her er en log fra fejlsikkertilstand.
jeg kører xp.
ComboFix 10-08-11.04 - Administrator 12-08-2010 0:38.2.2 - x86 NETWORK
Microsoft Windows XP Home Edition 5.1.2600.3.1252.45.1030.18.2047.1620 [GMT 2:00]
Kører fra: F:\ComboFix.exe
.
ADS - WINDOWS: deleted 128 bytes in 1 streams. ((((((((((((((((((((((((((((((((((((((( Andet, der er slettet )))))))))))))))))))))))))))))))))))))))))))))))))
.
c:\documents and settings\BKK\Lokale indstillinger\Application Data\awkcnafpl
c:\documents and settings\BKK\Lokale indstillinger\Application Data\awkcnafpl\agmboxxtssd.exe
.
((((((((((((((((((((((((((((( Filer skabt fra 2010-07-11 til 2010-08-11 )))))))))))))))))))))))))))))))))))
.
2010-08-11 21:59 . 2006-10-18 21:02 -------- d--h--w- c:\documents and settings\Administrator\Printere
2010-08-11 21:59 . 2006-10-18 21:02 -------- d-----w- c:\documents and settings\Administrator\Skrivebord
2010-08-11 21:59 . 2006-10-18 21:02 -------- d-----r- c:\documents and settings\Administrator\Menuen Start
2010-08-11 21:59 . 2006-10-18 20:06 -------- d--h--w- c:\documents and settings\Administrator\Skabeloner
2010-08-11 20:23 . 2010-02-05 07:17 233136 ----a-w- c:\windows\system32\drivers\pctgntdi.sys
2010-08-11 20:23 . 2010-03-29 08:06 218592 ----a-w- c:\windows\system32\drivers\PCTCore.sys
2010-08-11 20:23 . 2009-11-23 11:54 88040 ----a-w- c:\windows\system32\drivers\PCTAppEvent.sys
2010-08-11 20:23 . 2010-04-08 12:29 63360 ----a-w- c:\windows\system32\drivers\pctplsg.sys
2010-08-11 20:23 . 2010-08-11 22:16 -------- d-----w- c:\programmer\Spyware Doctor
2010-08-11 20:23 . 2010-08-11 20:24 -------- d-----w- c:\programmer\Fælles filer\PC Tools
2010-08-11 20:23 . 2010-08-11 20:23 -------- d-----w- c:\documents and settings\BKK\Application Data\PC Tools
2010-08-11 20:23 . 2010-08-11 20:23 -------- d-----w- c:\documents and settings\All Users\Application Data\PC Tools
2010-07-27 19:35 . 2010-07-27 19:35 -------- d-----w- c:\documents and settings\BKK\Lokale indstillinger\Application Data\ArcSoft
2010-07-27 19:34 . 2010-07-29 13:55 -------- d-----w- c:\documents and settings\All Users\Application Data\ArcSoft
2010-07-27 19:34 . 2006-11-10 13:05 18688 ----a-w- c:\windows\system32\drivers\afc.sys
2010-07-27 19:32 . 2010-07-27 19:34 -------- d-----w- c:\programmer\Fælles filer\ArcSoft
2010-07-27 19:32 . 2010-07-27 19:32 -------- d-----w- c:\programmer\ArcSoft
2010-07-27 19:31 . 2010-07-29 13:55 -------- d-----w- c:\documents and settings\BKK\Application Data\ArcSoft
2010-07-27 19:14 . 2002-12-11 22:14 80896 -c--a-w- c:\windows\system32\dllcache\dpvsetup.exe
2010-07-22 19:35 . 2010-07-22 19:35 1615200 ----a-w- c:\documents and settings\All Users\Application Data\avg9\update\backup\avgssie.dll
2010-07-22 19:35 . 2010-07-22 19:35 1107296 ----a-w- c:\documents and settings\All Users\Application Data\avg9\update\backup\avgxpl.dll
2010-07-22 19:35 . 2010-07-22 19:35 4368224 ----a-w- c:\documents and settings\All Users\Application Data\avg9\update\backup\avgcorex.dll
2010-07-15 18:03 . 2010-07-15 18:03 242896 ----a-w- c:\documents and settings\All Users\Application Data\avg9\update\backup\avgtdix.sys
2010-07-15 18:03 . 2010-07-15 18:03 216200 ----a-w- c:\documents and settings\All Users\Application Data\avg9\update\backup\avgldx86.sys
2010-07-15 18:03 . 2010-07-15 18:03 12536 ----a-w- c:\windows\system32\avgrsstx.dll
2010-07-15 18:00 . 2010-07-15 18:00 1690464 ----a-w- c:\documents and settings\All Users\Application Data\avg9\update\backup\avgupd.dll
2010-07-15 18:00 . 2010-07-15 18:00 1038688 ----a-w- c:\documents and settings\All Users\Application Data\avg9\update\backup\avgupd.exe
2010-07-15 18:00 . 2010-07-15 18:00 813336 ----a-w- c:\documents and settings\All Users\Application Data\avg9\update\backup\avginet.dll
2010-07-15 18:00 . 2010-07-15 18:00 624920 ----a-w- c:\documents and settings\All Users\Application Data\avg9\update\backup\avgiproxy.exe
2010-07-15 17:56 . 2010-06-14 14:31 744448 -c----w- c:\windows\system32\dllcache\helpsvc.exe
.
