Tools' menuitem: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Programmer\PartyGaming\PartyPoker\RunApp.exe (file missing)
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O16 - DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} (Creative Software AutoUpdate Support Package) - http://ccfiles.creative.com/Web/softwareupdate/su2/ocx/15107/CTPID.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{0D5811EE-D82E-4A93-8352-F3843BEECA99}: NameServer = 208.67.222.222,208.67.220.220
O17 - HKLM\System\CCS\Services\Tcpip\..\{667FD995-CA88-4466-9B19-7B9F5783D96A}: NameServer = 208.67.222.222,208.67.220.220
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Programmer\AVG\AVG8\avgpp.dll
O20 - Winlogon Notify: !SASWinLogon - C:\Installeret Programmer\SUPERAntiSpyware\SASWINLO.DLL
O20 - Winlogon Notify: avgrsstarter - C:\WINDOWS\SYSTEM32\avgrsstx.dll
O23 - Service: AVG Free8 E-mail Scanner (avg8emc) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgemc.exe
O23 - Service: AVG Free8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
O23 - Service: Creative Audio Engine Licensing Service - Creative Labs - C:\Programmer\Fælles filer\Creative Labs Shared\Service\CTAELicensing.exe
O23 - Service: Creative Audio Service (CTAudSvcService) - Creative Technology Ltd - C:\Programmer\Creative\Shared Files\CTAudSvc.exe
O23 - Service: COM-tjenesten IMAPI cd-skrivning (ImapiService) - Unknown owner - C:\WINDOWS\System32\imapi.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Programmer\Java\jre6\bin\jqs.exe
O23 - Service: Lavasoft Ad-Aware Service - Lavasoft - C:\Programmer\Lavasoft\Ad-Aware\AAWService.exe
O23 - Service: NBService - Nero AG - C:\Programmer\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Programmer\Fælles filer\Ahead\Lib\NMIndexingService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe
O23 - Service: PnkBstrB - Unknown owner - C:\WINDOWS\system32\PnkBstrB.exe
O23 - Service: sofatnet  Service (sofatnet) - Sigma Designs In - C:\WINDOWS\system32\sofatnet.exe

--
End of file - 6923 bytes


Malwarebytes' Anti-Malware 1.41
Database version: 2775
Windows 5.1.2600 Service Pack 3

26-09-2009 00:20:28
mbam-log-2009-09-26 (00-20-28).txt

Skan type: Fuldstændig skanning (C:\|)
Objekter skannet: 187405
Tid tilbagelagt: 1 hour(s), 24 minute(s), 2 second(s)

Inficerede Hukommelses Processer: 0
Inficerede Hukommelses Moduler: 1
Inficerede Registeringsdatabase Nøgler: 11
Inficerede Registeringsdatabase Værdier: 11
Inficerede Registeringsdatabase Filer: 2
Inficerede Mapper: 9
Inficerede Filer: 400

Inficerede Hukommelses Processer:
(Ingen mistænkelige filer fundet)

Inficerede Hukommelses Moduler:
c:\WINDOWS\system32\BtwSrv.dll (Trojan.Agent) -> Delete on reboot.

Inficerede Registeringsdatabase Nøgler:
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\btwsrv (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\btwsrv (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\btwsrv (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\TypeLib\{67450775-3b18-49b1-aa83-0e010f07f4df} (Trojan.Dropper) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{69b3ebfa-0015-4914-9312-e7758eacfac1} (Trojan.Dropper) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{30de9920-2e84-40a2-88a5-b8d256e15101} (Trojan.Dropper) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Protection System (Rogue.ProtectionSystem) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\RegTool (Rogue.RegTool) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\AGprotect (Malware.Trace) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\RegTool (Rogue.RegTool) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\sofatnet (Backdoor.Bot) -> Quarantined and deleted successfully.

Inficerede Registeringsdatabase Værdier:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs\C:\Programmer\Fælles filer\ACD Systems\Filters\EITCC_LinearBlur.dll (Trojan.Dropper) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WBEM\BuildW (Malware.Trace) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WBEM\FirstInstallFlag (Malware.Trace) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WBEM\guid (Malware.Trace) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WBEM\i (Malware.Trace) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WBEM\mso (Malware.Trace) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WBEM\udso (Malware.Trace) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WBEM\uid (Malware.Trace) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WBEM\Ulrn (Malware.Trace) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WBEM\Update (Malware.Trace) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WBEM\UpdateNew (Malware.Trace) -> Quarantined and deleted successfully.

Inficerede Registeringsdatabase Filer:
HKEY_CLASSES_ROOT\scrfile\shell\open\command\(default) (Broken.OpenCommand) -> Bad: (NOTEPAD.EXE %1) Good: ("%1" /S) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\regfile\shell\open\command\(default) (Broken.OpenCommand) -> Bad: ("regedit.exe" "%1") Good: (regedit.exe "%1") -> Quarantined and deleted successfully.

Inficerede Mapper:
C:\Documents and Settings\Thomas m\Application Data\RegTool (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Thomas m\Application Data\RegTool\Logs (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Thomas m\Application Data\RegTool\QuarantineW (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Thomas m\Application Data\RegTool\QuarantineW\2009-03-26 23-58-390 (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Thomas m\Application Data\RegTool\QuarantineW\2009-05-26 21-32-340 (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Thomas m\Application Data\RegTool\QuarantineW\2009-05-26 21-32-340 (Rogue.RegTool) -> Files: 446 -> Quarantined and deleted successfully.
C:\Documents and Settings\Thomas m\Application Data\RegTool\QuarantineW\2009-05-28 12-28-330 (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Thomas m\Application Data\RegTool\QuarantineW\2009-05-28 12-30-180 (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Thomas m\Application Data\RegTool\Results (Rogue.RegTool) -> Quarantined and deleted successfully.

