HJÆLP - virus eller - Hvem kan hjælpe med at læse LOG-filer?

OG her er logfiler:

Malwarebytes' Anti-Malware 1.50.1.1100
www.malwarebytes.org

Database version: 6287

Windows 5.1.2600 Service Pack 3
Internet Explorer 8.0.6001.18702

06-04-2011 19:53:47
mbam-log-2011-04-06 (19-53-47).txt

Scan type: Full scan (C:\|)
Objects scanned: 282671
Time elapsed: 1 hour(s), 48 minute(s), 32 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 0

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
(No malicious items detected)

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
(No malicious items detected)

Files Infected:
(No malicious items detected)
----------------------

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 20:01:19, on 06-04-2011
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\PROGRA~1\AVG\AVG10\avgchsvx.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\LEXBCES.EXE
C:\WINDOWS\system32\LEXPPS.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Programmer\Fælles filer\LogiShrd\LVMVFM\LVPrcSrv.exe
C:\Programmer\AVG\AVG10\avgwdsvc.exe
C:\Programmer\Java\jre6\bin\jqs.exe
C:\Programmer\Fælles filer\LogiShrd\LVCOMSER\LVComSer.exe
C:\WINDOWS\System32\nvsvc32.exe
C:\Programmer\Microsoft\BingBar\SeaPort.EXE
C:\WINDOWS\System32\svchost.exe
C:\Programmer\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSAgent.exe
C:\Programmer\AVG\AVG10\avgnsx.exe
C:\WINDOWS\Explorer.EXE
C:\Programmer\Fælles filer\LogiShrd\LVCOMSER\LVComSer.exe
C:\Programmer\GIANT Company Software\Spam Inspector\siService.exe
C:\Programmer\Lexmark X74-X75\lxbbbmgr.exe
C:\Programmer\AVG\AVG10\avgtray.exe
C:\Programmer\Lexmark X74-X75\lxbbbmon.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Programmer\Samsung\Digimax Viewer 2.1\STImgBrowser.exe
C:\PROGRA~1\AVG\AVG10\avgrsx.exe
C:\Programmer\AVG\AVG10\avgcsrvx.exe
C:\Programmer\GIANT Company Software\Spam Inspector\siMailProxyServer.exe
C:\Programmer\GIANT Company Software\Spam Inspector\siSpamFilterEngine.exe
C:\Programmer\GIANT Company Software\Spam Inspector\siSpamFilterEngine.exe
C:\Programmer\AVG\AVG10\Identity Protection\agent\bin\avgidsmonitor.exe
C:\Programmer\Trend Micro\HiJackThis\HiJackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://dk.msn.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = http=127.0.0.1:33921
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Hyperlinks
O2 - BHO: TBSB02457 - {08D176B0-C18E-4F38-88D7-C5A68CB96B0B} - C:\Programmer\IEToolbar\Forbrugerliv XtraSaver\xtrasaverLive.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Programmer\Fælles filer\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Programmer\AVG\AVG10\avgssie.dll
O2 - BHO: Hjælp til tilmelding til Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programmer\Fælles filer\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: AVG Security Toolbar BHO - {A3BC75A2-1F87-4686-AA43-5347D756017C} - C:\Programmer\AVG\AVG10\Toolbar\IEToolbar.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Programmer\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Programmer\Google\GoogleToolbarNotifier\5.6.6209.1142\swg.dll
O2 - BHO: Bing Bar Helper - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - "C:\Programmer\Microsoft\BingBar\BingExt.dll" (file missing)
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Programmer\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Programmer\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: Hotmail Spam Filter - {58A83E4F-477A-4A3F-BF9B-B65BC2BD5598} - C:\Programmer\GIANT Company Software\Spam Inspector\siClientUIHotmail.dll
O3 - Toolbar: Forbrugerliv XtraSaver - {AA01D2E3-6C81-4266-AA54-A912697110E2} - C:\Programmer\IEToolbar\Forbrugerliv XtraSaver\xtrasaverLive.dll
O3 - Toolbar: AVG Security Toolbar - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - C:\Programmer\AVG\AVG10\Toolbar\IEToolbar.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Programmer\Google\Google Toolbar\GoogleToolbar_32.dll
O3 - Toolbar: Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - "C:\Programmer\Microsoft\BingBar\BingExt.dll" (file missing)
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [siService.exe] "C:\Programmer\GIANT Company Software\Spam Inspector\siService.exe"
O4 - HKLM\..\Run: [Lexmark X74-X75] "C:\Programmer\Lexmark X74-X75\lxbbbmgr.exe"
O4 - HKLM\..\Run: [zBrowser Launcher] C:\Program Files\Logitech\iTouch\iTouch.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [AVG_TRAY] C:\Programmer\AVG\AVG10\avgtray.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Programmer\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Programmer\Fælles filer\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [swg] "C:\Programmer\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'NETVÆRKSTJENESTE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: Digimax Viewer 2.1 (2).lnk = ?
O4 - Global Startup: Digimax Viewer 2.1.lnk = C:\Programmer\Samsung\Digimax Viewer 2.1\STImgBrowser.exe
O8 - Extra context menu item: &Search - ?p=ZVxdm008YYDK
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\WINDOWS\system32\GPhotos.scr/200
O8 - Extra context menu item: Add to Windows &Live Favorites - http://favorites.live.com/quickadd.aspx
O8 - Extra context menu item: Google Sidewiki ... - res://C:\Programmer\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_D183CA64F05FDD98.dll/cmsidewiki.html
O9 - Extra button: Blog det - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Programmer\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Blog det i Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Programmer\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\WINDOWS\System32\shdocvw.dll
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\WINDOWS\System32\shdocvw.dll
O12 - Plugin for .mov: C:\Programmer\Internet Explorer\PLUGINS\npqtplugin.dll
O12 - Plugin for .mpeg: C:\Programmer\Internet Explorer\PLUGINS\npqtplugin3.dll
O12 - Plugin for .tif: C:\Programmer\Internet Explorer\PLUGINS\npqtplugin5.dll
O16 - DPF: Garmin Communicator Plug-In - https://static.garmincdn.com/gcp/ie/2.9.3.0/GarminAxControl.CAB
O16 - DPF: {07D09E9E-C667-45DD-B035-217BC2A61A3B} - https://www.basisbank.dk/package/sdc/external/activex/ActiveXSikkerhedssoftware-prod-1.30.cab
O16 - DPF: {11818680-FCF6-11D0-9808-0800092A4865} - http://www.kps.dk/Codebase/FormCtl.cab
O16 - DPF: {1469FF24-47F6-11D2-8805-006008C537E3} - http://www.kps.dk/codebase/ffmail.cab
O16 - DPF: {22492231-AEF0-49FC-9180-CE8969AB1273} - http://download.sp.f-secure.com/ols/f-secure-rtm/resources/fslauncher.cab
O16 - DPF: {5ED80217-570B-4DA9-BF44-BE107C0EC166} (Windows Live Safety Center Base Module) - http://cdn.scan.onecare.live.com/resource/download/scanner/wlscbase6886.cab
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1127924061312
O16 - DPF: {92EB6641-286A-11D2-A68E-00A0C996A6DD} - http://www.kps.dk/codebase/jfsignature.cab
O16 - DPF: {AD90E8D1-3B47-11D2-A696-00A0C996A6DD} - http://www.kps.dk/codebase/jfcrypto.cab
O16 - DPF: {B9F79165-A264-4C4A-A211-133A5E8D647F} (F-Secure Health Check 1.1) - http://support.f-secure.com/enu/home/onlineservices/fshc/fscax.cab
O16 - DPF: {CDDCFBB3-4D93-11D2-B1A9-00A0C9B742BE} - http://www.kps.dk/codebase/scriptobject.cab
O16 - DPF: {D8575CE3-3432-4540-88A9-85A1325D3375} (e-Safekey) - https://netbank.danskebank.dk/html/activex/e-Safekey/DB/e-Safekey.cab
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O16 - DPF: {EF2FB80F-0975-408E-A871-B00CC863478A} - http://www.kps.dk/codebase/fontinstaller.cab
O18 - Protocol: avgsecuritytoolbar - {F2DDE6B2-9684-4A55-86D4-E255E237B77C} - C:\Programmer\AVG\AVG10\Toolbar\IEToolbar.dll
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Programmer\AVG\AVG10\avgpp.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\FLLESF~1\Skype\SKYPE4~1.DLL
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\System32\browseui.dll
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\System32\browseui.dll
O23 - Service: AVG Security Toolbar Service - Unknown owner - C:\Programmer\AVG\AVG10\Toolbar\ToolbarBroker.exe
O23 - Service: AVGIDSAgent - AVG Technologies CZ, s.r.o. - C:\Programmer\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSAgent.exe
O23 - Service: AVG WatchDog (avgwd) - AVG Technologies CZ, s.r.o. - C:\Programmer\AVG\AVG10\avgwdsvc.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Programmer\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Programmer\Java\jre6\bin\jqs.exe
O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINDOWS\system32\LEXBCES.EXE
O23 - Service: LVCOMSer - Logitech Inc. - C:\Programmer\Fælles filer\LogiShrd\LVCOMSER\LVComSer.exe
O23 - Service: Process Monitor (LVPrcSrv) - Logitech Inc. - C:\Programmer\Fælles filer\LogiShrd\LVMVFM\LVPrcSrv.exe
O23 - Service: LVSrvLauncher - Logitech Inc. - C:\Programmer\Fælles filer\LogiShrd\SrvLnch\SrvLnch.exe
O23 - Service: Intel NCS NetService (NetSvc) - Intel(R) Corporation - C:\Programmer\Intel\NCS\Sync\NetSvc.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe

--
End of file - 10805 bytes

Nej vi må håbe han kommer forbi o g kigger på hijackthis, som jeg ikke er så god til.
Umiddelbart synes jeg ikke det ser forkert ud. Jeg bemælrker dog der er en del der ikke behøver at være der. Blandt andet alle de toolbars er det noget han bruger?
hvor meget her han kørende i opstarten?
Kan du se hvad der evt sluger i joblisten (processer)?
Hvor meget plads er der på c drevet? Er der trange kår?

Malwarebyte sså jo fin ud og intet at bemærke.
Meden vi venter kunne du køre en chkdsk, for at kontrollere disken for fejl:http://pctricks.dk/chkdsk-pa-vista-215.html
Denne er til vista men xp er på samme måde.

Under alle omstændigheder - lidt 'oprydning' (Har ikke så meget tid...) ->

Afinstall
* Forbrugerliv XtraSaver  (Eller elsker du den ?)
* GoogleToolbarNotifier
* Bing "Et eller andet"
* Hotmail Spam Filter ?  (Eller elsker du den ?)

---

Kør en scanning med Hijackthis,
Du får herunder nogle filer, som du skal fixe. Det, du skal gøre, er at sætte et flueben ud for disse filer. Når du har gjort det, så lukker du alle andre vinduer ned. Det er meget vigtigt at det eneste vindue, som er åbent er HijackThis vinduet. Husk også at lukke dette vindue, når du har markeret filerne. Nu må du fixe. Klik på Fix checked.

Det er disse, som skal fixes:

R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = http=127.0.0.1:33921

O2 - BHO: Hjælp til tilmelding til Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programmer\Fælles filer\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Programmer\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Programmer\Google\GoogleToolbarNotifier\5.6.6209.1142\swg.dll
O2 - BHO: Bing Bar Helper - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - "C:\Programmer\Microsoft\BingBar\BingExt.dll" (file missing)

O3 - Toolbar: Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - "C:\Programmer\Microsoft\BingBar\BingExt.dll" (file missing)
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Programmer\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Programmer\Fælles filer\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKCU\..\Run: [swg] "C:\Programmer\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"

Genstart normalt...

---

Oprydning med CCleaner ...

---

Hvordan kører PC'en så nu ?

---

PS: Du bør da sætte IE's startside til noget andet end M$ standard "reklame" side http://go.microsoft.com/fwlink/?LinkId=69157 ???

PS[2]: Du skal opdatere AcrobatReader ->
http://get.adobe.com/dk/reader/  (FRAKlik GoogleToolbar!)

PS[3]:
http://kundeservice.tdc.dk/testcenter/

Hej igen.
NYT - har fået renset lidt med F-sercure easy clea - NU virker de automatiske opdateringer igen.

Der er intet at bruge toolbares til - udover google måske.

Der skulle være 1/2 plads tilbage på c-drevet. Ikke så galt.

MEN....opstarten er langsom og den låser stadig i musen og F-secure onlinescanner vil stadig ikke ?

Jeg prøver den du skriver der in te meaentime.

Hej Karise-Larry.

Godt at se dig her:-)


Gør som du skriver - det er min fars pc og jeg tror ikke at han elsker nogen af de nævnte så de ryger:-)

Ses - vender tilbage asap.

Så er der fixet og renset.

Den er lidt hurtigere i opstart, kører lidt bedre OG opdaterer fra MS. MEN musen låser sig stadigvæk - det er ligegyldigt hvilken mus jeg sætter på - det er på pcen problemet er (Har set det før på egen pc - da var det noget virus-efter-snask)

TDC - OK

Helthchekc fra F-secure - OK

F-secure online scanner - NEJ NEJ OG atter nej - fejl id27 - programmet kunne ikke hente alle de nødvendige filer - ???? Hvis denne fejl gentages skal du kontakte supporten his (fejl-id:27) HVAD BETYDER DOG DETTE???

Virus gemt på pcen ??

VH Marianne 

Mangler disktjek.

Ved genstart:

Vejl ved afslutning af DDS-server?

(Hmmm... Andre i denne tråd ? - har ikke så meget tid ...)

Hent og kør DDS

Den laver to logs,(DDS.txt og Attach.txt) gem dem på skrivebordet og kopier indholdet af begge herind.

OBS - DDS skal gemmes på computeren og ikke køres fra nettet.

PS Du skal nok bruge to indlæg, da de er ret lange.

Hej f-arn.

Hvordan henter og kører jeg DDS? Hvordan laver jeg disse to logs? Hvorfra?

Der har været noget i AVG (er der stadig). PC'en kørte som sagt bedre - omend ikke ok. SÅ startede AVG og PC'en gik faktisk helt ned (lukkede dog ikke) og sagde mærkeligt. Besluttede at afinstallere AVG - mistake om virus (set før) i virusprogrammet. Dog vil den ikke fjerne alt..Og F-secure vil stadig ikke.

Hmm..Håber du er der da dette da er noget langhåret:-) :-(

fandt det...der var dog to forskellige - den ene skriver at den i type er Pauseskærm - men den anden jeg kunne hente hedder Genvej til MS-Dos - Går ud fra at det er genvej til MS-dos jeg skal bruge ?

Hej Marianne.

Det kaldte du dig i hvert fald her

Hvis du klikker på dette skulle den gerne blive hentet. Det er et direkte link, som det DDS, jeg lavede i mit tidligere indlæg

dds.pif (genvej til dos) eller dds.scr (skrev type pauseskræm) - Taget link fra noget du tidligere har skrevet i andet indlæg.

Du kan bruge både Pif og Scr. De gør det samme.

Hej igen - Jo, jeg hedder Marianne:-) Og f-arn husker også godt dig - DU var også med til at hjælpe mig sammen med Karise larry - dengang det var min egen pc som den var gal med:-)