(((((((((((((((((((((((((((((((((((((((( Find3M Rapport ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-08-11 22:26 . 2008-12-15 10:22 -------- d-----w- c:\programmer\Keepit
2010-08-11 22:25 . 2009-12-05 09:12 -------- d-----w- c:\documents and settings\BKK\Application Data\Dropbox
2010-08-11 22:16 . 2008-05-06 19:42 -------- d---a-w- c:\documents and settings\All Users\Application Data\TEMP
2010-08-09 11:22 . 2008-11-18 10:11 0 -c--a-w- c:\documents and settings\BKK\temp.dat
2010-08-07 18:33 . 2002-09-16 12:00 506472 ----a-w- c:\windows\system32\perfh006.dat
2010-08-07 18:33 . 2002-09-16 12:00 101680 ----a-w- c:\windows\system32\perfc006.dat
2010-07-27 19:36 . 2006-10-19 18:35 -------- d--h--w- c:\programmer\InstallShield Installation Information
2010-07-15 20:09 . 2008-08-25 18:18 -------- d-----w- c:\documents and settings\All Users\Application Data\Microsoft Help
2010-07-15 18:03 . 2008-11-13 10:12 243024 ----a-w- c:\windows\system32\drivers\avgtdix.sys
2010-07-15 18:03 . 2008-11-13 10:12 216400 ----a-w- c:\windows\system32\drivers\avgldx86.sys
2010-07-13 17:34 . 2008-05-14 17:33 -------- d-----w- c:\programmer\AVS4YOU
2010-07-13 17:34 . 2008-05-14 17:34 -------- d-----w- c:\programmer\Fælles filer\AVSMedia
2010-07-07 19:18 . 2010-07-07 19:14 -------- d-----w- c:\documents and settings\BKK\Application Data\Nitro PDF
2010-07-07 19:10 . 2010-07-07 19:10 -------- d-----w- c:\documents and settings\All Users\Application Data\Nitro PDF
2010-07-07 19:10 . 2010-07-07 19:10 -------- d-----w- c:\programmer\Fælles filer\Nitro PDF
2010-07-07 19:10 . 2010-07-07 19:10 -------- d-----w- c:\programmer\Nitro PDF
2010-07-07 18:51 . 2010-07-07 18:51 -------- d-----w- c:\documents and settings\BKK\Application Data\Downloaded Installations
2010-07-07 18:40 . 2010-07-07 18:35 -------- d-----w- c:\programmer\Movie Player
2010-07-05 19:27 . 2010-07-05 19:27 -------- d-----w- c:\documents and settings\BKK\Application Data\Seagate
2010-07-03 10:25 . 2010-07-03 10:25 1256 ----a-w- c:\windows\system32\SpoonUninstall-dBpoweramp m4b Audio book Encoder.dat
2010-07-03 10:22 . 2006-12-27 23:16 349048 ----a-w- c:\windows\system32\SpoonUninstall.exe
2010-07-03 09:38 . 2010-03-21 19:16 439816 ----a-w- c:\documents and settings\BKK\Application Data\Real\Update\setup3.10\setup.exe
2010-06-26 20:33 . 2010-06-26 20:33 501936 ----a-w- c:\documents and settings\All Users\Application Data\Google\Google Toolbar\Update\gtb2F.tmp.exe
2010-06-24 09:09 . 2010-06-24 09:09 65856 ----a-w- c:\windows\system32\NLSSRV32.EXE
2010-06-24 09:06 . 2010-07-07 19:11 17728 ----a-w- c:\windows\system32\nitrolocalui.dll
2010-06-24 09:06 . 2010-07-07 19:11 26432 ----a-w- c:\windows\system32\nitrolocalmon.dll
2010-06-14 18:55 . 2008-11-13 10:12 29584 ----a-w- c:\windows\system32\drivers\avgmfx86.sys
2010-06-14 18:34 . 2008-11-13 10:12 -------- d-----w- c:\programmer\AVG
2010-06-14 18:34 . 2010-06-14 18:33 -------- d-----w- c:\documents and settings\All Users\Application Data\avg9
2010-06-14 18:33 . 2007-06-05 19:20 -------- d-----w- c:\programmer\Folder Guard Pro
2010-06-14 14:31 . 2006-10-18 20:07 744448 ----a-w- c:\windows\PCHealth\HelpCtr\Binaries\helpsvc.exe
2009-05-04 18:36 . 2008-11-30 18:20 12208 --sha-w- c:\windows\system32\KGyGaAvL.sys
.