Inficerede Filer:
c:\WINDOWS\system32\BtwSrv.dll (Trojan.Agent) -> Delete on reboot.
C:\Documents and Settings\LocalService\Lokale indstillinger\Temporary Internet Files\Content.IE5\4DCLVT3B\w[1].bin (Backdoor.Bot) -> Quarantined and deleted successfully.
C:\Documents and Settings\LocalService\Lokale indstillinger\Temporary Internet Files\Content.IE5\4DCLVT3B\w[2].bin (Backdoor.Bot) -> Quarantined and deleted successfully.
C:\Documents and Settings\LocalService\Lokale indstillinger\Temporary Internet Files\Content.IE5\SFA2CIWI\w1[1].bin (Backdoor.Bot) -> Quarantined and deleted successfully.
C:\Documents and Settings\LocalService\Lokale indstillinger\Temporary Internet Files\Content.IE5\VRXZNBPO\w[1].bin (Backdoor.Bot) -> Quarantined and deleted successfully.
C:\Documents and Settings\LocalService\Lokale indstillinger\Temporary Internet Files\Content.IE5\VRXZNBPO\w[2].bin (Backdoor.Bot) -> Quarantined and deleted successfully.
C:\Documents and Settings\LocalService\Lokale indstillinger\Temporary Internet Files\Content.IE5\VS26SYSA\w[1].bin (Backdoor.Bot) -> Quarantined and deleted successfully.
C:\Programmer\Fælles filer\ACD Systems\Filters\EITCC_LinearBlur.dll (Trojan.Dropper) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{48F63EC5-53C6-4A74-9714-D78A8BB8740A}\RP309\A0043690.sys (Rootkit.Agent) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{48F63EC5-53C6-4A74-9714-D78A8BB8740A}\RP310\A0043698.sys (Rootkit.Agent) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{48F63EC5-53C6-4A74-9714-D78A8BB8740A}\RP311\A0043724.sys (Rootkit.Agent) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{48F63EC5-53C6-4A74-9714-D78A8BB8740A}\RP312\A0043971.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\WINDOWS\Temp\VRT124.tmp (Malware.Tool) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\ZJTGRCUNYNBQ9.SYS.del (Rootkit.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\ZUKFUAWHSXH7.SYS.del (Rootkit.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Thomas m\Application Data\RegTool\resultsw.db (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Thomas m\Application Data\RegTool\spy_ignore.db (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Thomas m\Application Data\RegTool\Logs\2009-03-26 23-57-080.log (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Thomas m\Application Data\RegTool\Logs\2009-05-26 21-28-110.log (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Thomas m\Application Data\RegTool\Logs\2009-05-28 12-00-010.log (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Thomas m\Application Data\RegTool\Logs\2009-05-28 12-00-011.log (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Thomas m\Application Data\RegTool\QuarantineW\2009-03-26 23-58-390\filelist.db (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Thomas m\Application Data\RegTool\QuarantineW\2009-03-26 23-58-390\regb-0.db (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Thomas m\Application Data\RegTool\QuarantineW\2009-03-26 23-58-390\regb-1.db (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Thomas m\Application Data\RegTool\QuarantineW\2009-03-26 23-58-390\regb-10.db (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Thomas m\Application Data\RegTool\QuarantineW\2009-03-26 23-58-390\regb-100.db (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Thomas m\Application Data\RegTool\QuarantineW\2009-03-26 23-58-390\regb-101.db (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Thomas m\Application Data\RegTool\QuarantineW\2009-03-26 23-58-390\regb-102.db (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Thomas m\Application Data\RegTool\QuarantineW\2009-03-26 23-58-390\regb-103.db (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Thomas m\Application Data\RegTool\QuarantineW\2009-03-26 23-58-390\regb-104.db (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Thomas m\Application Data\RegTool\QuarantineW\2009-03-26 23-58-390\regb-105.db (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Thomas m\Application Data\RegTool\QuarantineW\2009-03-26 23-58-390\regb-106.db (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Thomas m\Application Data\RegTool\QuarantineW\2009-03-26 23-58-390\regb-107.db (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Thomas m\Application Data\RegTool\QuarantineW\2009-03-26 23-58-390\regb-108.db (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Thomas m\Application Data\RegTool\QuarantineW\2009-03-26 23-58-390\regb-109.db (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Thomas m\Application Data\RegTool\QuarantineW\2009-03-26 23-58-390\regb-11.db (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Thomas m\Application Data\RegTool\QuarantineW\2009-03-26 23-58-390\regb-110.db (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Thomas m\Application Data\RegTool\QuarantineW\2009-03-26 23-58-390\regb-111.db (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Thomas m\Application Data\RegTool\QuarantineW\2009-03-26 23-58-390\regb-112.db (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Thomas m\Application Data\RegTool\QuarantineW\2009-03-26 23-58-390\regb-113.db (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Thomas m\Application Data\RegTool\QuarantineW\2009-03-26 23-58-390\regb-114.db (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Thomas m\Application Data\RegTool\QuarantineW\2009-03-26 23-58-390\regb-115.db (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Thomas m\Application Data\RegTool\QuarantineW\2009-03-26 23-58-390\regb-116.db (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Thomas m\Application Data\RegTool\QuarantineW\2009-03-26 23-58-390\regb-117.db (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Thomas m\Application Data\RegTool\QuarantineW\2009-03-26 23-58-390\regb-118.db (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Thomas m\Application Data\RegTool\QuarantineW\2009-03-26 23-58-390\regb-119.db (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Thomas m\Application Data\RegTool\QuarantineW\2009-03-26 23-58-390\regb-12.db (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Thomas m\Application Data\RegTool\QuarantineW\2009-03-26 23-58-390\regb-120.db (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Thomas m\Application Data\RegTool\QuarantineW\2009-03-26 23-58-390\regb-121.db (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Thomas m\Application Data\RegTool\QuarantineW\2009-03-26 23-58-390\regb-122.db (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Thomas m\Application Data\RegTool\QuarantineW\2009-03-26 23-58-390\regb-123.db (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Thomas m\Application Data\RegTool\QuarantineW\2009-03-26 23-58-390\regb-124.db (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Thomas m\Application Data\RegTool\QuarantineW\2009-03-26 23-58-390\regb-125.db (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Thomas m\Application Data\RegTool\QuarantineW\2009-03-26 23-58-390\regb-126.db (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Thomas m\Application Data\RegTool\QuarantineW\2009-03-26 23-58-390\regb-127.db (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Thomas m\Application Data\RegTool\QuarantineW\2009-03-26 23-58-390\regb-128.db (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Thomas m\Application Data\RegTool\QuarantineW\2009-03-26 23-58-390\regb-129.db (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Thomas m\Application Data\RegTool\QuarantineW\2009-03-26 23-58-390\regb-13.db (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Thomas m\Application Data\RegTool\QuarantineW\2009-03-26 23-58-390\regb-130.db (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Thomas m\Application Data\RegTool\QuarantineW\2009-03-26 23-58-390\regb-131.db (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Thomas m\Application Data\RegTool\QuarantineW\2009-03-26 23-58-390\regb-132.db (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Thomas m\Application Data\RegTool\QuarantineW\2009-03-26 23-58-390\regb-133.db (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Thomas m\Application Data\RegTool\QuarantineW\2009-03-26 23-58-390\regb-134.db (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Thomas m\Application Data\RegTool\QuarantineW\2009-03-26 23-58-390\regb-135.db (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Thomas m\Application Data\RegTool\QuarantineW\2009-03-26 23-58-390\regb-136.db (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Thomas m\Application Data\RegTool\QuarantineW\2009-03-26 23-58-390\regb-137.db (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Thomas m\Application Data\RegTool\QuarantineW\2009-03-26 23-58-390\regb-138.db (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Thomas m\Application Data\RegTool\QuarantineW\2009-03-26 23-58-390\regb-139.db (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Thomas m\Application Data\RegTool\QuarantineW\2009-03-26 23-58-390\regb-14.db (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Thomas m\Application Data\RegTool\QuarantineW\2009-03-26 23-58-390\regb-140.db (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Thomas m\Application Data\RegTool\QuarantineW\2009-03-26 23-58-390\regb-141.db (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Thomas m\Application Data\RegTool\QuarantineW\2009-03-26 23-58-390\regb-142.db (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Thomas m\Application Data\RegTool\QuarantineW\2009-03-26 23-58-390\regb-143.db (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Thomas m\Application Data\RegTool\QuarantineW\2009-03-26 23-58-390\regb-144.db (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Thomas m\Application Data\RegTool\QuarantineW\2009-03-26 23-58-390\regb-145.db (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Thomas m\Application Data\RegTool\QuarantineW\2009-03-26 23-58-390\regb-146.db (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Thomas m\Application Data\RegTool\QuarantineW\2009-03-26 23-58-390\regb-147.db (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Thomas m\Application Data\RegTool\QuarantineW\2009-03-26 23-58-390\regb-148.db (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Thomas m\Application Data\RegTool\QuarantineW\2009-03-26 23-58-390\regb-149.db (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Thomas m\Application Data\RegTool\QuarantineW\2009-03-26 23-58-390\regb-15.db (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Thomas m\Application Data\RegTool\QuarantineW\2009-03-26 23-58-390\regb-150.db (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Thomas m\Application Data\RegTool\QuarantineW\2009-03-26 23-58-390\regb-151.db (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Thomas m\Application Data\RegTool\QuarantineW\2009-03-26 23-58-390\regb-152.db (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Thomas m\Application Data\RegTool\QuarantineW\2009-03-26 23-58-390\regb-153.db (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Thomas m\Application Data\RegTool\QuarantineW\2009-03-26 23-58-390\regb-154.db (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Thomas m\Application Data\RegTool\QuarantineW\2009-03-26 23-58-390\regb-155.db (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Thomas m\Application Data\RegTool\QuarantineW\2009-03-26 23-58-390\regb-156.db (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Thomas m\Application Data\RegTool\QuarantineW\2009-03-26 23-58-390\regb-157.db (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Thomas m\Application Data\RegTool\QuarantineW\2009-03-26 23-58-390\regb-158.db (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Thomas m\Application Data\RegTool\QuarantineW\2009-03-26 23-58-390\regb-159.db (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Thomas m\Application Data\RegTool\QuarantineW\2009-03-26 23-58-390\regb-16.db (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Thomas m\Application Data\RegTool\QuarantineW\2009-03-26 23-58-390\regb-160.db (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Thomas m\Application Data\RegTool\QuarantineW\2009-03-26 23-58-390\regb-161.db (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Thomas m\Application Data\RegTool\QuarantineW\2009-03-26 23-58-390\regb-162.db (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Thomas m\Application Data\RegTool\QuarantineW\2009-03-26 23-58-390\regb-163.db (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Thomas m\Application Data\RegTool\QuarantineW\2009-03-26 23-58-390\regb-164.db (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Thomas m\Application Data\RegTool\QuarantineW\2009-03-26 23-58-390\regb-165.db (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Thomas m\Application Data\RegTool\QuarantineW\2009-03-26 23-58-390\regb-166.db (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Thomas m\Application Data\RegTool\QuarantineW\2009-03-26 23-58-390\regb-167.db (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Thomas m\Application Data\RegTool\QuarantineW\2009-03-26 23-58-390\regb-168.db (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Thomas m\Application Data\RegTool\QuarantineW\2009-03-26 23-58-390\regb-17.db (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Thomas m\Application Data\RegTool\QuarantineW\2009-03-26 23-58-390\regb-18.db (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Thomas m\Application Data\RegTool\QuarantineW\2009-03-26 23-58-390\regb-19.db (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Thomas m\Application Data\RegTool\QuarantineW\2009-03-26 23-58-390\regb-2.db (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Thomas m\Application Data\RegTool\QuarantineW\2009-03-26 23-58-390\regb-20.db (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Thomas m\Application Data\RegTool\QuarantineW\2009-03-26 23-58-390\regb-21.db (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Thomas m\Application Data\RegTool\QuarantineW\2009-03-26 23-58-390\regb-22.db (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Thomas m\Application Data\RegTool\QuarantineW\2009-03-26 23-58-390\regb-23.db (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Thomas m\Application Data\RegTool\QuarantineW\2009-03-26 23-58-390\regb-24.db (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Thomas m\Application Data\RegTool\QuarantineW\2009-03-26 23-58-390\regb-25.db (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Thomas m\Application Data\RegTool\QuarantineW\2009-03-26 23-58-390\regb-26.db (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Thomas m\Application Data\RegTool\QuarantineW\2009-03-26 23-58-390\regb-27.db (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Thomas m\Application Data\RegTool\QuarantineW\2009-03-26 23-58-390\regb-28.db (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Thomas m\Application Data\RegTool\QuarantineW\2009-03-26 23-58-390\regb-29.db (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Thomas m\Application Data\RegTool\QuarantineW\2009-03-26 23-58-390\regb-3.db (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Thomas m\Application Data\RegTool\QuarantineW\2009-03-26 23-58-390\regb-30.db (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Thomas m\Application Data\RegTool\QuarantineW\2009-03-26 23-58-390\regb-31.db (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Thomas m\Application Data\RegTool\QuarantineW\2009-03-26 23-58-390\regb-32.db (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Thomas m\Application Data\RegTool\QuarantineW\2009-03-26 23-58-390\regb-33.db (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Thomas m\Application Data\RegTool\QuarantineW\2009-03-26 23-58-390\regb-34.db (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Thomas m\Application Data\RegTool\QuarantineW\2009-03-26 23-58-390\regb-35.db (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Thomas m\Application Data\RegTool\QuarantineW\2009-03-26 23-58-390\regb-36.db (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Thomas m\Application Data\RegTool\QuarantineW\2009-03-26 23-58-390\regb-37.db (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Thomas m\Application Data\RegTool\QuarantineW\2009-03-26 23-58-390\regb-38.db (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Thomas m\Application Data\RegTool\QuarantineW\2009-03-26 23-58-390\regb-39.db (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Thomas m\Application Data\RegTool\QuarantineW\2009-03-26 23-58-390\regb-4.db (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Thomas m\Application Data\RegTool\QuarantineW\2009-03-26 23-58-390\regb-40.db (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Thomas m\Application Data\RegTool\QuarantineW\2009-03-26 23-58-390\regb-41.db (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Thomas m\Application Data\RegTool\QuarantineW\2009-03-26 23-58-390\regb-42.db (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Thomas m\Application Data\RegTool\QuarantineW\2009-03-26 23-58-390\regb-43.db (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Thomas m\Application Data\RegTool\QuarantineW\2009-03-26 23-58-390\regb-44.db (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Thomas m\Application Data\RegTool\QuarantineW\2009-03-26 23-58-390\regb-45.db (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Thomas m\Application Data\RegTool\QuarantineW\2009-03-26 23-58-390\regb-46.db (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Thomas m\Application Data\RegTool\QuarantineW\2009-03-26 23-58-390\regb-47.db (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Thomas m\Application Data\RegTool\QuarantineW\2009-03-26 23-58-390\regb-48.db (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Thomas m\Application Data\RegTool\QuarantineW\2009-03-26 23-58-390\regb-49.db (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Thomas m\Application Data\RegTool\QuarantineW\2009-03-26 23-58-390\regb-5.db (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Thomas m\Application Data\RegTool\QuarantineW\2009-03-26 23-58-390\regb-50.db (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Thomas m\Application Data\RegTool\QuarantineW\2009-03-26 23-58-390\regb-51.db (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Thomas m\Application Data\RegTool\QuarantineW\2009-03-26 23-58-390\regb-52.db (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Thomas m\Application Data\RegTool\QuarantineW\2009-03-26 23-58-390\regb-53.db (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Thomas m\Application Data\RegTool\QuarantineW\2009-03-26 23-58-390\regb-54.db (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Thomas m\Application Data\RegTool\QuarantineW\2009-03-26 23-58-390\regb-55.db (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Thomas m\Application Data\RegTool\QuarantineW\2009-03-26 23-58-390\regb-56.db (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Thomas m\Application Data\RegTool\QuarantineW\2009-03-26 23-58-390\regb-57.db (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Thomas m\Application Data\RegTool\QuarantineW\2009-03-26 23-58-390\regb-58.db (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Thomas m\Application Data\RegTool\QuarantineW\2009-03-26 23-58-390\regb-59.db (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Thomas m\Application Data\RegTool\QuarantineW\2009-03-26 23-58-390\regb-6.db (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Thomas m\Application Data\RegTool\QuarantineW\2009-03-26 23-58-390\regb-60.db (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Thomas m\Application Data\RegTool\QuarantineW\2009-03-26 23-58-390\regb-61.db (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Thomas m\Application Data\RegTool\QuarantineW\2009-03-26 23-58-390\regb-62.db (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Thomas m\Application Data\RegTool\QuarantineW\2009-03-26 23-58-390\regb-63.db (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Thomas m\Application Data\RegTool\QuarantineW\2009-03-26 23-58-390\regb-64.db (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Thomas m\Application Data\RegTool\QuarantineW\2009-03-26 23-58-390\regb-65.db (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Thomas m\Application Data\RegTool\QuarantineW\2009-03-26 23-58-390\regb-66.db (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Thomas m\Application Data\RegTool\QuarantineW\2009-03-26 23-58-390\regb-67.db (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Thomas m\Application Data\RegTool\QuarantineW\2009-03-26 23-58-390\regb-68.db (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Thomas m\Application Data\RegTool\QuarantineW\2009-03-26 23-58-390\regb-69.db (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Thomas m\Application Data\RegTool\QuarantineW\2009-03-26 23-58-390\regb-7.db (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Thomas m\Application Data\RegTool\QuarantineW\2009-03-26 23-58-390\regb-70.db (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Thomas m\Application Data\RegTool\QuarantineW\2009-03-26 23-58-390\regb-71.db (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Thomas m\Application Data\RegTool\QuarantineW\2009-03-26 23-58-390\regb-72.db (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Thomas m\Application Data\RegTool\QuarantineW\2009-03-26 23-58-390\regb-73.db (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Thomas m\Application Data\RegTool\QuarantineW\2009-03-26 23-58-390\regb-74.db (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Thomas m\Application Data\RegTool\QuarantineW\2009-03-26 23-58-390\regb-75.db (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Thomas m\Application Data\RegTool\QuarantineW\2009-03-26 23-58-390\regb-76.db (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Thomas m\Application Data\RegTool\QuarantineW\2009-03-26 