CIO Tech Eksperten IT-JOB IT-Kurser Events Podcast Søg
Cookie ikon
Avatar billede zyp Nybegynder
14. november 2009 - 22:01 Der er 8 kommentarer og
1 løsning

Check af Log

Oplevet betydelig nedsat hastighed pludselig opstået... bliver nemt bekymret... Vil derfor gerne bede om at få chekket disse log´s Tak

Malwarebytes' Anti-Malware 1.41
Database version: 3171
Windows 5.1.2600 Service Pack 3
2009-11-14 20:07:34
mbam-log-2009-11-14 (20-07-34).txt
Scan type: Full Scan (C:\|)
Objects scanned: 193221
Time elapsed: 56 minute(s), 22 second(s)
Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 0
Memory Processes Infected:
(No malicious items detected)
Memory Modules Infected:
(No malicious items detected)
Registry Keys Infected:
(No malicious items detected)
Registry Values Infected:
(No malicious items detected)
Registry Data Items Infected:
(No malicious items detected)
Folders Infected:
(No malicious items detected)
Files Infected:
(No malicious items detected)

ComboFix 09-11-15.01 - XXXX 14-11-2009 21:29.9.2 - FAT32x86
Microsoft Windows XP Professional  5.1.2600.3.1252.45.1033.18.2046.1351 [GMT 1:00]
Kører fra: c:\documents and settings\XXXX\My Documents\Downloads\ComboFix.exe
Kommandoer benyttet :: c:\documents and settings\XXXX\Desktop\Vira mappe\CFScript.txt
AV: avast! antivirus 4.8.1351 [VPS 091114-0] *On-access scanning disabled* (Updated) {7591DB91-41F0-48A3-B128-1A293FD8233D}

advarsel -DENNE MASKINE HAR IKKE GENOPRETTELSESKONSOL INSTALLERET !!
.

(((((((((((((((((((((((((((((  Filer skabt fra 2009-10-14 til 2009-11-14  )))))))))))))))))))))))))))))))))))
.

2009-11-12 11:30 . 2009-11-12 11:30    --------    d-----w-    c:\documents and settings\XXXX\Local Settings\Application Data\Blizzard Entertainment
2009-11-09 15:04 . 2009-05-18 13:17    26600    ----a-w-    c:\windows\system32\drivers\GEARAspiWDM.sys
2009-11-09 15:04 . 2008-04-17 12:12    107368    ----a-w-    c:\windows\system32\GEARAspi.dll
2009-11-09 15:03 . 2009-11-09 15:03    --------    d-----w-    c:\program files\iPod
2009-11-09 15:03 . 2009-11-09 15:04    --------    d-----w-    c:\program files\iTunes
2009-11-09 15:03 . 2009-11-09 15:04    --------    d-----w-    c:\documents and settings\All Users\Application Data\{755AC846-7372-4AC8-8550-C52491DAA8BD}
2009-11-09 15:02 . 2009-11-09 15:02    --------    d-----w-    c:\program files\Bonjour
2009-11-07 09:25 . 2009-11-07 09:47    --------    d-----w-    c:\documents and settings\XXXX\Application Data\iPodder
2009-11-07 09:25 . 2009-11-11 08:44    --------    d-----w-    c:\program files\Juice
2009-11-07 08:29 . 2009-11-07 08:30    --------    d-----w-    c:\program files\QuickTime
2009-11-07 08:26 . 2009-11-09 15:03    --------    d-----w-    c:\program files\Common Files\Apple
2009-11-07 08:26 . 2009-11-07 08:26    --------    d-----w-    c:\program files\Apple Software Update
2009-11-05 15:32 . 2009-11-05 15:32    152576    ----a-w-    c:\documents and settings\XXXX\Application Data\Sun\Java\jre1.6.0_17\lzma.dll
2009-10-30 00:29 . 2009-10-30 00:29    2146304    ----a-w-    c:\windows\system32\GPhotos.scr
2009-10-28 19:58 . 2009-10-28 19:58    79144    ----a-w-    c:\documents and settings\All Users\Application Data\Apple Computer\Installer Cache\iTunes 9.0.2.25\SetupAdmin.exe
2009-10-23 19:50 . 2009-10-23 19:50    --------    d-----w-    c:\program files\HyCam2

.
((((((((((((((((((((((((((((((((((((((((  Find3M Rapport  ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-11-12 11:29 . 2007-09-02 19:00    --------    d-----w-    c:\program files\World of Warcraft
2009-11-12 11:27 . 2008-04-20 07:52    --------    d-----w-    c:\program files\SUPERAntiSpyware
2009-11-11 06:48 . 2007-09-20 07:53    --------    d-----w-    c:\documents and settings\All Users\Application Data\Microsoft Help
2009-11-09 15:21 . 2009-05-01 15:03    117760    ----a-w-    c:\documents and settings\XXXX\Application Data\SUPERAntiSpyware.com\SUPERAntiSpyware\SDDLLS\UIREPAIR.DLL
2009-11-09 15:07 . 2008-08-13 20:15    --------    d-----w-    c:\documents and settings\XXXX\Application Data\Apple Computer
2009-11-07 08:50 . 2009-03-21 13:32    --------    d-----w-    c:\program files\Common Files\Adobe AIR
2009-11-07 08:50 . 2009-09-21 12:06    38208    ----a-w-    c:\documents and settings\XXXX\Application Data\Macromedia\Flash Player\www.macromedia.com\bin\airappinstaller\airappinstaller.exe
2009-11-07 08:50 . 2009-09-21 12:06    38208    ----a-w-    c:\documents and settings\Default User\Application Data\Macromedia\Flash Player\www.macromedia.com\bin\airappinstaller\airappinstaller.exe
2009-11-07 08:29 . 2008-08-13 20:14    --------    d-----w-    c:\documents and settings\All Users\Application Data\Apple Computer
2009-11-05 15:33 . 2007-09-02 19:12    --------    d-----w-    c:\program files\Java
2009-11-02 19:42 . 2009-10-03 11:12    195456    ------w-    c:\windows\system32\MpSigStub.exe
2009-10-30 11:04 . 2009-04-04 18:39    0    ----a-w-    c:\documents and settings\XXXX\temp.dat
2009-10-24 11:17 . 2007-08-31 13:58    69232    ----a-w-    c:\documents and settings\XXXX\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
2009-10-14 17:10 . 2008-02-25 16:08    --------    d-----w-    c:\program files\Common Files\Adobe
2009-10-11 03:17 . 2008-12-16 19:56    411368    ----a-w-    c:\windows\system32\deploytk.dll
2009-09-22 17:44 . 2009-09-22 17:44    --------    d-----w-    c:\documents and settings\xxxx\Application Data\Windows Search
2009-09-22 15:45 . 2009-09-21 18:29    --------    d-----w-    c:\program files\Windows Desktop Search
2009-09-21 19:31 . 2009-09-21 19:31    --------    d-----w-    c:\documents and settings\XXXX\Application Data\Windows Desktop Search
2009-09-21 16:36 . 2009-09-21 13:09    --------    d-----w-    c:\program files\Creative
2009-09-21 16:33 . 2007-08-31 11:04    --------    d--h--w-    c:\program files\InstallShield Installation Information
2009-09-21 13:35 . 2009-09-21 13:35    --------    d-----w-    c:\documents and settings\sune\Application Data\Reallusion
2009-09-21 13:35 . 2009-09-21 13:14    --------    d-----w-    c:\documents and settings\All Users\Application Data\Creative
2009-09-21 13:13 . 2009-09-21 13:13    --------    d-----w-    c:\documents and settings\sune\Application Data\Creative
2009-09-21 12:52 . 2009-05-04 15:29    --------    d-----w-    c:\program files\Malwarebytes' Anti-Malware
2009-09-21 12:52 . 2009-09-21 12:52    4045528    ----a-w-    c:\documents and settings\All Users\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\mbam-setup.exe
2009-09-11 14:18 . 2005-11-01 12:00    136192    ----a-w-    c:\windows\system32\msv1_0.dll
2009-09-10 12:54 . 2009-05-04 15:29    38224    ----a-w-    c:\windows\system32\drivers\mbamswissarmy.sys
2009-09-10 12:53 . 2009-05-04 15:29    19160    ----a-w-    c:\windows\system32\drivers\mbam.sys
2009-09-04 21:03 . 2005-11-01 12:00    58880    ----a-w-    c:\windows\system32\msasn1.dll
2009-08-29 08:08 . 2005-11-01 12:00    916480    ----a-w-    c:\windows\system32\wininet.dll
2009-08-26 08:00 . 2005-11-01 12:00    247326    ----a-w-    c:\windows\system32\strmdll.dll
2009-08-23 21:00 . 2009-08-23 21:00    922112    ------w-    c:\windows\system32\imapi2fs.dll
2009-08-23 21:00 . 2009-08-23 21:00    426496    ------w-    c:\windows\system32\imapi2.dll
2009-08-17 21:33 . 2009-08-17 21:33    1193832    ----a-w-    c:\windows\system32\FM20.DLL
2009-08-17 16:10 . 2009-07-19 11:57    1279456    ----a-w-    c:\windows\system32\aswBoot.exe
2009-08-17 16:06 . 2009-07-19 11:58    93392    ----a-w-    c:\windows\system32\drivers\aswmon.sys
2009-08-17 16:06 . 2009-07-19 11:58    94160    ----a-w-    c:\windows\system32\drivers\aswmon2.sys
2009-08-17 16:05 . 2009-07-19 11:58    114768    ----a-w-    c:\windows\system32\drivers\aswSP.sys
2009-08-17 16:05 . 2009-07-19 11:58    20560    ----a-w-    c:\windows\system32\drivers\aswFsBlk.sys
2009-08-17 16:04 . 2009-07-19 11:58    51376    ----a-w-    c:\windows\system32\drivers\aswTdi.sys
2009-08-17 16:04 . 2009-07-19 11:58    23152    ----a-w-    c:\windows\system32\drivers\aswRdr.sys
2009-08-17 16:03 . 2009-07-19 11:58    26944    ----a-w-    c:\windows\system32\drivers\aavmker4.sys
2009-08-17 16:02 . 2009-07-19 11:58    97480    ----a-w-    c:\windows\system32\AvastSS.scr
2009-04-29 17:08 . 2009-04-29 17:08    5154304    ----a-w-    c:\program files\WindowsDefender.msi
2008-09-22 15:28 . 2008-07-07 18:46    88    --sh--r-    c:\windows\system32\316661CE4A.sys
2008-09-22 15:28 . 2008-07-07 18:46    1056    --sh--w-    c:\windows\system32\KGyGaAvL.sys
.
(((((((((((((((((((((((((((((((((((  Start steder i reg.basen  ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Bemærk* tomme linier & lovlige standard linier vises ikke 
REGEDIT4
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2008-12-12 68856]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2007-04-28 8429568]
"QLButton"="c:\program files\Quick Launch Button\QLButton.exe" [2005-01-06 106496]
"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2007-08-15 1015808]
"IFXSPMGT"="c:\windows\system32\IFXSPMGT.exe" [2006-11-13 661024]
"SynTPStart"="c:\program files\Synaptics\SynTP\SynTPStart.exe" [2007-08-15 102400]
"GrooveMonitor"="c:\program files\Microsoft Office\Office12\GrooveMonitor.exe" [2008-10-25 31072]
"avast!"="c:\progra~1\ALWILS~1\Avast4\ashDisp.exe" [2009-08-17 81000]
"BtTray"="c:\program files\IVT Corporation\BlueSoleil\BtTray.exe" [2009-08-07 315478]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2009-10-03 35696]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2009-09-04 935288]
"SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2009-10-11 149280]
"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2009-09-05 417792]
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2009-10-28 141600]
"Malwarebytes Anti-Malware (reboot)"="c:\program files\Malwarebytes' Anti-Malware\mbam.exe" [2009-09-10 1312080]
"nwiz"="nwiz.exe" - c:\windows\system32\nwiz.exe [2007-04-28 1626112]
"RTHDCPL"="RTHDCPL.EXE" - c:\windows\RTHDCPL.exe [2008-02-19 16858112]
"BluetoothAuthenticationAgent"="bthprops.cpl" - c:\windows\system32\bthprops.cpl [2008-04-14 110592]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]
c:\documents and settings\All Users\Start Menu\Programs\Startup\
Windows Search.lnk - c:\program files\Windows Desktop Search\WindowsSearch.exe [2008-5-26 123904]
[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= "c:\program files\SUPERAntiSpyware\SASSEH.DLL" [2008-05-21 77824]
"{56F9679E-7826-4C84-81F3-532071A8BCC5}"= "c:\program files\Windows Desktop Search\MSNLNamespaceMgr.dll" [2009-05-24 304128]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\!SASWinLogon]
2009-09-07 18:21    548352    ----a-w-    c:\program files\SUPERAntiSpyware\SASWINLO.DLL
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend]
@="Service"
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\IVT Corporation\\BlueSoleil\\BlueSoleil.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\WINDOWS\\system32\\dpvsetup.exe"=
"c:\\Program Files\\World of Warcraft\\WoW-1.12.x-to-2.0.1-enGB-patch-downloader.exe"=
"c:\\Program Files\\World of Warcraft\\BackgroundDownloader.exe"=
"c:\\Program Files\\World of Warcraft\\WoW-2.2.3.7359-to-2.3.0.7561-enGB-downloader.exe"=
"c:\\Program Files\\Steam\\steamapps\\hejseb\\counter-strike source\\hl2.exe"=
"c:\\Program Files\\Common Files\\Nokia\\Service Layer\\A\\nsl_host_process.exe"=
"c:\\Program Files\\Nokia\\Nokia Software Updater\\nsu_ui_client.exe"=
"c:\\Program Files\\World of Warcraft\\Launcher.exe"=
"c:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"=
"c:\\Program Files\\Microsoft Office\\Office12\\GROOVE.EXE"=
"c:\\Program Files\\Microsoft Office\\Office12\\ONENOTE.EXE"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=
"c:\\Program Files\\World of Warcraft\\WoW-3.1.3.9947-to-3.2.0.10192-enGB-downloader.exe"=
"c:\\Program Files\\Curse\\CurseClient.exe"=
"c:\\Program Files\\IVT Corporation\\BlueSoleil\\BlueSoleilCS.exe"=
"c:\\Program Files\\World of Warcraft\\WoW-3.2.0.10192-to-3.2.0.10314-enGB-downloader.exe"=
"c:\\Program Files\\Java\\jre6\\bin\\java.exe"=
"c:\\Program Files\\World of Warcraft\\WoW-3.2.0.10314-to-3.2.2.10482-enGB-downloader.exe"=
"c:\\Program Files\\World of Warcraft\\WoW-3.2.2.10482-to-3.2.2.10505-enGB-downloader.exe"=
"c:\\Program Files\\MSN Messenger\\msnmsgr.exe"=
"c:\\Program Files\\MSN Messenger\\livecall.exe"=
"c:\\Program Files\\Messenger\\msmsgs.exe"=
"c:\\Program Files\\Bonjour\\mDNSResponder.exe"=
"c:\\Program Files\\iTunes\\iTunes.exe"=
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"3724:TCP"= 3724:TCP:Blizzard Downloader: 3724
R0 BtHidBus;Bluetooth HID Bus Service;c:\windows\system32\drivers\BtHidBus.sys [31-07-2008 20:45 20744]
R1 aswSP;avast! Self Protection;c:\windows\system32\drivers\aswSP.sys [19-07-2009 12:58 114768]
R1 PersonalSecureDrive;PersonalSecureDrive;c:\windows\system32\drivers\psd.sys [12-10-2006 19:37 38952]
R1 SASDIFSV;SASDIFSV;c:\program files\SUPERAntiSpyware\SASDIFSV.SYS [29-02-2008 15:03 9968]
R1 SASKUTIL;SASKUTIL;c:\program files\SUPERAntiSpyware\SASKUTIL.SYS [29-02-2008 15:03 74480]
R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [19-07-2009 12:58 20560]
R2 BPowMon;Broadcom Power monitoring service;c:\program files\Broadcom\BACS\BPowMon.exe [31-08-2006 16:04 65536]
R2 BsMobileCS;BsMobileCS;c:\program files\IVT Corporation\BlueSoleil\BsMobileCS.exe [07-08-2009 14:09 143467]
R2 WinDefend;Windows Defender;c:\program files\Windows Defender\MsMpEng.exe [03-11-2006 18:19 13592]
R3 btnetBUs;Bluetooth PAN Bus Service;c:\windows\system32\drivers\btnetBus.sys [17-06-2009 13:02 29192]
R3 hidshim;Service for HID-KMDF Shim layer;c:\windows\system32\drivers\hidshim.sys [11-07-2007 04:01 5632]
R3 IFXTPM;IFXTPM;c:\windows\system32\drivers\ifxtpm.sys [17-09-2007 22:49 36608]
R3 IvtBtBUs;IVT Bluetooth Bus Service;c:\windows\system32\drivers\IvtBtBus.sys [02-07-2008 14:58 25480]
R3 winbondhidcir;Winbond HID CIR Receiver;c:\windows\system32\drivers\winbondhidcir.sys [11-07-2007 04:01 21504]
S2 gupdate1c9862dc97496a2;Google Update Service (gupdate1c9862dc97496a2);c:\program files\Google\Update\GoogleUpdate.exe [03-02-2009 19:32 133104]
S3 CtClsFlt;Creative Camera Class Upper Filter Driver;c:\windows\system32\DRIVERS\CtClsFlt.sys --> c:\windows\system32\DRIVERS\CtClsFlt.sys [?]
S3 MaplomL;MaplomL; [x]
S3 SASENUM;SASENUM;c:\program files\SUPERAntiSpyware\SASENUM.SYS [16-02-2006 15:51 4096]
--- Andre Services/Drivers i Hukommelsen ---
*NewlyCreated* - MBR
*Deregistered* - mbr
.
Indhold af mappen 'Planlagte Opgaver'
2009-11-12 c:\windows\Tasks\AppleSoftwareUpdate.job
- c:\program files\Apple Software Update\SoftwareUpdate.exe [2008-07-30 11:34]
2009-11-14 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-02-03 18:32]
2009-11-14 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-02-03 18:32]