((((((((((((((((((((((((((((((((((( Start steder i reg.basen ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Bemærk* tomme linier & lovlige standard linier vises ikke
REGEDIT4
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"igfxtray"="c:\windows\system32\igfxtray.exe" [2005-11-03 98304]
"igfxhkcmd"="c:\windows\system32\hkcmd.exe" [2005-11-03 77824]
"igfxpers"="c:\windows\system32\igfxpers.exe" [2005-11-03 118784]
"High Definition Audio Property Page Shortcut"="HDAShCut.exe" [2005-01-07 61952]
"RTHDCPL"="RTHDCPL.EXE" [2006-04-17 16143872]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2006-03-09 7561216]
"nwiz"="nwiz.exe" [2006-03-09 1519616]
"BigDogPath"="c:\windows\VM_STI.EXE" [2005-11-30 53248]
"hpfsched"="c:\windows\hpfsched.exe" [1999-03-03 36352]
"PinnacleDriverCheck"="c:\windows\system32\\PSDrvCheck.exe" [2004-03-10 406016]
"HPDJ Taskbar Utility"="c:\windows\system32\spool\drivers\w32x86\3\hpztsb07.exe" [2002-08-30 188416]
"GrooveMonitor"="c:\programmer\Microsoft Office\Office12\GrooveMonitor.exe" [2008-10-25 31072]
"TkBellExe"="c:\programmer\Fælles filer\Real\Update_OB\realsched.exe" [2009-10-03 198160]
"BlackArmorBackupMonitor.exe"="c:\programmer\Seagate\BlackArmorBackup\BlackArmorBackupMonitor.exe" [2009-07-23 4352960]
"AcronisTimounterMonitor"="c:\programmer\Seagate\BlackArmorBackup\TimounterMonitor.exe" [2009-07-23 963784]
"Seagate Scheduler2 Service"="c:\programmer\Fælles filer\Seagate\Schedule2\schedhlp.exe" [2009-07-23 376272]
"AVG9_TRAY"="c:\progra~1\AVG\AVG9\avgtray.exe" [2010-07-15 2065760]
"hpqSRMon"="c:\programmer\HP\Digital Imaging\bin\hpqSRMon.exe" [2008-08-20 150016]
"QuickTime Task"="c:\programmer\QuickTime\qttask.exe" [2006-10-30 98304]
"ArcSoft Connection Service"="c:\programmer\Fælles filer\ArcSoft\Connection Service\Bin\ACDaemon.exe" [2010-03-18 207360]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\System32\CTFMON.EXE" [2008-04-14 15360]
c:\documents and settings\All Users\Menuen Start\Programmer\Start\
Keepit.lnk - c:\windows\Installer\{9C6FCA5D-F758-491E-9A69-F3E418C3784C}\KeepitIcon.exe [2008-12-15 87663]
[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= "c:\programmer\SUPERAntiSpyware\SASSEH.DLL" [2008-06-09 77824]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\!SASWinLogon]
2009-10-03 15:52 548352 ----a-w- c:\programmer\SUPERAntiSpyware\SASWINLO.DLL
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\avgrsstarter]
2010-07-15 18:03 12536 ----a-w- c:\windows\system32\avgrsstx.dll
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\FolderGuard]
2006-04-19 22:00 94208 ----a-w- c:\programmer\Folder Guard Pro\FGH32.DLL
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Lavasoft Ad-Aware Service]
@="Service"
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menuen Start^Programmer^Start^CLS2009.01.lnk]
path=c:\documents and settings\All Users\Menuen Start\Programmer\Start\CLS2009.01.lnk
backup=c:\windows\pss\CLS2009.01.lnkCommon Startup
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menuen Start^Programmer^Start^EdgeCLS11.00.lnk]
path=c:\documents and settings\All Users\Menuen Start\Programmer\Start\EdgeCLS11.00.lnk
backup=c:\windows\pss\EdgeCLS11.00.lnkCommon Startup
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menuen Start^Programmer^Start^HP Digital Imaging Monitor.lnk]