23-58-390\regb-77.db (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Thomas m\Application Data\RegTool\QuarantineW\2009-03-26 23-58-390\regb-78.db (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Thomas m\Application Data\RegTool\QuarantineW\2009-03-26 23-58-390\regb-79.db (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Thomas m\Application Data\RegTool\QuarantineW\2009-03-26 23-58-390\regb-8.db (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Thomas m\Application Data\RegTool\QuarantineW\2009-03-26 23-58-390\regb-80.db (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Thomas m\Application Data\RegTool\QuarantineW\2009-03-26 23-58-390\regb-81.db (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Thomas m\Application Data\RegTool\QuarantineW\2009-03-26 23-58-390\regb-82.db (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Thomas m\Application Data\RegTool\QuarantineW\2009-03-26 23-58-390\regb-83.db (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Thomas m\Application Data\RegTool\QuarantineW\2009-03-26 23-58-390\regb-84.db (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Thomas m\Application Data\RegTool\QuarantineW\2009-03-26 23-58-390\regb-85.db (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Thomas m\Application Data\RegTool\QuarantineW\2009-03-26 23-58-390\regb-86.db (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Thomas m\Application Data\RegTool\QuarantineW\2009-03-26 23-58-390\regb-87.db (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Thomas m\Application Data\RegTool\QuarantineW\2009-03-26 23-58-390\regb-88.db (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Thomas m\Application Data\RegTool\QuarantineW\2009-03-26 23-58-390\regb-89.db (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Thomas m\Application Data\RegTool\QuarantineW\2009-03-26 23-58-390\regb-9.db (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Thomas m\Application Data\RegTool\QuarantineW\2009-03-26 23-58-390\regb-90.db (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Thomas m\Application Data\RegTool\QuarantineW\2009-03-26 23-58-390\regb-91.db (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Thomas m\Application Data\RegTool\QuarantineW\2009-03-26 23-58-390\regb-92.db (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Thomas m\Application Data\RegTool\QuarantineW\2009-03-26 23-58-390\regb-93.db (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Thomas m\Application Data\RegTool\QuarantineW\2009-03-26 23-58-390\regb-94.db (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Thomas m\Application Data\RegTool\QuarantineW\2009-03-26 23-58-390\regb-95.db (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Thomas m\Application Data\RegTool\QuarantineW\2009-03-26 23-58-390\regb-96.db (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Thomas m\Application Data\RegTool\QuarantineW\2009-03-26 23-58-390\regb-97.db (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Thomas m\Application Data\RegTool\QuarantineW\2009-03-26 23-58-390\regb-98.db (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Thomas m\Application Data\RegTool\QuarantineW\2009-03-26 23-58-390\regb-99.db (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Thomas m\Application Data\RegTool\QuarantineW\2009-05-28 12-28-330\filelist.db (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Thomas m\Application Data\RegTool\QuarantineW\2009-05-28 12-28-330\regb-0.db (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Thomas m\Application Data\RegTool\QuarantineW\2009-05-28 12-28-330\regb-1.db (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Thomas m\Application Data\RegTool\QuarantineW\2009-05-28 12-28-330\regb-10.db (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Thomas m\Application Data\RegTool\QuarantineW\2009-05-28 12-28-330\regb-100.db (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Thomas m\Application Data\RegTool\QuarantineW\2009-05-28 12-28-330\regb-101.db (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Thomas m\Application Data\RegTool\QuarantineW\2009-05-28 12-28-330\regb-102.db (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Thomas m\Application Data\RegTool\QuarantineW\2009-05-28 12-28-330\regb-103.db (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Thomas m\Application Data\RegTool\QuarantineW\2009-05-28 12-28-330\regb-104.db (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Thomas m\Application Data\RegTool\QuarantineW\2009-05-28 12-28-330\regb-105.db (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Thomas m\Application Data\RegTool\QuarantineW\2009-05-28 12-28-330\regb-106.db (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Thomas m\Application Data\RegTool\QuarantineW\2009-05-28 12-28-330\regb-107.db (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Thomas m\Application Data\RegTool\QuarantineW\2009-05-28 12-28-330\regb-108.db (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Thomas m\Application Data\RegTool\QuarantineW\2009-05-28 12-28-330\regb-109.db (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Thomas m\Application Data\RegTool\QuarantineW\2009-05-28 12-28-330\regb-11.db (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Thomas m\Application Data\RegTool\QuarantineW\2009-05-28 12-28-330\regb-110.db (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Thomas m\Application Data\RegTool\QuarantineW\2009-05-28 12-28-330\regb-111.db (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Thomas m\Application Data\RegTool\QuarantineW\2009-05-28 12-28-330\regb-112.db (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Thomas m\Application Data\RegTool\QuarantineW\2009-05-28 12-28-330\regb-113.db (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Thomas m\Application Data\RegTool\QuarantineW\2009-05-28 12-28-330\regb-114.db (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Thomas m\Application Data\RegTool\QuarantineW\2009-05-28 12-28-330\regb-115.db (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Thomas m\Application Data\RegTool\QuarantineW\2009-05-28 12-28-330\regb-116.db (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Thomas m\Application Data\RegTool\QuarantineW\2009-05-28 12-28-330\regb-117.db (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Thomas m\Application Data\RegTool\QuarantineW\2009-05-28 12-28-330\regb-118.db (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Thomas m\Application Data\RegTool\QuarantineW\2009-05-28 12-28-330\regb-119.db (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Thomas m\Application Data\RegTool\QuarantineW\2009-05-28 12-28-330\regb-12.db (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Thomas m\Application Data\RegTool\QuarantineW\2009-05-28 12-28-330\regb-120.db (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Thomas m\Application Data\RegTool\QuarantineW\2009-05-28 12-28-330\regb-121.db (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Thomas m\Application Data\RegTool\QuarantineW\2009-05-28 12-28-330\regb-122.db (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Thomas m\Application Data\RegTool\QuarantineW\2009-05-28 12-28-330\regb-123.db (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Thomas m\Application Data\RegTool\QuarantineW\2009-05-28 12-28-330\regb-124.db (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Thomas m\Application Data\RegTool\QuarantineW\2009-05-28 12-28-330\regb-125.db (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Thomas m\Application Data\RegTool\QuarantineW\2009-05-28 12-28-330\regb-126.db (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Thomas m\Application Data\RegTool\QuarantineW\2009-05-28 12-28-330\regb-127.db (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Thomas m\Application Data\RegTool\QuarantineW\2009-05-28 12-28-330\regb-128.db (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Thomas m\Application Data\RegTool\QuarantineW\2009-05-28 12-28-330\regb-129.db (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Thomas m\Application Data\RegTool\QuarantineW\2009-05-28 12-28-330\regb-13.db (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Thomas m\Application Data\RegTool\QuarantineW\2009-05-28 12-28-330\regb-130.db (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Thomas m\Application Data\RegTool\QuarantineW\2009-05-28 12-28-330\regb-131.db (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Thomas m\Application Data\RegTool\QuarantineW\2009-05-28 12-28-330\regb-132.db (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Thomas m\Application Data\RegTool\QuarantineW\2009-05-28 12-28-330\regb-133.db (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Thomas m\Application Data\RegTool\QuarantineW\2009-05-28 12-28-330\regb-134.db (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Thomas m\Application Data\RegTool\QuarantineW\2009-05-28 12-28-330\regb-135.db (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Thomas m\Application Data\RegTool\QuarantineW\2009-05-28 12-28-330\regb-136.db (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Thomas m\Application Data\RegTool\QuarantineW\2009-05-28 12-28-330\regb-137.db (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Thomas m\Application Data\RegTool\QuarantineW\2009-05-28 12-28-330\regb-138.db (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Thomas m\Application Data\RegTool\QuarantineW\2009-05-28 12-28-330\regb-139.db (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Thomas m\Application Data\RegTool\QuarantineW\2009-05-28 12-28-330\regb-14.db (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Thomas m\Application Data\RegTool\QuarantineW\2009-05-28 12-28-330\regb-140.db (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Thomas m\Application Data\RegTool\QuarantineW\2009-05-28 12-28-330\regb-141.db (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Thomas m\Application Data\RegTool\QuarantineW\2009-05-28 12-28-330\regb-142.db (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Thomas m\Application Data\RegTool\QuarantineW\2009-05-28 12-28-330\regb-143.db (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Thomas m\Application Data\RegTool\QuarantineW\2009-05-28 12-28-330\regb-144.db (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Thomas m\Application Data\RegTool\QuarantineW\2009-05-28 12-28-330\regb-145.db (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Thomas m\Application Data\RegTool\QuarantineW\2009-05-28 12-28-330\regb-146.db (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Thomas m\Application Data\RegTool\QuarantineW\2009-05-28 12-28-330\regb-147.db (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Thomas m\Application Data\RegTool\QuarantineW\2009-05-28 12-28-330\regb-148.db (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Thomas m\Application Data\RegTool\QuarantineW\2009-05-28 12-28-330\regb-149.db (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Thomas m\Application Data\RegTool\QuarantineW\2009-05-28 12-28-330\regb-15.db (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Thomas m\Application Data\RegTool\QuarantineW\2009-05-28 12-28-330\regb-150.db (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Thomas m\Application Data\RegTool\QuarantineW\2009-05-28 12-28-330\regb-151.db (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Thomas m\Application Data\RegTool\QuarantineW\2009-05-28 12-28-330\regb-152.db (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Thomas m\Application Data\RegTool\QuarantineW\2009-05-28 12-28-330\regb-153.db (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Thomas m\Application Data\RegTool\QuarantineW\2009-05-28 12-28-330\regb-154.db (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Thomas m\Application Data\RegTool\QuarantineW\2009-05-28 12-28-330\regb-155.db (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Thomas m\Application Data\RegTool\QuarantineW\2009-05-28 12-28-330\regb-156.db (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Thomas m\Application Data\RegTool\QuarantineW\2009-05-28 12-28-330\regb-157.db (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Thomas m\Application Data\RegTool\QuarantineW\2009-05-28 12-28-330\regb-158.db (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Thomas m\Application Data\RegTool\QuarantineW\2009-05-28 12-28-330\regb-159.db (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Thomas m\Application Data\RegTool\QuarantineW\2009-05-28 12-28-330\regb-16.db (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Thomas m\Application Data\RegTool\QuarantineW\2009-05-28 12-28-330\regb-160.db (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Thomas m\Application Data\RegTool\QuarantineW\2009-05-28 12-28-330\regb-161.db (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Thomas m\Application Data\RegTool\QuarantineW\2009-05-28 12-28-330\regb-162.db (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Thomas m\Application Data\RegTool\QuarantineW\2009-05-28 12-28-330\regb-163.db (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Thomas m\Application Data\RegTool\QuarantineW\2009-05-28 12-28-330\regb-164.db (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Thomas m\Application Data\RegTool\QuarantineW\2009-05-28 12-28-330\regb-165.db (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Thomas m\Application Data\RegTool\QuarantineW\2009-05-28 12-28-330\regb-166.db (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Thomas m\Application Data\RegTool\QuarantineW\2009-05-28 12-28-330\regb-167.db (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Thomas m\Application Data\RegTool\QuarantineW\2009-05-28 12-28-330\regb-168.db (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Thomas m\Application Data\RegTool\QuarantineW\2009-05-28 12-28-330\regb-169.db (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Thomas m\Application Data\RegTool\QuarantineW\2009-05-28 12-28-330\regb-17.db (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Thomas m\Application Data\RegTool\QuarantineW\2009-05-28 12-28-330\regb-170.db (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Thomas m\Application Data\RegTool\QuarantineW\2009-05-28 12-28-330\regb-171.db (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Thomas m\Application Data\RegTool\QuarantineW\2009-05-28 12-28-330\regb-172.db (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Thomas m\Application Data\RegTool\QuarantineW\2009-05-28 12-28-330\regb-173.db (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Thomas m\Application Data\RegTool\QuarantineW\2009-05-28 12-28-330\regb-174.db (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Thomas m\Application Data\RegTool\QuarantineW\2009-05-28 12-28-330\regb-175.db (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Thomas m\Application Data\RegTool\QuarantineW\2009-05-28 12-28-330\regb-176.db (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Thomas m\Application Data\RegTool\QuarantineW\2009-05-28 12-28-330\regb-177.db (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Thomas m\Application Data\RegTool\QuarantineW\2009-05-28 12-28-330\regb-178.db (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Thomas m\Application Data\RegTool\QuarantineW\2009-05-28 12-28-330\regb-179.db (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Thomas m\Application Data\RegTool\QuarantineW\2009-05-28 12-28-330\regb-18.db (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Thomas m\Application Data\RegTool\QuarantineW\2009-05-28 12-28-330\regb-180.db (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Thomas m\Application Data\RegTool\QuarantineW\2009-05-28 12-28-330\regb-181.db (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Thomas m\Application Data\RegTool\QuarantineW\2009-05-28 12-28-330\regb-182.db (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Thomas m\Application Data\RegTool\QuarantineW\2009-05-28 12-28-330\regb-183.db (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Thomas m\Application Data\RegTool\QuarantineW\2009-05-28 12-28-330\regb-184.db (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Thomas m\Application Data\RegTool\QuarantineW\2009-05-28 12-28-330\regb-185.db (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Thomas m\Application Data\RegTool\QuarantineW\2009-05-28 12-28-330\regb-186.db (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Thomas m\Application Data\RegTool\QuarantineW\2009-05-28 12-28-330\regb-187.db (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Thomas m\Application Data\RegTool\QuarantineW\2009-05-28 12-28-330\regb-19.db (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Thomas m\Application Data\RegTool\QuarantineW\2009-05-28 12-28-330\regb-2.db (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Thomas m\Application Data\RegTool\QuarantineW\2009-05-28 12-28-330\regb-20.db (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Thomas m\Application Data\RegTool\QuarantineW\2009-05-28 12-28-330\regb-21.db (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Thomas m\Application Data\RegTool\QuarantineW\2009-05-28 12-28-330\regb-22.db (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Thomas m\Application Data\RegTool\QuarantineW\2009-05-28 12-28-330\regb-23.db (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Thomas m\Application Data\RegTool\QuarantineW\2009-05-28 12-28-330\regb-24.db (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Thomas m\Application Data\RegTool\QuarantineW\2009-05-28 12-28-330\regb-25.db (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Thomas m\Application Data\RegTool\QuarantineW\2009-05-28 12-28-330\regb-26.db (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Thomas m\Application Data\RegTool\QuarantineW\2009-05-28 12-28-330\regb-27.db (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Thomas m\Application Data\RegTool\QuarantineW\2009-05-28 12-28-330\regb-28.db (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Thomas m\Application Data\RegTool\QuarantineW\2009-05-28 12-28-330\regb-29.db (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Thomas m\Application Data\RegTool\QuarantineW\2009-05-28 12-28-330\regb-3.db (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Thomas m\Application Data\RegTool\QuarantineW\2009-05-28 12-28-330\regb-30.db (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Thomas m\Application Data\RegTool\QuarantineW\2009-05-28 12-28-330\regb-31.db (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Thomas m\Application Data\RegTool\QuarantineW\2009-05-28 12-28-330\regb-32.db (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Thomas m\Application Data\RegTool\QuarantineW\2009-05-28 12-28-330\regb-33.db (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Thomas m\Application Data\RegTool\QuarantineW\2009-05-28 12-28-330\regb-34.db (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Thomas m\Application Data\RegTool\QuarantineW\2009-05-28 12-28-330\regb-35.db (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Thomas m\Application Data\RegTool\QuarantineW\2009-05-28 12-28-330\regb-36.db (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Thomas m\Application Data\RegTool\QuarantineW\2009-05-28 12-28-330\regb-37.db (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Thomas m\Application Data\RegTool\QuarantineW\2009-05-28 12-28-330\regb-38.db (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Thomas m\Application Data\RegTool\QuarantineW\2009-05-28 12-28-330\regb-39.db (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Thomas m\Application Data\RegTool\QuarantineW\2009-05-28 12-28-330\regb-4.db (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Thomas m\Application Data\RegTool\QuarantineW\2009-05-28 12-28-330\regb-40.db (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Thomas m\Application Data\RegTool\QuarantineW\2009-05-28 12-28-330\regb-41.db (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Thomas m\Application Data\RegTool\QuarantineW\2009-05-28 12-28-330\regb-42.db (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Thomas m\Application Data\RegTool\QuarantineW\2009-05-28 12-28-330\regb-43.db (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Thomas m\Application Data\RegTool\QuarantineW\2009-05-28 12-28-330\regb-44.db (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Thomas m\Application Data\RegTool\QuarantineW\2009-05-28 12-28-330\regb-45.db (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Thomas m\Application Data\RegTool\QuarantineW\2009-05-28 12-28-330\regb-46.db (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Thomas m\Application Data\RegTool\QuarantineW\2009-05-28 12-28-330\regb-47.db (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Thomas m\Application Data\RegTool\QuarantineW\2009-05-28 12-28-330\regb-48.db (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Thomas m\Application Data\RegTool\QuarantineW\2009-05-28 12-28-330\regb-49.db (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Thomas m\Application Data\RegTool\QuarantineW\2009-05-28 12-28-330\regb-5.db (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Thomas m\Application Data\RegTool\QuarantineW\2009-05-28 12-28-330\regb-50.db (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Thomas m\Application Data\RegTool\QuarantineW\2009-05-28 12-28-330\regb-51.db (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Thomas m\Application Data\RegTool\QuarantineW\2009-05-28 12-28-330\regb-52.db (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Thomas m\Application Data\RegTool\QuarantineW\2009-05-28 12-28-330\regb-53.db (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Thomas m\Application Data\RegTool\QuarantineW\2009-05-28 12-28-330\regb-54.db (Rogue.RegTool) -> Quarantined and deleted succ
Avatar billede thomas69 Nybegynder
26. september 2009 - 00:42 #7
Ok DAMN jeg håber ikke det er "Virut" = Format C :(