Her kommer logs:
.
DDS (Ver_11-03-05.01) - NTFSx86 
Run by Elsebet Rasmussen at 11:27:51,60 on 07-04-2011
Internet Explorer: 8.0.6001.18702
Microsoft Windows XP Professional  5.1.2600.3.1252.45.1030.18.511.165 [GMT 2:00]
.
AV: AVG Anti-Virus Free Edition 2011 *Disabled/Outdated* {17DDD097-36FF-435F-9E1B-52D74245D6BF}
.
============== Running Processes ===============
.
C:\WINDOWS\system32\svchost -k DcomLaunch
svchost.exe
C:\WINDOWS\System32\svchost.exe -k netsvcs
C:\WINDOWS\system32\LEXBCES.EXE
C:\WINDOWS\system32\LEXPPS.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Programmer\Fælles filer\LogiShrd\LVMVFM\LVPrcSrv.exe
C:\Programmer\AVG\AVG10\avgwdsvc.exe
C:\Programmer\Java\jre6\bin\jqs.exe
C:\Programmer\Fælles filer\LogiShrd\LVCOMSER\LVComSer.exe
C:\WINDOWS\System32\nvsvc32.exe
C:\WINDOWS\System32\svchost.exe -k imgsvc
C:\Programmer\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSAgent.exe
C:\WINDOWS\Explorer.EXE
C:\Programmer\AVG\AVG10\avgnsx.exe
C:\Programmer\AVG\AVG10\avgchsvx.exe
C:\Programmer\Fælles filer\LogiShrd\LVCOMSER\LVComSer.exe
C:\Programmer\GIANT Company Software\Spam Inspector\siService.exe
C:\Programmer\Lexmark X74-X75\lxbbbmgr.exe
C:\Programmer\AVG\AVG10\avgtray.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Programmer\Lexmark X74-X75\lxbbbmon.exe
C:\Programmer\Dell Support\DSAgnt.exe
C:\Programmer\Samsung\Digimax Viewer 2.1\STImgBrowser.exe
C:\Programmer\McAfee Security Scan\2.0.181\SSScheduler.exe
C:\Programmer\GIANT Company Software\Spam Inspector\siSpamFilterEngine.exe
C:\Programmer\GIANT Company Software\Spam Inspector\siSpamFilterEngine.exe
C:\Programmer\AVG\AVG10\Identity Protection\agent\bin\avgidsmonitor.exe
C:\Programmer\Internet Explorer\iexplore.exe
C:\Programmer\Internet Explorer\iexplore.exe
C:\Documents and Settings\Elsebet Rasmussen\Skrivebord\dds.pif
.
============== Pseudo HJT Report ===============
.
uInternet Connection Wizard,ShellNext = iexplore
uInternet Settings,ProxyOverride = localhost
mSearchAssistant =
uURLSearchHooks: AVG Security Toolbar BHO: {a3bc75a2-1f87-4686-aa43-5347d756017c} - c:\programmer\avg\avg10\toolbar\IEToolbar.dll
mURLSearchHooks: AVG Security Toolbar BHO: {a3bc75a2-1f87-4686-aa43-5347d756017c} - c:\programmer\avg\avg10\toolbar\IEToolbar.dll
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\programmer\fælles filer\adobe\acrobat\activex\AcroIEHelperShim.dll
BHO: AVG Safe Search: {3ca2f312-6f6e-4b53-a66e-4e65e497c8c0} - c:\programmer\avg\avg10\avgssie.dll
BHO: AVG Security Toolbar BHO: {a3bc75a2-1f87-4686-aa43-5347d756017c} - c:\programmer\avg\avg10\toolbar\IEToolbar.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\programmer\java\jre6\bin\jp2ssv.dll
BHO: JQSIEStartDetectorImpl Class: {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - c:\programmer\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
TB: AVG Security Toolbar: {ccc7a320-b3ca-4199-b1a6-9f516dd69829} - c:\programmer\avg\avg10\toolbar\IEToolbar.dll
TB: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - No File
TB: {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - No File
TB: {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No File
TB: {AA01D2E3-6C81-4266-AA54-A912697110E2} - No File
TB: {BC04B34E-5DD8-465A-A5E0-86F7C11BC009} - No File
TB: {D4027C7F-154A-4066-A1AD-4243D8127440} - No File
EB: {32683183-48a0-441b-a342-7c2a440a9478} - No File
uRun: [CTFMON.EXE] c:\windows\system32\ctfmon.exe
uRun: [NvMediaCenter] RUNDLL32.EXE c:\windows\system32\NVMCTRAY.DLL,NvTaskbarInit
uRun: [Skype] "c:\programmer\skype\\phone\Skype.exe" /nosplash /minimized
uRun: [DellSupport] "c:\programmer\dell support\DSAgnt.exe" /startup
uRun: [swg] "c:\programmer\google\googletoolbarnotifier\GoogleToolbarNotifier.exe"
mRun: [nwiz] nwiz.exe /install
mRun: [siService.exe] "c:\programmer\giant company software\spam inspector\siService.exe"
mRun: [Lexmark X74-X75] "c:\programmer\lexmark x74-x75\lxbbbmgr.exe"
mRun: [zBrowser Launcher] c:\program files\logitech\itouch\iTouch.exe
mRun: [NvCplDaemon] RUNDLL32.EXE c:\windows\system32\NvCpl.dll,NvStartup
mRun: [AVG_TRAY] c:\programmer\avg\avg10\avgtray.exe
dRun: [CTFMON.EXE] c:\windows\system32\CTFMON.EXE
dRun: [DWQueuedReporting] "c:\progra~1\fllesf~1\micros~1\dw\dwtrig20.exe" -t
StartupFolder: c:\docume~1\alluse~1\menuen~1\progra~1\start\digima~2.lnk - c:\programmer\samsung\digimax viewer 2.1\STImgBrowser.exe
StartupFolder: c:\docume~1\alluse~1\menuen~1\progra~1\start\digima~1.lnk - c:\programmer\samsung\digimax viewer 2.1\STImgBrowser.exe
StartupFolder: c:\docume~1\alluse~1\menuen~1\progra~1\start\mcafee~1.lnk - c:\programmer\mcafee security scan\2.0.181\SSScheduler.exe
IE: &Search - ?p=ZVxdm008YYDK
IE: &Windows Live Search - c:\programmer\windows live toolbar\msntb.dll/search.htm
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
IE: Add to Windows &Live Favorites - http://favorites.live.com/quickadd.aspx
IE: E&xport to Microsoft Excel - c:\progra~1\micros~2\office10\EXCEL.EXE/3000
IE: Google Sidewiki... - c:\programmer\google\google toolbar\component\GoogleToolbarDynamic_mui_en_D183CA64F05FDD98.dll/cmsidewiki.html
IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683}
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - c:\programmer\windows live\writer\WriterBrowserExtension.dll
DPF: Garmin Communicator Plug-In - hxxps://static.garmincdn.com/gcp/ie/2.9.3.0/GarminAxControl.CAB
DPF: {07D09E9E-C667-45DD-B035-217BC2A61A3B} - hxxps://www.basisbank.dk/package/sdc/external/activex/ActiveXSikkerhedssoftware-prod-1.30.cab
DPF: {11818680-FCF6-11D0-9808-0800092A4865} - hxxp://www.kps.dk/Codebase/FormCtl.cab
DPF: {1469FF24-47F6-11D2-8805-006008C537E3} - hxxp://www.kps.dk/codebase/ffmail.cab
DPF: {166B1BCA-3F9C-11CF-8075-444553540000} - hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab
DPF: {17492023-C23A-453E-A040-C7C580BBF700} - hxxp://download.microsoft.com/download/5/b/0/5b0d4654-aa20-495c-b89f-c1c34c691085/LegitCheckControl.cab
DPF: {22492231-AEF0-49FC-9180-CE8969AB1273} - hxxp://download.sp.f-secure.com/ols/f-secure-rtm/resources/fslauncher.cab
DPF: {5ED80217-570B-4DA9-BF44-BE107C0EC166} - hxxp://cdn.scan.onecare.live.com/resource/download/scanner/wlscbase6886.cab
DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} - hxxp://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1127924061312
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab
DPF: {92EB6641-286A-11D2-A68E-00A0C996A6DD} - hxxp://www.kps.dk/codebase/jfsignature.cab
DPF: {AD90E8D1-3B47-11D2-A696-00A0C996A6DD} - hxxp://www.kps.dk/codebase/jfcrypto.cab
DPF: {B9F79165-A264-4C4A-A211-133A5E8D647F} - hxxp://support.f-secure.com/enu/home/onlineservices/fshc/fscax.cab
DPF: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab
DPF: {CDDCFBB3-4D93-11D2-B1A9-00A0C9B742BE} - hxxp://www.kps.dk/codebase/scriptobject.cab
DPF: {D8575CE3-3432-4540-88A9-85A1325D3375} - hxxps://netbank.danskebank.dk/html/activex/e-Safekey/DB/e-Safekey.cab
DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
DPF: {EF2FB80F-0975-408E-A871-B00CC863478A} - hxxp://www.kps.dk/codebase/fontinstaller.cab
Handler: avgsecuritytoolbar - {F2DDE6B2-9684-4A55-86D4-E255E237B77C} - c:\programmer\avg\avg10\toolbar\IEToolbar.dll
Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - c:\programmer\avg\avg10\avgpp.dll
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - c:\progra~1\fllesf~1\skype\SKYPE4~1.DLL
SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll
.
============= SERVICES / DRIVERS ===============
.
R0 AVGIDSEH;AVGIDSEH;c:\windows\system32\drivers\AVGIDSEH.sys [2010-9-13 25680]
R0 Avgrkx86;AVG Anti-Rootkit Driver;c:\windows\system32\drivers\avgrkx86.sys [2010-9-7 26064]
R1 Avgldx86;AVG AVI Loader Driver;c:\windows\system32\drivers\avgldx86.sys [2010-9-7 251728]
R1 Avgmfx86;AVG Mini-Filter Resident Anti-Virus Shield;c:\windows\system32\drivers\avgmfx86.sys [2010-9-7 34384]
R1 Avgtdix;AVG TDI Driver;c:\windows\system32\drivers\avgtdix.sys [2010-11-9 299984]
R2 AVGIDSAgent;AVGIDSAgent;c:\programmer\avg\avg10\identity protection\agent\bin\AVGIDSAgent.exe [2011-1-6 6128720]
R2 avgwd;AVG WatchDog;c:\programmer\avg\avg10\avgwdsvc.exe [2010-10-22 265400]
R2 fssfltr;FssFltr;c:\windows\system32\drivers\fssfltr_tdi.sys [2009-7-25 54752]
R3 AVGIDSDriver;AVGIDSDriver;c:\windows\system32\drivers\AVGIDSDriver.sys [2010-8-19 123472]
R3 AVGIDSFilter;AVGIDSFilter;c:\windows\system32\drivers\AVGIDSFilter.sys [2010-8-19 30288]
R3 AVGIDSShim;AVGIDSShim;c:\windows\system32\drivers\AVGIDSShim.sys [2010-8-19 26192]
S1 MpKsl0b726d7d;MpKsl0b726d7d;\??\c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{6dc8f058-8def-4eab-ae07-38f5c73d7c1d}\mpksl0b726d7d.sys --> c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{6dc8f058-8def-4eab-ae07-38f5c73d7c1d}\MpKsl0b726d7d.sys [?]
S1 MpKsl52b55fb1;MpKsl52b55fb1;\??\c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{950d8610-f8c6-4b87-9d38-1702245a0d59}\mpksl52b55fb1.sys --> c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{950d8610-f8c6-4b87-9d38-1702245a0d59}\MpKsl52b55fb1.sys [?]
S1 MpKsl5499abb6;MpKsl5499abb6;\??\c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{99e585ca-6426-458a-a145-0cf7f3d1e1af}\mpksl5499abb6.sys --> c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{99e585ca-6426-458a-a145-0cf7f3d1e1af}\MpKsl5499abb6.sys [?]
S1 MpKsl7d8878f7;MpKsl7d8878f7;\??\c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{6df7bfa7-5338-42c1-aa63-fe11368c7774}\mpksl7d8878f7.sys --> c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{6df7bfa7-5338-42c1-aa63-fe11368c7774}\MpKsl7d8878f7.sys [?]
S1 MpKsl87ce3081;MpKsl87ce3081;\??\c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{dd8433e8-6317-4e5a-bb09-89d8ed579e31}\mpksl87ce3081.sys --> c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{dd8433e8-6317-4e5a-bb09-89d8ed579e31}\MpKsl87ce3081.sys [?]
S1 MpKsl995e0ded;MpKsl995e0ded;\??\c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{7fc802e0-a325-40e2-9dd2-40093a6f2dde}\mpksl995e0ded.sys --> c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{7fc802e0-a325-40e2-9dd2-40093a6f2dde}\MpKsl995e0ded.sys [?]
S1 MpKslb11a5f2a;MpKslb11a5f2a;\??\c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{3ae7535d-ab81-4bb2-9fae-99d0e6728bd2}\mpkslb11a5f2a.sys --> c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{3ae7535d-ab81-4bb2-9fae-99d0e6728bd2}\MpKslb11a5f2a.sys [?]
S1 MpKsldd943149;MpKsldd943149;\??\c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{7fc802e0-a325-40e2-9dd2-40093a6f2dde}\mpksldd943149.sys --> c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{7fc802e0-a325-40e2-9dd2-40093a6f2dde}\MpKsldd943149.sys [?]
S1 MpKsle0a39605;MpKsle0a39605;\??\c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{35b2ecc3-2ca9-4950-b8dd-19c4f3dc91ca}\mpksle0a39605.sys --> c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{35b2ecc3-2ca9-4950-b8dd-19c4f3dc91ca}\MpKsle0a39605.sys [?]
S1 MpKslf7318f54;MpKslf7318f54;\??\c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{eaf2697f-3d28-4d2c-ad19-9088cacacbe0}\mpkslf7318f54.sys --> c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{eaf2697f-3d28-4d2c-ad19-9088cacacbe0}\MpKslf7318f54.sys [?]
S3 AVG Security Toolbar Service;AVG Security Toolbar Service;c:\programmer\avg\avg10\toolbar\ToolbarBroker.exe [2010-11-30 517448]
S3 fsssvc;Windows Live-tjenesten Family Safety;c:\programmer\windows live\family safety\fsssvc.exe [2010-4-28 704864]
S3 McComponentHostService;McAfee Security Scan Component Host Service;c:\programmer\mcafee security scan\2.0.181\McCHSvc.exe [2010-1-15 227232]
S3 nosGetPlusHelper;getPlus(R) Helper 3004;c:\windows\system32\svchost.exe -k nosGetPlusHelper [2001-10-9 14336]
S4 gupdate;Tjenesten Google Update (gupdate);c:\programmer\google\update\GoogleUpdate.exe [2010-1-29 135664]
.
=============== Created Last 30 ================
.
2011-04-07 03:12:56    --------    d-----w-    c:\windows\system32\wbem\repository\FS
2011-04-07 03:12:56    --------    d-----w-    c:\windows\system32\wbem\Repository
2011-04-07 03:07:00    --------    d-----w-    c:\programmer\McAfee Security Scan
2011-04-07 03:07:00    --------    d-----w-    c:\docume~1\alluse~1\applic~1\McAfee Security Scan
2011-03-29 14:47:56    --------    d-----w-    c:\documents and settings\elsebet rasmussen\.oces2
2011-03-12 11:28:40    103864    ----a-w-    c:\programmer\internet explorer\plugins\nppdf32.dll
.
==================== Find3M  ====================
.
2011-03-01 06:02:06    0    ----a-w-    c:\windows\system32\ConduitEngine.tmp
2011-02-09 13:53:48    270848    ------w-    c:\windows\system32\sbe.dll
2011-02-09 13:53:48    186880    ------w-    c:\windows\system32\encdec.dll
2011-02-02 07:58:31    2067456    ----a-w-    c:\windows\system32\mstscax.dll
2011-01-27 11:57:06    677888    ----a-w-    c:\windows\system32\mstsc.exe
2011-01-21 14:44:12    439808    ----a-w-    c:\windows\system32\shimgvw.dll
2011-01-07 14:09:02    290048    ----a-w-    c:\windows\system32\atmfd.dll
.
============= FINISH: 11:33:07,71 ===============

.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_11-03-05.01)
.
Microsoft Windows XP Professional
Boot Device: \Device\HarddiskVolume1
Install Date: 21-06-2003 11:56:58
System Uptime: 07-04-2011 10:13:47 (1 hours ago)
.
Motherboard: Dell Computer Corp. |  | 0G0728
Processor:              Intel(R) Pentium(R) 4 CPU 2.60GHz | Microprocessor | 2593/800mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 56 GiB total, 31,022 GiB free.
D: is CDROM ()
.
==== Disabled Device Manager Items =============
.
==== System Restore Points ===================
.
RP114: 29-03-2011 07:00:23 - Software Distribution Service 3.0
RP115: 30-03-2011 20:14:08 - Software Distribution Service 3.0
RP116: 01-04-2011 06:47:56 - Software Distribution Service 3.0
RP117: 02-04-2011 06:59:00 - Software Distribution Service 3.0
RP118: 03-04-2011 17:58:51 - Software Distribution Service 3.0
RP119: 05-04-2011 07:03:54 - Software Distribution Service 3.0
RP120: 06-04-2011 07:44:47 - Software Distribution Service 3.0
RP121: 06-04-2011 18:53:07 - Fjernede Windows 7 Upgrade Advisor
RP122: 06-04-2011 22:09:34 - Removed Bing Bar
RP123: 06-04-2011 22:57:26 - Removed Adobe Reader 9.4.3 - Dansk.
RP124: 07-04-2011 03:36:47 - Gendan handling
RP125: 07-04-2011 03:53:09 - Gendan handling
RP126: 07-04-2011 04:51:09 - Gendan handling
RP127: 07-04-2011 09:51:02 - Removed AVG 2011
RP128: 07-04-2011 09:55:06 - Removed AVG 2011
.
==== Installed Programs ======================
.
.
ABBYY FineReader 5.0 Sprint
ActiveX sikkerhedssoftware
Adobe Download Manager
Adobe Flash Player 10 ActiveX
Adobe Reader 9.4.3 - Dansk
Adobe Shockwave Player 11.5
Advertising Center
ArcSoft PhotoImpression 4
AVG 2011
CCleaner
CDBurnerXP
Compatibility Pack for the 2007 Office system
D-Link AirPlus
Dell Picture Studio - Dell Image Expert
Dell ResourceCD
Dell Solution Center
Dell Support 3.1
Dell Support Center
Digimax Viewer 2.1
Digital Locker-assistent
FaxTools
Fremhævelsesvisning (Windows Live Toolbar)
Google Toolbar for Internet Explorer
Google Update Helper
HighMAT-udvidelse til Guiden Cd-skrivning til Microsoft Windows XP
HiJackThis
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)
Hotfix til Windows Internet Explorer 7 (KB947864)
Intel(R) PRO Network Connections Drivers
Intel(R) PROSet
Java Auto Updater
Java(TM) 6 Update 23
Junk Mail filter update
Lexmark X74-X75
LiveUpdate 2.0 (Symantec Corporation)
Logitech Desktop Messenger
Logitech iTouch-program
Logitech MouseWare 9.79.1
Logitech QuickCam
Logitech® Camera-driver
McAfee Security Scan Plus
Microsoft .NET Framework 2.0 Service Pack 2
Microsoft .NET Framework 3.0 Service Pack 2
Microsoft .NET Framework 3.5 Language Pack SP1 - dan
Microsoft .NET Framework 3.5 SP1
Microsoft Application Error Reporting
Microsoft Choice Guard
Microsoft Compression Client Pack 1.0 for Windows XP
Microsoft Data Access Components KB870669
Microsoft Internationalized Domain Names Mitigation APIs
Microsoft National Language Support Downlevel APIs
Microsoft Office 2000 SR-1 Professional
Microsoft Office XP Proofing Tools
Microsoft Primary Interoperability Assemblies 2005
Microsoft Silverlight
Microsoft SQL Server 2005 Compact Edition [ENU]
Microsoft Sync Framework Runtime Native v1.0 (x86)
Microsoft Sync Framework Services Native v1.0 (x86)
Microsoft User-Mode Driver Framework Feature Pack 1.0
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
MSVCRT
MSXML 4.0 SP2 (KB925672)
MSXML 4.0 SP2 (KB927978)
MSXML 4.0 SP2 (KB936181)
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
MVision
Nero StartSmart OEM
neroxml
NVIDIA Display Driver
OGA Notifier 2.0.0048.0
Opdatering til Windows Internet Explorer 8 (KB2447568)
Opdatering til Windows Internet Explorer 8 (KB968220)
Opdatering til Windows Internet Explorer 8 (KB976662)
Opdatering til Windows Internet Explorer 8 (KB976749)
Opdatering til Windows Internet Explorer 8 (KB980182)
OpenOffice.org Installer 1.0
Overførselsværktøj til Windows Live
Paint Shop Pro 7
Picasa 3
QuickTime
Security Update for CAPICOM (KB931906)
Security Update for Microsoft .NET Framework 3.5 SP1 (KB2416473)
Segoe UI
Sikkerhedsopdatering til Windows Internet Explorer 7 (KB928090)
Sikkerhedsopdatering til Windows Internet Explorer 7 (KB931768)
Sikkerhedsopdatering til Windows Internet Explorer 7 (KB933566)
Sikkerhedsopdatering til Windows Internet Explorer 7 (KB937143)
Sikkerhedsopdatering til Windows Internet Explorer 7 (KB938127)
Sikkerhedsopdatering til Windows Internet Explorer 7 (KB939653)
Sikkerhedsopdatering til Windows Internet Explorer 7 (KB942615)
Sikkerhedsopdatering til Windows Internet Explorer 7 (KB944533)
Sikkerhedsopdatering til Windows Internet Explorer 7 (KB950759)
Sikkerhedsopdatering til Windows Internet Explorer 7 (KB953838)
Sikkerhedsopdatering til Windows Internet Explorer 7 (KB956390)
Sikkerhedsopdatering til Windows Internet Explorer 7 (KB958215)
Sikkerhedsopdatering til Windows Internet Explorer 7 (KB960714)
Sikkerhedsopdatering til Windows Internet Explorer 7 (KB961260)
Sikkerhedsopdatering til Windows Internet Explorer 7 (KB963027)
Sikkerhedsopdatering til Windows Internet Explorer 8 (KB2183461)
Sikkerhedsopdatering til Windows Internet Explorer 8 (KB2360131)
Sikkerhedsopdatering til Windows Internet Explorer 8 (KB2416400)
Sikkerhedsopdatering til Windows Internet Explorer 8 (KB2482017)
Sikkerhedsopdatering til Windows Internet Explorer 8 (KB969897)
Sikkerhedsopdatering til Windows Internet Explorer 8 (KB971961)
Sikkerhedsopdatering til Windows Internet Explorer 8 (KB972260)
Sikkerhedsopdatering til Windows Internet Explorer 8 (KB974455)
Sikkerhedsopdatering til Windows Internet Explorer 8 (KB976325)
Sikkerhedsopdatering til Windows Internet Explorer 8 (KB978207)
Sikkerhedsopdatering til Windows Internet Explorer 8 (KB981332)
Sikkerhedsopdatering til Windows Internet Explorer 8 (KB982381)
SkillGround Game Manager
Skype™ 4.2
SoundMAX
Spam Inspector
Sprogpakke til Microsoft .NET Framework 3.5 SP1 - dansk
Tilmeldingsassistent til Windows Live
Update for Microsoft .NET Framework 3.5 SP1 (KB963707)
WebCyberCoach 3.2 Dell
WebFldrs XP
Windows Genuine Advantage v1.3.0254.0
Windows Imaging Component
Windows Internet Explorer 7
Windows Internet Explorer 8
Windows Live Communications Platform
Windows Live Essentials
Windows Live Family Safety
Windows Live Mail
Windows Live Messenger
Windows Live OneCare safety scanner
Windows Live Photo Gallery
Windows Live Sync
Windows Live Writer
Windows Media Format 11 runtime
Windows Media Player 11
Windows XP Service Pack 3
XML Paper Specification Shared Components Language Pack 1.0
.
==== End Of File ===========================

Nu skriver attach.txt at jeg ikke må sende disse oplysnbinger - ?? Men går ud fra at jeg har  gjort det ok - ved at lægge det herind til dig? VH Mariann

Ja - det er fint.

Du skriver du har prøvet at fjerne AVG. Hvordan gjorde du det?
Hvis du selv prøver at kikke i de to logs, vil du se den er massivt tilstede.

ComboFix vil ikke køre med AVG, så lad os prøve noget andet, i første omgang.

------

Download OTL af OldTimer og gem den på dit skrivebord.

Start OTL

Vista og Windows 7 - højreklik på filen - Kør som Administrator.

Når vinduet vises, skal du under Output i toppen skifte til "Minimal Output".
Til venstre for det, sætter du flueben i "Scan All Users"

Under Extra Registry boksen ændrer du det til All.

I nederste højre hjørne af det øverste panel, sæt fluben ved "LOP Check" og "Purity Check".

I boksen "Custom Scans/Fixes" kopierer du det fremhævede ind.


netsvcs
drivers32
msconfig
safebootminimal
safebootnetwork
activex
/md5start
explorer.exe
winlogon.exe
userinit.exe
svchost.exe
wininit.exe
sfc.dll
/md5stop
%SYSTEMDRIVE%\*.*
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\Tasks\*.job /lockedfiles
%systemroot%\system32\drivers\*.sys /lockedfiles
%systemroot%\*. /mp /s
CREATERESTOREPOINT
%systemroot%\System32\config\*.sav
HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install|LastSuccessTime /rs


Luk alle åbne vinduer og klik på "Quick Scan" øverst til venstre og lade programmet køre. Scanningen kan tage 5-10 minutter.

Det vil give to logfiler på skrivebordet, en kaldet OTL.txt, den anden vil blive navngivet Extras.txt.


Så kopier følgende ind i dit indlæg (i rækkefølge):

indholdet af OTL.txt
indholdet af Extras.txt

Da de er forholdsvis lange, kan du blive nødt til at sende dem i flere indlæg.

Hej igen.
Jeg kørte afinstallering - men den ville ikke gøre det ordentligt. Gjorde fuldstændig som jeg plejer i fjern programmer- men det er det som får mig til at have mistanke til at der ligger noget deri - at den netop IKKE blev fjernet ordnetligt - ?

OTL - Jeg kører XP og IKKE windows 7 - virker den alligevel?

- Der kom afinstalleringsside frem fra AVG - og den afsluttede med finish - men virkede så altså ikke - ?

Er det en ide at prøve at afinstaller den igen?? Den ligger stadig i listen

Ja - det er en standard linie, som jeg glemte at slette.


Vent med det til senere. Hvis vi skal bruge ComboFix senere, skal den som "sagt" væk.

Bare kør OTL, som beskrevet i #19.

Ok - den kører nu. Lægger ind såsnart den er færdig.

Hej igen.

Der sker altså noget spøjst - jeg sætter OTL igang som du har beskrevet - OG sætter kryds i extra registry ALL - men den ændrer det lige pludselig til NONE - Og så sættes der flueben i Skip Microsoft Files og Use No-Company-Name White List....???

Første gang troede jeg at jeg havde krydset forkert af i NONE - istedet for ALL - MEN så har jeg kørt den igen og er 100% sikker på at jeg har krydset ALL - men den ændrer det igen efter lidt tid???

Hvad gør jeg så - sender den log der kommer herind alligevel eller?

Prøver at lægge den herind - når den nu slutter om lidt (kørt 2 gange - men det samme sker)

OTL logfile created on: 07-04-2011 13:55:56 - Run 2
OTL by OldTimer - Version 3.2.22.3    Folder = C:\Documents and Settings\Elsebet Rasmussen\Skrivebord
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000406 | Country: Danmark | Language: DAN | Date Format: dd-MM-yyyy

511,00 Mb Total Physical Memory | 206,00 Mb Available Physical Memory | 40,00% Memory free
1,00 Gb Paging File | 1,00 Gb Available in Paging File | 68,00% Paging File free
Paging file location(s): C:\pagefile.sys 768 1536 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Programmer
Drive C: | 55,87 Gb Total Space | 30,95 Gb Free Space | 55,40% Space Free | Partition Type: NTFS

Computer Name: ELSEBET | User Name: Elsebet Rasmussen | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - C:\Documents and Settings\Elsebet Rasmussen\Skrivebord\OTL.exe (OldTimer Tools)
PRC - C:\Programmer\AVG\AVG10\avgtray.exe (AVG Technologies CZ, s.r.o.)
PRC - C:\Programmer\AVG\AVG10\avgnsx.exe (AVG Technologies CZ, s.r.o.)
PRC - C:\Programmer\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSMonitor.exe (AVG Technologies CZ, s.r.o.)
PRC - C:\Programmer\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSAgent.exe (AVG Technologies CZ, s.r.o.)
PRC - C:\Programmer\AVG\AVG10\avgchsvx.exe (AVG Technologies CZ, s.r.o.)
PRC - C:\Programmer\AVG\AVG10\avgwdsvc.exe (AVG Technologies CZ, s.r.o.)
PRC - C:\Programmer\McAfee Security Scan\2.0.181\SSScheduler.exe (McAfee, Inc.)
PRC - C:\WINDOWS\explorer.exe (Microsoft Corporation)
PRC - C:\Programmer\Fælles filer\logishrd\LVMVFM\LVPrcSrv.exe (Logitech Inc.)
PRC - C:\Programmer\Fælles filer\logishrd\LVCOMSER\LVComSer.exe (Logitech Inc.)
PRC - C:\Programmer\Dell Support\DSAgnt.exe (Gteko Ltd.)
PRC - C:\Programmer\Samsung\Digimax Viewer 2.1\STImgBrowser.exe (STOIK Imaging (www.stoik.com))
PRC - C:\Programmer\GIANT Company Software\Spam Inspector\siSpamFilterEngine.exe (GIANT Company Software)
PRC - C:\Programmer\GIANT Company Software\Spam Inspector\siService.exe (GIANT Company Software, inc.)
PRC - C:\Programmer\Lexmark X74-X75\lxbbbmon.exe (Lexmark International, Inc.)
PRC - C:\Programmer\Lexmark X74-X75\lxbbbmgr.exe (Lexmark International, Inc.)