path=c:\documents and settings\All Users\Menuen Start\Programmer\Start\HP Digital Imaging Monitor.lnk
backup=c:\windows\pss\HP Digital Imaging Monitor.lnkCommon Startup
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menuen Start^Programmer^Start^Microsoft Office.lnk]
path=c:\documents and settings\All Users\Menuen Start\Programmer\Start\Microsoft Office.lnk
backup=c:\windows\pss\Microsoft Office.lnkCommon Startup
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menuen Start^Programmer^Start^Windows Search.lnk]
path=c:\documents and settings\All Users\Menuen Start\Programmer\Start\Windows Search.lnk
backup=c:\windows\pss\Windows Search.lnkCommon Startup
[HKLM\~\startupfolder\C:^Documents and Settings^BKK^Menuen Start^Programmer^Start^SpywareGuard.lnk]
path=c:\documents and settings\BKK\Menuen Start\Programmer\Start\SpywareGuard.lnk
backup=c:\windows\pss\SpywareGuard.lnkStartup
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Ad-Watch]
2010-01-27 18:52 788880 ----a-w- c:\programmer\Lavasoft\Ad-Aware\AAWTray.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
2008-01-11 21:16 39792 -c--a-w- c:\programmer\Adobe\Reader 8.0\Reader\reader_sl.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\GrooveMonitor]
2008-10-25 10:44 31072 ----a-w- c:\programmer\Microsoft Office\Office12\GrooveMonitor.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HP Software Update]
2007-05-08 14:24 54840 -c--a-w- c:\programmer\HP\HP Software Update\hpwuSchd2.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\hpqSRMon]
2008-08-20 08:54 150016 -c--a-w- c:\programmer\HP\Digital Imaging\bin\HpqSRmon.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MsnMsgr]
2009-07-26 15:44 3883856 ----a-w- c:\programmer\Windows Live\Messenger\msnmsgr.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck]
2006-01-12 14:40 155648 ----a-w- c:\windows\system32\NeroCheck.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvMediaCenter]
2006-03-09 07:29 86016 ----a-w- c:\windows\system32\nvmctray.dll
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PinnacleDriverCheck]
2004-03-10 23:26 406016 ----a-w- c:\windows\system32\PSDrvCheck.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PSDrvCheck]
2003-09-12 14:08 406016 -c----w- c:\programmer\Pinnacle\Instant PhotoAlbum\Programs\PSDrvCheck.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
2006-10-30 19:57 98304 -c--a-w- c:\programmer\QuickTime\qttask.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RemoteControl]
2003-12-08 15:35 32768 -c--a-w- c:\programmer\CyberLink\PowerDVD\PDVDServ.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
2009-03-09 03:19 148888 -c--a-w- c:\programmer\Java\jre6\bin\jusched.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SUPERAntiSpyware]
2009-10-18 07:15 2000112 -c--a-w- c:\programmer\SUPERAntiSpyware\SUPERANTISPYWARE.EXE
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\swg]
2007-07-28 10:08 68856 ----a-w- c:\programmer\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TkBellExe]
2009-10-03 05:13 198160 -c--a-w- c:\programmer\Fælles filer\Real\Update_OB\realsched.exe
[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"FirewallOverride"=dword:00000001
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"c:\\WINDOWS\\system32\\dpvsetup.exe"=