Men hvordan er det lige med alle mine mails, pyt med adr,. vil bare have alle mine mails??
Avatar billede thomas69 Nybegynder
26. september 2009 - 00:45 #8
Hmmmm manglede lige det sidste fra den log..

C:\Documents and Settings\Thomas m\Application Data\RegTool\QuarantineW\2009-05-28 12-28-330\regb-55.db (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Thomas m\Application Data\RegTool\QuarantineW\2009-05-28 12-28-330\regb-56.db (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Thomas m\Application Data\RegTool\QuarantineW\2009-05-28 12-28-330\regb-57.db (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Thomas m\Application Data\RegTool\QuarantineW\2009-05-28 12-28-330\regb-58.db (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Thomas m\Application Data\RegTool\QuarantineW\2009-05-28 12-28-330\regb-59.db (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Thomas m\Application Data\RegTool\QuarantineW\2009-05-28 12-28-330\regb-6.db (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Thomas m\Application Data\RegTool\QuarantineW\2009-05-28 12-28-330\regb-60.db (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Thomas m\Application Data\RegTool\QuarantineW\2009-05-28 12-28-330\regb-61.db (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Thomas m\Application Data\RegTool\QuarantineW\2009-05-28 12-28-330\regb-62.db (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Thomas m\Application Data\RegTool\QuarantineW\2009-05-28 12-28-330\regb-63.db (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Thomas m\Application Data\RegTool\QuarantineW\2009-05-28 12-28-330\regb-64.db (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Thomas m\Application Data\RegTool\QuarantineW\2009-05-28 12-28-330\regb-65.db (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Thomas m\Application Data\RegTool\QuarantineW\2009-05-28 12-28-330\regb-66.db (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Thomas m\Application Data\RegTool\QuarantineW\2009-05-28 12-28-330\regb-67.db (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Thomas m\Application Data\RegTool\QuarantineW\2009-05-28 12-28-330\regb-68.db (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Thomas m\Application Data\RegTool\QuarantineW\2009-05-28 12-28-330\regb-69.db (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Thomas m\Application Data\RegTool\QuarantineW\2009-05-28 12-28-330\regb-7.db (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Thomas m\Application Data\RegTool\QuarantineW\2009-05-28 12-28-330\regb-70.db (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Thomas m\Application Data\RegTool\QuarantineW\2009-05-28 12-28-330\regb-71.db (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Thomas m\Application Data\RegTool\QuarantineW\2009-05-28 12-28-330\regb-72.db (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Thomas m\Application Data\RegTool\QuarantineW\2009-05-28 12-28-330\regb-73.db (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Thomas m\Application Data\RegTool\QuarantineW\2009-05-28 12-28-330\regb-74.db (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Thomas m\Application Data\RegTool\QuarantineW\2009-05-28 12-28-330\regb-75.db (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Thomas m\Application Data\RegTool\QuarantineW\2009-05-28 12-28-330\regb-76.db (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Thomas m\Application Data\RegTool\QuarantineW\2009-05-28 12-28-330\regb-77.db (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Thomas m\Application Data\RegTool\QuarantineW\2009-05-28 12-28-330\regb-78.db (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Thomas m\Application Data\RegTool\QuarantineW\2009-05-28 12-28-330\regb-79.db (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Thomas m\Application Data\RegTool\QuarantineW\2009-05-28 12-28-330\regb-8.db (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Thomas m\Application Data\RegTool\QuarantineW\2009-05-28 12-28-330\regb-80.db (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Thomas m\Application Data\RegTool\QuarantineW\2009-05-28 12-28-330\regb-81.db (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Thomas m\Application Data\RegTool\QuarantineW\2009-05-28 12-28-330\regb-82.db (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Thomas m\Application Data\RegTool\QuarantineW\2009-05-28 12-28-330\regb-83.db (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Thomas m\Application Data\RegTool\QuarantineW\2009-05-28 12-28-330\regb-84.db (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Thomas m\Application Data\RegTool\QuarantineW\2009-05-28 12-28-330\regb-85.db (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Thomas m\Application Data\RegTool\QuarantineW\2009-05-28 12-28-330\regb-86.db (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Thomas m\Application Data\RegTool\QuarantineW\2009-05-28 12-28-330\regb-87.db (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Thomas m\Application Data\RegTool\QuarantineW\2009-05-28 12-28-330\regb-88.db (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Thomas m\Application Data\RegTool\QuarantineW\2009-05-28 12-28-330\regb-89.db (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Thomas m\Application Data\RegTool\QuarantineW\2009-05-28 12-28-330\regb-9.db (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Thomas m\Application Data\RegTool\QuarantineW\2009-05-28 12-28-330\regb-90.db (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Thomas m\Application Data\RegTool\QuarantineW\2009-05-28 12-28-330\regb-91.db (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Thomas m\Application Data\RegTool\QuarantineW\2009-05-28 12-28-330\regb-92.db (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Thomas m\Application Data\RegTool\QuarantineW\2009-05-28 12-28-330\regb-93.db (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Thomas m\Application Data\RegTool\QuarantineW\2009-05-28 12-28-330\regb-94.db (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Thomas m\Application Data\RegTool\QuarantineW\2009-05-28 12-28-330\regb-95.db (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Thomas m\Application Data\RegTool\QuarantineW\2009-05-28 12-28-330\regb-96.db (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Thomas m\Application Data\RegTool\QuarantineW\2009-05-28 12-28-330\regb-97.db (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Thomas m\Application Data\RegTool\QuarantineW\2009-05-28 12-28-330\regb-98.db (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Thomas m\Application Data\RegTool\QuarantineW\2009-05-28 12-28-330\regb-99.db (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Thomas m\Application Data\RegTool\QuarantineW\2009-05-28 12-30-180\filelist.db (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Thomas m\Application Data\RegTool\Results\Evidence.db (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Thomas m\Application Data\RegTool\Results\Junk.db (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Thomas m\Application Data\RegTool\Results\Registry.db (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Thomas m\Application Data\RegTool\Results\Update.db (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\2.tmp (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\3.tmp (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\4.tmp (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\6.tmp (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\7.tmp (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\8.tmp (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\9.tmp (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\C.tmp (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\F.tmp (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\FInstall.sys (Backdoor.Bot) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\sofatnet.exe (Backdoor.Bot) -> Delete on reboot.
C:\WINDOWS\system32\wiwow64.exe (Backdoor.Bot) -> Quarantined and deleted successfully.
C:\Documents and Settings\Thomas m\reader_s.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\sc.exe (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\WINDOWS\Tasks\RegTool Scan.job (Rogue.RegTool) -> Quarantined and deleted successfully.
Avatar billede thomas69 Nybegynder
26. september 2009 - 01:26 #9
Tjekkede lidt op på spywarefri, hentede DDS scr og har 2 logfiler.


DDS (Ver_09-06-26.01) - NTFSx86 
Run by Thomas m at  1:19:35,60 on 26-09-2009
Internet Explorer: 8.0.6001.18702 BrowserJavaVersion: 1.6.0_15
Microsoft Windows XP Professional  5.1.2600.3.1252.45.1030.18.3070.2370 [GMT 2:00]

AV: AVG Anti-Virus Free *On-access scanning enabled* (Updated)  {17DDD097-36FF-435F-9E1B-52D74245D6BF}
AV: Lavasoft Ad-Watch Live! Anti-Virus *On-access scanning disabled* (Updated)  {A1C4F2E0-7FDE-4917-AFAE-013EFC3EDE33}

============== Running Processes ===============

C:\WINDOWS\system32\svchost -k DcomLaunch
svchost.exe
C:\WINDOWS\System32\svchost.exe -k netsvcs
C:\WINDOWS\system32\svchost.exe -k WudfServiceGroup
svchost.exe
svchost.exe
C:\Programmer\Creative\Shared Files\CTAudSvc.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\ctfmon.exe
C:\installeret programmer\steam\steam.exe
svchost.exe
C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
C:\Programmer\Java\jre6\bin\jqs.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\HPZipm12.exe
C:\WINDOWS\system32\PnkBstrA.exe
C:\WINDOWS\system32\PnkBstrB.exe
C:\PROGRA~1\AVG\AVG8\avgrsx.exe
C:\WINDOWS\System32\svchost.exe -k imgsvc
C:\PROGRA~1\AVG\AVG8\avgnsx.exe
C:\PROGRA~1\AVG\AVG8\avgemc.exe
C:\Programmer\AVG\AVG8\avgcsrvx.exe
C:\WINDOWS\System32\svchost.exe -k HTTPFilter
C:\WINDOWS\TEMP\VRT3.tmp
C:\WINDOWS\TEMP\VRT4.tmp
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
svchost.exe C:\WINDOWS\TEMP\VRT6.tmp
C:\WINDOWS\system32\svchost.exe -k netsvcs
C:\WINDOWS\system32\sofatnet.exe
C:\WINDOWS\system32\wscntfy.exe
C:\Programmer\Mozilla Firefox\firefox.exe
C:\WINDOWS\system32\lsm32.sys
C:\Documents and Settings\Thomas m\Dokumenter\Hentede filer\dds.scr