========== Modules (SafeList) ==========

MOD - C:\Documents and Settings\Elsebet Rasmussen\Skrivebord\OTL.exe (OldTimer Tools)
MOD - C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\comctl32.dll (Microsoft Corporation)
MOD - C:\Programmer\Fælles filer\logishrd\LVMVFM\LVPrcInj.dll (Logitech Inc.)


========== Win32 Services (SafeList) ==========

SRV - (nosGetPlusHelper) getPlus(R) -- C:\Programmer\NOS\bin\getPlus_Helper_3004.dll (NOS Microsystems Ltd.)
SRV - (AVGIDSAgent) -- C:\Programmer\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSAgent.exe (AVG Technologies CZ, s.r.o.)
SRV - (AVG Security Toolbar Service) -- C:\Programmer\AVG\AVG10\Toolbar\ToolbarBroker.exe ()
SRV - (avgwd) -- C:\Programmer\AVG\AVG10\avgwdsvc.exe (AVG Technologies CZ, s.r.o.)
SRV - (McComponentHostService) -- C:\Programmer\McAfee Security Scan\2.0.181\McCHSvc.exe (McAfee, Inc.)
SRV - (NMSAccessU) -- C:\Programmer\CDBurnerXP\NMSAccessU.exe ()
SRV - (W3SVC) -- C:\WINDOWS\system32\inetsrv\inetinfo.exe (Microsoft Corporation)
SRV - (MSFtpsvc) -- C:\WINDOWS\system32\inetsrv\inetinfo.exe (Microsoft Corporation)
SRV - (IISADMIN) -- C:\WINDOWS\system32\inetsrv\inetinfo.exe (Microsoft Corporation)
SRV - (LVSrvLauncher) -- C:\Programmer\Fælles filer\logishrd\SrvLnch\SrvLnch.exe (Logitech Inc.)
SRV - (LVPrcSrv) -- C:\Programmer\Fælles filer\LogiShrd\LVMVFM\LVPrcSrv.exe (Logitech Inc.)
SRV - (LVCOMSer) -- C:\Programmer\Fælles filer\LogiShrd\LVCOMSER\LVComSer.exe (Logitech Inc.)
SRV - (NetSvc) -- C:\Programmer\Intel\NCS\Sync\NetSvc.exe (Intel(R) Corporation)
SRV - (MDM) -- C:\Programmer\Fælles filer\Microsoft Shared\VS7Debug\mdm.exe (Microsoft Corporation)


========== Driver Services (SafeList) ==========

DRV - (MBAMSwissArmy) -- C:\WINDOWS\system32\drivers\mbamswissarmy.sys (Malwarebytes Corporation)
DRV - (Avgldx86) -- C:\WINDOWS\system32\drivers\avgldx86.sys (AVG Technologies CZ, s.r.o.)
DRV - (Avgtdix) -- C:\WINDOWS\system32\drivers\avgtdix.sys (AVG Technologies CZ, s.r.o.)
DRV - (AVGIDSEH) -- C:\WINDOWS\system32\DRIVERS\AVGIDSEH.Sys (AVG Technologies CZ, s.r.o. )
DRV - (Avgmfx86) -- C:\WINDOWS\system32\drivers\avgmfx86.sys (AVG Technologies CZ, s.r.o.)
DRV - (Avgrkx86) -- C:\WINDOWS\system32\DRIVERS\avgrkx86.sys (AVG Technologies CZ, s.r.o.)
DRV - (AVGIDSFilter) -- C:\WINDOWS\system32\drivers\AVGIDSFilter.sys (AVG Technologies CZ, s.r.o. )
DRV - (AVGIDSDriver) -- C:\WINDOWS\system32\drivers\AVGIDSDriver.sys (AVG Technologies CZ, s.r.o. )
DRV - (AVGIDSShim) -- C:\WINDOWS\system32\drivers\AVGIDSShim.sys (AVG Technologies CZ, s.r.o. )
DRV - (StarOpen) -- C:\WINDOWS\System32\drivers\StarOpen.sys ()
DRV - (fssfltr) -- C:\WINDOWS\system32\drivers\fssfltr_tdi.sys (Microsoft Corporation)
DRV - (LVMVDrv) -- C:\WINDOWS\system32\drivers\LVMVdrv.sys (Logitech Inc.)
DRV - (LVcKap) -- C:\WINDOWS\system32\drivers\Lvckap.sys (Logitech Inc.)
DRV - (LVUVC) Logitech QuickCam Pro 5000(UVC) -- C:\WINDOWS\system32\drivers\lvuvc.sys (Logitech Inc.)
DRV - (FilterService) -- C:\WINDOWS\system32\drivers\lvuvcflt.sys (Logitech Inc.)
DRV - (LVUSBSta) -- C:\WINDOWS\system32\drivers\LVUSBSta.sys (Logitech Inc.)
DRV - (lvpopflt) -- C:\WINDOWS\system32\drivers\lvpopflt.sys (Logitech Inc.)
DRV - (LVPr2Mon) -- C:\WINDOWS\system32\drivers\LVPr2Mon.sys ()
DRV - (LVPrcMon) -- C:\WINDOWS\system32\drivers\LVPrcMon.sys ()
DRV - (QCMerced) -- C:\WINDOWS\system32\drivers\lvcm.sys ()
DRV - (itchfltr) -- C:\WINDOWS\system32\drivers\itchfltr.sys (Logitech, Inc.)
DRV - (LHidUsb) -- C:\WINDOWS\system32\drivers\Lhidusb.sys (Logitech, Inc.)
DRV - (LMouFlt2) -- C:\WINDOWS\system32\drivers\LMouFlt2.Sys (Logitech, Inc.)
DRV - (L8042pr2) -- C:\WINDOWS\system32\drivers\L8042pr2.Sys (Logitech, Inc.)
DRV - (LHidFlt2) -- C:\WINDOWS\system32\drivers\LHidFlt2.Sys (Logitech, Inc.)
DRV - (AIRPLUS) -- C:\WINDOWS\system32\drivers\AIRPLUS.SYS (D-Link)
DRV - (Cdr4_xp) -- C:\WINDOWS\System32\drivers\cdr4_xp.sys (Roxio)
DRV - (Cdralw2k) -- C:\WINDOWS\System32\drivers\cdralw2k.sys (Roxio)
DRV - (OMCI) -- C:\WINDOWS\SYSTEM32\DRIVERS\OMCI.SYS (Dell Computer Corporation)
DRV - (BCMModem) -- C:\WINDOWS\system32\drivers\BCMDM.sys (BCM)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant =


IE - HKU\.DEFAULT\..\URLSearchHook: {A3BC75A2-1F87-4686-AA43-5347D756017C} - C:\Programmer\AVG\AVG10\Toolbar\IEToolbar.dll ()
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\..\URLSearchHook: {A3BC75A2-1F87-4686-AA43-5347D756017C} - C:\Programmer\AVG\AVG10\Toolbar\IEToolbar.dll ()
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-21-790525478-515967899-725345543-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://dk.msn.com/
IE - HKU\S-1-5-21-790525478-515967899-725345543-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = http://www.live.com/ [binary data]
IE - HKU\S-1-5-21-790525478-515967899-725345543-1003\SOFTWARE\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1
IE - HKU\S-1-5-21-790525478-515967899-725345543-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://dk.msn.com/
IE - HKU\S-1-5-21-790525478-515967899-725345543-1003\..\URLSearchHook: {A3BC75A2-1F87-4686-AA43-5347D756017C} - C:\Programmer\AVG\AVG10\Toolbar\IEToolbar.dll ()
IE - HKU\S-1-5-21-790525478-515967899-725345543-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-790525478-515967899-725345543-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = localhost

FF - HKLM\software\mozilla\Firefox\extensions\\{3f963a5b-e555-4543-90e2-c3908898db71}: C:\Programmer\AVG\AVG10\Firefox\ [2010-12-28 07:27:52 | 000,000,000 | ---D | M]


O1 HOSTS File: ([2011-02-12 07:18:35 | 000,429,847 | R--- | M]) - C:\WINDOWS\System32\Drivers\etc\hosts
O1 - Hosts: 127.0.0.1      localhost
O1 - Hosts: 127.0.0.1    www.007guard.com
O1 - Hosts: 127.0.0.1    007guard.com
O1 - Hosts: 127.0.0.1    008i.com
O1 - Hosts: 127.0.0.1    www.008k.com
O1 - Hosts: 127.0.0.1    008k.com
O1 - Hosts: 127.0.0.1    www.00hq.com
O1 - Hosts: 127.0.0.1    00hq.com
O1 - Hosts: 127.0.0.1    010402.com
O1 - Hosts: 127.0.0.1    www.032439.com
O1 - Hosts: 127.0.0.1    032439.com
O1 - Hosts: 127.0.0.1    www.0scan.com
O1 - Hosts: 127.0.0.1    0scan.com
O1 - Hosts: 127.0.0.1    www.1000gratisproben.com
O1 - Hosts: 127.0.0.1    1000gratisproben.com
O1 - Hosts: 127.0.0.1    www.1001namen.com
O1 - Hosts: 127.0.0.1    1001namen.com
O1 - Hosts: 127.0.0.1    www.100888290cs.com
O1 - Hosts: 127.0.0.1    100888290cs.com
O1 - Hosts: 127.0.0.1    www.100sexlinks.com
O1 - Hosts: 127.0.0.1    100sexlinks.com
O1 - Hosts: 127.0.0.1    10sek.com
O1 - Hosts: 127.0.0.1    www.10sek.com
O1 - Hosts: 127.0.0.1    1-2005-search.com
O1 - Hosts: 127.0.0.1    www.1-2005-search.com
O1 - Hosts: 14799 more lines...
O2 - BHO: (Adobe PDF Link Helper) - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Programmer\Fælles filer\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
O2 - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Programmer\AVG\AVG10\avgssie.dll (AVG Technologies CZ, s.r.o.)
O2 - BHO: (AVG Security Toolbar BHO) - {A3BC75A2-1F87-4686-AA43-5347D756017C} - C:\Programmer\AVG\AVG10\Toolbar\IEToolbar.dll ()
O3 - HKLM\..\Toolbar: (no name) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - No CLSID value found.
O3 - HKLM\..\Toolbar: (AVG Security Toolbar) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - C:\Programmer\AVG\AVG10\Toolbar\IEToolbar.dll ()
O3 - HKU\S-1-5-21-790525478-515967899-725345543-1003\..\Toolbar\WebBrowser: (no name) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No CLSID value found.
O3 - HKU\S-1-5-21-790525478-515967899-725345543-1003\..\Toolbar\WebBrowser: (no name) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No CLSID value found.
O3 - HKU\S-1-5-21-790525478-515967899-725345543-1003\..\Toolbar\WebBrowser: (no name) - {BC04B34E-5DD8-465A-A5E0-86F7C11BC009} - No CLSID value found.
O3 - HKU\S-1-5-21-790525478-515967899-725345543-1003\..\Toolbar\WebBrowser: (no name) - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - No CLSID value found.
O3 - HKU\S-1-5-21-790525478-515967899-725345543-1003\..\Toolbar\WebBrowser: (AVG Security Toolbar) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - C:\Programmer\AVG\AVG10\Toolbar\IEToolbar.dll ()
O4 - HKLM..\Run: [AVG_TRAY] C:\Programmer\AVG\AVG10\avgtray.exe (AVG Technologies CZ, s.r.o.)
O4 - HKLM..\Run: [Lexmark X74-X75] C:\Programmer\Lexmark X74-X75\lxbbbmgr.exe (Lexmark International, Inc.)
O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [nwiz] C:\WINDOWS\System32\nwiz.exe (NVIDIA Corporation)
O4 - HKLM..\Run: [siService.exe] C:\Programmer\GIANT Company Software\Spam Inspector\siService.exe (GIANT Company Software, inc.)
O4 - HKLM..\Run: [zBrowser Launcher] C:\program files\Logitech\iTouch\iTouch.exe (Logitech Inc.)
O4 - HKU\.DEFAULT..\Run: [DWQueuedReporting] c:\Programmer\Fælles filer\Microsoft Shared\DW\DWTRIG20.EXE (Microsoft Corporation)
O4 - HKU\S-1-5-18..\Run: [DWQueuedReporting] c:\Programmer\Fælles filer\Microsoft Shared\DW\DWTRIG20.EXE (Microsoft Corporation)
O4 - HKU\S-1-5-21-790525478-515967899-725345543-1003..\Run: [DellSupport] C:\Programmer\Dell Support\DSAgnt.exe (Gteko Ltd.)
O4 - HKU\S-1-5-21-790525478-515967899-725345543-1003..\Run: [NvMediaCenter] C:\WINDOWS\System32\NVMCTRAY.DLL (NVIDIA Corporation)
O4 - HKLM..\RunOnce: [Malwarebytes' Anti-Malware] C:\Programmer\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
O4 - Startup: C:\Documents and Settings\All Users\Menuen Start\Programmer\Start\Digimax Viewer 2.1 (2).lnk = C:\Programmer\Samsung\Digimax Viewer 2.1\STImgBrowser.exe (STOIK Imaging (www.stoik.com))
O4 - Startup: C:\Documents and Settings\All Users\Menuen Start\Programmer\Start\Digimax Viewer 2.1.lnk = C:\Programmer\Samsung\Digimax Viewer 2.1\STImgBrowser.exe (STOIK Imaging (www.stoik.com))
O4 - Startup: C:\Documents and Settings\All Users\Menuen Start\Programmer\Start\McAfee Security Scan Plus.lnk = C:\Programmer\McAfee Security Scan\2.0.181\SSScheduler.exe (McAfee, Inc.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: CDRAutoRun = 0
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: CDRAutoRun = 0
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-790525478-515967899-725345543-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\WINDOWS\System32\GPhotos.scr (Google Inc.)
O8 - Extra context menu item: Google Sidewiki... - C:\Programmer\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_D183CA64F05FDD98.dll (Google Inc.)
O9 - Extra Button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - Reg Error: Value error. File not found
O9 - Extra 'Tools' menuitem : Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - Reg Error: Value error. File not found
O12 - Plugin for: .mov - C:\Programmer\Internet Explorer\PLUGINS\npqtplugin.dll (Apple Computer, Inc.)
O12 - Plugin for: .mpeg - C:\Programmer\Internet Explorer\PLUGINS\npqtplugin3.dll (Apple Computer, Inc.)
O12 - Plugin for: .tif - C:\Programmer\Internet Explorer\PLUGINS\npqtplugin5.dll (Apple Computer, Inc.)
O15 - HKU\S-1-5-21-790525478-515967899-725345543-1003\..Trusted Domains:  ([]msn in My Computer)
O16 - DPF: {07D09E9E-C667-45DD-B035-217BC2A61A3B} https://www.basisbank.dk/package/sdc/external/activex/ActiveXSikkerhedssoftware-prod-1.30.cab (Reg Error: Key error.)
O16 - DPF: {11818680-FCF6-11D0-9808-0800092A4865} http://www.kps.dk/Codebase/FormCtl.cab (Reg Error: Key error.)
O16 - DPF: {1469FF24-47F6-11D2-8805-006008C537E3} http://www.kps.dk/codebase/ffmail.cab (Reg Error: Key error.)
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} http://download.macromedia.com/pub/shockwave/cabs/director/sw.cab (Shockwave ActiveX Control)
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} http://download.microsoft.com/download/5/b/0/5b0d4654-aa20-495c-b89f-c1c34c691085/LegitCheckControl.cab (Windows Genuine Advantage Validation Tool)
O16 - DPF: {22492231-AEF0-49FC-9180-CE8969AB1273} http://download.sp.f-secure.com/ols/f-secure-rtm/resources/fslauncher.cab (Reg Error: Key error.)
O16 - DPF: {5ED80217-570B-4DA9-BF44-BE107C0EC166} http://cdn.scan.onecare.live.com/resource/download/scanner/wlscbase6886.cab (Windows Live Safety Center Base Module)
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1127924061312 (MUWebControl Class)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab (Java Plug-in 1.6.0_23)
O16 - DPF: {92EB6641-286A-11D2-A68E-00A0C996A6DD} http://www.kps.dk/codebase/jfsignature.cab (Reg Error: Key error.)
O16 - DPF: {AD90E8D1-3B47-11D2-A696-00A0C996A6DD} http://www.kps.dk/codebase/jfcrypto.cab (Reg Error: Key error.)
O16 - DPF: {B9F79165-A264-4C4A-A211-133A5E8D647F} http://support.f-secure.com/enu/home/onlineservices/fshc/fscax.cab (F-Secure Health Check 1.1)
O16 - DPF: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab (Java Plug-in 1.6.0_23)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab (Java Plug-in 1.6.0_23)
O16 - DPF: {CDDCFBB3-4D93-11D2-B1A9-00A0C9B742BE} http://www.kps.dk/codebase/scriptobject.cab (Reg Error: Key error.)
O16 - DPF: {D8575CE3-3432-4540-88A9-85A1325D3375} https://netbank.danskebank.dk/html/activex/e-Safekey/DB/e-Safekey.cab (e-Safekey)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)
O16 - DPF: {EF2FB80F-0975-408E-A871-B00CC863478A} http://www.kps.dk/codebase/fontinstaller.cab (Reg Error: Key error.)
O16 - DPF: Garmin Communicator Plug-In https://static.garmincdn.com/gcp/ie/2.9.3.0/GarminAxControl.CAB (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 62.61.130.1 62.61.131.1
O18 - Protocol\Handler\avgsecuritytoolbar {F2DDE6B2-9684-4A55-86D4-E255E237B77C} - C:\Programmer\AVG\AVG10\Toolbar\IEToolbar.dll ()
O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programmer\Fælles filer\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programmer\Fælles filer\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programmer\Fælles filer\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programmer\Fælles filer\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programmer\Fælles filer\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Programmer\AVG\AVG10\avgpp.dll (AVG Technologies CZ, s.r.o.)
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programmer\Fælles filer\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programmer\Fælles filer\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ms-itss {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Programmer\Fælles filer\Microsoft Shared\Information Retrieval\MSITSS.DLL (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Programmer\Fælles filer\Skype\Skype4COM.dll (Skype Technologies)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O21 - SSODL: CDBurn - {fbeb8a05-beee-4442-804e-409d6c4515e9} - CLSID or File not found.
O24 - Desktop Components:0 (Min aktuelle startside) - About:Home
O24 - Desktop WallPaper: C:\Documents and Settings\Elsebet Rasmussen\Lokale indstillinger\Application Data\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\Elsebet Rasmussen\Lokale indstillinger\Application Data\Microsoft\Wallpaper1.bmp
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *) -  File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

NetSvcs: 6to4 -  File not found
NetSvcs: Ias -  File not found
NetSvcs: Iprip -  File not found
NetSvcs: Irmon -  File not found
NetSvcs: NWCWorkstation -  File not found
NetSvcs: Nwsapagent -  File not found
NetSvcs: WmdmPmSp -  File not found
NetSvcs: Ip6FwHlp -  File not found
NetSvcs: SSHNAS -  File not found

Drivers32: msacm.iac2 - C:\WINDOWS\system32\iac25_32.ax (Intel Corporation)
Drivers32: msacm.l3acm - C:\WINDOWS\system32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.sl_anet - C:\WINDOWS\System32\sl_anet.acm (Sipro Lab Telecom Inc.)
Drivers32: msacm.trspch - C:\WINDOWS\System32\tssoft32.acm (DSP GROUP, INC.)
Drivers32: MSVideo - C:\WINDOWS\System32\vfwwdm32.dll (Microsoft Corporation)
Drivers32: MSVideo8 - C:\WINDOWS\System32\vfwwdm32.dll (Microsoft Corporation)
Drivers32: vidc.cvid - C:\WINDOWS\System32\iccvid.dll (Radius Inc.)
Drivers32: VIDC.I420 - C:\WINDOWS\System32\lvcodec2.dll (Logitech Inc.)
Drivers32: vidc.iv31 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv32 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv41 - C:\WINDOWS\System32\ir41_32.ax (Intel Corporation)
Drivers32: vidc.iv50 - C:\WINDOWS\System32\ir50_32.dll (Intel Corporation)
Drivers32: wave - C:\WINDOWS\System32\serwvdrv.dll (Microsoft Corporation)

MsConfig - StartUpReg: swg - hkey= - key= - C:\Programmer\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (Google Inc.)
MsConfig - State: "system.ini" - 0
MsConfig - State: "win.ini" - 0
MsConfig - State: "bootini" - 0
MsConfig - State: "services" - 0
MsConfig - State: "startup" - 0

SafeBootMin: Base - Driver Group
SafeBootMin: Boot Bus Extender - Driver Group
SafeBootMin: Boot file system - Driver Group
SafeBootMin: File system - Driver Group
SafeBootMin: Filter - Driver Group
SafeBootMin: PCI Configuration - Driver Group
SafeBootMin: PNP Filter - Driver Group
SafeBootMin: Primary disk - Driver Group
SafeBootMin: SCSI Class - Driver Group
SafeBootMin: sermouse.sys -  File not found
SafeBootMin: System Bus Extender - Driver Group
SafeBootMin: vds - Service
SafeBootMin: vga.sys - Driver
SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootMin: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices

SafeBootNet: Base - Driver Group
SafeBootNet: Boot Bus Extender - Driver Group
SafeBootNet: Boot file system - Driver Group
SafeBootNet: File system - Driver Group
SafeBootNet: Filter - Driver Group
SafeBootNet: NDIS Wrapper - Driver Group
SafeBootNet: NetBIOSGroup - Driver Group
SafeBootNet: NetDDEGroup - Driver Group
SafeBootNet: Network - Driver Group
SafeBootNet: NetworkProvider - Driver Group
SafeBootNet: PCI Configuration - Driver Group
SafeBootNet: PNP Filter - Driver Group
SafeBootNet: PNP_TDI - Driver Group
SafeBootNet: Primary disk - Driver Group
SafeBootNet: SCSI Class - Driver Group
SafeBootNet: sermouse.sys -  File not found
SafeBootNet: Streams Drivers - Driver Group
SafeBootNet: System Bus Extender - Driver Group
SafeBootNet: TDI - Driver Group
SafeBootNet: UploadMgr - Service
SafeBootNet: vga.sys - Driver
SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net
SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient
SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService
SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans
SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices

ActiveX: {057997dd-71e4-43cc-b161-3f8180691a9e} - Q824145
ActiveX: {08B0E5C0-4FCB-11CF-AAA5-00401C608500} - Java (Sun)
ActiveX: {0fde1f56-0d59-4fd7-9624-e3df6b419d0f} - IEEX
ActiveX: {10072CEC-8CC1-11D1-986E-00A0C955B42F} - Gengivelse af vektorgrafik (VML)
ActiveX: {2179C5D3-EBFF-11CF-B6FD-00AA00B4E220} - NetShow
ActiveX: {2298d453-bcae-4519-bf33-1cbf3faf1524} - Q867801
ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 6.4
ActiveX: {283807B5-2C60-11D0-A31D-00AA00B92C03} - DirectAnimation
ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
ActiveX: {2cc9d512-6db6-4f1c-8979-9a41fae88de0} - Q837009
ActiveX: {36f8ec70-c29a-11d1-b5c7-0000f8051515} - Dynamic HTML-databinding til Java
ActiveX: {377483c2-e4b4-4ee8-b577-9aed264c8735} - Q822925
ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
ActiveX: {3bf42070-b3b1-11d1-b5c5-0000f8051515} - Uniscribe
ActiveX: {3e7bb08a-a7a3-4692-8eac-ac5e7895755b} - KB834707
ActiveX: {4278c270-a269-11d1-b5bf-0000f8051515} - Avanceret redigering
ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Outlook Express\setup50.exe" /APP:OE /CALLER:WINNT /user /install
ActiveX: {44BBA842-CC51-11CF-AAFA-00AA00B6015B} - rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msnetmtg.inf,NetMtg.Install.PerUser.NT
ActiveX: {44BBA848-CC51-11CF-AAFA-00AA00B6015C} - DirectShow
ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015C} - Microsoft DirectX
ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
ActiveX: {4f216970-c90c-11d1-b5c7-0000f8051515} - Java-klasser til DirectAnimation
ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.8
ActiveX: {5945c046-1e7d-11d1-bc44-00c04fd912be} - rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msmsgs.inf,BLC.QuietInstall.PerUser
ActiveX: {5A8D6EE0-3E18-11D0-821E-444553540000} - ICW
ActiveX: {5CA109D3-A084-47E8-A9CB-D497322E3F50} - MSN Toolbar 3.0 & Silverlight 2.0
ActiveX: {5f3c70b3-ac2f-432c-8f9c-1624df61f54f} - Microsoft Data Access Components KB870669
ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
ActiveX: {7131646D-CD3C-40F4-97B9-CD9E4E6262EF} - .NET Framework
ActiveX: {73FA19D0-2D75-11D2-995D-00C04F98BBC9} - Web Folders
ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - "%ProgramFiles%\Outlook Express\setup50.exe" /APP:WAB /CALLER:WINNT /user /install
ActiveX: {795d0712-722c-43ec-906a-fc5e678eada9} - Q831167
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\WINDOWS\system32\ie4uinit.exe -BaseSettings
ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - c:\WINDOWS\system32\Rundll32.exe c:\WINDOWS\system32\mscories.dll,Install
ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
ActiveX: {96543d59-497a-4801-a1f3-5936aacaf7b1} - Q828750
ActiveX: {abcdf74f-9a64-4e6e-b8eb-6e5a41de6550} -
ActiveX: {B508B3F1-A24A-32C0-B310-85786919EF28} - .NET Framework
ActiveX: {C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F} - .NET Framework
ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
ActiveX: {CC2A9BA0-3BDD-11D0-821E-444553540000} - Opgavestyring
ActiveX: {CDD7975E-60F8-41d5-8149-19E51D6F71D0} - Windows Movie Maker v2.1
ActiveX: {D27CDB6E-AE6D-11cf-96B8-444553540000} - Adobe Flash Player
ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
ActiveX: {eddbec60-89cb-44ef-8291-0850fd28ff6a} - Q832894
ActiveX: {F11806F4-0CF2-4CA6-AD7A-8E96F059B824} - .NET Framework
ActiveX: {f5173cf0-1dfb-4978-8e50-a90169ee7ca9} - Q823353
ActiveX: {F5776D81-AE53-4935-8E84-B0B283D8BCEF} - Q330994
ActiveX: <{12d0ed0d-0ee0-4f90-8827-78cefb8f4988} - C:\WINDOWS\system32\ieudinit.exe
ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - C:\WINDOWS\inf\unregmp2.exe /ShowWMP
ActiveX: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\WINDOWS\system32\ie4uinit.exe -UserIconConfig
ActiveX: >{7cdc2e02-155c-4b0a-b59f-586b19fbed40} - RunDLL32 IEDKCS32.DLL,BrandIE4 SIGNUP
ActiveX: >{881dd1c5-3dcf-431b-b061-f3f88e8be88a} - %systemroot%\system32\shmgrate.exe OCInstallUserConfigOE

CREATERESTOREPOINT
Restore point Set: OTL Restore Point (32664708049797120)

========== Files/Folders - Created Within 30 Days ==========

[2011-04-07 13:14:29 | 000,580,608 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Elsebet Rasmussen\Skrivebord\OTL.exe
[2011-04-07 12:59:51 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2011-04-07 12:59:51 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menuen Start\Programmer\Malwarebytes' Anti-Malware
[2011-04-07 12:59:35 | 000,020,952 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2011-04-07 12:58:16 | 007,734,208 | ---- | C] (Malwarebytes Corporation                                    ) -- C:\Documents and Settings\Elsebet Rasmussen\Skrivebord\mbam-setup-1.50.1.1100.exe
[2011-04-07 10:36:14 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\Elsebet Rasmussen\Recent
[2011-04-07 05:07:01 | 000,000,000 | ---D | C] -- C:\Programmer\NOS
[2011-04-07 05:07:01 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\NOS
[2011-04-07 05:07:01 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menuen Start\Programmer\McAfee Security Scan Plus
[2011-04-07 05:07:00 | 000,000,000 | ---D | C] -- C:\Programmer\McAfee Security Scan
[2011-04-07 05:07:00 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\McAfee Security Scan
[2011-03-29 16:47:56 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Elsebet Rasmussen\.oces2
[2011-03-09 12:54:52 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NetworkService\Application Data\McAfee
[8 C:\WINDOWS\System32\dllcache\*.tmp files -> C:\WINDOWS\System32\dllcache\*.tmp -> ]
[6 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[3 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[1 C:\Documents and Settings\All Users\Application Data\*.tmp files -> C:\Documents and Settings\All Users\Application Data\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2011-04-07 13:14:29 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Elsebet Rasmussen\Skrivebord\OTL.exe
[2011-04-07 12:59:52 | 000,000,763 | ---- | M] () -- C:\Documents and Settings\All Users\Skrivebord\Malwarebytes' Anti-Malware.lnk
[2011-04-07 12:58:25 | 007,734,208 | ---- | M] (Malwarebytes Corporation                                    ) -- C:\Documents and Settings\Elsebet Rasmussen\Skrivebord\mbam-setup-1.50.1.1100.exe
[2011-04-07 12:36:56 | 000,000,841 | ---- | M] () -- C:\WINDOWS\LEXSTAT.INI
[2011-04-07 11:21:31 | 000,625,664 | ---- | M] () -- C:\Documents and Settings\Elsebet Rasmussen\Skrivebord\dds.pif
[2011-04-07 11:20:02 | 000,625,664 | ---- | M] () -- C:\Documents and Settings\Elsebet Rasmussen\Skrivebord\dds.scr
[2011-04-07 10:37:23 | 000,030,848 | ---- | M] () -- C:\Documents and Settings\Elsebet Rasmussen\Skrivebord\cc_20110407_103719.reg
[2011-04-07 10:22:05 | 000,000,739 | ---- | M] () -- C:\WINDOWS\STImgBrowser.INI
[2011-04-07 10:16:30 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2011-04-07 10:14:53 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2011-04-07 10:14:52 | 535,891,968 | -HS- | M] () -- C:\hiberfil.sys
[2011-04-07 10:14:13 | 000,000,000 | ---- | M] () -- C:\WINDOWS\System32\drivers\lvuvc.hs
[2011-04-07 02:18:56 | 000,001,324 | ---- | M] () -- C:\WINDOWS\System32\d3d9caps.dat
[2011-04-06 22:48:09 | 000,001,585 | ---- | M] () -- C:\Documents and Settings\All Users\Menuen Start\Programmer\Start\McAfee Security Scan Plus.lnk
[2011-04-06 22:48:08 | 000,001,593 | ---- | M] () -- C:\Documents and Settings\All Users\Skrivebord\McAfee Security Scan Plus.lnk
[2011-04-06 18:33:54 | 111,798,862 | ---- | M] () -- C:\WINDOWS\System32\drivers\AVG\incavi.avm
[2011-04-04 09:47:38 | 000,000,249 | ---- | M] () -- C:\Documents and Settings\Elsebet Rasmussen\Skrivebord\Google.url
[2011-03-27 06:26:09 | 000,488,616 | ---- | M] () -- C:\WINDOWS\System32\perfh006.dat
[2011-03-27 06:26:09 | 000,470,484 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2011-03-27 06:26:09 | 000,090,482 | ---- | M] () -- C:\WINDOWS\System32\perfc006.dat
[2011-03-27 06:26:09 | 000,077,348 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2011-03-24 12:54:28 | 000,001,714 | ---- | M] () -- C:\Documents and Settings\All Users\Skrivebord\Adobe Reader 9.lnk
[8 C:\WINDOWS\System32\dllcache\*.tmp files -> C:\WINDOWS\System32\dllcache\*.tmp -> ]
[6 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[3 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[1 C:\Documents and Settings\All Users\Application Data\*.tmp files -> C:\Documents and Settings\All Users\Application Data\*.tmp -> ]

========== Files Created - No Company Name ==========

[2011-04-07 12:59:52 | 000,000,763 | ---- | C] () -- C:\Documents and Settings\All Users\Skrivebord\Malwarebytes' Anti-Malware.lnk
[2011-04-07 11:21:30 | 000,625,664 | ---- | C] () -- C:\Documents and Settings\Elsebet Rasmussen\Skrivebord\dds.pif
[2011-04-07 11:19:39 | 000,625,664 | ---- | C] () -- C:\Documents and Settings\Elsebet Rasmussen\Skrivebord\dds.scr
[2011-04-07 10:37:21 | 000,030,848 | ---- | C] () -- C:\Documents and Settings\Elsebet Rasmussen\Skrivebord\cc_20110407_103719.reg
[2011-04-07 05:18:19 | 535,891,968 | -HS- | C] () -- C:\hiberfil.sys
[2011-04-06 22:48:09 | 000,001,585 | ---- | C] () -- C:\Documents and Settings\All Users\Menuen Start\Programmer\Start\McAfee Security Scan Plus.lnk
[2011-04-06 22:48:08 | 000,001,593 | ---- | C] () -- C:\Documents and Settings\All Users\Skrivebord\McAfee Security Scan Plus.lnk
[2010-10-21 23:49:28 | 000,284,304 | ---- | C] () -- C:\Documents and Settings\LocalService\Lokale indstillinger\Application Data\FontCache3.0.0.0.dat
[2010-07-27 22:46:25 | 000,007,168 | ---- | C] () -- C:\WINDOWS\System32\drivers\StarOpen.sys
[2009-11-05 10:34:58 | 000,000,056 | -H-- | C] () -- C:\WINDOWS\System32\ezsidmv.dat
[2009-08-05 08:14:45 | 000,001,324 | ---- | C] () -- C:\WINDOWS\System32\d3d9caps.dat
[2009-08-03 15:07:42 | 000,403,816 | ---- | C] () -- C:\WINDOWS\System32\OGACheckControl.dll
[2009-08-03 15:07:42 | 000,230,768 | ---- | C] () -- C:\WINDOWS\System32\OGAEXEC.exe
[2007-07-18 17:42:42 | 000,025,624 | ---- | C] () -- C:\WINDOWS\System32\drivers\LVPr2Mon.sys
[2006-05-28 21:08:43 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\Elsebet Rasmussen\Application Data\dm.ini
[2006-01-27 00:16:15 | 000,026,958 | ---- | C] () -- C:\Programmer\MovieLand Terms.html
[2006-01-19 12:59:51 | 000,000,112 | ---- | C] () -- C:\WINDOWS\ActiveSkin.INI
[2005-12-07 13:10:13 | 000,118,784 | R--- | C] () -- C:\WINDOWS\bwUnin-7.2.0.157-8876480SL.exe
[2005-11-09 13:22:59 | 000,058,163 | ---- | C] () -- C:\WINDOWS\System32\lvcoinst.ini
[2005-11-09 10:58:33 | 000,000,719 | R--- | C] () -- C:\WINDOWS\System32\InstExec.ini
[2005-11-09 10:56:36 | 000,118,784 | R--- | C] () -- C:\WINDOWS\bwUnin-7.2.0.137-8876480SL.exe
[2005-09-28 17:40:55 | 000,000,202 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini
[2005-09-28 09:49:23 | 000,053,248 | R--- | C] () -- C:\WINDOWS\System32\InstMed.exe
[2005-09-28 09:48:57 | 001,317,152 | ---- | C] () -- C:\WINDOWS\System32\drivers\lvcm.sys
[2005-09-01 14:11:52 | 000,016,768 | ---- | C] () -- C:\WINDOWS\System32\drivers\LVPrcMon.sys
[2005-02-04 15:36:19 | 000,000,739 | ---- | C] () -- C:\WINDOWS\STImgBrowser.INI
[2004-10-17 10:32:34 | 000,004,569 | ---- | C] () -- C:\WINDOWS\System32\secupd.dat
[2004-09-01 22:15:06 | 000,003,437 | ---- | C] () -- C:\WINDOWS\wininit.ini
[2004-09-01 22:15:02 | 000,000,045 | ---- | C] () -- C:\WINDOWS\EDHDGNPL.ini
[2004-01-30 08:28:01 | 000,000,033 | ---- | C] () -- C:\WINDOWS\LVMMail.INI
[2003-12-22 23:57:04 | 000,000,000 | ---- | C] () -- C:\WINDOWS\frontpg.ini
[2003-12-22 23:55:43 | 000,012,127 | ---- | C] () -- C:\WINDOWS\System32\ftpctrs.ini
[2003-12-22 23:55:39 | 000,059,321 | ---- | C] () -- C:\WINDOWS\System32\w3ctrs.ini
[2003-12-22 23:55:38 | 000,015,010 | ---- | C] () -- C:\WINDOWS\System32\axperf.ini
[2003-12-22 23:55:27 | 000,017,713 | ---- | C] () -- C:\WINDOWS\System32\infoctrs.ini
[2003-12-22 23:45:41 | 000,363,520 | ---- | C] () -- C:\WINDOWS\System32\psisdecd.dll
[2003-12-20 19:20:56 | 000,030,208 | ---- | C] () -- C:\Documents and Settings\Elsebet Rasmussen\Lokale indstillinger\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2003-12-18 11:29:27 | 000,036,864 | R--- | C] () -- C:\WINDOWS\System32\AthUnIns.exe
[2003-10-06 15:16:00 | 000,027,136 | ---- | C] () -- C:\WINDOWS\System32\nvcod.dll
[2003-08-20 20:49:41 | 000,001,804 | ---- | C] () -- C:\WINDOWS\System32\dcache.bin
[2003-07-23 01:18:16 | 000,000,122 | ---- | C] () -- C:\WINDOWS\mdm.ini
[2003-06-21 13:05:03 | 000,000,724 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2003-06-21 12:42:06 | 000,004,161 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2003-06-21 12:41:16 | 000,154,768 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2003-06-21 12:29:23 | 000,000,841 | ---- | C] () -- C:\WINDOWS\LEXSTAT.INI
[2003-06-21 12:23:45 | 000,033,708 | ---- | C] () -- C:\WINDOWS\System32\drivers\WLANGEN.bin
[2003-06-21 12:23:45 | 000,000,964 | ---- | C] () -- C:\WINDOWS\System32\drivers\RADIO11.BIN
[2003-06-21 12:23:45 | 000,000,964 | ---- | C] () -- C:\WINDOWS\System32\drivers\AIRPLUS.BIN
[2003-06-21 12:23:45 | 000,000,920 | ---- | C] () -- C:\WINDOWS\System32\drivers\RADIO0d.BIN
[2003-06-21 11:57:02 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2003-06-21 11:52:27 | 000,021,644 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat
[2003-05-16 05:30:30 | 000,065,536 | ---- | C] () -- C:\WINDOWS\System32\MSRTEDIT.DLL
[2003-02-26 16:47:14 | 000,147,456 | ---- | C] () -- C:\WINDOWS\System32\MimicICM.dll
[2002-10-14 22:39:18 | 000,000,184 | ---- | C] () -- C:\WINDOWS\System32\lxbbcoin.ini
[2001-10-09 14:00:00 | 013,107,200 | ---- | C] () -- C:\WINDOWS\System32\oembios.bin
[2001-10-09 14:00:00 | 000,673,088 | ---- | C] () -- C:\WINDOWS\System32\mlang.dat
[2001-10-09 14:00:00 | 000,488,616 | ---- | C] () -- C:\WINDOWS\System32\perfh006.dat
[2001-10-09 14:00:00 | 000,470,484 | ---- | C] () -- C:\WINDOWS\System32\perfh009.dat
[2001-10-09 14:00:00 | 000,284,912 | ---- | C] () -- C:\WINDOWS\System32\perfi006.dat
[2001-10-09 14:00:00 | 000,272,128 | ---- | C] () -- C:\WINDOWS\System32\perfi009.dat
[2001-10-09 14:00:00 | 000,218,003 | ---- | C] () -- C:\WINDOWS\System32\dssec.dat
[2001-10-09 14:00:00 | 000,090,482 | ---- | C] () -- C:\WINDOWS\System32\perfc006.dat
[2001-10-09 14:00:00 | 000,077,348 | ---- | C] () -- C:\WINDOWS\System32\perfc009.dat
[2001-10-09 14:00:00 | 000,046,258 | ---- | C] () -- C:\WINDOWS\System32\mib.bin
[2001-10-09 14:00:00 | 000,034,026 | ---- | C] () -- C:\WINDOWS\System32\perfd006.dat
[2001-10-09 14:00:00 | 000,028,626 | ---- | C] () -- C:\WINDOWS\System32\perfd009.dat
[2001-10-09 14:00:00 | 000,004,463 | ---- | C] () -- C:\WINDOWS\System32\oembios.dat
[2001-10-09 14:00:00 | 000,000,741 | ---- | C] () -- C:\WINDOWS\System32\noise.dat
[1999-01-27 14:39:06 | 000,065,024 | ---- | C] () -- C:\WINDOWS\System32\indounin.dll
[1997-06-13 08:56:08 | 000,056,832 | ---- | C] () -- C:\WINDOWS\System32\Iyvu9_32.dll

========== LOP Check ==========

[2010-12-19 14:41:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\AVG Security Toolbar
[2011-04-07 09:54:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\AVG10
[2010-11-30 20:31:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\avg9
[2003-06-21 12:31:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\BVRP Software
[2010-07-27 22:48:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Canneverbe Limited
[2010-11-30 20:50:24 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\Common Files
[2003-12-21 14:49:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\e-Safekey
[2010-10-09 14:26:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\F-Secure
[2010-11-30 20:24:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\MFAData
[2010-12-10 11:17:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\PCDr
[2010-12-04 08:21:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\TEMP
[2003-12-20 14:18:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Elsebet Rasmussen\Application Data\AntiSpamFilter
[2010-12-01 10:47:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Elsebet Rasmussen\Application Data\AVG10
[2011-02-19 13:27:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Elsebet Rasmussen\Application Data\DriverFinder
[2011-04-04 09:22:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Elsebet Rasmussen\Application Data\PriceGong
[2007-06-28 18:39:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Elsebet Rasmussen\Application Data\SecondLife
[2004-09-26 07:44:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Gæst\Application Data\AntiSpamFilter
[2011-03-15 21:27:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Gæst\Application Data\AVG10
[2010-10-09 08:29:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Gæst\Application Data\PriceGong
[2003-12-20 16:52:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jens Rasmussen\Application Data\AntiSpamFilter
[2010-12-04 08:21:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jens Rasmussen\Application Data\AVG
[2010-11-30 20:54:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jens Rasmussen\Application Data\AVG10
[2010-08-21 16:39:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jens Rasmussen\Application Data\AVG9
[2010-07-27 22:51:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jens Rasmussen\Application Data\Canneverbe Limited
[2010-10-23 13:57:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jens Rasmussen\Application Data\DeviceDoctorSoftware
[2011-02-25 23:34:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jens Rasmussen\Application Data\DriverFinder
[2010-05-24 10:48:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jens Rasmussen\Application Data\GARMIN
[2010-12-04 07:41:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jens Rasmussen\Application Data\GetRightToGo
[2010-12-10 09:51:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jens Rasmussen\Application Data\PCDr
[2011-04-01 19:20:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jens Rasmussen\Application Data\PriceGong
[2010-09-23 17:57:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jens Rasmussen\Application Data\Registry Mechanic
[2007-06-25 07:55:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jens Rasmussen\Application Data\SecondLife
[2010-05-17 15:37:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jens Rasmussen\Application Data\Uniblue
[2009-12-05 18:06:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jens Rasmussen\Application Data\Windows Live Writer
[2011-03-07 19:14:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jens Rasmussen\Application Data\wsInspector
[2010-12-10 09:57:51 | 000,000,552 | ---- | M] () -- C:\WINDOWS\Tasks\PCDoctorBackgroundMonitorTask.job
[2010-12-19 13:00:00 | 000,000,374 | ---- | M] () -- C:\WINDOWS\Tasks\PerfectOptimizer_Home.Job
[2010-12-18 16:04:03 | 000,000,410 | ---- | M] () -- C:\WINDOWS\Tasks\SystemToolsDailyTest.job
[2011-01-09 13:32:38 | 000,000,432 | -H-- | M] () -- C:\WINDOWS\Tasks\User_Feed_Synchronization-{DA084563-BAEF-4A28-BE00-F7B13C84962A}.job