2009-11-14 c:\windows\Tasks\MP Scheduled Scan.job
- c:\program files\Windows Defender\MpCmdRun.exe [2006-11-03 17:20]
2009-11-14 c:\windows\Tasks\Security Platform Backup Schedule.job
- c:\program files\Infineon\Security Platform Software\SpBackupWz.exe [2006-11-13 11:56]
2009-11-14 c:\windows\Tasks\Søg efter opdateringer til Windows Live Toolbar.job
- c:\program files\Windows Live Toolbar\MSNTBUP.EXE [2007-10-19 10:20]
.
.
------- Yderligere scanning -------
.
uStart Page = hxxp://login.live.com/login.srf?wa=wsignin1.0&rpsnv=10&ct=1223554065&rver=4.5.2130.0&wp=MBI&wreply=http:%2F%2Fmail.live.com%2Fdefault.aspx&id=64855
uDefault_Search_URL = hxxp://www.google.com/ie
uInternet Settings,ProxyOverride = *.local
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
IE: &Windows Live Search - c:\program files\Windows Live Toolbar\msntb.dll/search.htm
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
IE: E&ksporter til Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
FF - ProfilePath - c:\documents and settings\sune\Application Data\Mozilla\Firefox\Profiles\6psr5jrt.default\
FF - plugin: c:\program files\Google\Picasa3\npPicasa2.dll
FF - plugin: c:\program files\Google\Picasa3\npPicasa3.dll
FF - plugin: c:\program files\Google\Update\1.2.183.13\npGoogleOneClick8.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\np-mswmp.dll
FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
---- FIREFOX POLITIKKER ----
c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl3.rsa_seed_sha", true);
.
**************************************************************************
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-11-14 21:40
Windows 5.1.2600 Service Pack 3 NTFS
scanner skjulte processer ... 
scanner skjulte autostarter ...
scanner skjulte filer ... 
scanning gennemført med succes
skjulte filer: 0
**************************************************************************
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\MySQL]
"ImagePath"="\"c:\program files\MySQL\MySQL Server 5.0\bin\mysqld-nt\" --defaults-file=\"c:\program files\MySQL\MySQL Server 5.0\my.ini\" MySQL"
.
--------------------- DLLs startet under kørende Processer ---------------------
- - - - - - - > 'winlogon.exe'(824)
c:\program files\SUPERAntiSpyware\SASWINLO.DLL
c:\windows\system32\WININET.dll
- - - - - - - > 'explorer.exe'(2088)
c:\windows\system32\WININET.dll
c:\windows\system32\nview.dll
c:\windows\system32\NVWRSDA.DLL
c:\windows\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.4053_x-ww_e6967989\MSVCR80.dll
c:\windows\system32\ieframe.dll
c:\windows\system32\nvwddi.dll
c:\windows\system32\webcheck.dll
c:\windows\system32\WPDShServiceObj.dll
c:\windows\system32\BsMobileSDK.dll
c:\windows\system32\BsLangInDepRes.dll
c:\windows\system32\Bs2Res.dll
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
.
------------------------ Andre kørende processer ------------------------
.
c:\program files\Alwil Software\Avast4\aswUpdSv.exe
c:\program files\Alwil Software\Avast4\ashServ.exe
c:\program files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
c:\program files\IVT Corporation\BlueSoleil\BlueSoleilCS.exe
c:\program files\Bonjour\mDNSResponder.exe
c:\windows\system32\IFXTCS.exe
c:\program files\Java\jre6\bin\jqs.exe
c:\windows\system32\nvsvc32.exe
c:\windows\system32\IfxPsdSv.exe
c:\windows\system32\PSIService.exe
c:\windows\System32\snmp.exe
c:\windows\system32\SearchIndexer.exe
c:\program files\Alwil Software\Avast4\ashMaiSv.exe
c:\program files\Alwil Software\Avast4\ashWebSv.exe
c:\program files\IVT Corporation\BlueSoleil\BsHelpCS.exe
c:\windows\system32\rundll32.exe
c:\windows\system32\rundll32.exe
c:\program files\Synaptics\SynTP\SynToshiba.exe
c:\program files\Infineon\Security Platform Software\PSDrt.exe
c:\program files\Infineon\Security Platform Software\SpTna.exe
c:\program files\iPod\bin\iPodService.exe
.
**************************************************************************
.
Gennemført tid: 2009-11-14 21:44 - maskinen blev genstartet
ComboFix-quarantined-files.txt  2009-11-14 20:44
ComboFix2.txt  2009-09-21 12:43
ComboFix3.txt  2009-07-19 11:09
ComboFix4.txt  2009-07-19 10:49
ComboFix5.txt  2009-11-14 20:27
Pre-Kørsel: 57.467.613.184 bytes free
Post-Kørsel: 57.435.193.344 bytes free
- - End Of File - - 4C1368C42803489A55E932A03BEA1DE9