============== Pseudo HJT Report ===============

uStart Page = hxxp://www.google.dk/
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\programmer\fælles filer\adobe\acrobat\activex\AcroIEHelperShim.dll
BHO: AVG Safe Search: {3ca2f312-6f6e-4b53-a66e-4e65e497c8c0} - c:\programmer\avg\avg8\avgssie.dll
BHO: Hjælp til tilmelding til Windows Live: {9030d464-4c02-4abf-8ecc-5164760863c6} - c:\programmer\fælles filer\microsoft shared\windows live\WindowsLiveLogin.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\programmer\java\jre6\bin\jp2ssv.dll
BHO: JQSIEStartDetectorImpl Class: {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - c:\programmer\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
EB: {32683183-48a0-441b-a342-7c2a440a9478} - No File
uRun: [CTFMON.EXE] c:\windows\system32\ctfmon.exe
uRun: [Steam] "c:\installeret programmer\steam\steam.exe" -silent
mRun: [30052] c:\windows\system32\9.tmp.exe
uPolicies-explorer: NoThumbnailCache = 1 (0x1)
mPolicies-system: DisableCAD = 1 (0x1)
IE: E&ksporter til Microsoft Excel - c:\instal~1\office10\EXCEL.EXE/3000
IE: E&xport to Microsoft Excel - c:\instal~1\micros~1\office11\EXCEL.EXE/3000
IE: {59A861EE-32B3-42cd-8CCA-FC130EDF3A44}
IE: {B4B52284-A248-4c51-9F7C-F0A0C67FCC9D} - c:\programmer\partygaming\partycasino\RunApp.exe
IE: {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - c:\programmer\partygaming\partypoker\RunApp.exe
IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\instal~1\micros~1\office11\REFIEBAR.DLL
LSP: %SYSTEMROOT%\system32\nvappfilter.dll
DPF: DirectAnimation Java Classes - file://c:\windows\java\classes\dajava.cab
DPF: Microsoft XML Parser for Java - file://c:\windows\java\classes\xmldso.cab
DPF: {166B1BCA-3F9C-11CF-8075-444553540000} - hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_15-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0015-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_15-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_15-windows-i586.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} - hxxp://ccfiles.creative.com/Web/softwareupdate/su2/ocx/15107/CTPID.cab
TCP: {0D5811EE-D82E-4A93-8352-F3843BEECA99} = 208.67.222.222,208.67.220.220
TCP: {667FD995-CA88-4466-9B19-7B9F5783D96A} = 208.67.222.222,208.67.220.220
Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - c:\programmer\avg\avg8\avgpp.dll
Notify: !SASWinLogon - c:\installeret programmer\superantispyware\SASWINLO.DLL
Notify: avgrsstarter - avgrsstx.dll
SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll
SEH: SABShellExecuteHook Class: {5ae067d3-9afb-48e0-853a-ebb7f4a000da} - c:\installeret programmer\superantispyware\SASSEH.DLL

================= FIREFOX ===================

FF - ProfilePath - c:\docume~1\thomas~1\applic~1\mozilla\firefox\profiles\965oksuk.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.google.dk/
FF - plugin: c:\documents and settings\thomas m\application data\mozilla\firefox\profiles\965oksuk.default\extensions\moveplayer@movenetworks.com\platform\winnt_x86-msvc\plugins\npmnqmp071301000019.dll
FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\microsoft.net\framework\v3.5\windows presentation foundation\dotnetassistantextension\
FF - HiddenExtension: Java Console: No Registry Reference - c:\programmer\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA}
FF - HiddenExtension: Java Console: No Registry Reference - c:\programmer\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0015-ABCDEFFEDCBA}

---- FIREFOX POLICIES ----
c:\programmer\mozilla firefox\greprefs\all.js - pref("media.enforce_same_site_origin", false);
c:\programmer\mozilla firefox\greprefs\all.js - pref("media.cache_size", 51200);
c:\programmer\mozilla firefox\greprefs\all.js - pref("media.ogg.enabled", true);
c:\programmer\mozilla firefox\greprefs\all.js - pref("media.wave.enabled", true);
c:\programmer\mozilla firefox\greprefs\all.js - pref("media.autoplay.enabled", true);
c:\programmer\mozilla firefox\greprefs\all.js - pref("browser.urlbar.autocomplete.enabled", true);
c:\programmer\mozilla firefox\greprefs\all.js - pref("capability.policy.mailnews.*.wholeText", "noAccess");
c:\programmer\mozilla firefox\greprefs\all.js - pref("dom.storage.default_quota",      5120);
c:\programmer\mozilla firefox\greprefs\all.js - pref("content.sink.event_probe_rate", 3);
c:\programmer\mozilla firefox\greprefs\all.js - pref("network.http.prompt-temp-redirect", true);
c:\programmer\mozilla firefox\greprefs\all.js - pref("layout.css.dpi", -1);
c:\programmer\mozilla firefox\greprefs\all.js - pref("layout.css.devPixelsPerPx", -1);
c:\programmer\mozilla firefox\greprefs\all.js - pref("gestures.enable_single_finger_input", true);
c:\programmer\mozilla firefox\greprefs\all.js - pref("dom.max_chrome_script_run_time", 0);
c:\programmer\mozilla firefox\greprefs\all.js - pref("network.tcp.sendbuffer", 131072);
c:\programmer\mozilla firefox\greprefs\all.js - pref("geo.enabled", true);
c:\programmer\mozilla firefox\greprefs\security-prefs.js - pref("security.remember_cert_checkbox_default_setting", true);
c:\programmer\mozilla firefox\defaults\pref\firefox-branding.js - pref("browser.search.param.yahoo-fr", "moz35");
c:\programmer\mozilla firefox\defaults\pref\firefox-branding.js - pref("browser.search.param.yahoo-fr-cjkt", "moz35");
c:\programmer\mozilla firefox\defaults\pref\firefox-l10n.js - pref("browser.fixup.alternate.suffix", ".dk");
c:\programmer\mozilla firefox\defaults\pref\firefox.js - pref("extensions.blocklist.level", 2);
c:\programmer\mozilla firefox\defaults\pref\firefox.js - pref("browser.urlbar.restrict.typed", "~");
c:\programmer\mozilla firefox\defaults\pref\firefox.js - pref("browser.urlbar.default.behavior", 0);
c:\programmer\mozilla firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.history",    true);
c:\programmer\mozilla firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.formdata",    true);
c:\programmer\mozilla firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.passwords",  false);
c:\programmer\mozilla firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.downloads",  true);
c:\programmer\mozilla firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.cookies",    true);
c:\programmer\mozilla firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.cache",      true);
c:\programmer\mozilla firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.sessions",    true);
c:\programmer\mozilla firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.offlineApps", false);
c:\programmer\mozilla firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.siteSettings", false);
c:\programmer\mozilla firefox\defaults\pref\firefox.js - pref("privacy.cpd.history",                true);
c:\programmer\mozilla firefox\defaults\pref\firefox.js - pref("privacy.cpd.formdata",                true);
c:\programmer\mozilla firefox\defaults\pref\firefox.js - pref("privacy.cpd.passwords",              false);
c:\programmer\mozilla firefox\defaults\pref\firefox.js - pref("privacy.cpd.downloads",              true);
c:\programmer\mozilla firefox\defaults\pref\firefox.js - pref("privacy.cpd.cookies",                true);
c:\programmer\mozilla firefox\defaults\pref\firefox.js - pref("privacy.cpd.cache",                  true);
c:\programmer\mozilla firefox\defaults\pref\firefox.js - pref("privacy.cpd.sessions",                true);
c:\programmer\mozilla firefox\defaults\pref\firefox.js - pref("privacy.cpd.offlineApps",            false);
c:\programmer\mozilla firefox\defaults\pref\firefox.js - pref("privacy.cpd.siteSettings",            false);
c:\programmer\mozilla firefox\defaults\pref\firefox.js - pref("privacy.sanitize.migrateFx3Prefs",    false);
c:\programmer\mozilla firefox\defaults\pref\firefox.js - pref("browser.ssl_override_behavior", 2);
c:\programmer\mozilla firefox\defaults\pref\firefox.js - pref("security.alternate_certificate_error_page", "certerror");
c:\programmer\mozilla firefox\defaults\pref\firefox.js - pref("browser.privatebrowsing.autostart", false);
c:\programmer\mozilla firefox\defaults\pref\firefox.js - pref("browser.privatebrowsing.dont_prompt_on_enter", false);
c:\programmer\mozilla firefox\defaults\pref\firefox.js - pref("geo.wifi.uri", "https://www.google.com/loc/json");

============= SERVICES / DRIVERS ===============

R0 Lbd;Lbd;c:\windows\system32\drivers\Lbd.sys [2009-5-26 64160]
R1 AvgLdx86;AVG Free AVI Loader Driver x86;c:\windows\system32\drivers\avgldx86.sys [2009-3-21 335240]
R1 AvgMfx86;AVG Free On-access Scanner Minifilter Driver x86;c:\windows\system32\drivers\avgmfx86.sys [2009-3-21 27784]
R1 AvgTdiX;AVG Free8 Network Redirector;c:\windows\system32\drivers\avgtdix.sys [2009-3-21 108552]
R1 SASDIFSV;SASDIFSV;c:\installeret programmer\superantispyware\SASDIFSV.SYS [2006-2-16 9968]
R2 avg8emc;AVG Free8 E-mail Scanner;c:\progra~1\avg\avg8\avgemc.exe [2009-3-21 908056]
R2 avg8wd;AVG Free8 WatchDog;c:\progra~1\avg\avg8\avgwdsvc.exe [2009-3-21 297752]
R2 BtwSrv;BtwSrv;c:\windows\system32\svchost.exe -k netsvcs [2002-9-16 14336]
R2 sofatnet;sofatnet  Service;c:\windows\system32\sofatnet.exe [2002-9-16 94208]
R3 CT20XUT.SYS;CT20XUT.SYS;c:\windows\system32\drivers\CT20XUT.sys [2008-10-8 171032]
R3 CTEXFIFX.SYS;CTEXFIFX.SYS;c:\windows\system32\drivers\CTEXFIFX.sys [2008-10-8 1324056]
R3 CTHWIUT.SYS;CTHWIUT.SYS;c:\windows\system32\drivers\CTHWIUT.sys [2008-10-8 72728]
R3 DAdderFltr;DeathAdder Mouse;c:\windows\system32\drivers\dadder.sys [2009-3-24 22784]
S1 SASKUTIL;SASKUTIL; [x]
S3 Creative Audio Engine Licensing Service;Creative Audio Engine Licensing Service;c:\programmer\fælles filer\creative labs shared\service\CTAELicensing.exe [2009-3-24 99840]
S3 CT20XUT;CT20XUT;c:\windows\system32\drivers\CT20XUT.sys [2008-10-8 171032]
S3 CTEXFIFX;CTEXFIFX;c:\windows\system32\drivers\CTEXFIFX.sys [2008-10-8 1324056]
S3 CTHWIUT;CTHWIUT;c:\windows\system32\drivers\CTHWIUT.sys [2008-10-8 72728]
S3 Lavasoft Ad-Aware Service;Lavasoft Ad-Aware Service;c:\programmer\lavasoft\ad-aware\AAWService.exe [2009-1-18 1029456]
S3 Partizan;Partizan;c:\windows\system32\drivers\Partizan.sys [2009-9-25 34760]
S3 RegGuard;RegGuard;c:\windows\system32\drivers\regguard.sys [2009-9-25 24416]
S3 s0017bus;Sony Ericsson Device 0017 driver (WDM);c:\windows\system32\drivers\s0017bus.sys [2009-6-15 86824]
S3 s0017mdfl;Sony Ericsson Device 0017 USB WMC Modem Filter;c:\windows\system32\drivers\s0017mdfl.sys [2009-6-15 15016]
S3 s0017mdm;Sony Ericsson Device 0017 USB WMC Modem Driver;c:\windows\system32\drivers\s0017mdm.sys [2009-6-15 114600]
S3 s0017mgmt;Sony Ericsson Device 0017 USB WMC Device Management Drivers (WDM);c:\windows\system32\drivers\s0017mgmt.sys [2009-6-15 108328]
S3 s0017nd5;Sony Ericsson Device 0017 USB Ethernet Emulation SEMC0017 (NDIS);c:\windows\system32\drivers\s0017nd5.sys [2009-6-15 26024]
S3 s0017obex;Sony Ericsson Device 0017 USB WMC OBEX Interface;c:\windows\system32\drivers\s0017obex.sys [2009-6-15 104616]
S3 s0017unic;Sony Ericsson Device 0017 USB Ethernet Emulation SEMC0017 (WDM);c:\windows\system32\drivers\s0017unic.sys [2009-6-15 109736]
S3 SASENUM;SASENUM; [x]
S3 SetupNTGLM7X;SetupNTGLM7X;\??\d:\ntglm7x.sys --> d:\NTGLM7X.sys [?]