========== Purity Check ==========



========== Custom Scans ==========



< MD5 for: EXPLORER.EXE  >
[2008-04-14 18:05:49 | 001,034,752 | ---- | M] (Microsoft Corporation) MD5=1D9BD1CAA1E4CF63370F201DF742DC7D -- C:\WINDOWS\explorer.exe
[2008-04-14 18:05:49 | 001,034,752 | ---- | M] (Microsoft Corporation) MD5=1D9BD1CAA1E4CF63370F201DF742DC7D -- C:\WINDOWS\ServicePackFiles\i386\explorer.exe
[2008-04-14 18:05:49 | 001,034,752 | ---- | M] (Microsoft Corporation) MD5=1D9BD1CAA1E4CF63370F201DF742DC7D -- C:\WINDOWS\system32\dllcache\explorer.exe
[2007-06-13 15:10:54 | 001,034,240 | ---- | M] (Microsoft Corporation) MD5=9D7A9E7F4A89AA43D108C4E4C153B561 -- C:\WINDOWS\$hf_mig$\KB938828\SP2QFE\explorer.exe
[2007-06-13 15:22:35 | 001,034,240 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\$NtServicePackUninstall$\explorer.exe

< MD5 for: SFC.DLL  >
[2008-04-14 18:05:31 | 000,005,120 | ---- | M] (Microsoft Corporation) MD5=2EE3F794D81AA928C689E1827EB4B88D -- C:\WINDOWS\ServicePackFiles\i386\sfc.dll
[2008-04-14 18:05:31 | 000,005,120 | ---- | M] (Microsoft Corporation) MD5=2EE3F794D81AA928C689E1827EB4B88D -- C:\WINDOWS\system32\sfc.dll
[2004-08-27 02:53:43 | 000,005,120 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\$NtServicePackUninstall$\sfc.dll

< MD5 for: SVCHOST.EXE  >
[2008-04-14 18:06:03 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=555F8F4CB284FE94059DCACF6074F9EC -- C:\WINDOWS\ServicePackFiles\i386\svchost.exe
[2008-04-14 18:06:03 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=555F8F4CB284FE94059DCACF6074F9EC -- C:\WINDOWS\system32\svchost.exe
[2004-08-27 02:53:54 | 000,014,336 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\$NtServicePackUninstall$\svchost.exe

< MD5 for: USERINIT.EXE  >
[2008-04-14 18:06:05 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=7B3770DB760FBBA068454EAFCAA89772 -- C:\WINDOWS\ServicePackFiles\i386\userinit.exe
[2008-04-14 18:06:05 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=7B3770DB760FBBA068454EAFCAA89772 -- C:\WINDOWS\system32\userinit.exe
[2004-08-27 02:53:54 | 000,024,576 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\$NtServicePackUninstall$\userinit.exe

< MD5 for: WINLOGON.EXE  >
[2008-04-14 18:06:06 | 000,507,904 | ---- | M] (Microsoft Corporation) MD5=E0339362391BF6AC04D1622EF8E3A61B -- C:\WINDOWS\ServicePackFiles\i386\winlogon.exe
[2008-04-14 18:06:06 | 000,507,904 | ---- | M] (Microsoft Corporation) MD5=E0339362391BF6AC04D1622EF8E3A61B -- C:\WINDOWS\system32\dllcache\winlogon.exe
[2008-04-14 18:06:06 | 000,507,904 | ---- | M] (Microsoft Corporation) MD5=E0339362391BF6AC04D1622EF8E3A61B -- C:\WINDOWS\system32\winlogon.exe
[2004-08-27 02:53:54 | 000,502,272 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\$NtServicePackUninstall$\winlogon.exe

< %SYSTEMDRIVE%\*.* >
[2007-07-11 23:16:19 | 000,000,049 | ---- | M] () -- C:\.keystore.reference
[2010-12-10 09:17:56 | 000,000,211 | RHS- | M] () -- C:\boot.ini
[2001-10-09 14:00:00 | 000,004,952 | RHS- | M] () -- C:\Bootfont.bin
[2003-06-21 11:54:59 | 000,000,000 | ---- | M] () -- C:\CONFIG.SYS
[2005-10-16 07:16:00 | 000,000,198 | ---- | M] () -- C:\CtDrvIns.log
[2009-11-11 09:44:56 | 000,004,478 | ---- | M] () -- C:\CybDefInstallInfo.log
[2010-01-03 00:58:13 | 000,176,908 | ---- | M] () -- C:\DebugLog.txt
[2009-10-28 09:37:14 | 000,018,760 | ---- | M] () -- C:\devicetable.log
[2003-08-18 19:46:38 | 000,001,075 | ---- | M] () -- C:\Fwd Removal tool til virus .txt
[2005-03-18 00:02:20 | 000,000,722 | ---- | M] () -- C:\Genvej til Dokumenter (Elsebet Rasmussen).lnk
[2011-04-07 10:14:52 | 535,891,968 | -HS- | M] () -- C:\hiberfil.sys
[2003-06-21 11:54:59 | 000,000,000 | RHS- | M] () -- C:\IO.SYS
[2005-09-28 10:25:26 | 000,000,000 | ---- | M] () -- C:\itouch_config_crash_info.txt
[2006-12-29 10:43:44 | 000,000,216 | ---- | M] () -- C:\itouch_crash_info.txt
[2010-01-02 15:58:30 | 000,001,854 | ---- | M] () -- C:\khalinstall.log
[2005-09-22 07:36:03 | 000,010,466 | ---- | M] () -- C:\LgDSetup.log
[2003-12-20 14:18:32 | 000,000,125 | ---- | M] () -- C:\License.txt
[2005-09-28 09:47:33 | 000,000,183 | ---- | M] () -- C:\LogiSetup.log
[2011-01-05 05:19:35 | 000,002,809 | ---- | M] () -- C:\LOTTE s BILLEDER.htm
[2004-07-17 23:26:28 | 003,980,888 | ---- | M] (Symantec Corporation                                        ) -- C:\lusetup.exe
[2003-06-21 11:54:59 | 000,000,000 | RHS- | M] () -- C:\MSDOS.SYS
[2004-10-19 07:50:03 | 000,047,564 | RHS- | M] () -- C:\NTDETECT.COM
[2008-10-15 06:51:37 | 000,250,576 | RHS- | M] () -- C:\ntldr
[2011-04-07 10:14:47 | 805,306,368 | -HS- | M] () -- C:\pagefile.sys
[2003-06-21 13:16:17 | 000,017,590 | ---- | M] () -- C:\PkgClnup.log
[2003-12-20 00:53:06 | 007,393,658 | ---- | M] (InstallShield Software Corporation) -- C:\spaminspector.exe
[2007-12-16 23:04:12 | 000,012,288 | -HS- | M] () -- C:\Thumbs.db
[2001-05-24 13:59:30 | 000,162,304 | ---- | M] () -- C:\UNWISE.EXE

< %systemroot%\system32\*.dll /lockedfiles >
[2008-04-14 18:05:27 | 001,384,479 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\WINDOWS\system32\msvbvm60.dll
[3 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ]

< %systemroot%\Tasks\*.job /lockedfiles >

< %systemroot%\system32\drivers\*.sys /lockedfiles >

< %systemroot%\*. /mp /s >

< %systemroot%\System32\config\*.sav  >
[2003-06-21 13:40:36 | 000,094,208 | ---- | M] () -- C:\WINDOWS\system32\config\default.sav
[2003-06-21 13:40:36 | 000,630,784 | ---- | M] () -- C:\WINDOWS\system32\config\software.sav
[2003-06-21 13:40:36 | 000,405,504 | ---- | M] () -- C:\WINDOWS\system32\config\system.sav

< HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU >

< HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install|LastSuccessTime /rs >
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install\\LastSuccessTime: 2011-03-24 18:06:55

========== Alternate Data Streams ==========

@Alternate Data Stream - 142 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:0B4227B4
@Alternate Data Stream - 104 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:D1B5B4F1

< End of report >

OTL Extras logfile created on: 07-04-2011 13:22:11 - Run 1
OTL by OldTimer - Version 3.2.22.3    Folder = C:\Documents and Settings\Elsebet Rasmussen\Skrivebord
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000406 | Country: Danmark | Language: DAN | Date Format: dd-MM-yyyy

511,00 Mb Total Physical Memory | 247,00 Mb Available Physical Memory | 48,00% Memory free
1,00 Gb Paging File | 1,00 Gb Available in Paging File | 69,00% Paging File free
Paging file location(s): C:\pagefile.sys 768 1536 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Programmer
Drive C: | 55,87 Gb Total Space | 31,00 Gb Free Space | 55,49% Space Free | Partition Type: NTFS

Computer Name: ELSEBET | User Name: Elsebet Rasmussen | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
exefile [open] -- "%1" %*
htmlfile [edit] -- "C:\Programmer\Microsoft Office\Office\msohtmed.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "C:\Programmer\Microsoft Office\Office\msohtmed.exe" /p %1 (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]

========== System Restore Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]
"Start" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]
"Start" = 2

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
"139:TCP" = 139:TCP:*:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:*:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:*:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:*:Enabled:@xpsp2res.dll,-22002
"1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DoNotAllowExceptions" = 1
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"139:TCP" = 139:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22002
"3389:TCP" = 3389:TCP:*:Disabled:@xpsp2res.dll,-22009
"1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Programmer\GIANT Company Software\Spam Inspector\siMailProxyServer.exe" = C:\Programmer\GIANT Company Software\Spam Inspector\siMailProxyServer.exe:*:Disabled:siMailProxyServer -- (GIANT Company Software inc.)
"C:\WINDOWS\system32\mmc.exe" = C:\WINDOWS\system32\mmc.exe:*:Disabled:Microsoft Management Console -- (Microsoft Corporation)
"C:\Programmer\AVG\AVG10\avgmfapx.exe" = C:\Programmer\AVG\AVG10\avgmfapx.exe:*:Enabled:AVG Installer -- (AVG Technologies CZ, s.r.o.)
"C:\Programmer\AVG\AVG10\avgdiagex.exe" = C:\Programmer\AVG\AVG10\avgdiagex.exe:*:Enabled:AVG Diagnostics 2011 -- (AVG Technologies CZ, s.r.o.)
"C:\Programmer\AVG\AVG10\avgnsx.exe" = C:\Programmer\AVG\AVG10\avgnsx.exe:*:Enabled:Online Shield -- (AVG Technologies CZ, s.r.o.)
"C:\Programmer\AVG\AVG10\avgemcx.exe" = C:\Programmer\AVG\AVG10\avgemcx.exe:*:Enabled:Personal E-mail Scanner -- (AVG Technologies CZ, s.r.o.)


========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{00010406-78E1-11D2-B60F-006097C998E7}" = Microsoft Office 2000 SR-1 Professional
"{0090A87C-3E0E-43D4-AA71-A71B06563A4A}" = Dell Support Center
"{036AA4D4-6D32-11D4-9875-00105ACE7734}" = Logitech iTouch-program
"{04E7A3BB-DB38-481C-A809-35FA60C78EDF}" = AVG 2011
"{0D499481-22C6-4B25-8AC2-6D3F6C885FB9}" = OpenOffice.org Installer 1.0
"{11F1920A-56A2-4642-B6E0-3B31A12C9288}" = Dell Solution Center
"{151C555A-A9E7-4A2E-B6D7-165D04A3C956}" = Dell Picture Studio - Dell Image Expert
"{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Overførselsværktøj til Windows Live
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
"{26A24AE4-039D-4CA4-87B4-2F83216011FF}" = Java(TM) 6 Update 23
"{2F3082BF-4A3B-45CA-805F-52DBBFD3C645}" = Windows Live Essentials
"{350C97C6-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{35725FBC-A136-4A46-9F29-091759D9BB93}" = MVision
"{364EC092-93CF-4DDC-9D7A-7278452028E0}" = Logitech QuickCam
"{4468EF97-A253-4699-9E1C-88CAE2C6832D}" = ABBYY FineReader 5.0 Sprint
"{45A2D49C-8124-4015-A8B3-073A827EC5C1}" = Windows Live Sync
"{45A66726-69BC-466B-A7A4-12FCBA4883D7}" = HiJackThis
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4D43D635-6FDA-4fa5-AA9B-23CF73D058EA}" = Nero StartSmart OEM
"{546C7D0B-1E12-4573-BCD0-F5B0D3C66A74}" = ArcSoft PhotoImpression 4
"{548EEA8E-8299-497F-8057-811D2D7097DC}" = Dell Support 3.1
"{56C049BE-79E9-4502-BEA7-9754A3E60F9B}" = neroxml
"{5809E7CF-4DCF-11D4-9875-00105ACE7734}" = Logitech MouseWare 9.79.1
"{63569CE9-FA00-469C-AF5C-E5D4D93ACF91}" = Windows Genuine Advantage v1.3.0254.0
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{7B426478-8C15-4003-9CFA-CF0EFF590A52}" = Spam Inspector
"{7E265513-8CDA-4631-B696-F40D983F3B07}_is1" = CDBurnerXP
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{899F4B8F-1A96-4414-AA25-E9954DEF0FB5}" = Windows Live Family Safety
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8A74E887-8F0F-4017-AF53-CBA42211AAA5}" = Microsoft Sync Framework Runtime Native v1.0 (x86)
"{900B1197-53F5-4F46-A882-2CFFFE2EEDCB}" = Logitech Desktop Messenger
"{90120000-0020-0409-0000-0000000FF1CE}" = Compatibility Pack for the 2007 Office system
"{901F0409-6000-11D3-8CFE-0050048383C9}" = Microsoft Office XP Proofing Tools
"{94B8F069-F223-4F48-BC88-7104CBA77F30}" = Windows Live Messenger
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9EE54C1F-FC99-44D6-916A-0CA2D45E740F}" = Digimax Viewer 2.1
"{A1F66FC9-11EE-4F2F-98C9-16F8D1E69FB7}" = Segoe UI
"{A276502A-8979-44FB-8090-90CF72F22ABC}" = AVG 2011
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{A790BEB1-BCCF-4EC6-807B-5708B36E8A79}" = Intel(R) PROSet
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AC76BA86-7AD7-1030-7B44-A94000000001}" = Adobe Reader 9.4.3 - Dansk
"{B2544A03-10D0-4E5E-BA69-0362FFC20D18}" = OGA Notifier 2.0.0048.0
"{B2EC4A38-B545-4A00-8214-13FE0E915E6D}" = Advertising Center
"{B5080CC6-15F5-49B1-8672-F2021FF771C0}" = Tilmeldingsassistent til Windows Live
"{B69349AE-2D41-3708-8BA4-4DC22645CA04}" = Microsoft .NET Framework 3.5 Language Pack SP1 - dan
"{BD64AF4A-8C80-4152-AD77-FCDDF05208AB}" = Microsoft Sync Framework Services Native v1.0 (x86)
"{BFD09E5B-6D40-4CAD-A349-103BFEF1C574}" = Windows Live Mail
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{CDC74FE6-5224-11D6-B27F-00E0181A6FA8}" = D-Link AirPlus
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D01653EF-9F9F-41D6-B879-654A6BF5892C}" = Digital Locker-assistent
"{D103C4BA-F905-437A-8049-DB24763BBE36}" = Skype™ 4.2
"{D24DB8B9-BB6C-4334-9619-BA1C650E13D3}" = Microsoft Primary Interoperability Assemblies 2005
"{D6DE02C7-1F47-11D4-9515-00105AE4B89A}" = Paint Shop Pro 7
"{D78653C3-A8FF-415F-92E6-D774E634FF2D}" = Dell ResourceCD
"{D7EC54D8-3D95-4F9D-A191-59C9BB7F5AC9}" = Windows Live Photo Gallery
"{DA713E41-886E-4E20-883F-62685E201DBC}" = ActiveX sikkerhedssoftware
"{E2883E8F-472F-4fb0-9522-AC9BF37916A7}" = Adobe Download Manager
"{E2DFE069-083E-4631-9B6C-43C48E991DE5}" = Junk Mail filter update
"{ED00D08A-3C5F-488D-93A0-A04F21F23956}" = Windows Live Communications Platform
"{F0A37341-D692-11D4-A984-009027EC0A9C}" = SoundMAX
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard
"{F45298E5-0083-426F-A668-1A2C5F04B8A0}" = FaxTools
"{F7ADEBA1-5621-4ED0-80F8-4386D844974C}" = Fremhævelsesvisning (Windows Live Toolbar)
"{FC0C6E54-BCD4-42C5-BEAA-4FFFEC499EE0}" = Windows Live Writer
"{FCE65C4E-B0E8-4FBD-AD16-EDCBE6CD591F}" = HighMAT-udvidelse til Guiden Cd-skrivning til Microsoft Windows XP
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Shockwave Player" = Adobe Shockwave Player 11.5
"AVG" = AVG 2011
"CCleaner" = CCleaner
"Dell Support Center" = Dell Support Center
"IDNMitigationAPIs" = Microsoft Internationalized Domain Names Mitigation APIs
"ie7" = Windows Internet Explorer 7
"ie8" = Windows Internet Explorer 8
"Lexmark X74-X75" = Lexmark X74-X75
"LiveUpdate" = LiveUpdate 2.0 (Symantec Corporation)
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"McAfee Security Scan" = McAfee Security Scan Plus
"Microsoft .NET Framework 3.5 Language Pack SP1 - dan" = Sprogpakke til Microsoft .NET Framework 3.5 SP1 - dansk
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"MSCompPackV1" = Microsoft Compression Client Pack 1.0 for Windows XP
"NLSDownlevelMapping" = Microsoft National Language Support Downlevel APIs
"NVIDIA Display Driver" = NVIDIA Display Driver
"Picasa 3" = Picasa 3
"PROSet" = Intel(R) PRO Network Connections Drivers
"QcDrv" = Logitech® Camera-driver
"QuickTime" = QuickTime
"SkillGround" = SkillGround Game Manager
"WebCyberCoach_wtrb" = WebCyberCoach 3.2 Dell
"WIC" = Windows Imaging Component
"Windows Live OneCare safety scanner" = Windows Live OneCare safety scanner
"Windows Media Format Runtime" = Windows Media Format 11 runtime
"Windows Media Player" = Windows Media Player 11
"Windows XP Service Pack" = Windows XP Service Pack 3
"WinLiveSuite_Wave3" = Windows Live Essentials
"WMFDist11" = Windows Media Format 11 runtime
"wmp11" = Windows Media Player 11
"Wudf01000" = Microsoft User-Mode Driver Framework Feature Pack 1.0
"XPSEPSCLP" = XML Paper Specification Shared Components Language Pack 1.0

========== Last 10 Event Log Errors ==========

[ Application Events ]
Error - 07-04-2011 03:35:18 | Computer Name = ELSEBET | Source = PerfNet | ID = 2004
Description = Servertjenesten kan ikke åbnes. Der bliver ikke returneret  serverydelsesdata.
Den returnerede fejlkode er i dataene DWORD 0.

Error - 07-04-2011 04:24:12 | Computer Name = ELSEBET | Source = PerfNet | ID = 2004
Description = Servertjenesten kan ikke åbnes. Der bliver ikke returneret  serverydelsesdata.
Den returnerede fejlkode er i dataene DWORD 0.

[ System Events ]
Error - 07-04-2011 00:59:07 | Computer Name = ELSEBET | Source = Service Control Manager | ID = 7011
Description = Timeout (30000 millisekunder) mens der ventedes på et transaktionssvar
fra tjenesten NVSvc.

Error - 07-04-2011 03:33:32 | Computer Name = ELSEBET | Source = DCOM | ID = 10005
Description = Fejlen "%1058" opstod på DCOM under forsøg på at starte tjenesten
IISADMIN med argumenterne ""  for at køre serveren:  {A9E69610-B80D-11D0-B9B9-00A0C922E750}

Error - 07-04-2011 03:34:15 | Computer Name = ELSEBET | Source = Service Control Manager | ID = 7022
Description = Tjenesten Windows-billedscanning hang ved start.

Error - 07-04-2011 03:51:01 | Computer Name = ELSEBET | Source = DCOM | ID = 10005
Description = Fejlen "%1058" opstod på DCOM under forsøg på at starte tjenesten
IISADMIN med argumenterne ""  for at køre serveren:  {A9E69610-B80D-11D0-B9B9-00A0C922E750}

Error - 07-04-2011 03:55:06 | Computer Name = ELSEBET | Source = DCOM | ID = 10005
Description = Fejlen "%1058" opstod på DCOM under forsøg på at starte tjenesten
IISADMIN med argumenterne ""  for at køre serveren:  {A9E69610-B80D-11D0-B9B9-00A0C922E750}

Error - 07-04-2011 04:02:12 | Computer Name = ELSEBET | Source = DCOM | ID = 10005
Description = Fejlen "%1058" opstod på DCOM under forsøg på at starte tjenesten
IISADMIN med argumenterne ""  for at køre serveren:  {A9E69610-B80D-11D0-B9B9-00A0C922E750}

Error - 07-04-2011 04:16:23 | Computer Name = ELSEBET | Source = DCOM | ID = 10005
Description = Fejlen "%1058" opstod på DCOM under forsøg på at starte tjenesten
IISADMIN med argumenterne ""  for at køre serveren:  {A9E69610-B80D-11D0-B9B9-00A0C922E750}

Error - 07-04-2011 04:19:22 | Computer Name = ELSEBET | Source = Service Control Manager | ID = 7022
Description = Tjenesten Windows-billedscanning hang ved start.