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 21:47:18, on 14-11-2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Windows Defender\MsMpEng.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\IVT Corporation\BlueSoleil\BlueSoleilCS.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Broadcom\BACS\BPowMon.exe
C:\Program Files\IVT Corporation\BlueSoleil\BsMobileCS.exe
C:\WINDOWS\system32\IFXSPMGT.exe
C:\WINDOWS\system32\IFXTCS.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\IfxPsdSv.exe
C:\WINDOWS\system32\PSIService.exe
C:\WINDOWS\System32\snmp.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\SearchIndexer.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\Program Files\IVT Corporation\BlueSoleil\BsHelpCS.exe
C:\Program Files\Quick Launch Button\QLButton.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Synaptics\SynTP\SynTPStart.exe
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\Synaptics\SynTP\SynToshiba.exe
C:\Program Files\IVT Corporation\BlueSoleil\BtTray.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\Infineon\Security Platform Software\PSDrt.exe
C:\Program Files\Infineon\Security Platform Software\SpTna.exe
C:\Program Files\Windows Desktop Search\WindowsSearch.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\WINDOWS\explorer.exe
C:\WINDOWS\system32\SearchProtocolHost.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
C:\WINDOWS\system32\NOTEPAD.EXE

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://login.live.com/login.srf?wa=wsignin1.0&rpsnv=10&ct=1223554065&rver=4.5.2130.0&wp=MBI&wreply=http:%2F%2Fmail.live.com%2Fdefault.aspx&id=64855
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://r.office.microsoft.com/r/rlidOfficeUpdate?clid=1030
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.3.4501.1418\swg.dll
O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /installquiet /keeploaded /nodetect
O4 - HKLM\..\Run: [QLButton] C:\Program Files\Quick Launch Button\QLButton.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [IFXSPMGT] C:\WINDOWS\system32\IFXSPMGT.exe /NotifyLogon
O4 - HKLM\..\Run: [SynTPStart] C:\Program Files\Synaptics\SynTP\SynTPStart.exe
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [BtTray] "C:\Program Files\IVT Corporation\BlueSoleil\BtTray.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [Malwarebytes Anti-Malware (reboot)] "C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe" /runcleanupscript
O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: Windows Search.lnk = C:\Program Files\Windows Desktop Search\WindowsSearch.exe
O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\WINDOWS\system32\GPhotos.scr/200
O8 - Extra context menu item: E&ksporter til Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: Send til OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: S&end til OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {029FDBA6-3547-11D7-AA4C-0050BF051A00} (Rawflow ICD Client) - http://downol.dr.dk/download/netradio/Rawflow.cab
O16 - DPF: {05CA9FB0-3E3E-4B36-BF41-0E3A5CAA8CD8} (Office Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=58813
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {1E54D648-B804-468d-BC78-4AFFED8E262E} (System Requirements Lab) - http://www.nvidia.com/content/DriverDownload/srl/3.0.0.0/srl_bin/sysreqlab3.cab
O16 - DPF: {410A8B3C-7CCB-40E8-8B11-28B099E5C488} (Trend Micro Security Services Control) - http://tmss.trendmicro.com/Dashboard/controls/activex_10/TMSSReportW.CAB
O16 - DPF: {44C1E3A2-B594-401C-B27A-D1B4476E4797} (XTSAC Control) - https://194.255.38.38/XTSAC.cab
O16 - DPF: {474F00F5-3853-492C-AC3A-476512BBC336} (UploadListView Class) - http://picasaweb.google.dk/s/v/27.44/uploader2.cab
O16 - DPF: {5ED80217-570B-4DA9-BF44-BE107C0EC166} (Windows Live Safety Center Base Module) - http://cdn.scan.onecare.live.com/resource/download/scanner/wlscbase5036.cab
O16 - DPF: {67A5F8DC-1A4B-4D66-9F24-A704AD929EEE} (System Requirements Lab) - http://www.nvidia.com/content/DriverDownload/srl/2.0.0.1/sysreqlab2.cab
O16 - DPF: {6F15128C-E66A-490C-B848-5000B5ABEEAC} (HP Download Manager) - https://h20436.www2.hp.com/ediags/dex/secure/HPDEXAXO.cab
O16 - DPF: {D821DC4A-0814-435E-9820-661C543A4679} (CRLDownloadWrapper Class) - http://drmlicense.one.microsoft.com/crlupdate/en/crlocx.ocx
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\WINDOWS\system32\skype4com.dll
O18 - Filter: x-sdch - {B1759355-3EEC-4C1E-B0F1-B719FE26E377} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll
O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: BlueSoleilCS - IVT Corporation - C:\Program Files\IVT Corporation\BlueSoleil\BlueSoleilCS.exe
O23 - Service: Bonjour-tjeneste (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Broadcom Power monitoring service (BPowMon) - Broadcom Corp. - C:\Program Files\Broadcom\BACS\BPowMon.exe
O23 - Service: BsHelpCS - IVT Corporation - C:\Program Files\IVT Corporation\BlueSoleil\BsHelpCS.exe
O23 - Service: BsMobileCS - IVT Corporation - C:\Program Files\IVT Corporation\BlueSoleil\BsMobileCS.exe
O23 - Service: Google Update Service (gupdate1c9862dc97496a2) (gupdate1c9862dc97496a2) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Security Platform Management Service (IFXSpMgtSrv) - Infineon Technologies AG - C:\WINDOWS\system32\IFXSPMGT.exe
O23 - Service: Trusted Platform Core Service (IFXTCS) - Infineon Technologies AG - C:\WINDOWS\system32\IFXTCS.exe
O23 - Service: iPod-tjeneste (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: MySQL - Unknown owner - C:\Program.exe (file missing)
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Personal Secure Drive Service (PersonalSecureDriveService) - Infineon Technologies AG - C:\WINDOWS\system32\IfxPsdSv.exe
O23 - Service: ProtexisLicensing - Unknown owner - C:\WINDOWS\system32\PSIService.exe
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe

--
End of file - 12311 bytes
Avatar billede f-arn Guru
14. november 2009 - 22:27 #1
Hej XXXX
Med mindre combofix og malwarebytes har ændret den måde de skriver deres logs på har du redigeret dem.
Avatar billede zyp Nybegynder
14. november 2009 - 23:57 #2
tjaa.. en anelse privatliv har man vel lov til? :)
Avatar billede f-arn Guru
15. november 2009 - 03:40 #3
Hvis det bare var dit navn betød det ikke noget, men jeg kan se du har redigeret med andet.
Avatar billede f-arn Guru
15. november 2009 - 03:46 #4
Så sisdste chance : Bortset fra fjernelese af navn ->hele log
Avatar billede zyp Nybegynder
15. november 2009 - 09:40 #5
Jeg havde blot fjernet mellemrumm? men ligger den blot ind igen

Malwarebytes' Anti-Malware 1.41
Database version: 3171
Windows 5.1.2600 Service Pack 3

2009-11-14 20:07:34
mbam-log-2009-11-14 (20-07-34).txt

Scan type: Full Scan (C:\|)
Objects scanned: 193221
Time elapsed: 56 minute(s), 22 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 0

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
(No malicious items detected)

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
(No malicious items detected)

Files Infected:
(No malicious items detected)


ComboFix 09-11-15.01 - XXXX 14-11-2009 21:29.9.2 - FAT32x86
Microsoft Windows XP Professional  5.1.2600.3.1252.45.1033.18.2046.1351 [GMT 1:00]
Kører fra: c:\documents and settings\XXXx\My Documents\Downloads\ComboFix.exe
Kommandoer benyttet :: c:\documents and settings\XXXX\Desktop\Vira mappe\CFScript.txt
AV: avast! antivirus 4.8.1351 [VPS 091114-0] *On-access scanning disabled* (Updated) {7591DB91-41F0-48A3-B128-1A293FD8233D}

advarsel -DENNE MASKINE HAR IKKE GENOPRETTELSESKONSOL INSTALLERET !!
.

(((((((((((((((((((((((((((((  Filer skabt fra 2009-10-14 til 2009-11-14  )))))))))))))))))))))))))))))))))))
.

2009-11-12 11:30 . 2009-11-12 11:30    --------    d-----w-    c:\documents and settings\XXXX\Local Settings\Application Data\Blizzard Entertainment
2009-11-09 15:04 . 2009-05-18 13:17    26600    ----a-w-    c:\windows\system32\drivers\GEARAspiWDM.sys
2009-11-09 15:04 . 2008-04-17 12:12    107368    ----a-w-    c:\windows\system32\GEARAspi.dll
2009-11-09 15:03 . 2009-11-09 15:03    --------    d-----w-    c:\program files\iPod
2009-11-09 15:03 . 2009-11-09 15:04    --------    d-----w-    c:\program files\iTunes
2009-11-09 15:03 . 2009-11-09 15:04    --------    d-----w-    c:\documents and settings\All Users\Application Data\{755AC846-7372-4AC8-8550-C52491DAA8BD}
2009-11-09 15:02 . 2009-11-09 15:02    --------    d-----w-    c:\program files\Bonjour
2009-11-07 09:25 . 2009-11-07 09:47    --------    d-----w-    c:\documents and settings\XXXX\Application Data\iPodder
2009-11-07 09:25 . 2009-11-11 08:44    --------    d-----w-    c:\program files\Juice
2009-11-07 08:29 . 2009-11-07 08:30    --------    d-----w-    c:\program files\QuickTime
2009-11-07 08:26 . 2009-11-09 15:03    --------    d-----w-    c:\program files\Common Files\Apple
2009-11-07 08:26 . 2009-11-07 08:26    --------    d-----w-    c:\program files\Apple Software Update
2009-11-05 15:32 . 2009-11-05 15:32    152576    ----a-w-    c:\documents and settings\XXXX\Application Data\Sun\Java\jre1.6.0_17\lzma.dll
2009-10-30 00:29 . 2009-10-30 00:29    2146304    ----a-w-    c:\windows\system32\GPhotos.scr
2009-10-28 19:58 . 2009-10-28 19:58    79144    ----a-w-    c:\documents and settings\All Users\Application Data\Apple Computer\Installer Cache\iTunes 9.0.2.25\SetupAdmin.exe
2009-10-23 19:50 . 2009-10-23 19:50    --------    d-----w-    c:\program files\HyCam2