============== File Associations ===============

JSEFile=NOTEPAD.EXE %1
VBEFile=NOTEPAD.EXE %1
VBSFile=NOTEPAD.EXE %1

=============== Created Last 30 ================

2009-09-26 00:25    38,912    a-------    c:\windows\system32\reader_s.exe
2009-09-26 00:25    38,912    a-------    c:\documents and settings\thomas m\reader_s.exe
2009-09-26 00:25    19,456    a-------    c:\windows\system32\9.tmp
2009-09-26 00:25    92    a-------    c:\windows\system32\7.tmp
2009-09-26 00:25    237,568    a-------    C:\6397,298.exe
2009-09-26 00:25    724    a-------    C:\5658,533.exe
2009-09-26 00:24    0    a-------    c:\windows\sc.exe
2009-09-26 00:24    <DIR>    --d-----    c:\programmer\Protection System
2009-09-25 22:51    38,224    a-------    c:\windows\system32\drivers\mbamswissarmy.sys
2009-09-25 22:51    19,160    a-------    c:\windows\system32\drivers\mbam.sys
2009-09-25 22:51    <DIR>    --d-----    c:\programmer\Malwarebytes' Anti-Malware
2009-09-25 22:47    <DIR>    --d-----    c:\programmer\CCleaner
2009-09-25 21:16    92    a-------    c:\windows\system32\16.tmp
2009-09-25 21:11    92    a-------    c:\windows\system32\14.tmp
2009-09-25 20:26    92    a-------    c:\windows\system32\13.tmp
2009-09-25 20:07    62,975    a-------    c:\windows\system32\12.tmp
2009-09-25 20:07    1    a-------    c:\windows\system32\11.tmp
2009-09-25 19:24    34,760    a-------    c:\windows\system32\drivers\Partizan.sys
2009-09-25 19:22    35,040    a-------    c:\windows\system32\Partizan.exe
2009-09-25 19:22    24,416    a-------    c:\windows\system32\drivers\regguard.sys
2009-09-25 19:17    2    a--shrot    c:\windows\winstart.bat
2009-09-25 19:16    <DIR>    --d-----    c:\programmer\Greatis
2009-09-25 18:39    <DIR>    --d-----    c:\programmer\Uniblue
2009-09-25 18:37    40,192    a-------    c:\windows\system32\drivers\zpcwogccdf7.sys
2009-09-25 18:03    40,192    a-------    c:\windows\system32\drivers\zwyigosvve5.sys
2009-09-25 18:01    70,656    a-------    c:\windows\system32\drivers\gasfkydpalnbmu.sys
2009-09-25 17:30    182,656    ac------    c:\windows\system32\dllcache\ndis.sys
2009-09-25 17:29    40,192    a-------    c:\windows\system32\drivers\zauyqlvnyvh3.sys
2009-09-25 17:15    40,192    a-------    c:\windows\system32\drivers\ZYVTROEGUHHE1.SYS.del
2009-09-25 16:55    1,990    a-------    c:\windows\system32\12D.tmp
2009-09-25 16:54    136    a-------    c:\windows\system32\129.tmp
2009-09-25 16:54    130,560    a-------    c:\windows\SC.INS
2009-09-25 16:54    361,600    a-------    c:\windows\system32\drivers\TCPIP.SYS.ORIGINAL
2009-09-25 16:43    225,280    a-------    c:\windows\system32\rewire.dll
2009-09-25 16:43    1,294,336    a-------    c:\windows\system32\vorbis.acm
2009-09-21 23:45    <DIR>    --d-----    c:\programmer\EA Sports
2009-09-17 01:15    1,908    a-------    c:\windows\diagwrn.xml
2009-09-17 01:15    1,908    a-------    c:\windows\diagerr.xml
2009-09-09 09:06    153,088    -c------    c:\windows\system32\dllcache\triedit.dll
2009-09-07 15:16    <DIR>    --d-----    c:\docume~1\thomas~1\applic~1\Office Genuine Advantage
2009-09-03 20:07    41,872    a-------    c:\windows\system32\xfcodec.dll
2009-08-31 21:01    <DIR>    --d-----    c:\programmer\Microsoft
2009-08-31 21:01    <DIR>    --d-----    c:\programmer\Windows Live SkyDrive
2009-08-31 20:59    <DIR>    --d-----    c:\programmer\fælles filer\Windows Live
2009-08-28 17:07    <DIR>    --d-----    c:\programmer\Nero
2009-08-28 17:07    <DIR>    --d-----    c:\programmer\fælles filer\Ahead

==================== Find3M  ====================

2009-09-25 17:30    182,656    a-------    c:\windows\system32\drivers\ndis.sys
2009-09-25 16:54    361,600    a-------    c:\windows\system32\drivers\TCPIP.SYS
2009-09-21 23:57    107,888    a-------    c:\windows\system32\CmdLineExt.dll
2009-09-11 22:43    139,584    a-------    c:\windows\system32\drivers\PnkBstrK.sys
2009-09-11 22:43    189,104    a-------    c:\windows\system32\PnkBstrB.exe
2009-08-16 10:10    335,240    a-------    c:\windows\system32\drivers\avgldx86.sys
2009-08-16 10:10    11,952    a-------    c:\windows\system32\avgrsstx.dll
2009-08-05 13:44    74,703    a-------    c:\windows\system32\mfc45.dll
2009-08-05 11:00    204,800    a-------    c:\windows\system32\mswebdvd.dll
2009-08-03 15:07    403,816    a-------    c:\windows\system32\OGACheckControl.dll
2009-08-03 15:07    322,928    a-------    c:\windows\system32\OGAAddin.dll
2009-08-03 15:07    230,768    a-------    c:\windows\system32\OGAEXEC.exe
2009-07-26 16:44    48,448    a-------    c:\windows\system32\sirenacm.dll
2009-07-25 05:23    411,368    a-------    c:\windows\system32\deploytk.dll
2009-07-17 21:03    58,880    a-------    c:\windows\system32\atl.dll
2009-07-12 12:21    233,472    --------    c:\windows\system32\wmpdxm.dll
2009-07-03 18:59    915,456    a-------    c:\windows\system32\wininet.dll
2009-06-15 18:00    148,736    a-------    c:\docume~1\alluse~1\applic~1\hpe1C4.dll
2009-04-01 13:33    22,328    a-------    c:\docume~1\thomas~1\applic~1\PnkBstrK.sys

============= FINISH:  1:19:57,26 ===============




UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT

DDS (Ver_09-06-26.01)

Microsoft Windows XP Professional
Boot Device: \Device\HarddiskVolume1
Install Date: 20-03-2009 20:53:07
System Uptime: 26-09-2009 00:23:45 (1 hours ago)

Motherboard: ASUSTeK Computer INC. |  | P5N32-E SLI
Processor: Intel(R) Core(TM)2 CPU          6600  @ 2.40GHz | Socket 775 | 2400/266mhz

==== Disk Partitions =========================

C: is FIXED (NTFS) - 466 GiB total, 259,045 GiB free.
D: is CDROM ()
E: is CDROM ()
F: is CDROM (UDF)
G: is CDROM ()
H: is CDROM ()
I: is CDROM ()

==== Disabled Device Manager Items =============

Class GUID: {4D36E972-E325-11CE-BFC1-08002BE10318}
Description: NVIDIA nForce Networking Controller
Device ID: {1A3E09BE-1E45-494B-9174-D7385B45BBF5}\NVNET_DEV0373\4&2C129357&0&00
Manufacturer: NVIDIA
Name: NVIDIA nForce Networking Controller
PNP Device ID: {1A3E09BE-1E45-494B-9174-D7385B45BBF5}\NVNET_DEV0373\4&2C129357&0&00
Service: NVENETFD

Class GUID: {4D36E972-E325-11CE-BFC1-08002BE10318}
Description: NVIDIA nForce Networking Controller
Device ID: {1A3E09BE-1E45-494B-9174-D7385B45BBF5}\NVNET_DEV0373\4&D0990A6&0&00
Manufacturer: NVIDIA
Name: NVIDIA nForce Networking Controller #2
PNP Device ID: {1A3E09BE-1E45-494B-9174-D7385B45BBF5}\NVNET_DEV0373\4&D0990A6&0&00
Service: NVENETFD

==== System Restore Points ===================

RP217: 27-06-2009 18:02:45 - Systemkontrolpunkt
RP218: 28-06-2009 20:07:14 - Avg8 Update
RP219: 29-06-2009 23:11:56 - Installed DirectX
RP220: 01-07-2009 02:10:55 - Systemkontrolpunkt
RP221: 02-07-2009 19:11:48 - Systemkontrolpunkt
RP222: 03-07-2009 23:15:41 - Systemkontrolpunkt
RP223: 04-07-2009 19:17:01 - Removed DolbyFiles
RP224: 04-07-2009 19:17:08 - Removed Movie Templates - Starter Kit
RP225: 04-07-2009 19:17:31 - Removed Menu Templates - Starter Kit
RP226: 04-07-2009 19:25:13 - Removed Advertising Center
RP227: 04-07-2009 19:25:21 - Removed Nero Installer
RP228: 05-07-2009 21:02:48 - Systemkontrolpunkt
RP229: 06-07-2009 21:19:26 - Systemkontrolpunkt
RP230: 08-07-2009 00:58:25 - Systemkontrolpunkt
RP231: 09-07-2009 03:02:38 - Systemkontrolpunkt
RP232: 10-07-2009 10:57:31 - Systemkontrolpunkt
RP233: 11-07-2009 11:37:11 - Systemkontrolpunkt
RP234: 13-07-2009 10:20:58 - Systemkontrolpunkt
RP235: 14-07-2009 10:48:34 - Systemkontrolpunkt
RP236: 15-07-2009 17:49:54 - Systemkontrolpunkt
RP237: 16-07-2009 03:00:13 - Software Distribution Service 3.0
RP238: 22-07-2009 18:34:15 - Systemkontrolpunkt
RP239: 23-07-2009 19:02:54 - Systemkontrolpunkt
RP240: 24-07-2009 10:05:44 - Avg8 Update
RP241: 24-07-2009 10:06:35 - Avg8 Update
RP242: 24-07-2009 19:59:55 - Software Distribution Service 3.0
RP243: 25-07-2009 20:22:30 - Systemkontrolpunkt
RP244: 26-07-2009 21:17:25 - Systemkontrolpunkt
RP245: 28-07-2009 12:50:16 - Systemkontrolpunkt
RP246: 29-07-2009 13:29:55 - Systemkontrolpunkt
RP247: 30-07-2009 02:19:52 - Software Distribution Service 3.0
RP248: 31-07-2009 15:01:38 - Systemkontrolpunkt
RP249: 02-08-2009 11:34:37 - Systemkontrolpunkt
RP250: 03-08-2009 18:01:34 - Systemkontrolpunkt
RP251: 04-08-2009 19:52:19 - Systemkontrolpunkt
RP252: 05-08-2009 09:04:08 - Installed Java(TM) 6 Update 15
RP253: 06-08-2009 09:08:55 - Systemkontrolpunkt
RP254: 07-08-2009 09:56:30 - Systemkontrolpunkt
RP255: 08-08-2009 09:57:29 - Systemkontrolpunkt
RP256: 09-08-2009 10:22:59 - Systemkontrolpunkt
RP257: 10-08-2009 11:56:37 - Systemkontrolpunkt
RP258: 11-08-2009 14:03:29 - Systemkontrolpunkt
RP259: 11-08-2009 22:49:55 - Software Distribution Service 3.0
RP260: 12-08-2009 23:49:31 - Systemkontrolpunkt
RP261: 13-08-2009 01:03:49 - Software Distribution Service 3.0
RP262: 14-08-2009 10:32:46 - Systemkontrolpunkt
RP263: 15-08-2009 20:32:08 - Systemkontrolpunkt
RP264: 16-08-2009 10:09:57 - Avg8 Update
RP265: 16-08-2009 10:10:46 - Avg8 Update
RP266: 17-08-2009 18:43:21 - Systemkontrolpunkt
RP267: 18-08-2009 18:44:20 - Systemkontrolpunkt
RP268: 20-08-2009 12:43:06 - Systemkontrolpunkt
RP269: 21-08-2009 15:38:48 - Systemkontrolpunkt
RP270: 22-08-2009 15:53:11 - Systemkontrolpunkt
RP271: 23-08-2009 18:30:58 - Systemkontrolpunkt
RP272: 24-08-2009 19:23:14 - Systemkontrolpunkt
RP273: 25-08-2009 19:25:48 - Systemkontrolpunkt
RP274: 26-08-2009 19:45:17 - Systemkontrolpunkt
RP275: 27-08-2009 02:47:45 - Software Distribution Service 3.0
RP276: 27-08-2009 19:20:03 - Installerede Nero 7 Ultra Edition
RP277: 28-08-2009 13:00:14 - Fjernede Nero 7 Ultra Edition
RP278: 28-08-2009 13:05:26 - Configured X-Men Origins - Wolverine(TM)
RP279: 28-08-2009 13:18:15 - Removed The Godfather™ II
RP280: 28-08-2009 17:07:10 - Installerede Nero 7 Ultra Edition
RP281: 29-08-2009 17:39:55 - Systemkontrolpunkt
RP282: 30-08-2009 19:48:29 - Systemkontrolpunkt
RP283: 31-08-2009 21:32:09 - Systemkontrolpunkt
RP284: 02-09-2009 01:26:52 - Software Distribution Service 3.0
RP285: 02-09-2009 12:41:28 - Software Distribution Service 3.0
RP286: 03-09-2009 16:24:27 - Systemkontrolpunkt
RP287: 04-09-2009 22:08:51 - Systemkontrolpunkt
RP288: 06-09-2009 11:09:10 - Systemkontrolpunkt
RP289: 07-09-2009 11:37:00 - Systemkontrolpunkt
RP290: 08-09-2009 16:21:42 - Systemkontrolpunkt
RP291: 09-09-2009 13:48:02 - Software Distribution Service 3.0
RP292: 10-09-2009 19:22:17 - Systemkontrolpunkt
RP293: 12-09-2009 12:18:32 - Systemkontrolpunkt
RP294: 13-09-2009 18:37:17 - Systemkontrolpunkt
RP295: 15-09-2009 16:00:15 - Systemkontrolpunkt
RP296: 16-09-2009 20:54:56 - Systemkontrolpunkt
RP297: 17-09-2009 21:07:39 - Systemkontrolpunkt
RP298: 18-09-2009 22:36:52 - Systemkontrolpunkt
RP299: 19-09-2009 22:52:55 - Systemkontrolpunkt
RP300: 20-09-2009 22:57:06 - Systemkontrolpunkt
RP301: 21-09-2009 23:27:39 - Systemkontrolpunkt
RP302: 21-09-2009 23:45:42 - Installed FIFA 09
RP303: 22-09-2009 03:00:14 - Software Distribution Service 3.0
RP304: 23-09-2009 20:55:21 - Systemkontrolpunkt
RP305: 24-09-2009 21:17:54 - Systemkontrolpunkt
RP306: 25-09-2009 19:22:27 - RegRun Virus Scan
RP307: 25-09-2009 19:32:06 - RegRun Virus Scan
RP308: 25-09-2009 19:44:14 - RegRun Virus Scan
RP309: 25-09-2009 19:51:41 - Software Distribution Service 3.0
RP310: 25-09-2009 20:12:50 - RegRun Virus Scan
RP311: 25-09-2009 21:05:58 - Removed Garmin WebUpdater
RP312: 25-09-2009 21:06:19 - Removed Garmin USB Drivers
RP313: 25-09-2009 21:06:32 - Removed Garmin Communicator Plugin
RP314: 25-09-2009 21:08:25 - Removed Microsoft Silverlight