"c:\\Programmer\\Pinnacle\\Studio 10\\programs\\RM.exe"=
"c:\\Programmer\\Pinnacle\\Studio 10\\programs\\Studio.exe"=
"c:\\Programmer\\Pinnacle\\Studio 10\\programs\\PMSRegisterFile.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"%windir%\\system32\\sessmgr.exe"=
"c:\\Programmer\\Microsoft Office\\Office12\\OUTLOOK.EXE"=
"c:\\Programmer\\Microsoft Office\\Office12\\GROOVE.EXE"=
"c:\\Programmer\\Microsoft Office\\Office12\\ONENOTE.EXE"=
"c:\\Programmer\\Caplio Software\\RGateLXP.exe"=
"c:\\Programmer\\Windows Live\\Messenger\\msnmsgr.exe"=
"c:\programmer\Microsoft ActiveSync\rapimgr.exe"= c:\programmer\Microsoft ActiveSync\rapimgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync RAPI Manager
"c:\programmer\Microsoft ActiveSync\wcescomm.exe"= c:\programmer\Microsoft ActiveSync\wcescomm.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Connection Manager
"c:\programmer\Microsoft ActiveSync\WCESMgr.exe"= c:\programmer\Microsoft ActiveSync\WCESMgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Application
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"26675:TCP"= 26675:TCP:169.254.2.0/255.255.255.0:Enabled:ActiveSync Service
R0 iteraid;ITERAID_Service_Install;c:\windows\system32\drivers\iteraid.sys [24-10-2006 21:10 24971]
R0 Lbd;Lbd;c:\windows\system32\drivers\Lbd.sys [12-05-2009 19:50 64288]
R0 PCTCore;PCTools KDS;c:\windows\system32\drivers\PCTCore.sys [11-08-2010 22:23 218592]
R1 AvgTdiX;AVG Free Network Redirector;c:\windows\system32\drivers\avgtdix.sys [13-11-2008 12:12 243024]
R3 seehcri;Sony Ericsson seehcri Device Driver;c:\windows\system32\drivers\seehcri.sys [26-03-2010 14:37 27632]
S1 AvgLdx86;AVG Free AVI Loader Driver x86;c:\windows\system32\drivers\avgldx86.sys [13-11-2008 12:12 216400]
S1 SASDIFSV;SASDIFSV;c:\programmer\SUPERAntiSpyware\SASDIFSV.SYS [10-10-2006 13:53 9968]
S1 SASKUTIL;SASKUTIL;c:\programmer\SUPERAntiSpyware\SASKUTIL.SYS [09-01-2007 15:09 74480]
S2 avg9wd;AVG Free WatchDog;c:\programmer\AVG\AVG9\avgwdsvc.exe [15-07-2010 20:03 308136]
S2 FGUARD32;FGUARD32;c:\programmer\Folder Guard Pro\FGUARD32.SYS [05-06-2007 21:20 41472]
S2 gupdate;Tjenesten Google Update (gupdate);c:\programmer\Google\Update\GoogleUpdate.exe [31-01-2010 16:06 135664]
S2 Keepit;Keepit service;c:\programmer\Keepit\0S8F010K.ver\keepit.exe [08-06-2010 20:15 961912]
S2 Lavasoft Ad-Aware Service;Lavasoft Ad-Aware Service;c:\programmer\Lavasoft\Ad-Aware\AAWService.exe [24-09-2009 13:17 1181328]
S2 MSSQL$ECSQLEXPRESS;SQL Server (ECSQLEXPRESS);c:\programmer\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe [27-05-2009 04:27 29262680]
S2 NitroDriverReadSpool;NitroPDFDriverCreatorReadSpool;c:\programmer\Nitro PDF\Professional\NitroPDFDriverService.exe [24-06-2010 11:08 196928]
S2 nlsX86cc;NLS Service;c:\windows\system32\NLSSRV32.EXE [24-06-2010 11:09 65856]
S2 PDRJNDL;PDRJNDL;c:\programmer\Dekart\Private Disk Light\pdrjndl.sys [08-11-2002 09:42 16512]
S2 PRVDISK;PRVDISK;c:\programmer\Dekart\Private Disk Light\prvdisk.sys [08-11-2002 09:42 14080]
S2 SgtSch2Svc;Seagate Scheduler2 Service;c:\programmer\Fælles filer\Seagate\Schedule2\schedul2.exe [23-07-2009 15:31 617968]
S3 29a5472a-34d2-47dc-8861-c86c71dede5c;29a5472a-34d2-47dc-8861-c86c71dede5c;\??\d:\cds300\cds300.dll --> d:\cds300\cds300.dll [?]