Error - 07-04-2011 04:20:01 | Computer Name = ELSEBET | Source = Service Control Manager | ID = 7011
Description = Timeout (30000 millisekunder) mens der ventedes på et transaktionssvar
fra tjenesten NVSvc.

Error - 07-04-2011 07:23:59 | Computer Name = ELSEBET | Source = DCOM | ID = 10005
Description = Fejlen "%1058" opstod på DCOM under forsøg på at starte tjenesten
IISADMIN med argumenterne ""  for at køre serveren:  {A9E69610-B80D-11D0-B9B9-00A0C922E750}


< End of report >

Hej F-arn.

Tak fordi du vil hjælpe - mon disse siger dig noget?

Spændt på at høre hvad jeg mon så stiller op..

VH Marianne

Afinstaller McAfee Security Scan Plus

------

Klik Start -> Kør -> Skriv: sfc /scannow - bemærk mellemrummet efter sfc -> Klik OK
Der kommer en bjælke så længe scanningen kører, og når den er færdig, forsvinder den igen, og du får ikke andre meldinger.
Indsæt din Windows CD, hvis den be'r om det.
Genstart computeren.

------

Hent og gem MiniToolBox af Farbar.

Start den og sæt flueben i følgende.

Flush DNS
List last 10 Event Wiewer Errors.

Klik så på GO. Den laver Result.txt, som du gerne må kopiere herind.

Genstart computeren.

------

Start OTL

Når vinduet vises, skal du under Output i toppen skifte til "Minimal Output".
Til venstre for det, sætter du flueben i "Scan All Users"

I boksen "Custom Scans/Fixes" kopierer du det fremhævede ind.


/md5start
explorer.exe
winlogon.exe
userinit.exe
svchost.exe
wininit.exe
sfc.dll
msvbvm60.dll
/md5stop
CREATERESTOREPOINT


Luk alle åbne vinduer og klik på "Run Scan" øverst til venstre og lad programmet køre. Scanningen kan tage 5-10 minutter.

Det vil lave OTL.txt. Kopier den herind.

----

Jeg vil gerne se:

1. Result.txt

2. Ny OTL.txt

Hej og mange tak.

Øhm...jeg kan ikke se at min far har en windows cd - der er vist kun en geninstalationscd - hvor der står at softwaren har været preinstalleret på pcen. Kan den bruges - der står at den kun er  til geninstallering af betjeningssystemet og ikke til geninstallering af programmer eller drivere.

Inden jeg nu starter dette - vil jeg være rigtig glad for at høre din koment hertil - da jeg ikke ander det. Og ikke vil ødelægge alt dette jeg nu skal til (og som jeg ikke har en dyt forstand på)

VH Marianne

1. Hent dette lille værktøj:

http://jpshortstuff.247fixes.com/SystemLook.exe
http://images.malwareremoval.com/jpshortstuff/SystemLook.exe (alternativ adresse)

2. Dobbeltklik på systemlook.exe - nu dukker der et lille vindue op, hvor du skal kopiere HELE indholdet med fed skrift ind:

:dir
%systemdrive%
:reg
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Setup

3. Klik på knappen Look. Programmet vil nu lede på din computer.

4. Når programmet er færdig med at lede, vil der dukke et notepad-vindue op, med en log fra SystemLook. Den skal du kopiere herind i forum i dit næste svar. Log'en kan også findes på dit Skrivebord med navnet: SystemLook.txt.

Det kom frem 1 sec. efter at jeg trykkede på Look - godt nok hurtigt..


SystemLook 04.09.10 by jpshortstuff
Log created at 18:36 on 07/04/2011 by Elsebet Rasmussen
Administrator - Elevation successful

========== dir ==========

C: - Parameters: "(none)"

---Files---
.keystore.reference    --a---- 49 bytes    [21:16 11/07/2007]    [21:16 11/07/2007]
boot.ini    -rahs-- 211 bytes    [11:40 21/06/2003]    [07:17 10/12/2010]
Bootfont.bin    -rahs-- 4952 bytes    [12:00 09/10/2001]    [12:00 09/10/2001]
CONFIG.SYS    --a---- 0 bytes    [09:54 21/06/2003]    [09:54 21/06/2003]
CtDrvIns.log    --a---- 198 bytes    [12:37 11/10/2005]    [05:16 16/10/2005]
CybDefInstallInfo.log    --a---- 4478 bytes    [07:44 11/11/2009]    [07:44 11/11/2009]
DebugLog.txt    --a---- 176908 bytes    [15:50 24/04/2005]    [22:58 02/01/2010]
devicetable.log    --a---- 18760 bytes    [06:10 31/12/2007]    [07:37 28/10/2009]
Fwd Removal tool til virus .txt    --a---- 1075 bytes    [17:46 18/08/2003]    [17:46 18/08/2003]
Genvej til Dokumenter (Elsebet Rasmussen).lnk    --a---- 722 bytes    [07:59 07/02/2005]    [22:02 17/03/2005]
hiberfil.sys    --ahs-- 535891968 bytes    [03:18 07/04/2011]    [08:14 07/04/2011]
IO.SYS    -rahs-- 0 bytes    [09:54 21/06/2003]    [09:54 21/06/2003]
itouch_config_crash_info.txt    --a---- 0 bytes    [08:25 28/09/2005]    [08:25 28/09/2005]
itouch_crash_info.txt    --a---- 216 bytes    [16:54 18/02/2005]    [08:43 29/12/2006]
khalinstall.log    --a---- 1854 bytes    [13:10 02/01/2010]    [13:58 02/01/2010]
LgDSetup.log    --a---- 10466 bytes    [09:32 18/12/2003]    [05:36 22/09/2005]
License.txt    --a---- 125 bytes    [12:18 20/12/2003]    [12:18 20/12/2003]
LogiSetup.log    --a---- 183 bytes    [09:27 18/12/2003]    [07:47 28/09/2005]
LOTTE s BILLEDER.htm    --a---- 2809 bytes    [03:19 05/01/2011]    [03:19 05/01/2011]
lusetup.exe    --a---- 3980888 bytes    [21:26 17/07/2004]    [21:26 17/07/2004]
MSDOS.SYS    -rahs-- 0 bytes    [09:54 21/06/2003]    [09:54 21/06/2003]
NTDETECT.COM    -rahs-- 47564 bytes    [12:00 09/10/2001]    [05:50 19/10/2004]
ntldr    -rahs-- 250576 bytes    [12:00 09/10/2001]    [04:51 15/10/2008]
pagefile.sys    --ahs-- 805306368 bytes    [11:37 21/06/2003]    [08:14 07/04/2011]
PkgClnup.log    --a---- 17590 bytes    [11:16 21/06/2003]    [11:16 21/06/2003]
spaminspector.exe    --a---- 7393658 bytes    [12:16 20/12/2003]    [22:53 19/12/2003]
Thumbs.db    --ahs-- 12288 bytes    [22:24 06/10/2005]    [21:04 16/12/2007]
UNWISE.EXE    --a---- 162304 bytes    [10:59 19/01/2006]    [11:59 24/05/2001]

---Folders---
$AVG    d--h---    [14:58 14/12/2009]
02a38b7549658fecb3a80a    d------    [11:06 09/05/2009]
1a223d393263e2a4b18530    d------    [03:57 12/08/2005]
2feb878d45ce67137df24c4d442f4b70    d------    [05:05 19/11/2006]
8569cc5bee4e2aa81468c353a379    d------    [11:04 09/05/2009]
b6313bc53e3db07dd7ee5b24fda275    d------    [11:23 09/05/2009]
Config.Msi    d------    [15:33 14/01/2011]
dell    d------    [15:40 21/06/2003]
Documents and Settings    d------    [10:41 21/06/2003]
found.000    d--hs--    [13:36 27/06/2004]
Inetpub    d------    [21:55 22/12/2003]
Jens    d------    [11:00 04/02/2005]
My AccessMedia    d------    [22:16 26/01/2006]
NVIDIA    d------    [18:12 20/12/2003]
program files    d------    [22:16 25/08/2004]
Programmer    d-a----    [10:42 21/06/2003]
RECYCLER    d--hs--    [12:51 21/06/2003]
System Volume Information    d--hs--    [09:59 21/06/2003]
temp    d------    [20:13 01/09/2004]
TEMP1    d------    [15:50 19/01/2010]
WINDOWS    d-a----    [11:37 21/06/2003]
WUTemp    d------    [15:08 21/06/2003]

========== reg ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Setup]
"DriverCachePath"="%SystemRoot%\Driver Cache"
"BootDir"="C:\"
"PrivateHash"=f6 94 0b 87 4b 93 48 16 a1 83 17 a1 2e 95 65 6b  (REG_BINARY)
"Installation Sources"="D:\"
"SourcePath"="D:\"
"ServicePackSourcePath"="c:\windows\ServicePackFiles"
"CDInstall"= 0x0000000001 (1)
"ServicePackCachePath"="c:\windows\ServicePackFiles\ServicePackCache"
"LogLevel"= 0x0000000000 (0)

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Setup\BaseWinOptions]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Setup\ExceptionComponents]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Setup\Migration]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Setup\Migration DLLs]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Setup\OC Manager]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Setup\OOBE]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Setup\OptionalComponents]


-= EOF =-

Jeg er glad for at du ved hvad du laver - og hvad jeg laver - for det gør jeg nemlig ikke helt;-) -

Kører jeg så nu det andet du skrev nu - eller er systemlog i stedet for det?

Har du mulighed for at låne en CD?

Spring til OTL, da den står til at bruge D drevet ved sfc /scannow.

Ja, principielt for jeg har selv en xp cd. Men nu sidder jeg 80 km hjemme fra og havde slet ikke troet at det ville drillem mig så meget - og vil jo så gerne at jeg har fået den igang før jeg tager hjem igen. Har været her siden igår. Min far er jo helt ulykkelig over ikke at kunne lave sine ting:-) Og jeg skulle gerne hjem idag. Kan det slet ikke klares uden? Jeg springer til OTL og lægger ind.

Og her er ny OTL:

OTL logfile created on: 07-04-2011 19:10:42 - Run 3
OTL by OldTimer - Version 3.2.22.3    Folder = C:\Documents and Settings\Elsebet Rasmussen\Skrivebord
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000406 | Country: Danmark | Language: DAN | Date Format: dd-MM-yyyy

511,00 Mb Total Physical Memory | 224,00 Mb Available Physical Memory | 44,00% Memory free
1,00 Gb Paging File | 1,00 Gb Available in Paging File | 68,00% Paging File free
Paging file location(s): C:\pagefile.sys 768 1536 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Programmer
Drive C: | 55,87 Gb Total Space | 30,90 Gb Free Space | 55,31% Space Free | Partition Type: NTFS

Computer Name: ELSEBET | User Name: Elsebet Rasmussen | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - C:\Documents and Settings\Elsebet Rasmussen\Skrivebord\OTL.exe (OldTimer Tools)
PRC - C:\Programmer\AVG\AVG10\avgtray.exe (AVG Technologies CZ, s.r.o.)
PRC - C:\Programmer\AVG\AVG10\avgnsx.exe (AVG Technologies CZ, s.r.o.)
PRC - C:\Programmer\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSMonitor.exe (AVG Technologies CZ, s.r.o.)
PRC - C:\Programmer\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSAgent.exe (AVG Technologies CZ, s.r.o.)
PRC - C:\Programmer\AVG\AVG10\avgchsvx.exe (AVG Technologies CZ, s.r.o.)
PRC - C:\Programmer\AVG\AVG10\avgwdsvc.exe (AVG Technologies CZ, s.r.o.)
PRC - C:\Programmer\McAfee Security Scan\2.0.181\SSScheduler.exe (McAfee, Inc.)
PRC - C:\WINDOWS\explorer.exe (Microsoft Corporation)
PRC - C:\Programmer\Fælles filer\logishrd\LVMVFM\LVPrcSrv.exe (Logitech Inc.)
PRC - C:\Programmer\Fælles filer\logishrd\LVCOMSER\LVComSer.exe (Logitech Inc.)
PRC - C:\Programmer\Dell Support\DSAgnt.exe (Gteko Ltd.)
PRC - C:\Programmer\Samsung\Digimax Viewer 2.1\STImgBrowser.exe (STOIK Imaging (www.stoik.com))
PRC - C:\Programmer\GIANT Company Software\Spam Inspector\siSpamFilterEngine.exe (GIANT Company Software)
PRC - C:\Programmer\GIANT Company Software\Spam Inspector\siService.exe (GIANT Company Software, inc.)
PRC - C:\Programmer\Lexmark X74-X75\lxbbbmon.exe (Lexmark International, Inc.)
PRC - C:\Programmer\Lexmark X74-X75\lxbbbmgr.exe (Lexmark International, Inc.)


========== Modules (SafeList) ==========

MOD - C:\Documents and Settings\Elsebet Rasmussen\Skrivebord\OTL.exe (OldTimer Tools)
MOD - C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\comctl32.dll (Microsoft Corporation)
MOD - C:\Programmer\Fælles filer\logishrd\LVMVFM\LVPrcInj.dll (Logitech Inc.)


========== Win32 Services (SafeList) ==========

SRV - (nosGetPlusHelper) getPlus(R) -- C:\Programmer\NOS\bin\getPlus_Helper_3004.dll (NOS Microsystems Ltd.)
SRV - (AVGIDSAgent) -- C:\Programmer\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSAgent.exe (AVG Technologies CZ, s.r.o.)
SRV - (AVG Security Toolbar Service) -- C:\Programmer\AVG\AVG10\Toolbar\ToolbarBroker.exe ()
SRV - (avgwd) -- C:\Programmer\AVG\AVG10\avgwdsvc.exe (AVG Technologies CZ, s.r.o.)
SRV - (McComponentHostService) -- C:\Programmer\McAfee Security Scan\2.0.181\McCHSvc.exe (McAfee, Inc.)
SRV - (NMSAccessU) -- C:\Programmer\CDBurnerXP\NMSAccessU.exe ()
SRV - (W3SVC) -- C:\WINDOWS\system32\inetsrv\inetinfo.exe (Microsoft Corporation)
SRV - (MSFtpsvc) -- C:\WINDOWS\system32\inetsrv\inetinfo.exe (Microsoft Corporation)
SRV - (IISADMIN) -- C:\WINDOWS\system32\inetsrv\inetinfo.exe (Microsoft Corporation)
SRV - (LVSrvLauncher) -- C:\Programmer\Fælles filer\logishrd\SrvLnch\SrvLnch.exe (Logitech Inc.)
SRV - (LVPrcSrv) -- C:\Programmer\Fælles filer\LogiShrd\LVMVFM\LVPrcSrv.exe (Logitech Inc.)
SRV - (LVCOMSer) -- C:\Programmer\Fælles filer\LogiShrd\LVCOMSER\LVComSer.exe (Logitech Inc.)
SRV - (NetSvc) -- C:\Programmer\Intel\NCS\Sync\NetSvc.exe (Intel(R) Corporation)
SRV - (MDM) -- C:\Programmer\Fælles filer\Microsoft Shared\VS7Debug\mdm.exe (Microsoft Corporation)


========== Driver Services (SafeList) ==========

DRV - (MBAMSwissArmy) -- C:\WINDOWS\system32\drivers\mbamswissarmy.sys (Malwarebytes Corporation)
DRV - (Avgldx86) -- C:\WINDOWS\system32\drivers\avgldx86.sys (AVG Technologies CZ, s.r.o.)
DRV - (Avgtdix) -- C:\WINDOWS\system32\drivers\avgtdix.sys (AVG Technologies CZ, s.r.o.)
DRV - (AVGIDSEH) -- C:\WINDOWS\system32\DRIVERS\AVGIDSEH.Sys (AVG Technologies CZ, s.r.o. )
DRV - (Avgmfx86) -- C:\WINDOWS\system32\drivers\avgmfx86.sys (AVG Technologies CZ, s.r.o.)
DRV - (Avgrkx86) -- C:\WINDOWS\system32\DRIVERS\avgrkx86.sys (AVG Technologies CZ, s.r.o.)
DRV - (AVGIDSFilter) -- C:\WINDOWS\system32\drivers\AVGIDSFilter.sys (AVG Technologies CZ, s.r.o. )
DRV - (AVGIDSDriver) -- C:\WINDOWS\system32\drivers\AVGIDSDriver.sys (AVG Technologies CZ, s.r.o. )
DRV - (AVGIDSShim) -- C:\WINDOWS\system32\drivers\AVGIDSShim.sys (AVG Technologies CZ, s.r.o. )
DRV - (StarOpen) -- C:\WINDOWS\System32\drivers\StarOpen.sys ()
DRV - (fssfltr) -- C:\WINDOWS\system32\drivers\fssfltr_tdi.sys (Microsoft Corporation)
DRV - (LVMVDrv) -- C:\WINDOWS\system32\drivers\LVMVdrv.sys (Logitech Inc.)
DRV - (LVcKap) -- C:\WINDOWS\system32\drivers\Lvckap.sys (Logitech Inc.)
DRV - (LVUVC) Logitech QuickCam Pro 5000(UVC) -- C:\WINDOWS\system32\drivers\lvuvc.sys (Logitech Inc.)
DRV - (FilterService) -- C:\WINDOWS\system32\drivers\lvuvcflt.sys (Logitech Inc.)
DRV - (LVUSBSta) -- C:\WINDOWS\system32\drivers\LVUSBSta.sys (Logitech Inc.)
DRV - (lvpopflt) -- C:\WINDOWS\system32\drivers\lvpopflt.sys (Logitech Inc.)
DRV - (LVPr2Mon) -- C:\WINDOWS\system32\drivers\LVPr2Mon.sys ()
DRV - (LVPrcMon) -- C:\WINDOWS\system32\drivers\LVPrcMon.sys ()
DRV - (QCMerced) -- C:\WINDOWS\system32\drivers\lvcm.sys ()
DRV - (itchfltr) -- C:\WINDOWS\system32\drivers\itchfltr.sys (Logitech, Inc.)
DRV - (LHidUsb) -- C:\WINDOWS\system32\drivers\Lhidusb.sys (Logitech, Inc.)
DRV - (LMouFlt2) -- C:\WINDOWS\system32\drivers\LMouFlt2.Sys (Logitech, Inc.)
DRV - (L8042pr2) -- C:\WINDOWS\system32\drivers\L8042pr2.Sys (Logitech, Inc.)
DRV - (LHidFlt2) -- C:\WINDOWS\system32\drivers\LHidFlt2.Sys (Logitech, Inc.)
DRV - (AIRPLUS) -- C:\WINDOWS\system32\drivers\AIRPLUS.SYS (D-Link)
DRV - (Cdr4_xp) -- C:\WINDOWS\System32\drivers\cdr4_xp.sys (Roxio)
DRV - (Cdralw2k) -- C:\WINDOWS\System32\drivers\cdralw2k.sys (Roxio)
DRV - (OMCI) -- C:\WINDOWS\SYSTEM32\DRIVERS\OMCI.SYS (Dell Computer Corporation)
DRV - (BCMModem) -- C:\WINDOWS\system32\drivers\BCMDM.sys (BCM)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant =


IE - HKU\.DEFAULT\..\URLSearchHook: {A3BC75A2-1F87-4686-AA43-5347D756017C} - C:\Programmer\AVG\AVG10\Toolbar\IEToolbar.dll ()
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\..\URLSearchHook: {A3BC75A2-1F87-4686-AA43-5347D756017C} - C:\Programmer\AVG\AVG10\Toolbar\IEToolbar.dll ()
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-21-790525478-515967899-725345543-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://dk.msn.com/
IE - HKU\S-1-5-21-790525478-515967899-725345543-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = http://www.live.com/ [binary data]
IE - HKU\S-1-5-21-790525478-515967899-725345543-1003\SOFTWARE\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1
IE - HKU\S-1-5-21-790525478-515967899-725345543-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://dk.msn.com/
IE - HKU\S-1-5-21-790525478-515967899-725345543-1003\..\URLSearchHook: {A3BC75A2-1F87-4686-AA43-5347D756017C} - C:\Programmer\AVG\AVG10\Toolbar\IEToolbar.dll ()
IE - HKU\S-1-5-21-790525478-515967899-725345543-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-790525478-515967899-725345543-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = localhost

FF - HKLM\software\mozilla\Firefox\extensions\\{3f963a5b-e555-4543-90e2-c3908898db71}: C:\Programmer\AVG\AVG10\Firefox\ [2010-12-28 07:27:52 | 000,000,000 | ---D | M]