==== Installed Programs ======================

530TX
7-Zip 4.65
ACDSee 5.0 PowerPack
Activision(R)
Ad-Aware
Adobe Flash Player 10 ActiveX
Adobe Flash Player 10 Plugin
Adobe Photoshop 7.0
Adobe Reader 9.1 - Dansk
Adobe Shockwave Player 11.5
AI Booster
AiO_Scan_CDA
AiOSoftwareNPI
Apple Software Update
ASUSUpdate
Avery Wizard 3.1
AVG 8.5
BS.Player FREE
BufferChm
Call of Duty(R) 4 - Modern Warfare(TM)
Call of Duty(R) 4 - Modern Warfare(TM) 1.6 Patch
Call of Duty(R) 4 - Modern Warfare(TM) 1.7 Patch
CCleaner (remove only)
Company of Heroes
Company of Heroes - FAKEMSI
Company of Heroes - Joint Operations v1.0
Company of Heroes: Tales of Valor
Creative Audio Control Panel
Creative Software AutoUpdate
Creative System Information
CustomerResearchQFolder
DAEMON Tools
DesignPro 5
Destinations
DeviceManagementQFolder
DFE-530TX Driver
eSupportQFolder
F300
F300_Help
Fax_CDA
FIFA 09
HijackThis 2.0.2
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)
Hotfix for Windows Media Format 11 SDK (KB929399)
Hotfix til Windows XP (KB952287)
Hotfix til Windows XP (KB961118)
Hotfix til Windows XP (KB970653-v3)
HP Customer Participation Program 7.0
HP Imaging Device Functions 7.0
HP Photosmart Essential
HP Photosmart, Officejet and Deskjet 7.0.A
HP Product Assistant
HP Solution Center 7.0
HP Update
HPPhotoSmartExpress
HPProductAssistant
ImagXpress
InstantShareDevicesMFC
Java(TM) 6 Update 15
Malwarebytes' Anti-Malware
MarketResearch
Microsoft .NET Framework 2.0 Service Pack 2
Microsoft .NET Framework 2.0 Service Pack 2 Language Pack - DAN
Microsoft .NET Framework 3.0 Service Pack 2
Microsoft .NET Framework 3.0 Service Pack 2 Language Pack - DAN
Microsoft .NET Framework 3.5 Language Pack SP1 - dan
Microsoft .NET Framework 3.5 SP1
Microsoft Application Error Reporting
Microsoft Choice Guard
Microsoft Internationalized Domain Names Mitigation APIs
Microsoft National Language Support Downlevel APIs
Microsoft Office OneNote 2003
Microsoft Office Professional Edition 2003
Microsoft User-Mode Driver Framework Feature Pack 1.0
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
Microsoft Visual C++ 2005 Redistributable
Microsoft WSE 3.0 Runtime
Mozilla Firefox (3.5.3)
MSVCRT
MSXML 4.0 SP2 (KB954430)
Nero 7 Ultra Edition
neroxml
NewCopy_CDA
NVIDIA Drivers
NVIDIA ForceWare Network Access Manager
NVIDIA PhysX
OGA Notifier 2.0.0048.0
Opdatering til Windows Internet Explorer 8 (KB972636)
Opdatering til Windows XP (KB951978)
Opdatering til Windows XP (KB955839)
Opdatering til Windows XP (KB961503)
Opdatering til Windows XP (KB967715)
Opdatering til Windows XP (KB968389)
Opdatering til Windows XP (KB973815)
OpenAL
Overførselsværktøj til Windows Live
PC Probe II
PowerDVD
ProductContextNPI
PunkBuster Services
QuickTime
Razer DeathAdder(TM) Mouse
RC_Realism v2.1.2
RC_Realism v2.1.2 English UCS
Readme
RegRun Reanimator
Scan
ScannerCopy
Segoe UI
Sikkerhedsopdatering til Windows Internet Explorer 7 (KB938127-v2)
Sikkerhedsopdatering til Windows Internet Explorer 7 (KB956390)
Sikkerhedsopdatering til Windows Internet Explorer 7 (KB961260)
Sikkerhedsopdatering til Windows Internet Explorer 7 (KB963027)
Sikkerhedsopdatering til Windows Internet Explorer 7 (KB969897)
Sikkerhedsopdatering til Windows Internet Explorer 8 (KB969897)
Sikkerhedsopdatering til Windows Internet Explorer 8 (KB971961)
Sikkerhedsopdatering til Windows Internet Explorer 8 (KB972260)
Sikkerhedsopdatering til Windows Media Player (KB952069)
Sikkerhedsopdatering til Windows Media Player (KB968816)
Sikkerhedsopdatering til Windows Media Player (KB973540)
Sikkerhedsopdatering til Windows Media Player 9 (KB911565)
Sikkerhedsopdatering til Windows XP (KB923561)
Sikkerhedsopdatering til Windows XP (KB923789)
Sikkerhedsopdatering til Windows XP (KB938464-v2)
Sikkerhedsopdatering til Windows XP (KB941569)
Sikkerhedsopdatering til Windows XP (KB946648)
Sikkerhedsopdatering til Windows XP (KB950760)
Sikkerhedsopdatering til Windows XP (KB950762)
Sikkerhedsopdatering til Windows XP (KB950974)
Sikkerhedsopdatering til Windows XP (KB951066)
Sikkerhedsopdatering til Windows XP (KB951376-v2)
Sikkerhedsopdatering til Windows XP (KB951698)
Sikkerhedsopdatering til Windows XP (KB951748)
Sikkerhedsopdatering til Windows XP (KB952004)
Sikkerhedsopdatering til Windows XP (KB952954)
Sikkerhedsopdatering til Windows XP (KB954459)
Sikkerhedsopdatering til Windows XP (KB954600)
Sikkerhedsopdatering til Windows XP (KB955069)
Sikkerhedsopdatering til Windows XP (KB956572)
Sikkerhedsopdatering til Windows XP (KB956744)
Sikkerhedsopdatering til Windows XP (KB956802)
Sikkerhedsopdatering til Windows XP (KB956803)
Sikkerhedsopdatering til Windows XP (KB956841)
Sikkerhedsopdatering til Windows XP (KB956844)
Sikkerhedsopdatering til Windows XP (KB957097)
Sikkerhedsopdatering til Windows XP (KB958215)
Sikkerhedsopdatering til Windows XP (KB958644)
Sikkerhedsopdatering til Windows XP (KB958687)
Sikkerhedsopdatering til Windows XP (KB958690)
Sikkerhedsopdatering til Windows XP (KB959426)
Sikkerhedsopdatering til Windows XP (KB960225)
Sikkerhedsopdatering til Windows XP (KB960714)
Sikkerhedsopdatering til Windows XP (KB960715)
Sikkerhedsopdatering til Windows XP (KB960803)
Sikkerhedsopdatering til Windows XP (KB960859)
Sikkerhedsopdatering til Windows XP (KB961371)
Sikkerhedsopdatering til Windows XP (KB961373)
Sikkerhedsopdatering til Windows XP (KB961501)
Sikkerhedsopdatering til Windows XP (KB968537)
Sikkerhedsopdatering til Windows XP (KB969898)
Sikkerhedsopdatering til Windows XP (KB970238)
Sikkerhedsopdatering til Windows XP (KB971557)
Sikkerhedsopdatering til Windows XP (KB971633)
Sikkerhedsopdatering til Windows XP (KB971657)
Sikkerhedsopdatering til Windows XP (KB973346)
Sikkerhedsopdatering til Windows XP (KB973354)
Sikkerhedsopdatering til Windows XP (KB973507)
Sikkerhedsopdatering til Windows XP (KB973869)
SolutionCenter
Sony Ericsson PC Suite 5.009.00
Sound Blaster X-Fi
Sprogpakke til Microsoft .NET Framework 3.5 SP1 - dansk
Status
Steam
SUPERAntiSpyware Free Edition
TeamSpeak 2 RC2
The Matrix Revolutions 3D Screen Saver v3.2
The Sims™ 3
Tilmeldingsassistent til Windows Live
Toolbox
TrayApp
Uniblue RegistryBooster 2009
Update for Microsoft .NET Framework 3.5 SP1 (KB963707)
Ventrilo Client
Visual C++ 2008 x86 Runtime - (v9.0.30729)
Visual C++ 2008 x86 Runtime - v9.0.30729.01
WebFldrs XP
WebReg
Windows Driver Package - Cypress (CyUsb) USB
Windows Driver Package - Razer (HidUsb) HIDClass  (02/02/2007 1.0.5.0)
Windows Internet Explorer 8
Windows Live Communications Platform
Windows Live Essentials
Windows Live Messenger
Windows Media Format 11 runtime
Windows Media Player Firefox Plugin
Windows XP Service Pack 3
WinRAR archiver
Xfire (remove only)
XML Paper Specification Shared Components Language Pack 1.0

==== End Of File ===========================
Avatar billede f-arn Guru
26. september 2009 - 09:22 #10
Malwarebytes' Anti-Malware 1.41
Database version: 2775

???????
Avatar billede f-arn Guru
26. september 2009 - 09:28 #11
Og mine ? skal tages som et tegn på at jeg er træt af at se logs fra ikke opdateret anti malware programmer.
Avatar billede Computer Hjælp (Gratis) Mester
26. september 2009 - 09:56 #12
Enig!

... nuværende version er [2861] !!!
Avatar billede thomas69 Nybegynder
26. september 2009 - 10:57 #13
Ok jeg prøver igen..
Avatar billede thomas69 Nybegynder
26. september 2009 - 11:00 #14
Men den Malware var fra dit link Larry, så jeg troede det var ok ?
Avatar billede Computer Hjælp (Gratis) Mester
26. september 2009 - 11:03 #15
Jo jo - men man skal gennemføre når det er gjort skal du lade programmet opdatere sig... - evt. flere gange via [Opdatér] fanen i programmet...
Avatar billede thomas69 Nybegynder
26. september 2009 - 11:07 #16
Et problem kan være, at jeg ikke kan få lov til og opdatere Malware, derfor database 2775.