S3 SASENUM;SASENUM;c:\programmer\SUPERAntiSpyware\SASENUM.SYS [16-02-2006 17:51 4096]
S3 sdAuxService;PC Tools Auxiliary Service;c:\programmer\Spyware Doctor\pctsAuxs.exe [11-08-2010 22:23 366840]
S3 sea1bus;Sony Ericsson Device 0A1 driver (WDM);c:\windows\system32\drivers\sea1bus.sys [12-07-2010 20:49 61536]
S3 sea1mdfl;Sony Ericsson Device 0A1 USB WMC Modem Filter;c:\windows\system32\drivers\sea1mdfl.sys [12-07-2010 20:49 9360]
S3 sea1mdm;Sony Ericsson Device 0A1 USB WMC Modem Driver;c:\windows\system32\drivers\sea1mdm.sys [12-07-2010 20:49 97088]
S3 sea1mgmt;Sony Ericsson Device 0A1 USB WMC Device Management Drivers (WDM);c:\windows\system32\drivers\sea1mgmt.sys [12-07-2010 20:49 88624]
S3 sea1nd5;Sony Ericsson Device 0A1 USB Ethernet Emulation SEMCA1 (NDIS);c:\windows\system32\drivers\sea1nd5.sys [12-07-2010 20:49 18704]
S3 sea1obex;Sony Ericsson Device 0A1 USB WMC OBEX Interface;c:\windows\system32\drivers\sea1obex.sys [12-07-2010 20:49 86432]
S3 sea1unic;Sony Ericsson Device 0A1 USB Ethernet Emulation SEMCA1 (WDM);c:\windows\system32\drivers\sea1unic.sys [12-07-2010 20:49 90800]
S3 SetupNTGLM7X;SetupNTGLM7X;\??\d:\ntglm7x.sys --> d:\NTGLM7X.sys [?]
S3 seusbser;Sony Ericsson USB Device for Legacy Serial Communication;c:\windows\system32\drivers\seusbser.sys [26-03-2010 14:37 113008]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12
HPService REG_MULTI_SZ HPSLPSVC
hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc
.
Indhold af mappen 'Planlagte Opgaver'
2010-08-11 c:\windows\Tasks\Ad-Aware Update (Daily 1).job
- c:\programmer\Lavasoft\Ad-Aware\Ad-AwareAdmin.exe [2009-10-01 18:52]
2010-08-11 c:\windows\Tasks\Ad-Aware Update (Daily 2).job
- c:\programmer\Lavasoft\Ad-Aware\Ad-AwareAdmin.exe [2009-10-01 18:52]
2010-08-11 c:\windows\Tasks\Ad-Aware Update (Daily 3).job
- c:\programmer\Lavasoft\Ad-Aware\Ad-AwareAdmin.exe [2009-10-01 18:52]
2010-08-11 c:\windows\Tasks\Ad-Aware Update (Daily 4).job
- c:\programmer\Lavasoft\Ad-Aware\Ad-AwareAdmin.exe [2009-10-01 18:52]
2010-08-11 c:\windows\Tasks\Ad-Aware Update (Weekly).job
- c:\programmer\Lavasoft\Ad-Aware\Ad-AwareAdmin.exe [2009-10-01 18:52]
2010-08-11 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\programmer\Google\Update\GoogleUpdate.exe [2010-01-31 14:06]
2010-08-11 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\programmer\Google\Update\GoogleUpdate.exe [2010-01-31 14:06]
2010-08-11 c:\windows\Tasks\User_Feed_Synchronization-{39EDACD7-A621-45D1-A7DF-A060C4544B47}.job
- c:\windows\system32\msfeedssync.exe [2006-10-17 02:31]
.
.
------- Yderligere scanning -------
.