O1 HOSTS File: ([2011-02-12 07:18:35 | 000,429,847 | R--- | M]) - C:\WINDOWS\System32\Drivers\etc\hosts
O1 - Hosts: 127.0.0.1      localhost
O1 - Hosts: 127.0.0.1    www.007guard.com
O1 - Hosts: 127.0.0.1    007guard.com
O1 - Hosts: 127.0.0.1    008i.com
O1 - Hosts: 127.0.0.1    www.008k.com
O1 - Hosts: 127.0.0.1    008k.com
O1 - Hosts: 127.0.0.1    www.00hq.com
O1 - Hosts: 127.0.0.1    00hq.com
O1 - Hosts: 127.0.0.1    010402.com
O1 - Hosts: 127.0.0.1    www.032439.com
O1 - Hosts: 127.0.0.1    032439.com
O1 - Hosts: 127.0.0.1    www.0scan.com
O1 - Hosts: 127.0.0.1    0scan.com
O1 - Hosts: 127.0.0.1    www.1000gratisproben.com
O1 - Hosts: 127.0.0.1    1000gratisproben.com
O1 - Hosts: 127.0.0.1    www.1001namen.com
O1 - Hosts: 127.0.0.1    1001namen.com
O1 - Hosts: 127.0.0.1    www.100888290cs.com
O1 - Hosts: 127.0.0.1    100888290cs.com
O1 - Hosts: 127.0.0.1    www.100sexlinks.com
O1 - Hosts: 127.0.0.1    100sexlinks.com
O1 - Hosts: 127.0.0.1    10sek.com
O1 - Hosts: 127.0.0.1    www.10sek.com
O1 - Hosts: 127.0.0.1    1-2005-search.com
O1 - Hosts: 127.0.0.1    www.1-2005-search.com
O1 - Hosts: 14799 more lines...
O2 - BHO: (Adobe PDF Link Helper) - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Programmer\Fælles filer\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
O2 - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Programmer\AVG\AVG10\avgssie.dll (AVG Technologies CZ, s.r.o.)
O2 - BHO: (AVG Security Toolbar BHO) - {A3BC75A2-1F87-4686-AA43-5347D756017C} - C:\Programmer\AVG\AVG10\Toolbar\IEToolbar.dll ()
O3 - HKLM\..\Toolbar: (no name) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - No CLSID value found.
O3 - HKLM\..\Toolbar: (AVG Security Toolbar) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - C:\Programmer\AVG\AVG10\Toolbar\IEToolbar.dll ()
O3 - HKU\S-1-5-21-790525478-515967899-725345543-1003\..\Toolbar\WebBrowser: (no name) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No CLSID value found.
O3 - HKU\S-1-5-21-790525478-515967899-725345543-1003\..\Toolbar\WebBrowser: (no name) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No CLSID value found.
O3 - HKU\S-1-5-21-790525478-515967899-725345543-1003\..\Toolbar\WebBrowser: (no name) - {BC04B34E-5DD8-465A-A5E0-86F7C11BC009} - No CLSID value found.
O3 - HKU\S-1-5-21-790525478-515967899-725345543-1003\..\Toolbar\WebBrowser: (no name) - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - No CLSID value found.
O3 - HKU\S-1-5-21-790525478-515967899-725345543-1003\..\Toolbar\WebBrowser: (AVG Security Toolbar) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - C:\Programmer\AVG\AVG10\Toolbar\IEToolbar.dll ()
O4 - HKLM..\Run: [AVG_TRAY] C:\Programmer\AVG\AVG10\avgtray.exe (AVG Technologies CZ, s.r.o.)
O4 - HKLM..\Run: [Lexmark X74-X75] C:\Programmer\Lexmark X74-X75\lxbbbmgr.exe (Lexmark International, Inc.)
O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [nwiz] C:\WINDOWS\System32\nwiz.exe (NVIDIA Corporation)
O4 - HKLM..\Run: [siService.exe] C:\Programmer\GIANT Company Software\Spam Inspector\siService.exe (GIANT Company Software, inc.)
O4 - HKLM..\Run: [zBrowser Launcher] C:\program files\Logitech\iTouch\iTouch.exe (Logitech Inc.)
O4 - HKU\.DEFAULT..\Run: [DWQueuedReporting] c:\Programmer\Fælles filer\Microsoft Shared\DW\DWTRIG20.EXE (Microsoft Corporation)
O4 - HKU\S-1-5-18..\Run: [DWQueuedReporting] c:\Programmer\Fælles filer\Microsoft Shared\DW\DWTRIG20.EXE (Microsoft Corporation)
O4 - HKU\S-1-5-21-790525478-515967899-725345543-1003..\Run: [DellSupport] C:\Programmer\Dell Support\DSAgnt.exe (Gteko Ltd.)
O4 - HKU\S-1-5-21-790525478-515967899-725345543-1003..\Run: [NvMediaCenter] C:\WINDOWS\System32\NVMCTRAY.DLL (NVIDIA Corporation)
O4 - HKLM..\RunOnce: [Malwarebytes' Anti-Malware] C:\Programmer\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
O4 - Startup: C:\Documents and Settings\All Users\Menuen Start\Programmer\Start\Digimax Viewer 2.1 (2).lnk = C:\Programmer\Samsung\Digimax Viewer 2.1\STImgBrowser.exe (STOIK Imaging (www.stoik.com))
O4 - Startup: C:\Documents and Settings\All Users\Menuen Start\Programmer\Start\Digimax Viewer 2.1.lnk = C:\Programmer\Samsung\Digimax Viewer 2.1\STImgBrowser.exe (STOIK Imaging (www.stoik.com))
O4 - Startup: C:\Documents and Settings\All Users\Menuen Start\Programmer\Start\McAfee Security Scan Plus.lnk = C:\Programmer\McAfee Security Scan\2.0.181\SSScheduler.exe (McAfee, Inc.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: CDRAutoRun = 0
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: CDRAutoRun = 0
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-790525478-515967899-725345543-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\WINDOWS\System32\GPhotos.scr (Google Inc.)
O8 - Extra context menu item: Google Sidewiki... - C:\Programmer\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_D183CA64F05FDD98.dll (Google Inc.)
O9 - Extra Button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - Reg Error: Value error. File not found
O9 - Extra 'Tools' menuitem : Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - Reg Error: Value error. File not found
O12 - Plugin for: .mov - C:\Programmer\Internet Explorer\PLUGINS\npqtplugin.dll (Apple Computer, Inc.)
O12 - Plugin for: .mpeg - C:\Programmer\Internet Explorer\PLUGINS\npqtplugin3.dll (Apple Computer, Inc.)
O12 - Plugin for: .tif - C:\Programmer\Internet Explorer\PLUGINS\npqtplugin5.dll (Apple Computer, Inc.)
O15 - HKU\S-1-5-21-790525478-515967899-725345543-1003\..Trusted Domains:  ([]msn in My Computer)
O16 - DPF: {07D09E9E-C667-45DD-B035-217BC2A61A3B} https://www.basisbank.dk/package/sdc/external/activex/ActiveXSikkerhedssoftware-prod-1.30.cab (Reg Error: Key error.)
O16 - DPF: {11818680-FCF6-11D0-9808-0800092A4865} http://www.kps.dk/Codebase/FormCtl.cab (Reg Error: Key error.)
O16 - DPF: {1469FF24-47F6-11D2-8805-006008C537E3} http://www.kps.dk/codebase/ffmail.cab (Reg Error: Key error.)
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} http://download.macromedia.com/pub/shockwave/cabs/director/sw.cab (Shockwave ActiveX Control)
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} http://download.microsoft.com/download/5/b/0/5b0d4654-aa20-495c-b89f-c1c34c691085/LegitCheckControl.cab (Windows Genuine Advantage Validation Tool)
O16 - DPF: {22492231-AEF0-49FC-9180-CE8969AB1273} http://download.sp.f-secure.com/ols/f-secure-rtm/resources/fslauncher.cab (Reg Error: Key error.)
O16 - DPF: {5ED80217-570B-4DA9-BF44-BE107C0EC166} http://cdn.scan.onecare.live.com/resource/download/scanner/wlscbase6886.cab (Windows Live Safety Center Base Module)
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1127924061312 (MUWebControl Class)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab (Java Plug-in 1.6.0_23)
O16 - DPF: {92EB6641-286A-11D2-A68E-00A0C996A6DD} http://www.kps.dk/codebase/jfsignature.cab (Reg Error: Key error.)
O16 - DPF: {AD90E8D1-3B47-11D2-A696-00A0C996A6DD} http://www.kps.dk/codebase/jfcrypto.cab (Reg Error: Key error.)
O16 - DPF: {B9F79165-A264-4C4A-A211-133A5E8D647F} http://support.f-secure.com/enu/home/onlineservices/fshc/fscax.cab (F-Secure Health Check 1.1)
O16 - DPF: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab (Java Plug-in 1.6.0_23)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab (Java Plug-in 1.6.0_23)
O16 - DPF: {CDDCFBB3-4D93-11D2-B1A9-00A0C9B742BE} http://www.kps.dk/codebase/scriptobject.cab (Reg Error: Key error.)
O16 - DPF: {D8575CE3-3432-4540-88A9-85A1325D3375} https://netbank.danskebank.dk/html/activex/e-Safekey/DB/e-Safekey.cab (e-Safekey)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)
O16 - DPF: {EF2FB80F-0975-408E-A871-B00CC863478A} http://www.kps.dk/codebase/fontinstaller.cab (Reg Error: Key error.)
O16 - DPF: Garmin Communicator Plug-In https://static.garmincdn.com/gcp/ie/2.9.3.0/GarminAxControl.CAB (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 62.61.130.1 62.61.131.1
O18 - Protocol\Handler\avgsecuritytoolbar {F2DDE6B2-9684-4A55-86D4-E255E237B77C} - C:\Programmer\AVG\AVG10\Toolbar\IEToolbar.dll ()
O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programmer\Fælles filer\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programmer\Fælles filer\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programmer\Fælles filer\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programmer\Fælles filer\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programmer\Fælles filer\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Programmer\AVG\AVG10\avgpp.dll (AVG Technologies CZ, s.r.o.)
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programmer\Fælles filer\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programmer\Fælles filer\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ms-itss {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Programmer\Fælles filer\Microsoft Shared\Information Retrieval\MSITSS.DLL (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Programmer\Fælles filer\Skype\Skype4COM.dll (Skype Technologies)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O21 - SSODL: CDBurn - {fbeb8a05-beee-4442-804e-409d6c4515e9} - CLSID or File not found.
O24 - Desktop Components:0 (Min aktuelle startside) - About:Home
O24 - Desktop WallPaper: C:\Documents and Settings\Elsebet Rasmussen\Lokale indstillinger\Application Data\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\Elsebet Rasmussen\Lokale indstillinger\Application Data\Microsoft\Wallpaper1.bmp
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *) -  File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

CREATERESTOREPOINT
Restore point Set: OTL Restore Point (37449782653878272)

========== Files/Folders - Created Within 30 Days ==========

[2011-04-07 13:14:29 | 000,580,608 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Elsebet Rasmussen\Skrivebord\OTL.exe
[2011-04-07 12:59:51 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2011-04-07 12:59:51 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menuen Start\Programmer\Malwarebytes' Anti-Malware
[2011-04-07 12:59:35 | 000,020,952 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2011-04-07 12:58:16 | 007,734,208 | ---- | C] (Malwarebytes Corporation                                    ) -- C:\Documents and Settings\Elsebet Rasmussen\Skrivebord\mbam-setup-1.50.1.1100.exe
[2011-04-07 10:36:14 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\Elsebet Rasmussen\Recent
[2011-04-07 05:07:01 | 000,000,000 | ---D | C] -- C:\Programmer\NOS
[2011-04-07 05:07:01 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\NOS
[2011-04-07 05:07:01 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menuen Start\Programmer\McAfee Security Scan Plus
[2011-04-07 05:07:00 | 000,000,000 | ---D | C] -- C:\Programmer\McAfee Security Scan
[2011-04-07 05:07:00 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\McAfee Security Scan
[2011-03-29 16:47:56 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Elsebet Rasmussen\.oces2
[2011-03-09 12:54:52 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NetworkService\Application Data\McAfee
[8 C:\WINDOWS\System32\dllcache\*.tmp files -> C:\WINDOWS\System32\dllcache\*.tmp -> ]
[6 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[3 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[1 C:\Documents and Settings\All Users\Application Data\*.tmp files -> C:\Documents and Settings\All Users\Application Data\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2011-04-07 18:33:57 | 000,075,264 | ---- | M] () -- C:\Documents and Settings\Elsebet Rasmussen\Skrivebord\SystemLook.exe
[2011-04-07 13:14:29 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Elsebet Rasmussen\Skrivebord\OTL.exe
[2011-04-07 12:59:52 | 000,000,763 | ---- | M] () -- C:\Documents and Settings\All Users\Skrivebord\Malwarebytes' Anti-Malware.lnk
[2011-04-07 12:58:25 | 007,734,208 | ---- | M] (Malwarebytes Corporation                                    ) -- C:\Documents and Settings\Elsebet Rasmussen\Skrivebord\mbam-setup-1.50.1.1100.exe
[2011-04-07 12:36:56 | 000,000,841 | ---- | M] () -- C:\WINDOWS\LEXSTAT.INI
[2011-04-07 11:21:31 | 000,625,664 | ---- | M] () -- C:\Documents and Settings\Elsebet Rasmussen\Skrivebord\dds.pif
[2011-04-07 11:20:02 | 000,625,664 | ---- | M] () -- C:\Documents and Settings\Elsebet Rasmussen\Skrivebord\dds.scr
[2011-04-07 10:37:23 | 000,030,848 | ---- | M] () -- C:\Documents and Settings\Elsebet Rasmussen\Skrivebord\cc_20110407_103719.reg
[2011-04-07 10:22:05 | 000,000,739 | ---- | M] () -- C:\WINDOWS\STImgBrowser.INI
[2011-04-07 10:16:30 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2011-04-07 10:14:53 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2011-04-07 10:14:52 | 535,891,968 | -HS- | M] () -- C:\hiberfil.sys
[2011-04-07 10:14:13 | 000,000,000 | ---- | M] () -- C:\WINDOWS\System32\drivers\lvuvc.hs
[2011-04-07 02:18:56 | 000,001,324 | ---- | M] () -- C:\WINDOWS\System32\d3d9caps.dat
[2011-04-06 22:48:09 | 000,001,585 | ---- | M] () -- C:\Documents and Settings\All Users\Menuen Start\Programmer\Start\McAfee Security Scan Plus.lnk
[2011-04-06 22:48:08 | 000,001,593 | ---- | M] () -- C:\Documents and Settings\All Users\Skrivebord\McAfee Security Scan Plus.lnk
[2011-04-06 18:33:54 | 111,798,862 | ---- | M] () -- C:\WINDOWS\System32\drivers\AVG\incavi.avm
[2011-04-04 09:47:38 | 000,000,249 | ---- | M] () -- C:\Documents and Settings\Elsebet Rasmussen\Skrivebord\Google.url
[2011-03-27 06:26:09 | 000,488,616 | ---- | M] () -- C:\WINDOWS\System32\perfh006.dat
[2011-03-27 06:26:09 | 000,470,484 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2011-03-27 06:26:09 | 000,090,482 | ---- | M] () -- C:\WINDOWS\System32\perfc006.dat
[2011-03-27 06:26:09 | 000,077,348 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2011-03-24 12:54:28 | 000,001,714 | ---- | M] () -- C:\Documents and Settings\All Users\Skrivebord\Adobe Reader 9.lnk
[8 C:\WINDOWS\System32\dllcache\*.tmp files -> C:\WINDOWS\System32\dllcache\*.tmp -> ]
[6 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[3 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[1 C:\Documents and Settings\All Users\Application Data\*.tmp files -> C:\Documents and Settings\All Users\Application Data\*.tmp -> ]

========== Files Created - No Company Name ==========

[2011-04-07 18:33:57 | 000,075,264 | ---- | C] () -- C:\Documents and Settings\Elsebet Rasmussen\Skrivebord\SystemLook.exe
[2011-04-07 12:59:52 | 000,000,763 | ---- | C] () -- C:\Documents and Settings\All Users\Skrivebord\Malwarebytes' Anti-Malware.lnk
[2011-04-07 11:21:30 | 000,625,664 | ---- | C] () -- C:\Documents and Settings\Elsebet Rasmussen\Skrivebord\dds.pif
[2011-04-07 11:19:39 | 000,625,664 | ---- | C] () -- C:\Documents and Settings\Elsebet Rasmussen\Skrivebord\dds.scr
[2011-04-07 10:37:21 | 000,030,848 | ---- | C] () -- C:\Documents and Settings\Elsebet Rasmussen\Skrivebord\cc_20110407_103719.reg
[2011-04-07 05:18:19 | 535,891,968 | -HS- | C] () -- C:\hiberfil.sys
[2011-04-06 22:48:09 | 000,001,585 | ---- | C] () -- C:\Documents and Settings\All Users\Menuen Start\Programmer\Start\McAfee Security Scan Plus.lnk
[2011-04-06 22:48:08 | 000,001,593 | ---- | C] () -- C:\Documents and Settings\All Users\Skrivebord\McAfee Security Scan Plus.lnk
[2010-10-21 23:49:28 | 000,284,304 | ---- | C] () -- C:\Documents and Settings\LocalService\Lokale indstillinger\Application Data\FontCache3.0.0.0.dat
[2010-07-27 22:46:25 | 000,007,168 | ---- | C] () -- C:\WINDOWS\System32\drivers\StarOpen.sys
[2009-11-05 10:34:58 | 000,000,056 | -H-- | C] () -- C:\WINDOWS\System32\ezsidmv.dat
[2009-08-05 08:14:45 | 000,001,324 | ---- | C] () -- C:\WINDOWS\System32\d3d9caps.dat
[2009-08-03 15:07:42 | 000,403,816 | ---- | C] () -- C:\WINDOWS\System32\OGACheckControl.dll
[2009-08-03 15:07:42 | 000,230,768 | ---- | C] () -- C:\WINDOWS\System32\OGAEXEC.exe
[2007-07-18 17:42:42 | 000,025,624 | ---- | C] () -- C:\WINDOWS\System32\drivers\LVPr2Mon.sys
[2006-05-28 21:08:43 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\Elsebet Rasmussen\Application Data\dm.ini
[2006-01-27 00:16:15 | 000,026,958 | ---- | C] () -- C:\Programmer\MovieLand Terms.html
[2006-01-19 12:59:51 | 000,000,112 | ---- | C] () -- C:\WINDOWS\ActiveSkin.INI
[2005-12-07 13:10:13 | 000,118,784 | R--- | C] () -- C:\WINDOWS\bwUnin-7.2.0.157-8876480SL.exe
[2005-11-09 13:22:59 | 000,058,163 | ---- | C] () -- C:\WINDOWS\System32\lvcoinst.ini
[2005-11-09 10:58:33 | 000,000,719 | R--- | C] () -- C:\WINDOWS\System32\InstExec.ini
[2005-11-09 10:56:36 | 000,118,784 | R--- | C] () -- C:\WINDOWS\bwUnin-7.2.0.137-8876480SL.exe
[2005-09-28 17:40:55 | 000,000,202 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini
[2005-09-28 09:49:23 | 000,053,248 | R--- | C] () -- C:\WINDOWS\System32\InstMed.exe
[2005-09-28 09:48:57 | 001,317,152 | ---- | C] () -- C:\WINDOWS\System32\drivers\lvcm.sys
[2005-09-01 14:11:52 | 000,016,768 | ---- | C] () -- C:\WINDOWS\System32\drivers\LVPrcMon.sys
[2005-02-04 15:36:19 | 000,000,739 | ---- | C] () -- C:\WINDOWS\STImgBrowser.INI
[2004-10-17 10:32:34 | 000,004,569 | ---- | C] () -- C:\WINDOWS\System32\secupd.dat
[2004-09-01 22:15:06 | 000,003,437 | ---- | C] () -- C:\WINDOWS\wininit.ini
[2004-09-01 22:15:02 | 000,000,045 | ---- | C] () -- C:\WINDOWS\EDHDGNPL.ini
[2004-01-30 08:28:01 | 000,000,033 | ---- | C] () -- C:\WINDOWS\LVMMail.INI
[2003-12-22 23:57:04 | 000,000,000 | ---- | C] () -- C:\WINDOWS\frontpg.ini
[2003-12-22 23:55:43 | 000,012,127 | ---- | C] () -- C:\WINDOWS\System32\ftpctrs.ini
[2003-12-22 23:55:39 | 000,059,321 | ---- | C] () -- C:\WINDOWS\System32\w3ctrs.ini
[2003-12-22 23:55:38 | 000,015,010 | ---- | C] () -- C:\WINDOWS\System32\axperf.ini
[2003-12-22 23:55:27 | 000,017,713 | ---- | C] () -- C:\WINDOWS\System32\infoctrs.ini
[2003-12-22 23:45:41 | 000,363,520 | ---- | C] () -- C:\WINDOWS\System32\psisdecd.dll
[2003-12-20 19:20:56 | 000,030,208 | ---- | C] () -- C:\Documents and Settings\Elsebet Rasmussen\Lokale indstillinger\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2003-12-18 11:29:27 | 000,036,864 | R--- | C] () -- C:\WINDOWS\System32\AthUnIns.exe
[2003-10-06 15:16:00 | 000,027,136 | ---- | C] () -- C:\WINDOWS\System32\nvcod.dll
[2003-08-20 20:49:41 | 000,001,804 | ---- | C] () -- C:\WINDOWS\System32\dcache.bin
[2003-07-23 01:18:16 | 000,000,122 | ---- | C] () -- C:\WINDOWS\mdm.ini
[2003-06-21 13:05:03 | 000,000,724 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2003-06-21 12:42:06 | 000,004,161 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2003-06-21 12:41:16 | 000,154,768 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2003-06-21 12:29:23 | 000,000,841 | ---- | C] () -- C:\WINDOWS\LEXSTAT.INI
[2003-06-21 12:23:45 | 000,033,708 | ---- | C] () -- C:\WINDOWS\System32\drivers\WLANGEN.bin
[2003-06-21 12:23:45 | 000,000,964 | ---- | C] () -- C:\WINDOWS\System32\drivers\RADIO11.BIN
[2003-06-21 12:23:45 | 000,000,964 | ---- | C] () -- C:\WINDOWS\System32\drivers\AIRPLUS.BIN
[2003-06-21 12:23:45 | 000,000,920 | ---- | C] () -- C:\WINDOWS\System32\drivers\RADIO0d.BIN
[2003-06-21 11:57:02 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2003-06-21 11:52:27 | 000,021,644 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat
[2003-05-16 05:30:30 | 000,065,536 | ---- | C] () -- C:\WINDOWS\System32\MSRTEDIT.DLL
[2003-02-26 16:47:14 | 000,147,456 | ---- | C] () -- C:\WINDOWS\System32\MimicICM.dll
[2002-10-14 22:39:18 | 000,000,184 | ---- | C] () -- C:\WINDOWS\System32\lxbbcoin.ini
[2001-10-09 14:00:00 | 013,107,200 | ---- | C] () -- C:\WINDOWS\System32\oembios.bin
[2001-10-09 14:00:00 | 000,673,088 | ---- | C] () -- C:\WINDOWS\System32\mlang.dat
[2001-10-09 14:00:00 | 000,488,616 | ---- | C] () -- C:\WINDOWS\System32\perfh006.dat
[2001-10-09 14:00:00 | 000,470,484 | ---- | C] () -- C:\WINDOWS\System32\perfh009.dat
[2001-10-09 14:00:00 | 000,284,912 | ---- | C] () -- C:\WINDOWS\System32\perfi006.dat
[2001-10-09 14:00:00 | 000,272,128 | ---- | C] () -- C:\WINDOWS\System32\perfi009.dat
[2001-10-09 14:00:00 | 000,218,003 | ---- | C] () -- C:\WINDOWS\System32\dssec.dat
[2001-10-09 14:00:00 | 000,090,482 | ---- | C] () -- C:\WINDOWS\System32\perfc006.dat
[2001-10-09 14:00:00 | 000,077,348 | ---- | C] () -- C:\WINDOWS\System32\perfc009.dat
[2001-10-09 14:00:00 | 000,046,258 | ---- | C] () -- C:\WINDOWS\System32\mib.bin
[2001-10-09 14:00:00 | 000,034,026 | ---- | C] () -- C:\WINDOWS\System32\perfd006.dat
[2001-10-09 14:00:00 | 000,028,626 | ---- | C] () -- C:\WINDOWS\System32\perfd009.dat
[2001-10-09 14:00:00 | 000,004,463 | ---- | C] () -- C:\WINDOWS\System32\oembios.dat
[2001-10-09 14:00:00 | 000,000,741 | ---- | C] () -- C:\WINDOWS\System32\noise.dat
[1999-01-27 14:39:06 | 000,065,024 | ---- | C] () -- C:\WINDOWS\System32\indounin.dll
[1997-06-13 08:56:08 | 000,056,832 | ---- | C] () -- C:\WINDOWS\System32\Iyvu9_32.dll