.
((((((((((((((((((((((((((((((((((((((((  Find3M Rapport  ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-11-12 11:29 . 2007-09-02 19:00    --------    d-----w-    c:\program files\World of Warcraft
2009-11-12 11:27 . 2008-04-20 07:52    --------    d-----w-    c:\program files\SUPERAntiSpyware
2009-11-11 06:48 . 2007-09-20 07:53    --------    d-----w-    c:\documents and settings\All Users\Application Data\Microsoft Help
2009-11-09 15:21 . 2009-05-01 15:03    117760    ----a-w-    c:\documents and settings\XXX\Application Data\SUPERAntiSpyware.com\SUPERAntiSpyware\SDDLLS\UIREPAIR.DLL
2009-11-09 15:07 . 2008-08-13 20:15    --------    d-----w-    c:\documents and settings\XXXX\Application Data\Apple Computer
2009-11-07 08:50 . 2009-03-21 13:32    --------    d-----w-    c:\program files\Common Files\Adobe AIR
2009-11-07 08:50 . 2009-09-21 12:06    38208    ----a-w-    c:\documents and settings\XXXX\Application Data\Macromedia\Flash Player\www.macromedia.com\bin\airappinstaller\airappinstaller.exe
2009-11-07 08:50 . 2009-09-21 12:06    38208    ----a-w-    c:\documents and settings\Default User\Application Data\Macromedia\Flash Player\www.macromedia.com\bin\airappinstaller\airappinstaller.exe
2009-11-07 08:29 . 2008-08-13 20:14    --------    d-----w-    c:\documents and settings\All Users\Application Data\Apple Computer
2009-11-05 15:33 . 2007-09-02 19:12    --------    d-----w-    c:\program files\Java
2009-11-02 19:42 . 2009-10-03 11:12    195456    ------w-    c:\windows\system32\MpSigStub.exe
2009-10-30 11:04 . 2009-04-04 18:39    0    ----a-w-    c:\documents and settings\XXXX\temp.dat
2009-10-24 11:17 . 2007-08-31 13:58    69232    ----a-w-    c:\documents and settings\XXXX\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
2009-10-14 17:10 . 2008-02-25 16:08    --------    d-----w-    c:\program files\Common Files\Adobe
2009-10-11 03:17 . 2008-12-16 19:56    411368    ----a-w-    c:\windows\system32\deploytk.dll
2009-09-22 17:44 . 2009-09-22 17:44    --------    d-----w-    c:\documents and settings\XXXX\Application Data\Windows Search
2009-09-22 15:45 . 2009-09-21 18:29    --------    d-----w-    c:\program files\Windows Desktop Search
2009-09-21 19:31 . 2009-09-21 19:31    --------    d-----w-    c:\documents and settings\XXXX\Application Data\Windows Desktop Search
2009-09-21 16:36 . 2009-09-21 13:09    --------    d-----w-    c:\program files\Creative
2009-09-21 16:33 . 2007-08-31 11:04    --------    d--h--w-    c:\program files\InstallShield Installation Information
2009-09-21 13:35 . 2009-09-21 13:35    --------    d-----w-    c:\documents and settings\XXXX\Application Data\Reallusion
2009-09-21 13:35 . 2009-09-21 13:14    --------    d-----w-    c:\documents and settings\All Users\Application Data\Creative
2009-09-21 13:13 . 2009-09-21 13:13    --------    d-----w-    c:\documents and settings\XXXX\Application Data\Creative
2009-09-21 12:52 . 2009-05-04 15:29    --------    d-----w-    c:\program files\Malwarebytes' Anti-Malware
2009-09-21 12:52 . 2009-09-21 12:52    4045528    ----a-w-    c:\documents and settings\All Users\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\mbam-setup.exe
2009-09-11 14:18 . 2005-11-01 12:00    136192    ----a-w-    c:\windows\system32\msv1_0.dll
2009-09-10 12:54 . 2009-05-04 15:29    38224    ----a-w-    c:\windows\system32\drivers\mbamswissarmy.sys
2009-09-10 12:53 . 2009-05-04 15:29    19160    ----a-w-    c:\windows\system32\drivers\mbam.sys
2009-09-04 21:03 . 2005-11-01 12:00    58880    ----a-w-    c:\windows\system32\msasn1.dll
2009-08-29 08:08 . 2005-11-01 12:00    916480    ----a-w-    c:\windows\system32\wininet.dll
2009-08-26 08:00 . 2005-11-01 12:00    247326    ----a-w-    c:\windows\system32\strmdll.dll
2009-08-23 21:00 . 2009-08-23 21:00    922112    ------w-    c:\windows\system32\imapi2fs.dll
2009-08-23 21:00 . 2009-08-23 21:00    426496    ------w-    c:\windows\system32\imapi2.dll
2009-08-17 21:33 . 2009-08-17 21:33    1193832    ----a-w-    c:\windows\system32\FM20.DLL
2009-08-17 16:10 . 2009-07-19 11:57    1279456    ----a-w-    c:\windows\system32\aswBoot.exe
2009-08-17 16:06 . 2009-07-19 11:58    93392    ----a-w-    c:\windows\system32\drivers\aswmon.sys
2009-08-17 16:06 . 2009-07-19 11:58    94160    ----a-w-    c:\windows\system32\drivers\aswmon2.sys
2009-08-17 16:05 . 2009-07-19 11:58    114768    ----a-w-    c:\windows\system32\drivers\aswSP.sys
2009-08-17 16:05 . 2009-07-19 11:58    20560    ----a-w-    c:\windows\system32\drivers\aswFsBlk.sys
2009-08-17 16:04 . 2009-07-19 11:58    51376    ----a-w-    c:\windows\system32\drivers\aswTdi.sys
2009-08-17 16:04 . 2009-07-19 11:58    23152    ----a-w-    c:\windows\system32\drivers\aswRdr.sys
2009-08-17 16:03 . 2009-07-19 11:58    26944    ----a-w-    c:\windows\system32\drivers\aavmker4.sys
2009-08-17 16:02 . 2009-07-19 11:58    97480    ----a-w-    c:\windows\system32\AvastSS.scr
2009-04-29 17:08 . 2009-04-29 17:08    5154304    ----a-w-    c:\program files\WindowsDefender.msi
2008-09-22 15:28 . 2008-07-07 18:46    88    --sh--r-    c:\windows\system32\316661CE4A.sys
2008-09-22 15:28 . 2008-07-07 18:46    1056    --sh--w-    c:\windows\system32\KGyGaAvL.sys
.

(((((((((((((((((((((((((((((((((((  Start steder i reg.basen  ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Bemærk* tomme linier & lovlige standard linier vises ikke 
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2008-12-12 68856]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2007-04-28 8429568]
"QLButton"="c:\program files\Quick Launch Button\QLButton.exe" [2005-01-06 106496]
"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2007-08-15 1015808]
"IFXSPMGT"="c:\windows\system32\IFXSPMGT.exe" [2006-11-13 661024]
"SynTPStart"="c:\program files\Synaptics\SynTP\SynTPStart.exe" [2007-08-15 102400]
"GrooveMonitor"="c:\program files\Microsoft Office\Office12\GrooveMonitor.exe" [2008-10-25 31072]
"avast!"="c:\progra~1\ALWILS~1\Avast4\ashDisp.exe" [2009-08-17 81000]
"BtTray"="c:\program files\IVT Corporation\BlueSoleil\BtTray.exe" [2009-08-07 315478]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2009-10-03 35696]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2009-09-04 935288]
"SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2009-10-11 149280]
"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2009-09-05 417792]
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2009-10-28 141600]
"Malwarebytes Anti-Malware (reboot)"="c:\program files\Malwarebytes' Anti-Malware\mbam.exe" [2009-09-10 1312080]
"nwiz"="nwiz.exe" - c:\windows\system32\nwiz.exe [2007-04-28 1626112]
"RTHDCPL"="RTHDCPL.EXE" - c:\windows\RTHDCPL.exe [2008-02-19 16858112]
"BluetoothAuthenticationAgent"="bthprops.cpl" - c:\windows\system32\bthprops.cpl [2008-04-14 110592]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]

c:\documents and settings\All Users\Start Menu\Programs\Startup\
Windows Search.lnk - c:\program files\Windows Desktop Search\WindowsSearch.exe [2008-5-26 123904]

[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= "c:\program files\SUPERAntiSpyware\SASSEH.DLL" [2008-05-21 77824]
"{56F9679E-7826-4C84-81F3-532071A8BCC5}"= "c:\program files\Windows Desktop Search\MSNLNamespaceMgr.dll" [2009-05-24 304128]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\!SASWinLogon]
2009-09-07 18:21    548352    ----a-w-    c:\program files\SUPERAntiSpyware\SASWINLO.DLL

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend]
@="Service"

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\IVT Corporation\\BlueSoleil\\BlueSoleil.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\WINDOWS\\system32\\dpvsetup.exe"=
"c:\\Program Files\\World of Warcraft\\WoW-1.12.x-to-2.0.1-enGB-patch-downloader.exe"=
"c:\\Program Files\\World of Warcraft\\BackgroundDownloader.exe"=
"c:\\Program Files\\World of Warcraft\\WoW-2.2.3.7359-to-2.3.0.7561-enGB-downloader.exe"=
"c:\\Program Files\\Steam\\steamapps\\hejseb\\counter-strike source\\hl2.exe"=
"c:\\Program Files\\Common Files\\Nokia\\Service Layer\\A\\nsl_host_process.exe"=
"c:\\Program Files\\Nokia\\Nokia Software Updater\\nsu_ui_client.exe"=
"c:\\Program Files\\World of Warcraft\\Launcher.exe"=
"c:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"=
"c:\\Program Files\\Microsoft Office\\Office12\\GROOVE.EXE"=
"c:\\Program Files\\Microsoft Office\\Office12\\ONENOTE.EXE"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=
"c:\\Program Files\\World of Warcraft\\WoW-3.1.3.9947-to-3.2.0.10192-enGB-downloader.exe"=
"c:\\Program Files\\Curse\\CurseClient.exe"=
"c:\\Program Files\\IVT Corporation\\BlueSoleil\\BlueSoleilCS.exe"=
"c:\\Program Files\\World of Warcraft\\WoW-3.2.0.10192-to-3.2.0.10314-enGB-downloader.exe"=
"c:\\Program Files\\Java\\jre6\\bin\\java.exe"=
"c:\\Program Files\\World of Warcraft\\WoW-3.2.0.10314-to-3.2.2.10482-enGB-downloader.exe"=
"c:\\Program Files\\World of Warcraft\\WoW-3.2.2.10482-to-3.2.2.10505-enGB-downloader.exe"=
"c:\\Program Files\\MSN Messenger\\msnmsgr.exe"=
"c:\\Program Files\\MSN Messenger\\livecall.exe"=
"c:\\Program Files\\Messenger\\msmsgs.exe"=
"c:\\Program Files\\Bonjour\\mDNSResponder.exe"=
"c:\\Program Files\\iTunes\\iTunes.exe"=

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"3724:TCP"= 3724:TCP:Blizzard Downloader: 3724