Og hvad menes der med "mine"

Og der er self. stadigvæk store problemer med pcen :(
Avatar billede thomas69 Nybegynder
26. september 2009 - 11:11 #17
Når jeg trykker på "tjek for opdateringer" kommer DL boxen frem men bjælken bevæger sig ikke, plus den kommer op med "En fejl er opstået. Rapporter venligst denne fejlkode til Malwarebytes´Anti-Malware support team. Error code 732 (0, 0)
Avatar billede thomas69 Nybegynder
26. september 2009 - 11:44 #18
Jeg laver en Format C nu, så bare læg et svar Larry så jeg kan give dig point.
Men ellers tak for hjælpen.
Avatar billede Computer Hjælp (Gratis) Mester
26. september 2009 - 12:26 #19
OK - men undgå
* AVG Free -> http://www.spywarefri.dk/artikel/computerblade-misinformerer/

Se også her ->
http://www.spywarefri.dk/artikel/hvad-skal-jeg-bruge-af-software/
http://www.spywarefri.dk/sikkerhedspakken/
Avatar billede thomas69 Nybegynder
26. september 2009 - 18:29 #20
Hej igen.

En lille update :)

Så er jeg blevet færdig med at installere win xp påny efter en mulig infect af "virut"
Damn den var hård, kunne ikke engang boote op fra Cdén..

Kører med:

Online Armor.
SAS.
Avast Free.
Malware Anti.
Registry Booster 2009.

Ellers nogen andre ider til programmer??

Og ellers bare prøver og holde bedre styr på mine mapper/filer og self. ikke DL alt muligt underligt, men man kan self. ikke være 100% sikker.
Så igen, tak som altid for jeres frivillige hjælp :)

Thomas
Avatar billede Computer Hjælp (Gratis) Mester
26. september 2009 - 19:07 #21
(Forventer du du HAR korrekte driverpakker passende til din Hardware ?)

Du ka' også helt slette brugeren [.NET(et eller andet] (Kontrolpanel - brugerkonti..)

Så skulle det lige være nævnte
* http://www.ccleaner.com/
* http://www.adobe.dk/products/acrobat/readstep2.html
* http://www.java.com/en/download/download_the_latest.jsp
* http://www.real.com/R/RDX.downloadr_2.R/software-dl.real.com/27058d9be8ab419b9306/windows/rdxstub/rp10_en_uk/RealPlayer10-5GOLD.exe
* http://get.adobe.com/flashplayer/
* http://www.free-codecs.com/K_Lite_Mega_Codec_Pack_download.htm

* http://www.microsoft.com/windowsxp/downloads/powertoys/xppowertoys.mspx (Noget herfra ?)
* http://www.microsoft.com/downloads/details.aspx?FamilyID=2DA43D38-DB71-4C1B-BC6A-9B6652CD92A3&displaylang=en
* http://support.microsoft.com/default.aspx?scid=kb;en-us;290301

http://kundeservice.tdc.dk/testcenter/

---

Bemærk at du med CCleaner - Værktøjer - Opstart - SELV ka' fjerne diverse elementer som ikke behøver at være med i din opstart...

---

Slut af med oprydning med CCleaner samt et Systemgendannelsespunkt...

Defragmentering...

Go' For It' ...
Avatar billede thomas69 Nybegynder
26. september 2009 - 20:14 #22
Cool Larry, takker endnu engang...
Jeg har næsten gjort alt hvad du har linket til :)

Men jeg har ikke denne bruger kun "Gæst" som ikke er aktiveret.
Avatar billede Computer Hjælp (Gratis) Mester
26. september 2009 - 20:35 #23
(Så er der nok en af opdateringerne (måske 'valgfri') som du mangler...)
Avatar billede thomas69 Nybegynder
27. september 2009 - 02:09 #24
Larry håber det ok jeg lægger en ny log fra HJT ind som du gerne må kigge på??
Og derefter har jeg kørt Malware også med en log ok ?


Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 02:06:51, on 27-09-2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP3 (6.00.2900.5512)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Installeret\Online Armor\OAcat.exe
C:\Installeret\Online Armor\oasrv.exe
C:\WINDOWS\Explorer.EXE
C:\Installeret\Alwil Software\Avast4\aswUpdSv.exe
C:\Installeret\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Installeret\Java\jre6\bin\jqs.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\Installeret\Alwil Software\Avast4\ashMaiSv.exe
C:\Installeret\Alwil Software\Avast4\ashWebSv.exe
C:\INSTAL~1\ALWILS~1\Avast4\ashDisp.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Installeret\Online Armor\oaui.exe
C:\Installeret\Java\jre6\bin\jusched.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Installeret\SUPERAntiSpyware\SUPERAntiSpyware.exe
C:\Installeret\Steam\Steam.exe
C:\Installeret\Online Armor\OAhlp.exe
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\System32\svchost.exe
C:\Programmer\Mozilla Firefox\firefox.exe
C:\Documents and Settings\Thomas M\Dokumenter\Hentede filer\Ny.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.dk/
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Hyperlinks
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Installeret\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Installeret\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O4 - HKLM\..\Run: [avast!] C:\INSTAL~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [@OnlineArmor GUI] "C:\Installeret\Online Armor\oaui.exe"
O4 - HKLM\..\Run: [Launch Ai Booster] "C:\Installeret\ASUS\AI Booster\OverClk.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Installeret\Java\jre6\bin\jusched.exe"
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [SUPERAntiSpyware] C:\Installeret\SUPERAntiSpyware\SUPERAntiSpyware.exe
O4 - HKCU\..\Run: [Steam] "C:\Installeret\Steam\Steam.exe" -silent
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'LOKAL TJENESTE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'NETVÆRKSTJENESTE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1253969055946
O20 - Winlogon Notify: !SASWinLogon - C:\Installeret\SUPERAntiSpyware\SASWINLO.dll
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Installeret\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Installeret\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Installeret\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Installeret\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Installeret\Java\jre6\bin\jqs.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Online Armor Helper Service (OAcat) - Tall Emu - C:\Installeret\Online Armor\OAcat.exe
O23 - Service: Online Armor (SvcOnlineArmor) - Tall Emu - C:\Installeret\Online Armor\oasrv.exe

--
End of file - 4435 bytes
Avatar billede thomas69 Nybegynder
27. september 2009 - 02:44 #25
Og Malware loggen :)

Malwarebytes' Anti-Malware 1.41
Database version: 2861
Windows 5.1.2600 Service Pack 3

27-09-2009 02:43:37
mbam-log-2009-09-27 (02-43-37).txt

Skan type: Fuldstændig skanning (C:\|)
Objekter skannet: 161108
Tid tilbagelagt: 32 minute(s), 58 second(s)

Inficerede Hukommelses Processer: 0
Inficerede Hukommelses Moduler: 0
Inficerede Registeringsdatabase Nøgler: 3
Inficerede Registeringsdatabase Værdier: 1
Inficerede Registeringsdatabase Filer: 0
Inficerede Mapper: 0
Inficerede Filer: 1

Inficerede Hukommelses Processer:
(Ingen mistænkelige filer fundet)

Inficerede Hukommelses Moduler:
(Ingen mistænkelige filer fundet)

Inficerede Registeringsdatabase Nøgler:
HKEY_CLASSES_ROOT\TypeLib\{67450775-3b18-49b1-aa83-0e010f07f4df} (Trojan.Dropper) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{69b3ebfa-0015-4914-9312-e7758eacfac1} (Trojan.Dropper) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{30de9920-2e84-40a2-88a5-b8d256e15101} (Trojan.Dropper) -> Quarantined and deleted successfully.

Inficerede Registeringsdatabase Værdier:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs\C:\Programmer\Fælles filer\ACD Systems\Filters\EITCC_LinearBlur.dll (Trojan.Dropper) -> Quarantined and deleted successfully.

Inficerede Registeringsdatabase Filer:
(Ingen mistænkelige filer fundet)

Inficerede Mapper:
(Ingen mistænkelige filer fundet)

Inficerede Filer:
C:\Programmer\Fælles filer\ACD Systems\Filters\EITCC_LinearBlur.dll (Trojan.Dropper) -> Quarantined and deleted successfully.
Avatar billede Computer Hjælp (Gratis) Mester
27. september 2009 - 09:13 #26
... under alle omstændigheder skal du til WindowsUpdate for ALLE opdateringer; der skal nok være >200Mb. Deriblandt IE8, WMP11, ...
Avatar billede thomas69 Nybegynder
27. september 2009 - 11:53 #27
Den har ellers kørt win updates flere gange..
IE8 og WMP11 er vel ikke noget man have??
Avatar billede thomas69 Nybegynder
27. september 2009 - 15:44 #28
Ok har lige hentet lidt mere updates ca. 68mb inkl. IE8
Avatar billede Computer Hjælp (Gratis) Mester
27. september 2009 - 18:43 #29
... kør netop WindowsUpdate flere gange til der ikke er 'mere' tilbage...

http://kundeservice.tdc.dk/testcenter/
Avatar billede Ny bruger Nybegynder

Din løsning...

Tilladte BB-code-tags: [b]fed[/b] [i]kursiv[/i] [u]understreget[/u] Web- og emailadresser omdannes automatisk til links. Der sættes "nofollow" på alle links.

Loading billede Opret Preview
Kategori
Se alle it-kurser fra Computerworld Kurser
IT-kurser om Microsoft 365, sikkerhed, personlig vækst, udvikling, digital markedsføring, grafisk design, SAP og forretningsanalyse.
Se alle it-kurser

Flere spørgsmål fra Virus kategorien

Titel Indlæg Oprettet Seneste aktivitet
Findes der mon et Antivirus program, som ikke, konstant, reklamerer, for at købe ? Af Ikke-ekspert i Virus 21 22/06/202419:22 23/06/202412:54
Anbefaling af antivirusprogram med firewall Af OnePlusFan i Virus 23 07/05/202421:02 13/05/202419:48
trusler Af gerhardpet i Virus 4 26/01/202410:02 27/01/202408:32
Kan ikke fjerne virus Af mik28 i Virus 16 09/01/202416:37 10/01/202419:59
virusscanning Af JetteD i Virus 2 10/11/202312:55 10/11/202316:36
Se alle spørgsmål i kategorien Opret spørgsmål

Log ind eller opret profil

Hov!

For at kunne deltage på Computerworld Eksperten skal du være logget ind.

Det er heldigvis nemt at oprette en bruger: Det tager to minutter og du kan vælge at bruge enten e-mail, Facebook eller Google som login.

Opret Log ind

Du kan også logge ind via nedenstående tjenester



Alle kategorier på Eksperten
Seneste spørgsmål Seneste aktivitet
I går 16:51 UNILOGIN i GOOGLE Af lao i Browsere
I går 10:07 Kan det gøres lettere Af densortehingst i Excel
01/0821:49 En app vækker mig om morgenen og giver en vejrudsigt - hvordan stoppe det? Af Philip Kuhlmann i Apps til Android
01/0821:28 visning af heltal som resultat efter beregning Af Brian_Skovgaard i Excel
01/0814:48 Microsoft Business - kan ikke logge ind Af Lasse i Office & Kontorpakker
White papers
Flere white papers »


Premium
Teaser billede
Nvidia efterforskes for brud på konkurrencelov
Læs mere »
Den store cloud-krig raser stadigvæk - og Amazon ser lige nu ud til at have overhånden
Apple præsenter første regnskab siden AI-udmelding: Her er tre bemærkelsesværdige pointer derfra
Sårbarhed kan let give administratorrettigheder til alle: Udnyttes allerede af ransomware-grupper
Se alle »
Computerworld
Teaser billede
Første test: Denne helt nye wunder-CPU vil du have i din næste laptop
Læs mere »
Alvorlig fejl i Intel-chips breder sig: Listen over ramte processor vokser og vokser – og de kan blive permanent beskadigede
’Apple Intelligence’ slippes løs: Her kommer første mulighed for at afprøve Apples kunstige intelligens
Flere statslige it-løsninger ramt af netværksproblemer - ansatte kunne ikke få mail-adgang
Se alle »
CIO
Teaser billede
Stor aftale gør Microsofts datacentre hurtigere - investerer i netværksudstyr
Læs mere »
Telenor skrotter ældre it-system: Nyt system er en hyldevare
Derfor står Danske Bank foran en kæmpe AWS-transformation: Ellers skulle vi bygge en ny infrastruktur for at følge med
NIS2 i Danmark udskydes med flere måneder: Her er den nye dato, hvor loven træder i kraft
Se alle »
Job & Karriere
Teaser billede
Efter 12 år er NNIT's hovedkvarter i Søborg nu ryddet og tomt - alle arbejder hjemme: "Det er med et vist vemod"
Læs mere »
KMD-direktør forlader selskabet: Det skal hun nu
Dansk top-profil trækker sig fra Microsoft: Skal være direktør i TDC Erhverv
IBM Danmark skifter ud i sin øverste ledelse - her er den nye direktion
Se alle »
White paper
Teaser billede
Nemmere overblik, styring og omkostningskontrol i dit multicloud-miljø
Læs mere »
Informationshåndtering på frontlinjen: Sådan optimerer du med automatisering
MDR: Transparent sikkerhed og overvågning i realtid
SASE: Træf det rette valg – første gang
Se alle »

Events
Flere events »
White papers
Flere white papers »
IT-Kurser
Se alle vores it-kurser »