IE: E&ksporter til Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
LSP: c:\programmer\Fe6,lles filer\PC Tools\Lsp\PCTLsp.dll
DPF: DirectAnimation Java Classes -
file://c:\windows\Java\classes\dajava.cabDPF: Microsoft XML Parser for Java -
file://c:\windows\Java\classes\xmldso.cabDPF: {9DF01F00-08E7-4DBE-9070-94841463B3FE} -
hxxps://danid.dk/csp/authenticode/csp.exeDPF: {D216644A-C6DB-49D9-BBCF-D38FE7991BF2} -
hxxps://udstedelse.certifikat.tdc.dk/csp/authenticode/tdccsp-0506.exe.
.
------- Fil Associationer -------
.
.scr=AutoCADScript
.
- - - - TOMME GENVEJE FJERNET - - - -
Toolbar-{CCC7A320-B3CA-4199-B1A6-9F516DD69829} - (no file)
ShellIconOverlayIdentifiers-{FB314ED9-A251-47B7-93E1-CDD82E34AF8B} - (no file)
ShellIconOverlayIdentifiers-{FB314EDA-A251-47B7-93E1-CDD82E34AF8B} - (no file)
ShellIconOverlayIdentifiers-{FB314EDB-A251-47B7-93E1-CDD82E34AF8B} - (no file)
HKLM-Run-lbkeqnct - c:\documents and settings\BKK\Lokale indstillinger\Application Data\awkcnafpl\agmboxxtssd.exe
MSConfigStartUp-Adobe Photo Downloader - c:\programmer\Adobe\Photoshop Album Starter Edition\3.2\Apps\apdproxy.exe
MSConfigStartUp-ExtraFilmHemmaAgent - c:\programmer\ExtraFilm Hjemme\Agent.exe
MSConfigStartUp-Lexmark X1100 Series - c:\programmer\Lexmark X1100 Series\lxbkbmgr.exe
**************************************************************************
scanner skjulte processer ...
scanner skjulte autostarter ...
scanner skjulte filer ...
scanning gennemført med succes
skjulte filer:
**************************************************************************
.
--------------------- LÅSTE REGISTRERINGS NØGLER ---------------------
[HKEY_USERS\S-1-5-21-329068152-179605362-839522115-500\Software\Microsoft\Internet Explorer\User Preferences]
@Denied: (2) (Administrator)
"88D7D0879DAB32E14DE5B3A805A34F98AFF34F5977"=hex:01,00,00,00,d0,8c,9d,df,01,15,
d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,30,dc,54,ff,ce,17,c1,44,a0,94,54,\
"2D53CFFC5C1A3DD2E97B7979AC2A92BD59BC839E81"=hex:01,00,00,00,d0,8c,9d,df,01,15,
d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,30,dc,54,ff,ce,17,c1,44,a0,94,54,\
[HKEY_LOCAL_MACHINE\software\Microsoft\Windows\CurrentVersion\Run\OptionalComponents\IMAIL]
@DACL=(02 0000)
"Installed"="1"
@=""
[HKEY_LOCAL_MACHINE\software\Microsoft\Windows\CurrentVersion\Run\OptionalComponents\MAPI]
@DACL=(02 0000)
"NoChange"="1"
"Installed"="1"
@=""
[HKEY_LOCAL_MACHINE\software\Microsoft\Windows\CurrentVersion\Run\OptionalComponents\MSFS]
@DACL=(02 0000)
"Installed"="1"
@=""
.
--------------------- DLLs startet under kørende Processer ---------------------
- - - - - - - > 'winlogon.exe'(756)
c:\programmer\SUPERAntiSpyware\SASWINLO.DLL
.
Gennemført tid: 2010-08-12 00:43:36
ComboFix-quarantined-files.txt 2010-08-11 22:43
ComboFix2.txt 2007-11-01 18:47
Pre-Kørsel: 66.062.995.456 byte ledig
Post-Kørsel: 66.458.304.512 byte ledig
WindowsXP-KB310994-SP2-Home-BootDisk-DAN.exe
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS
[operating systems]
c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Home Edition" /fastdetect /NoExecute=OptIn
- - End Of File - - 55C2B2E40E93729D31225B9BA6D9A167
Ny bruger
Nybegynder
Opret
Preview