R0 BtHidBus;Bluetooth HID Bus Service;c:\windows\system32\drivers\BtHidBus.sys [31-07-2008 20:45 20744]
R1 aswSP;avast! Self Protection;c:\windows\system32\drivers\aswSP.sys [19-07-2009 12:58 114768]
R1 PersonalSecureDrive;PersonalSecureDrive;c:\windows\system32\drivers\psd.sys [12-10-2006 19:37 38952]
R1 SASDIFSV;SASDIFSV;c:\program files\SUPERAntiSpyware\SASDIFSV.SYS [29-02-2008 15:03 9968]
R1 SASKUTIL;SASKUTIL;c:\program files\SUPERAntiSpyware\SASKUTIL.SYS [29-02-2008 15:03 74480]
R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [19-07-2009 12:58 20560]
R2 BPowMon;Broadcom Power monitoring service;c:\program files\Broadcom\BACS\BPowMon.exe [31-08-2006 16:04 65536]
R2 BsMobileCS;BsMobileCS;c:\program files\IVT Corporation\BlueSoleil\BsMobileCS.exe [07-08-2009 14:09 143467]
R2 WinDefend;Windows Defender;c:\program files\Windows Defender\MsMpEng.exe [03-11-2006 18:19 13592]
R3 btnetBUs;Bluetooth PAN Bus Service;c:\windows\system32\drivers\btnetBus.sys [17-06-2009 13:02 29192]
R3 hidshim;Service for HID-KMDF Shim layer;c:\windows\system32\drivers\hidshim.sys [11-07-2007 04:01 5632]
R3 IFXTPM;IFXTPM;c:\windows\system32\drivers\ifxtpm.sys [17-09-2007 22:49 36608]
R3 IvtBtBUs;IVT Bluetooth Bus Service;c:\windows\system32\drivers\IvtBtBus.sys [02-07-2008 14:58 25480]
R3 winbondhidcir;Winbond HID CIR Receiver;c:\windows\system32\drivers\winbondhidcir.sys [11-07-2007 04:01 21504]
S2 gupdate1c9862dc97496a2;Google Update Service (gupdate1c9862dc97496a2);c:\program files\Google\Update\GoogleUpdate.exe [03-02-2009 19:32 133104]
S3 CtClsFlt;Creative Camera Class Upper Filter Driver;c:\windows\system32\DRIVERS\CtClsFlt.sys --> c:\windows\system32\DRIVERS\CtClsFlt.sys [?]
S3 MaplomL;MaplomL; [x]
S3 SASENUM;SASENUM;c:\program files\SUPERAntiSpyware\SASENUM.SYS [16-02-2006 15:51 4096]

--- Andre Services/Drivers i Hukommelsen ---

*NewlyCreated* - MBR
*Deregistered* - mbr
.
Indhold af mappen 'Planlagte Opgaver'

2009-11-12 c:\windows\Tasks\AppleSoftwareUpdate.job
- c:\program files\Apple Software Update\SoftwareUpdate.exe [2008-07-30 11:34]

2009-11-14 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-02-03 18:32]

2009-11-14 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-02-03 18:32]

2009-11-14 c:\windows\Tasks\MP Scheduled Scan.job
- c:\program files\Windows Defender\MpCmdRun.exe [2006-11-03 17:20]

2009-11-14 c:\windows\Tasks\Security Platform Backup Schedule.job
- c:\program files\Infineon\Security Platform Software\SpBackupWz.exe [2006-11-13 11:56]

2009-11-14 c:\windows\Tasks\Søg efter opdateringer til Windows Live Toolbar.job
- c:\program files\Windows Live Toolbar\MSNTBUP.EXE [2007-10-19 10:20]
.
.
------- Yderligere scanning -------
.
uStart Page = hxxp://login.live.com/login.srf?wa=wsignin1.0&rpsnv=10&ct=1223554065&rver=4.5.2130.0&wp=MBI&wreply=http:%2F%2Fmail.live.com%2Fdefault.aspx&id=64855
uDefault_Search_URL = hxxp://www.google.com/ie
uInternet Settings,ProxyOverride = *.local
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
IE: &Windows Live Search - c:\program files\Windows Live Toolbar\msntb.dll/search.htm
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
IE: E&ksporter til Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
FF - ProfilePath - c:\documents and settings\XXXX\Application Data\Mozilla\Firefox\Profiles\6psr5jrt.default\
FF - plugin: c:\program files\Google\Picasa3\npPicasa2.dll
FF - plugin: c:\program files\Google\Picasa3\npPicasa3.dll
FF - plugin: c:\program files\Google\Update\1.2.183.13\npGoogleOneClick8.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\np-mswmp.dll
FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\

---- FIREFOX POLITIKKER ----
c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl3.rsa_seed_sha", true);
.

**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-11-14 21:40
Windows 5.1.2600 Service Pack 3 NTFS

scanner skjulte processer ... 

scanner skjulte autostarter ...

scanner skjulte filer ... 

scanning gennemført med succes
skjulte filer: 0

**************************************************************************

[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\MySQL]
"ImagePath"="\"c:\program files\MySQL\MySQL Server 5.0\bin\mysqld-nt\" --defaults-file=\"c:\program files\MySQL\MySQL Server 5.0\my.ini\" MySQL"
.
--------------------- DLLs startet under kørende Processer ---------------------

- - - - - - - > 'winlogon.exe'(824)
c:\program files\SUPERAntiSpyware\SASWINLO.DLL
c:\windows\system32\WININET.dll

- - - - - - - > 'explorer.exe'(2088)
c:\windows\system32\WININET.dll
c:\windows\system32\nview.dll
c:\windows\system32\NVWRSDA.DLL
c:\windows\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.4053_x-ww_e6967989\MSVCR80.dll
c:\windows\system32\ieframe.dll
c:\windows\system32\nvwddi.dll
c:\windows\system32\webcheck.dll
c:\windows\system32\WPDShServiceObj.dll
c:\windows\system32\BsMobileSDK.dll
c:\windows\system32\BsLangInDepRes.dll
c:\windows\system32\Bs2Res.dll
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
.
------------------------ Andre kørende processer ------------------------
.
c:\program files\Alwil Software\Avast4\aswUpdSv.exe
c:\program files\Alwil Software\Avast4\ashServ.exe
c:\program files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
c:\program files\IVT Corporation\BlueSoleil\BlueSoleilCS.exe
c:\program files\Bonjour\mDNSResponder.exe
c:\windows\system32\IFXTCS.exe
c:\program files\Java\jre6\bin\jqs.exe
c:\windows\system32\nvsvc32.exe
c:\windows\system32\IfxPsdSv.exe
c:\windows\system32\PSIService.exe
c:\windows\System32\snmp.exe
c:\windows\system32\SearchIndexer.exe
c:\program files\Alwil Software\Avast4\ashMaiSv.exe
c:\program files\Alwil Software\Avast4\ashWebSv.exe
c:\program files\IVT Corporation\BlueSoleil\BsHelpCS.exe
c:\windows\system32\rundll32.exe
c:\windows\system32\rundll32.exe
c:\program files\Synaptics\SynTP\SynToshiba.exe
c:\program files\Infineon\Security Platform Software\PSDrt.exe
c:\program files\Infineon\Security Platform Software\SpTna.exe
c:\program files\iPod\bin\iPodService.exe
.
**************************************************************************
.
Gennemført tid: 2009-11-14 21:44 - maskinen blev genstartet
ComboFix-quarantined-files.txt  2009-11-14 20:44
ComboFix2.txt  2009-09-21 12:43
ComboFix3.txt  2009-07-19 11:09
ComboFix4.txt  2009-07-19 10:49
ComboFix5.txt  2009-11-14 20:27

Pre-Kørsel: 57.467.613.184 bytes free
Post-Kørsel: 57.435.193.344 bytes free

- - End Of File - - 4C1368C42803489A55E932A03BEA1DE9


Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 21:47:18, on 14-11-2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Windows Defender\MsMpEng.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\IVT Corporation\BlueSoleil\BlueSoleilCS.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Broadcom\BACS\BPowMon.exe
C:\Program Files\IVT Corporation\BlueSoleil\BsMobileCS.exe
C:\WINDOWS\system32\IFXSPMGT.exe
C:\WINDOWS\system32\IFXTCS.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\IfxPsdSv.exe
C:\WINDOWS\system32\PSIService.exe
C:\WINDOWS\System32\snmp.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\SearchIndexer.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\Program Files\IVT Corporation\BlueSoleil\BsHelpCS.exe
C:\Program Files\Quick Launch Button\QLButton.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Synaptics\SynTP\SynTPStart.exe
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\Synaptics\SynTP\SynToshiba.exe
C:\Program Files\IVT Corporation\BlueSoleil\BtTray.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\Infineon\Security Platform Software\PSDrt.exe
C:\Program Files\Infineon\Security Platform Software\SpTna.exe
C:\Program Files\Windows Desktop Search\WindowsSearch.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\WINDOWS\explorer.exe
C:\WINDOWS\system32\SearchProtocolHost.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
C:\WINDOWS\system32\NOTEPAD.EXE

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://login.live.com/login.srf?wa=wsignin1.0&rpsnv=10&ct=1223554065&rver=4.5.2130.0&wp=MBI&wreply=http:%2F%2Fmail.live.com%2Fdefault.aspx&id=64855
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://r.office.microsoft.com/r/rlidOfficeUpdate?clid=1030
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.3.4501.1418\swg.dll
O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /installquiet /keeploaded /nodetect
O4 - HKLM\..\Run: [QLButton] C:\Program Files\Quick Launch Button\QLButton.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [IFXSPMGT] C:\WINDOWS\system32\IFXSPMGT.exe /NotifyLogon
O4 - HKLM\..\Run: [SynTPStart] C:\Program Files\Synaptics\SynTP\SynTPStart.exe
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [BtTray] "C:\Program Files\IVT Corporation\BlueSoleil\BtTray.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [Malwarebytes Anti-Malware (reboot)] "C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe" /runcleanupscript
O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: Windows Search.lnk = C:\Program Files\Windows Desktop Search\WindowsSearch.exe
O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\WINDOWS\system32\GPhotos.scr/200
O8 - Extra context menu item: E&ksporter til Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: Send til OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: S&end til OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {029FDBA6-3547-11D7-AA4C-0050BF051A00} (Rawflow ICD Client) - http://downol.dr.dk/download/netradio/Rawflow.cab
O16 - DPF: {05CA9FB0-3E3E-4B36-BF41-0E3A5CAA8CD8} (Office Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=58813
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {1E54D648-B804-468d-BC78-4AFFED8E262E} (System Requirements Lab) - http://www.nvidia.com/content/DriverDownload/srl/3.0.0.0/srl_bin/sysreqlab3.cab
O16 - DPF: {410A8B3C-7CCB-40E8-8B11-28B099E5C488} (Trend Micro Security Services Control) - http://tmss.trendmicro.com/Dashboard/controls/activex_10/TMSSReportW.CAB
O16 - DPF: {44C1E3A2-B594-401C-B27A-D1B4476E4797} (XTSAC Control) - https://194.255.38.38/XTSAC.cab
O16 - DPF: {474F00F5-3853-492C-AC3A-476512BBC336} (UploadListView Class) - http://picasaweb.google.dk/s/v/27.44/uploader2.cab
O16 - DPF: {5ED80217-570B-4DA9-BF44-BE107C0EC166} (Windows Live Safety Center Base Module) - http://cdn.scan.onecare.live.com/resource/download/scanner/wlscbase5036.cab
O16 - DPF: {67A5F8DC-1A4B-4D66-9F24-A704AD929EEE} (System Requirements Lab) - http://www.nvidia.com/content/DriverDownload/srl/2.0.0.1/sysreqlab2.cab
O16 - DPF: {6F15128C-E66A-490C-B848-5000B5ABEEAC} (HP Download Manager) - https://h20436.www2.hp.com/ediags/dex/secure/HPDEXAXO.cab
O16 - DPF: {D821DC4A-0814-435E-9820-661C543A4679} (CRLDownloadWrapper Class) - http://drmlicense.one.microsoft.com/crlupdate/en/crlocx.ocx
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\WINDOWS\system32\skype4com.dll
O18 - Filter: x-sdch - {B1759355-3EEC-4C1E-B0F1-B719FE26E377} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll
O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: BlueSoleilCS - IVT Corporation - C:\Program Files\IVT Corporation\BlueSoleil\BlueSoleilCS.exe
O23 - Service: Bonjour-tjeneste (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Broadcom Power monitoring service (BPowMon) - Broadcom Corp. - C:\Program Files\Broadcom\BACS\BPowMon.exe
O23 - Service: BsHelpCS - IVT Corporation - C:\Program Files\IVT Corporation\BlueSoleil\BsHelpCS.exe
O23 - Service: BsMobileCS - IVT Corporation - C:\Program Files\IVT Corporation\BlueSoleil\BsMobileCS.exe
O23 - Service: Google Update Service (gupdate1c9862dc97496a2) (gupdate1c9862dc97496a2) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Security Platform Management Service (IFXSpMgtSrv) - Infineon Technologies AG - C:\WINDOWS\system32\IFXSPMGT.exe
O23 - Service: Trusted Platform Core Service (IFXTCS) - Infineon Technologies AG - C:\WINDOWS\system32\IFXTCS.exe
O23 - Service: iPod-tjeneste (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: MySQL - Unknown owner - C:\Program.exe (file missing)
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Personal Secure Drive Service (PersonalSecureDriveService) - Infineon Technologies AG - C:\WINDOWS\system32\IfxPsdSv.exe
O23 - Service: ProtexisLicensing - Unknown owner - C:\WINDOWS\system32\PSIService.exe
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe

--
End of file - 12311 bytes
Avatar billede f-arn Guru
15. november 2009 - 15:17 #6
Du bliver nødt til at lægge en ind uden XXXX, da der ligge noget der skal slettes hvor XXXX indgår i "stien"
Avatar billede zyp Nybegynder
15. november 2009 - 16:22 #7
Det er mit navn ... Undskyld hvis jeg lyder dum - jeg sætter stor pris på at du vil kigge det igennem - men om hvorvidt der står Bent eller xxxx kan ikke gøre forskel? Hvilke linier er det som du mener repræsenter noget skidt?
Avatar billede zyp Nybegynder
15. november 2009 - 19:25 #8
Malwarebytes' Anti-Malware 1.41
Database version: 3171
Windows 5.1.2600 Service Pack 3

2009-11-14 20:07:34
mbam-log-2009-11-14 (20-07-34).txt

Scan type: Full Scan (C:\|)
Objects scanned: 193221
Time elapsed: 56 minute(s), 22 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 0

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
(No malicious items detected)

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
(No malicious items detected)

Files Infected:
(No malicious items detected)

ComboFix 09-11-16.01 - per 15-11-2009 18:39.10.2 - FAT32x86
Microsoft Windows XP Professional  5.1.2600.3.1252.45.1033.18.2046.1199 [GMT 1:00]
Kører fra: c:\documents and settings\per\My Documents\Downloads\ComboFix.exe
Kommandoer benyttet :: c:\documents and settings\per\Desktop\Vira mappe\CFScript.txt
AV: avast! antivirus 4.8.1351 [VPS 091115-0] *On-access scanning disabled* (Updated) {7591DB91-41F0-48A3-B128-1A293FD8233D}

advarsel -DENNE MASKINE HAR IKKE GENOPRETTELSESKONSOL INSTALLERET !!
.

(((((((((((((((((((((((((((((  Filer skabt fra 2009-10-15 til 2009-11-15  )))))))))))))))))))))))))))))))))))
.

2009-11-15 16:42 . 2009-11-15 16:42    --------    d-----w-    c:\program files\Common Files\Skype
2009-11-15 16:42 . 2009-11-15 16:42    --------    d-----r-    c:\program files\Skype
2009-11-12 11:30 . 2009-11-12 11:30    --------    d-----w-    c:\documents and settings\per\Local Settings\Application Data\Blizzard Entertainment
2009-11-09 15:04 . 2009-05-18 13:17    26600    ----a-w-    c:\windows\system32\drivers\GEARAspiWDM.sys
2009-11-09 15:04 . 2008-04-17 12:12    107368    ----a-w-    c:\windows\system32\GEARAspi.dll
2009-11-09 15:03 . 2009-11-09 15:03    --------    d-----w-    c:\program files\iPod
2009-11-09 15:03 . 2009-11-09 15:04    --------    d-----w-    c:\program files\iTunes
2009-11-09 15:03 . 2009-11-09 15:04    --------    d-----w-    c:\documents and settings\All Users\Application Data\{755AC846-7372-4AC8-8550-C52491DAA8BD}
2009-11-07 09:25 . 2009-11-07 09:47    --------    d-----w-    c:\documents and settings\per\Application Data\iPodder
2009-11-07 09:25 . 2009-11-11 08:44    --------    d-----w-    c:\program files\Juice
2009-11-07 08:29 . 2009-11-07 08:30    --------    d-----w-    c:\program files\QuickTime
2009-11-07 08:26 . 2009-11-09 15:03    --------    d-----w-    c:\program files\Common Files\Apple
2009-11-07 08:26 . 2009-11-07 08:26    --------    d-----w-    c:\program files\Apple Software Update
2009-11-05 15:32 . 2009-11-05 15:32    152576    ----a-w-    c:\documents and settings\per\Application Data\Sun\Java\jre1.6.0_17\lzma.dll
2009-10-30 00:29 . 2009-10-30 00:29    2146304    ----a-w-    c:\windows\system32\GPhotos.scr
2009-10-28 19:58 . 2009-10-28 19:58    79144    ----a-w-    c:\documents and settings\All Users\Application Data\Apple Computer\Installer Cache\iTunes 9.0.2.25\SetupAdmin.exe
2009-10-23 19:50 . 2009-10-23 19:50    --------    d-----w-    c:\program files\HyCam2

.
((((((((((((((((((((((((((((((((((((((((  Find3M Rapport  ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-11-15 17:16 . 2007-09-02 14:39    --------    d-----w-    c:\documents and settings\per\Application Data\Skype
2009-11-15 16:42 . 2007-09-02 14:33    --------    d-----w-    c:\documents and settings\All Users\Application Data\Skype
2009-11-15 16:25 . 2008-10-29 19:46    --------    d-----w-    c:\documents and settings\per\Application Data\skypePM
2009-11-15 15:47 . 2007-12-20 16:23    --------    d-----w-    c:\program files\Google
2009-11-15 15:23 . 2007-09-02 19:00    --------    d-----w-    c:\program files\World of Warcraft
2009-11-12 11:27 . 2008-04-20 07:52    --------    d-----w-    c:\program files\SUPERAntiSpyware
2009-11-11 06:48 . 2007-09-20 07:53    --------    d-----w-    c:\documents and settings\All Users\Application Data\Microsoft Help
2009-11-09 15:21 . 2009-05-01 15:03    117760    ----a-w-    c:\documents and settings\per\Application Data\SUPERAntiSpyware.com\SUPERAntiSpyware\SDDLLS\UIREPAIR.DLL
2009-11-09 15:07 . 2008-08-13 20:15    --------    d-----w-    c:\documents and settings\per\Application Data\Apple Computer
2009-11-07 08:50 . 2009-03-21 13:32    --------    d-----w-    c:\program files\Common Files\Adobe AIR
2009-11-07 08:50 . 2009-09-21 12:06    38208    ----a-w-    c:\documents and settings\per\Application Data\Macromedia\Flash Player\www.macromedia.com\bin\airappinstaller\airappinstaller.exe
2009-11-07 08:50 . 2009-09-21 12:06    38208    ----a-w-    c:\documents and settings\Default User\Application Data\Macromedia\Flash Player\www.macromedia.com\bin\airappinstaller\airappinstaller.exe
2009-11-07 08:29 . 2008-08-13 20:14    --------    d-----w-    c:\documents and settings\All Users\Application Data\Apple Computer
2009-11-05 15:33 . 2007-09-02 19:12    --------    d-----w-    c:\program files\Java
2009-11-02 19:42 . 2009-10-03 11:12    195456    ------w-    c:\windows\system32\MpSigStub.exe
2009-10-30 11:04 . 2009-04-04 18:39    0    ----a-w-    c:\documents and settings\per\temp.dat
2009-10-24 11:17 . 2007-08-31 13:58    69232    ----a-w-    c:\documents and settings\per\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
2009-10-14 17:10 . 2008-02-25 16:08    --------    d-----w-    c:\program files\Common Files\Adobe
2009-10-11 03:17 . 2008-12-16 19:56    411368    ----a-w-    c:\windows\system32\deploytk.dll
2009-09-22 17:44 . 2009-09-22 17:44    --------    d-----w-    c:\documents and settings\per\Application Data\Windows Search
2009-09-22 15:45 . 2009-09-21 18:29    --------    d-----w-    c:\program files\Windows Desktop Search
2009-09-21 19:31 . 2009-09-21 19:31    --------    d-----w-    c:\documents and settings\per\Application Data\Windows Desktop Search
2009-09-21 16:36 . 2009-09-21 13:09    --------    d-----w-    c:\program files\Creative
2009-09-21 16:33 . 2007-08-31 11:04    --------    d--h--w-    c:\program files\InstallShield Installation Information
2009-09-21 13:35 . 2009-09-21 13:35    --------    d-----w-    c:\documents and settings\per\Application Data\Reallusion
2009-09-21 13:35 . 2009-09-21 13:14    --------    d-----w-    c:\documents and settings\All Users\Application Data\Creative
2009-09-21 13:13 . 2009-09-21 13:13    --------    d-----w-    c:\documents and settings\per\Application Data\Creative
2009-09-21 12:52 . 2009-05-04 15:29    --------    d-----w-    c:\program files\Malwarebytes' Anti-Malware
2009-09-21 12:52 . 2009-09-21 12:52    4045528    ----a-w-    c:\documents and settings\All Users\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\mbam-setup.exe
2009-09-11 14:18 . 2005-11-01 12:00    136192    ----a-w-    c:\windows\system32\msv1_0.dll
2009-09-10 12:54 . 2009-05-04 15:29    38224    ----a-w-    c:\windows\system32\drivers\mbamswissarmy.sys
2009-09-10 12:53 . 2009-05-04 15:29    19160    ----a-w-    c:\windows\system32\drivers\mbam.sys
2009-09-04 21:03 . 2005-11-01 12:00    58880    ----a-w-    c:\windows\system32\msasn1.dll
2009-08-29 08:08 . 2005-11-01 12:00    916480    ------w-    c:\windows\system32\wininet.dll
2009-08-26 08:00 . 2005-11-01 12:00    247326    ----a-w-    c:\windows\system32\strmdll.dll
2009-08-23 21:00 . 2009-08-23 21:00    922112    ------w-    c:\windows\system32\imapi2fs.dll
2009-08-23 21:00 . 2009-08-23 21:00    426496    ------w-    c:\windows\system32\imapi2.dll
2009-08-17 21:33 . 2009-08-17 21:33    1193832    ----a-w-    c:\windows\system32\FM20.DLL
2009-04-29 17:08 . 2009-04-29 17:08    5154304    ----a-w-    c:\program files\WindowsDefender.msi
2008-09-22 15:28 . 2008-07-07 18:46    88    --sh--r-    c:\windows\system32\316661CE4A.sys
2008-09-22 15:28 . 2008-07-07 18:46    1056    --sh--w-    c:\windows\system32\KGyGaAvL.sys
.

(((((((((((((((((((((((((((((((((((  Start steder i reg.basen  ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Bemærk* tomme linier & lovlige standard linier vises ikke 
REGEDIT4

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2007-04-28 8429568]
"QLButton"="c:\program files\Quick Launch Button\QLButton.exe" [2005-01-06 106496]
"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2007-08-15 1015808]
"IFXSPMGT"="c:\windows\system32\IFXSPMGT.exe" [2006-11-13 661024]
"SynTPStart"="c:\program files\Synaptics\SynTP\SynTPStart.exe" [2007-08-15 102400]
"GrooveMonitor"="c:\program files\Microsoft Office\Office12\GrooveMonitor.exe" [2008-10-25 31072]
"avast!"="c:\progra~1\ALWILS~1\Avast4\ashDisp.exe" [2009-08-17 81000]
"BtTray"="c:\program files\IVT Corporation\BlueSoleil\BtTray.exe" [2009-08-07 315478]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2009-09-04 935288]
"SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2009-10-11 149280]
"Malwarebytes Anti-Malware (reboot)"="c:\program files\Malwarebytes' Anti-Malware\mbam.exe" [2009-09-10 1312080]
"nwiz"="nwiz.exe" - c:\windows\system32\nwiz.exe [2007-04-28 1626112]
"RTHDCPL"="RTHDCPL.EXE" - c:\windows\RTHDCPL.exe [2008-02-19 16858112]
"BluetoothAuthenticationAgent"="bthprops.cpl" - c:\windows\system32\bthprops.cpl [2008-04-14 110592]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]

c:\documents and settings\All Users\Start Menu\Programs\Startup\
Windows Search.lnk - c:\program files\Windows Desktop Search\WindowsSearch.exe [2008-5-26 123904]

[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= "c:\program files\SUPERAntiSpyware\SASSEH.DLL" [2008-05-21 77824]
"{56F9679E-7826-4C84-81F3-532071A8BCC5}"= "c:\program files\Windows Desktop Search\MSNLNamespaceMgr.dll" [2009-05-24 304128]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\!SASWinLogon]
2009-09-07 18:21    548352    ----a-w-    c:\program files\SUPERAntiSpyware\SASWINLO.DLL

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend]
@="Service"

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\IVT Corporation\\BlueSoleil\\BlueSoleil.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\WINDOWS\\system32\\dpvsetup.exe"=
"c:\\Program Files\\World of Warcraft\\WoW-1.12.x-to-2.0.1-enGB-patch-downloader.exe"=
"c:\\Program Files\\World of Warcraft\\BackgroundDownloader.exe"=
"c:\\Program Files\\World of Warcraft\\WoW-2.2.3.7359-to-2.3.0.7561-enGB-downloader.exe"=
"c:\\Program Files\\Common Files\\Nokia\\Service Layer\\A\\nsl_host_process.exe"=
"c:\\Program Files\\Nokia\\Nokia Software Updater\\nsu_ui_client.exe"=
"c:\\Program Files\\World of Warcraft\\Launcher.exe"=
"c:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"=
"c:\\Program Files\\Microsoft Office\\Office12\\GROOVE.EXE"=
"c:\\Program Files\\Microsoft Office\\Office12\\ONENOTE.EXE"=
"c:\\Program Files\\World of Warcraft\\WoW-3.1.3.9947-to-3.2.0.10192-enGB-downloader.exe"=
"c:\\Program Files\\Curse\\CurseClient.exe"=
"c:\\Program Files\\IVT Corporation\\BlueSoleil\\BlueSoleilCS.exe"=
"c:\\Program Files\\World of Warcraft\\WoW-3.2.0.10192-to-3.2.0.10314-enGB-downloader.exe"=
"c:\\Program Files\\Java\\jre6\\bin\\java.exe"=
"c:\\Program Files\\World of Warcraft\\WoW-3.2.0.10314-to-3.2.2.10482-enGB-downloader.exe"=
"c:\\Program Files\\World of Warcraft\\WoW-3.2.2.10482-to-3.2.2.10505-enGB-downloader.exe"=
"c:\\Program Files\\MSN Messenger\\msnmsgr.exe"=
"c:\\Program Files\\MSN Messenger\\livecall.exe"=
"c:\\Program Files\\Messenger\\msmsgs.exe"=
"c:\\Program Files\\iTunes\\iTunes.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=
"c:\\Program Files\\Skype\\Plugin Manager\\skypePM.exe"=

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"3724:TCP"= 3724:TCP:Blizzard Downloader: 3724

R0 BtHidBus;Bluetooth HID Bus Service;c:\windows\system32\drivers\BtHidBus.sys [31-07-2008 20:45 20744]
R1 aswSP;avast! Self Protection;c:\windows\system32\drivers\aswSP.sys [19-07-2009 12:58 114768]
R1 PersonalSecureDrive;PersonalSecureDrive;c:\windows\system32\drivers\psd.sys [12-10-2006 19:37 38952]
R1 SASDIFSV;SASDIFSV;c:\program files\SUPERAntiSpyware\SASDIFSV.SYS [29-02-2008 15:03 9968]
R1 SASKUTIL;SASKUTIL;c:\program files\SUPERAntiSpyware\SASKUTIL.SYS [29-02-2008 15:03 74480]
R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [19-07-2009 12:58 20560]
R2 BPowMon;Broadcom Power monitoring service;c:\program files\Broadcom\BACS\BPowMon.exe [31-08-2006 16:04 65536]
R2 BsMobileCS;BsMobileCS;c:\program files\IVT Corporation\BlueSoleil\BsMobileCS.exe [07-08-2009 14:09 143467]
R2 WinDefend;Windows Defender;c:\program files\Windows Defender\MsMpEng.exe [03-11-2006 18:19 13592]
R3 btnetBUs;Bluetooth PAN Bus Service;c:\windows\system32\drivers\btnetBus.sys [17-06-2009 13:02 29192]
R3 hidshim;Service for HID-KMDF Shim layer;c:\windows\system32\drivers\hidshim.sys [11-07-2007 04:01 5632]
R3 IFXTPM;IFXTPM;c:\windows\system32\drivers\ifxtpm.sys [17-09-2007 22:49 36608]
R3 IvtBtBUs;IVT Bluetooth Bus Service;c:\windows\system32\drivers\IvtBtBus.sys [02-07-2008 14:58 25480]
R3 winbondhidcir;Winbond HID CIR Receiver;c:\windows\system32\drivers\winbondhidcir.sys [11-07-2007 04:01 21504]
S2 gupdate1c9862dc97496a2;Google Update Service (gupdate1c9862dc97496a2);c:\program files\Google\Update\GoogleUpdate.exe [03-02-2009 19:32 133104]
S3 CtClsFlt;Creative Camera Class Upper Filter Driver;c:\windows\system32\DRIVERS\CtClsFlt.sys --> c:\windows\system32\DRIVERS\CtClsFlt.sys [?]
S3 MaplomL;MaplomL; [x]
S3 SASENUM;SASENUM;c:\program files\SUPERAntiSpyware\SASENUM.SYS [16-02-2006 15:51 4096]

--- Andre Services/Drivers i Hukommelsen ---

*Deregistered* - mbr
.
Indhold af mappen 'Planlagte Opgaver'

2009-11-12 c:\windows\Tasks\AppleSoftwareUpdate.job
- c:\program files\Apple Software Update\SoftwareUpdate.exe [2008-07-30 11:34]

2009-11-15 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-02-03 18:32]

2009-11-15 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-02-03 18:32]

2009-11-15 c:\windows\Tasks\MP Scheduled Scan.job
- c:\program files\Windows Defender\MpCmdRun.exe [2006-11-03 17:20]

2009-11-15 c:\windows\Tasks\Security Platform Backup Schedule.job
- c:\program files\Infineon\Security Platform Software\SpBackupWz.exe [2006-11-13 11:56]

2009-11-15 c:\windows\Tasks\Søg efter opdateringer til Windows Live Toolbar.job
- c:\program files\Windows Live Toolbar\MSNTBUP.EXE [2007-10-19 10:20]
.
.
------- Yderligere scanning -------
.
uStart Page = hxxp://login.live.com/login.srf?wa=wsignin1.0&rpsnv=10&ct=1223554065&rver=4.5.2130.0&wp=MBI&wreply=http:%2F%2Fmail.live.com%2Fdefault.aspx&id=64855
uDefault_Search_URL = hxxp://www.google.com/ie
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
IE: &Windows Live Search - c:\program files\Windows Live Toolbar\msntb.dll/search.htm
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
IE: E&ksporter til Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
FF - ProfilePath - c:\documents and settings\per\Application Data\Mozilla\Firefox\Profiles\6psr5jrt.default\
FF - plugin: c:\program files\Google\Picasa3\npPicasa2.dll
FF - plugin: c:\program files\Google\Picasa3\npPicasa3.dll
FF - plugin: c:\program files\Google\Update\1.2.183.13\npGoogleOneClick8.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\np-mswmp.dll
FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\

---- FIREFOX POLITIKKER ----
c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl3.rsa_seed_sha", true);
.

**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-11-15 19:01
Windows 5.1.2600 Service Pack 3 NTFS

scanner skjulte processer ... 

scanner skjulte autostarter ...

scanner skjulte filer ... 

scanning gennemført med succes
skjulte filer: 0

**************************************************************************

[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\MySQL]
"ImagePath"="\"c:\program files\MySQL\MySQL Server 5.0\bin\mysqld-nt\" --defaults-file=\"c:\program files\MySQL\MySQL Server 5.0\my.ini\" MySQL"
.
--------------------- DLLs startet under kørende Processer ---------------------

- - - - - - - > 'winlogon.exe'(824)
c:\program files\SUPERAntiSpyware\SASWINLO.DLL
c:\windows\system32\WININET.dll

- - - - - - - > 'explorer.exe'(1544)
c:\windows\system32\WININET.dll
c:\windows\system32\nview.dll
c:\windows\system32\NVWRSDA.DLL
c:\windows\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.4053_x-ww_e6967989\MSVCR80.dll
c:\windows\system32\ieframe.dll
c:\windows\system32\nvwddi.dll
c:\windows\system32\webcheck.dll
c:\windows\system32\WPDShServiceObj.dll
c:\windows\system32\BsMobileSDK.dll
c:\windows\system32\BsLangInDepRes.dll
c:\windows\system32\Bs2Res.dll
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
.
------------------------ Andre kørende processer ------------------------
.
c:\program files\Alwil Software\Avast4\aswUpdSv.exe
c:\program files\Alwil Software\Avast4\ashServ.exe
c:\program files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
c:\program files\IVT Corporation\BlueSoleil\BlueSoleilCS.exe
c:\windows\system32\IFXTCS.exe
c:\program files\Java\jre6\bin\jqs.exe
c:\windows\system32\nvsvc32.exe
c:\windows\system32\IfxPsdSv.exe
c:\windows\system32\PSIService.exe
c:\windows\System32\snmp.exe
c:\windows\system32\SearchIndexer.exe
c:\program files\Alwil Software\Avast4\ashMaiSv.exe
c:\program files\Alwil Software\Avast4\ashWebSv.exe
c:\program files\IVT Corporation\BlueSoleil\BsHelpCS.exe
c:\windows\system32\rundll32.exe
c:\program files\Synaptics\SynTP\SynToshiba.exe
c:\windows\system32\rundll32.exe
c:\program files\Infineon\Security Platform Software\PSDrt.exe
c:\program files\Infineon\Security Platform Software\SpTna.exe
.
**************************************************************************
.
Gennemført tid: 2009-11-15 19:05 - maskinen blev genstartet
ComboFix-quarantined-files.txt  2009-11-15 18:05
ComboFix2.txt  2009-11-14 20:44
ComboFix3.txt  2009-09-21 12:43
ComboFix4.txt  2009-07-19 11:09
ComboFix5.txt  2009-11-15 17:38

Pre-Kørsel: 62.044.938.240 bytes free
Post-Kørsel: 62.127.648.768 bytes free

- - End Of File - - 96F177569107CBB0082ACC3C844CF38A

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 19:21:50, on 15-11-2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Windows Defender\MsMpEng.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\IVT Corporation\BlueSoleil\BlueSoleilCS.exe
C:\Program Files\Broadcom\BACS\BPowMon.exe
C:\Program Files\IVT Corporation\BlueSoleil\BsMobileCS.exe
C:\WINDOWS\system32\IFXSPMGT.exe
C:\WINDOWS\system32\IFXTCS.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\IfxPsdSv.exe
C:\WINDOWS\system32\PSIService.exe
C:\WINDOWS\System32\snmp.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\SearchIndexer.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\Program Files\IVT Corporation\BlueSoleil\BsHelpCS.exe
C:\Program Files\Quick Launch Button\QLButton.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\Synaptics\SynTP\SynToshiba.exe
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\IVT Corporation\BlueSoleil\BtTray.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\Windows Desktop Search\WindowsSearch.exe
C:\Program Files\Infineon\Security Platform Software\PSDrt.exe
C:\Program Files\Infineon\Security Platform Software\SpTna.exe
C:\WINDOWS\explorer.exe
C:\WINDOWS\system32\SearchProtocolHost.exe
C:\Program Files\Google\Google Earth\googleearth.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://login.live.com/login.srf?wa=wsignin1.0&rpsnv=10&ct=1223554065&rver=4.5.2130.0&wp=MBI&wreply=http:%2F%2Fmail.live.com%2Fdefault.aspx&id=64855
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://r.office.microsoft.com/r/rlidOfficeUpdate?clid=1030
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /installquiet /keeploaded /nodetect
O4 - HKLM\..\Run: [QLButton] C:\Program Files\Quick Launch Button\QLButton.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [IFXSPMGT] C:\WINDOWS\system32\IFXSPMGT.exe /NotifyLogon
O4 - HKLM\..\Run: [SynTPStart] C:\Program Files\Synaptics\SynTP\SynTPStart.exe
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [BtTray] "C:\Program Files\IVT Corporation\BlueSoleil\BtTray.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [Malwarebytes Anti-Malware (reboot)] "C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe" /runcleanupscript
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: Windows Search.lnk = C:\Program Files\Windows Desktop Search\WindowsSearch.exe
O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\WINDOWS\system32\GPhotos.scr/200
O8 - Extra context menu item: E&ksporter til Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {029FDBA6-3547-11D7-AA4C-0050BF051A00} (Rawflow ICD Client) - http://downol.dr.dk/download/netradio/Rawflow.cab
O16 - DPF: {05CA9FB0-3E3E-4B36-BF41-0E3A5CAA8CD8} (Office Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=58813
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {1E54D648-B804-468d-BC78-4AFFED8E262E} (System Requirements Lab) - http://www.nvidia.com/content/DriverDownload/srl/3.0.0.0/srl_bin/sysreqlab3.cab
O16 - DPF: {410A8B3C-7CCB-40E8-8B11-28B099E5C488} (Trend Micro Security Services Control) - http://tmss.trendmicro.com/Dashboard/controls/activex_10/TMSSReportW.CAB
O16 - DPF: {44C1E3A2-B594-401C-B27A-D1B4476E4797} (XTSAC Control) - https://194.255.38.38/XTSAC.cab
O16 - DPF: {474F00F5-3853-492C-AC3A-476512BBC336} (UploadListView Class) - http://picasaweb.google.dk/s/v/27.44/uploader2.cab
O16 - DPF: {5ED80217-570B-4DA9-BF44-BE107C0EC166} (Windows Live Safety Center Base Module) - http://cdn.scan.onecare.live.com/resource/download/scanner/wlscbase5036.cab
O16 - DPF: {67A5F8DC-1A4B-4D66-9F24-A704AD929EEE} (System Requirements Lab) - http://www.nvidia.com/content/DriverDownload/srl/2.0.0.1/sysreqlab2.cab
O16 - DPF: {6F15128C-E66A-490C-B848-5000B5ABEEAC} (HP Download Manager) - https://h20436.www2.hp.com/ediags/dex/secure/HPDEXAXO.cab
O16 - DPF: {D821DC4A-0814-435E-9820-661C543A4679} (CRLDownloadWrapper Class) - http://drmlicense.one.microsoft.com/crlupdate/en/crlocx.ocx
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: BlueSoleilCS - IVT Corporation - C:\Program Files\IVT Corporation\BlueSoleil\BlueSoleilCS.exe
O23 - Service: Broadcom Power monitoring service (BPowMon) - Broadcom Corp. - C:\Program Files\Broadcom\BACS\BPowMon.exe
O23 - Service: BsHelpCS - IVT Corporation - C:\Program Files\IVT Corporation\BlueSoleil\BsHelpCS.exe
O23 - Service: BsMobileCS - IVT Corporation - C:\Program Files\IVT Corporation\BlueSoleil\BsMobileCS.exe
O23 - Service: Google Update Service (gupdate1c9862dc97496a2) (gupdate1c9862dc97496a2) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Security Platform Management Service (IFXSpMgtSrv) - Infineon Technologies AG - C:\WINDOWS\system32\IFXSPMGT.exe
O23 - Service: Trusted Platform Core Service (IFXTCS) - Infineon Technologies AG - C:\WINDOWS\system32\IFXTCS.exe
O23 - Service: iPod-tjeneste (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: MySQL - Unknown owner - C:\Program.exe (file missing)
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Personal Secure Drive Service (PersonalSecureDriveService) - Infineon Technologies AG - C:\WINDOWS\system32\IfxPsdSv.exe
O23 - Service: ProtexisLicensing - Unknown owner - C:\WINDOWS\system32\PSIService.exe
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe

--
End of file - 10527 bytes
Avatar billede zyp Nybegynder
06. januar 2010 - 16:24 #9
Oprettet for at lukke denne
Avatar billede Ny bruger Nybegynder

Din løsning...

Tilladte BB-code-tags: [b]fed[/b] [i]kursiv[/i] [u]understreget[/u] Web- og emailadresser omdannes automatisk til links. Der sættes "nofollow" på alle links.

Loading billede Opret Preview
Kategori
Se alle it-kurser fra Computerworld Kurser
IT-kurser om Microsoft 365, sikkerhed, personlig vækst, udvikling, digital markedsføring, grafisk design, SAP og forretningsanalyse.
Se alle it-kurser

Flere spørgsmål fra Virus kategorien

Titel Indlæg Oprettet Seneste aktivitet
Findes der mon et Antivirus program, som ikke, konstant, reklamerer, for at købe ? Af Ikke-ekspert i Virus 21 22/06/202419:22 23/06/202412:54
Anbefaling af antivirusprogram med firewall Af OnePlusFan i Virus 23 07/05/202421:02 13/05/202419:48
trusler Af gerhardpet i Virus 4 26/01/202410:02 27/01/202408:32
Kan ikke fjerne virus Af mik28 i Virus 16 09/01/202416:37 10/01/202419:59
virusscanning Af JetteD i Virus 2 10/11/202312:55 10/11/202316:36
Se alle spørgsmål i kategorien Opret spørgsmål

Log ind eller opret profil

Hov!

For at kunne deltage på Computerworld Eksperten skal du være logget ind.

Det er heldigvis nemt at oprette en bruger: Det tager to minutter og du kan vælge at bruge enten e-mail, Facebook eller Google som login.

Opret Log ind

Du kan også logge ind via nedenstående tjenester



Alle kategorier på Eksperten
Seneste spørgsmål Seneste aktivitet
I dag 01:14 Windows 10 - IIS 10 Af bsn i Windows
I går 20:39 Boot fra USB Af poulmadsen i Windows
I går 11:43 Gmail-ikon på skrivebordet Win 10 Af ErikHg i Fri debat
I går 09:22 Lopslag Af Luffe i Excel
03/0719:15 Personlige indstillinger på Facebook Af nu_igen i Sociale medier
White papers
Flere white papers »


Premium
Teaser billede
Efter skatte-dom: IBM Danmark afsætter 163 millioner kroner til ekstra skatte-regning i Danmark
Læs mere »
EG har aldrig tabt så mange penge før: Lander kæmpe-underskud, mens omsætningen buldrer frem
IBM Danmarks omsætning faldet med halv milliard kroner på et år - lander kæmpe-underskud
Rigsrevisionen går i kødet på it-sikkerheden i Banedanmarks signalsystem
Se alle »
Computerworld
Teaser billede
Softwarefirmaet Teamviewer med 640.000 kunder globalt ramt af avanceret hackerangreb
Læs mere »
En pladesaks, 1000W og et Nvidia-grafikkort til 14.000 kroner - sådan opgraderede jeg min pc
Test: Endelig en skærm der er god til alt - lige fra gaming og underholdning til kontorbrug
I dag træder nye de regler om registrering af din arbejdstid i kraft: Er du klar?
Se alle »
CIO
Teaser billede
Efter stort hackerangreb mod Teamviewer: Stop dine opdateringer og tjek opsætningen nu
Læs mere »
I dag træder nye de regler om registrering af din arbejdstid i kraft: Er du klar?
Frygtet melding: Russiske hackere har stjålet Microsoft-kunders e-mails
Russisk hack af Microsoft er meget større end først antaget
Se alle »
Job & Karriere
Teaser billede
Bo solgte sit software-system for et treciftret millionbeløb: Brugte pengene på at købe 80 medarbejdere til ny storsatsning
Læs mere »
Norlys skal splittes op i fem selskaber: Nu bliver flere ansatte og ledere fyret
Dansk top-profil trækker sig fra Microsoft: Skal være direktør i TDC Erhverv
IBM Danmark skifter ud i sin øverste ledelse - her er den nye direktion
Se alle »
White paper
Teaser billede
Rapport kortlægger de 13 bedste muligheder for at sætte turbo på din cloud computing
Læs mere »
Samlet platform sikrer sammenhæng, kontrol og sikkerhed i hybrid cloud
Sådan gør du: Elektronisk dokumentudveksling i praksis
Sådan får du overblik og beskytter dine cloudapplikationer
Se alle »

Events
Flere events »
White papers
Flere white papers »
IT-Kurser
Se alle vores it-kurser »