========== Custom Scans ==========



< MD5 for: EXPLORER.EXE  >
[2008-04-14 18:05:49 | 001,034,752 | ---- | M] (Microsoft Corporation) MD5=1D9BD1CAA1E4CF63370F201DF742DC7D -- C:\WINDOWS\explorer.exe
[2008-04-14 18:05:49 | 001,034,752 | ---- | M] (Microsoft Corporation) MD5=1D9BD1CAA1E4CF63370F201DF742DC7D -- C:\WINDOWS\ServicePackFiles\i386\explorer.exe
[2008-04-14 18:05:49 | 001,034,752 | ---- | M] (Microsoft Corporation) MD5=1D9BD1CAA1E4CF63370F201DF742DC7D -- C:\WINDOWS\system32\dllcache\explorer.exe
[2007-06-13 15:10:54 | 001,034,240 | ---- | M] (Microsoft Corporation) MD5=9D7A9E7F4A89AA43D108C4E4C153B561 -- C:\WINDOWS\$hf_mig$\KB938828\SP2QFE\explorer.exe
[2007-06-13 15:22:35 | 001,034,240 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\$NtServicePackUninstall$\explorer.exe

< MD5 for: MSVBVM60.DLL  >
[2008-04-14 18:05:27 | 001,384,479 | ---- | M] (Microsoft Corporation) MD5=6D2AB3688346D6710C3678A659BA154B -- C:\WINDOWS\ServicePackFiles\i386\msvbvm60.dll
[2004-08-27 02:53:39 | 001,392,671 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\$NtServicePackUninstall$\msvbvm60.dll
[2008-04-14 18:05:27 | 001,384,479 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\WINDOWS\system32\msvbvm60.dll

< MD5 for: SFC.DLL  >
[2008-04-14 18:05:31 | 000,005,120 | ---- | M] (Microsoft Corporation) MD5=2EE3F794D81AA928C689E1827EB4B88D -- C:\WINDOWS\ServicePackFiles\i386\sfc.dll
[2008-04-14 18:05:31 | 000,005,120 | ---- | M] (Microsoft Corporation) MD5=2EE3F794D81AA928C689E1827EB4B88D -- C:\WINDOWS\system32\sfc.dll
[2004-08-27 02:53:43 | 000,005,120 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\$NtServicePackUninstall$\sfc.dll

< MD5 for: SVCHOST.EXE  >
[2008-04-14 18:06:03 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=555F8F4CB284FE94059DCACF6074F9EC -- C:\WINDOWS\ServicePackFiles\i386\svchost.exe
[2008-04-14 18:06:03 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=555F8F4CB284FE94059DCACF6074F9EC -- C:\WINDOWS\system32\svchost.exe
[2004-08-27 02:53:54 | 000,014,336 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\$NtServicePackUninstall$\svchost.exe

< MD5 for: USERINIT.EXE  >
[2008-04-14 18:06:05 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=7B3770DB760FBBA068454EAFCAA89772 -- C:\WINDOWS\ServicePackFiles\i386\userinit.exe
[2008-04-14 18:06:05 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=7B3770DB760FBBA068454EAFCAA89772 -- C:\WINDOWS\system32\userinit.exe
[2004-08-27 02:53:54 | 000,024,576 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\$NtServicePackUninstall$\userinit.exe

< MD5 for: WINLOGON.EXE  >
[2008-04-14 18:06:06 | 000,507,904 | ---- | M] (Microsoft Corporation) MD5=E0339362391BF6AC04D1622EF8E3A61B -- C:\WINDOWS\ServicePackFiles\i386\winlogon.exe
[2008-04-14 18:06:06 | 000,507,904 | ---- | M] (Microsoft Corporation) MD5=E0339362391BF6AC04D1622EF8E3A61B -- C:\WINDOWS\system32\dllcache\winlogon.exe
[2008-04-14 18:06:06 | 000,507,904 | ---- | M] (Microsoft Corporation) MD5=E0339362391BF6AC04D1622EF8E3A61B -- C:\WINDOWS\system32\winlogon.exe
[2004-08-27 02:53:54 | 000,502,272 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\$NtServicePackUninstall$\winlogon.exe

<  >

<  >

========== Alternate Data Streams ==========

@Alternate Data Stream - 142 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:0B4227B4
@Alternate Data Stream - 104 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:D1B5B4F1

< End of report >

pludselig ligger der en fil på skrivebordet som hedder : THUMBS - står at det er en databasefil. ? En som er kommet frem af ovenstående ? (Den er ny)

Vil du godt hente denne:
http://download.avg.com/filedir/util/support/avg_remover_stf_x86_2011_1184.exe

Du skal ikke bruge den endnu.

Start OTL

Kopier nedenstånde med fed skrift ind i feltet "Custom Scans/Fixes"


:Services
MpKsl0b726d7d
MpKsl52b55fb1
MpKsl5499abb6
MpKsl7d8878f7
MpKsl87ce3081
MpKsl995e0ded
MpKslb11a5f2a
MpKsldd943149
MpKsle0a39605
MpKslf7318f54

:files
ipconfig /flushdns /c

:Commands
[purity]
[emptytemp]
[CREATERESTOREPOINT]
[EMPTYFLASH]
[Reboot]

Luk alle andre åbne vinduer og klik på "Run Fix"

Efter genstart åbnes en logfil, kopier den tekst herind i denne tråd.

Ellers ligger den her: C:\_OTL\MovedFiles\mmddyyyy_hhmmss.log

Hej igen F-arn.

Jeg ken ikke helt gennemskue hvad årsagen/problemet er med denne pc. Hvad er din mening om det?? Virus? Skader efter? Elller?

Der mangler nogle filer, og nogle drivere/services skal fjernes.

Fik du hentet den fil?

Kan du geninstallere AVG, når den bli'r fjernet?

Ja, filen hentet.

Jeg kunne jo lige hentet avg - til senere installation. Så ligger den klar - og jeg kører ikke så længe UDEN virusbeskyttelse. Fjerne Macafee?

Her All processes killed
========== SERVICES/DRIVERS ==========
Service MpKsl0b726d7d stopped successfully!
Service MpKsl0b726d7d deleted successfully!
Service MpKsl52b55fb1 stopped successfully!
Service MpKsl52b55fb1 deleted successfully!
Service MpKsl5499abb6 stopped successfully!
Service MpKsl5499abb6 deleted successfully!
Service MpKsl7d8878f7 stopped successfully!
Service MpKsl7d8878f7 deleted successfully!
Service MpKsl87ce3081 stopped successfully!
Service MpKsl87ce3081 deleted successfully!
Service MpKsl995e0ded stopped successfully!
Service MpKsl995e0ded deleted successfully!
Service MpKslb11a5f2a stopped successfully!
Service MpKslb11a5f2a deleted successfully!
Service MpKsldd943149 stopped successfully!
Service MpKsldd943149 deleted successfully!
Service MpKsle0a39605 stopped successfully!
Service MpKsle0a39605 deleted successfully!
Service MpKslf7318f54 stopped successfully!
Service MpKslf7318f54 deleted successfully!
========== FILES ==========
< ipconfig /flushdns /c >
Windows IP-konfiguration
DNS Resolver Cache kunne ikke tømmes: Funktionen mislykkedes under udførelsen.
C:\Documents and Settings\Elsebet Rasmussen\Skrivebord\cmd.bat deleted successfully.
C:\Documents and Settings\Elsebet Rasmussen\Skrivebord\cmd.txt deleted successfully.
========== COMMANDS ==========

[EMPTYTEMP]

User: Administrator
->Temp folder emptied: 24890869 bytes
->Temporary Internet Files folder emptied: 134 bytes

User: All Users

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes

User: Elsebet Rasmussen
->Temp folder emptied: 141983128 bytes
->Temporary Internet Files folder emptied: 3726063 bytes
->Java cache emptied: 29627 bytes
->Flash cache emptied: 6878 bytes

User: Gæst
->Temp folder emptied: 17594400 bytes
->Temporary Internet Files folder emptied: 4725664 bytes
->Java cache emptied: 104838 bytes
->Flash cache emptied: 1388 bytes

User: Hjælpeassistent
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes

User: Jens Rasmussen
->Temp folder emptied: 148005075 bytes
->Temporary Internet Files folder emptied: 5321109 bytes
->Java cache emptied: 31880 bytes
->Google Chrome cache emptied: 9610204 bytes
->Flash cache emptied: 1932 bytes

User: Lars

User: LocalService
->Temp folder emptied: 66016 bytes
->Temporary Internet Files folder emptied: 14902374 bytes

User: NetworkService
->Temp folder emptied: 2603884 bytes
->Temporary Internet Files folder emptied: 33170 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 1158232 bytes
%systemroot%\System32 .tmp files removed: 121956 bytes
%systemroot%\System32\dllcache .tmp files removed: 11278848 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 1339830 bytes
RecycleBin emptied: 6216889 bytes

Total Files Cleaned = 376,00 mb

Restore point Set: OTL Restore Point (0)

[EMPTYFLASH]

User: Administrator

User: All Users

User: Default User

User: Elsebet Rasmussen
->Flash cache emptied: 0 bytes

User: Gæst
->Flash cache emptied: 0 bytes

User: Hjælpeassistent

User: Jens Rasmussen
->Flash cache emptied: 0 bytes

User: Lars

User: LocalService

User: NetworkService

Total Flash Files Cleaned = 0,00 mb

Error: Unable to interpret <[Reboot> in the current context!

OTL by OldTimer - Version 3.2.22.3 log created on 04072011_202040

Files\Folders moved on Reboot...

Registry entries deleted on Reboot...
kommer log (OTL)
IExplorer kører meget hurtigere nu - MUSEN er helt flippet og låser meget.
:

Min far vil IKKE have AVG på igen - Microsoft har en ny sikkerhedspakke som han hellere vil have på. Kender du den?

- Og kan jeg godt installere selv. Vil lige køre en F-secure online scan før jeg sætter MS-virusbesk. på.

- Hvis/når jeg kan køre F.-secure igen.

http://www.microsoft.com/da-dk/security_essentials/default.aspx

Jeg går udfra det er den.

Afbryd nettet

Afinstaller AVG

Kør avg_remover_stf_x86_2011_1184.exe

Installer Microsoft Security Essentials

Tilslut nettet

------

Hent og gem ComboFix på dit skrivebord.

Højreklik på skrivebordet og vælg ny->tekstdokument og kopier det fremhævede ind og gem filen som CFScript

Killall::
Snapshot::

Da Combofix kan konflikte med dine sikkerhedsprogrammer er det vigtigt at du deaktiverer dem.

Tag så fat i den nye fil med musen, og før den hen over ComboFix-filen, hvorefter du "giver slip" med musen.
http://www.fromsej.saknet.dk/billeder/cfscript.gif

Så skulle Combofix gerne give sig til at arbejde. Muligvis vil den kræve en genstart, hvilket du skal tillade. Du bør ikke klikke på vinduet imens værktøjet kører, idet det kan få din computer til at fryse.
Når Combofix er færdig, og efter det (muligvis) har genstartet, skulle der gerne åbnes en logfil: combofix.txt som ligger her C:\Combofix.txt

Indholdet af denne fil må du gerne lægge herind.

Mange tak.

AVG afinstalleret - skal jeg genstarte FØR jeg kører AVG-remover?

spørger idet den gik i tom skærm - da jeg afinstallerede igår og genstartede...måtte gendanne for at komme ind igen.

Jeg genstarter...

Øh...Der kommer en sort firkant med C:windoes/system32/cmd.exe OG kurseren står og blinker derinde.

Kommer en advarsel: Windoes kan ikke finde...www.special-uninstattation-feedback...

Og så kan jeg klikke ok - men NU går den ind på Iexplorer - som jo er koblet fra...

Skriver jeg bare ok og går ud og laver agv remover ????

Gør jeg...

Så er jeg klar til at køre Combofix - men jeg er lidt i tvivl om hvordan jeg slårt sikkerhedsprogrammer fra???

FØR JEG INST. ms security (efter avg remover) var musen helt normal igen - men efter driller den med at låse igen - ??

Jeg kender ikke Microsoft Security Essentials, men den plejer ikke at gi' problemer ved kørsl af ComboFix.
Hvos du klikker på ikonet nede ved uret, kan du måske deaktivere den.

Nu kører den:-)

Du skal vide at jeg er SÅ TAKNEMMELIG for den helt ubeskrivelig hjælp du har giver mig - jeg ved næsten ikke hvordan jeg skal kunne takke dig nok. TUSINDE tak!!!

Hej igen.

Nu har den kørt Combofix færdigt. Den ville genstarte. Lukkede ned og startede op - og nu står den låst ved login - altså klik på dit brugernavn - men den er LÅST???

Og så prøvede jeg lige den trådløse mus - og den virker vist.

- men tastaturet vil ikke skrive - ?

Hvad mon der sker her?

nåh - da jeg kom ind var den ikke færdig.

Der skete det at windows pludselig var igang med at installere Logitech webcam - Jeg rørte ikke ved det da jeg så at combofix var åben og ved at lave logfil. Webcam blev inst. samtidig. Jeg var nødt til at gå ind på en anden konto idet tastaturet ikke virker mere - ??

Jeg kan ikke komme ind på MS security - der kommer bare en sort skærm som blinker et sekund og væk igen (samme str. som combofix-finduet) Så jeg kan ikke få virus sat igang igen.

Og jeg kan heller ikke komme ind på iexplorer - ??

Nu kan jeg jo kun komme ind på den konto Jens som der ikke er password på idet den anden konto hvor jeg har lavet alt det andet fra bruger password og jeg kan ikke skrive det.

Logfilen skal jeg jo ind på nettet for at sende til dig.

Så ligenu ved jeg ikke hvordan jeg kommer videre - ??

VH Marianne

Prøv lige at genstarte i Fejlsikret tilstand. Så må vi se på det i morgen. Jrg er for træt til at fortsætte.

Hej og ok. Mange tusinde tak for alt indtil nu. prøver fejlsikret tilstand.

Hej. Jeg kan ikke starte i fejlsikret idet tastaturet ikke virker. Og dermed F8 ejheller.

MEN nu nattesøvn - så vender jeg tilbage imorgen.

Mange tak for nu!!!

VH Marianne

Hvad er det for en PC?

Kan du kold boote til Fejlsikret tilstand med kommandoprompt?

Det er Dell.

Der var sket det at tastatur og mus (med ledning) ikke virker - men der havde tidl. været trådløs mus og tastatur - og det virker - ?? Noget med det Logitech at gøre...

MEN når jeg starter den op - med det andet tastatur som nu virker - kan jeg ikke få den i fejlsikret ved F8...

Det er mærkeligt. Den kørte rigtig, rigtig godt efter avg remover og før ms security.

Mon jeg skal se om jeg kan gendanne fra før det? Noget må jo være sket derimellem.

Fejlsirket fra komandoprompt - hvordan gøres det. Når den er ved at starte op reagerer den SLET ikke på F8.

Tjekkede lige med CC - der ligger en del den gerne vil rense - men har ikke sat den igang med det. Da jeg ikke lige ved om det er ok på nuvlrende?

Når jeg forsøger at genstarte - for at forsøge fejlsikret - kommer der hver gang: Lukning af DDE server window - ?

Du skal ikke lave nogen ændringer lige nu. Vender tilbage om lidt!

Som udgangspunkt er der sket ngoet med det logitech - der er installeret noget omrking det som ikke har været der før. Bla. er der nogle genvejstaster som ligger på F-knapperne og tror kan være det der er galt med F8. Der ligger noget som hedder iTouch på værkstøjslinien.

MEN...det er det eneste tastatur og mus som ligenu virker...

Slet den ComboFix du har!


1. Hent dette lille værktøj: (hvis du har slettet det)

http://jpshortstuff.247fixes.com/SystemLook.exe
http://images.malwareremoval.com/jpshortstuff/SystemLook.exe (alternativ adresse)

2. Dobbeltklik på systemlook.exe - nu dukker der et lille vindue op, hvor du skal kopiere HELE indholdet med fed skrift ind:

:dir
%systemdrive%
%systemdrive%\Qoobox /s

3. Luk så alle andre vinduer og klik på knappen Look. Programmet vil nu lede på din computer.

4. Når programmet er færdig med at lede, vil der dukke et notepad-vindue op, med en log fra SystemLook. Den skal du kopiere herind i forum i dit næste svar. Log'en kan også findes på dit Skrivebord med navnet: SystemLook.txt.

OK

Er det kun selve Combofix som jeg sletter - program eller fil - ikke den log den har lavet?

Argh...Havde smidt det over i papirkurven - men den er så tømt i alt det her:-( Øv..

Jeg kan jo ikke gå på nettet på den pc.

Må vist ned og købe et usb stick - jeg kan vel hente det til min egen bærbare og lægge det over via et usb stick?

Kun ComboFox.exe, ikke andet. Jeg vil meget gerne se loggen.

Hvis den har lavet en C:\Qoobox\ComboFix-quarantined-files.txt vil jeg også gerne se den!

Der ligger iøvrigt slet ingen combofix mere - den har da vist sletet sig selv...

Der er ikke adgang til nettet fra min fars pc - iexplorer virker heller ikke jo..

Jeg er nødt til at smutte ud og købe et usb stik - så kan jeg hente det - får det herover på min pc og videre til dig...

HVIS det virker på den anden pc at få det kopieret derover...

Den er rimelig meget ude af drift..

Er det IKKE løsningen at jeg finder et usbstik (men kan jeg få den gamle pc til at virke med at få det kopieret over derpå) ??


Er det helt UMULIGT at gendenne til FØR vi lagde microsoft virusprg. ind ??? Der er et gendannelspunkt der.

Nu er jeg ikke - slet slet ikke - ekspert som jeg ved du er :-) - Men jeg spørger lige:

Kan jeg gendanne derfra - vente med at installere microsoft virusprogram..Køre Combofix FØR jeg inst. det nye viruspogram..

ELLER det dette IKKE en mulighed?

Jeg har denne combofix-guarantined txt fil på pcen.

Jeg vil gerne se hvad ComboFix har lavet, før jeg siger noget om det.

(FIK det over på min pc via en mail - mailsys virker...)

Her er combofix:
2011-04-07 21:30:57 . 2011-04-07 21:30:57            1,020 ----a-w-  C:\Qoobox\Quarantine\Registry_backups\AddRemove-Windows Media Format Runtime.reg.dat
2011-04-07 21:30:57 . 2011-04-07 21:30:57              900 ----a-w-  C:\Qoobox\Quarantine\Registry_backups\AddRemove-WebCyberCoach_wtrb.reg.dat
2011-04-07 21:30:57 . 2011-04-07 21:30:57            1,286 ----a-w-  C:\Qoobox\Quarantine\Registry_backups\AddRemove-KB870669.reg.dat
2011-04-07 21:30:30 . 2011-04-07 21:30:30              542 ----a-w-  C:\Qoobox\Quarantine\Registry_backups\SafeBoot-MsMpSvc.reg.dat
2011-04-07 21:30:21 . 2011-04-07 21:30:21              162 ----a-w-  C:\Qoobox\Quarantine\Registry_backups\HKLM-Run-MSC.reg.dat
2011-04-07 21:30:21 . 2011-04-07 21:30:21              151 ----a-w-  C:\Qoobox\Quarantine\Registry_backups\HKLM-Run-Lexmark X74-X75.reg.dat
2011-04-07 21:30:20 . 2011-04-07 21:30:20              171 ----a-w-  C:\Qoobox\Quarantine\Registry_backups\WebBrowser-{CCC7A320-B3CA-4199-B1A6-9F516DD69829}.reg.dat
2011-04-07 21:10:50 . 2011-04-07 21:10:50              414 ----a-w-  C:\Qoobox\Quarantine\Registry_backups\Service_StarOpen.reg.dat
2011-04-07 21:10:50 . 2011-04-07 21:10:50            2,376 ----a-w-  C:\Qoobox\Quarantine\Registry_backups\Service_smwdm.reg.dat
2011-04-07 21:10:50 . 2011-04-07 21:10:50            2,082 ----a-w-  C:\Qoobox\Quarantine\Registry_backups\Service_QCMerced.reg.dat
2011-04-07 21:10:50 . 2011-04-07 21:10:50            2,478 ----a-w-  C:\Qoobox\Quarantine\Registry_backups\Service_OMCI.reg.dat
2011-04-07 21:10:50 . 2011-04-07 21:10:50            2,710 ----a-w-  C:\Qoobox\Quarantine\Registry_backups\Service_NVSvc.reg.dat
2011-04-07 21:10:50 . 2011-04-07 21:10:50            3,664 ----a-w-  C:\Qoobox\Quarantine\Registry_backups\Service_nosGetPlusHelper.reg.dat
2011-04-07 21:10:49 . 2011-04-07 21:10:49            6,794 ----a-w-  C:\Qoobox\Quarantine\Registry_backups\Service_MsMpSvc.reg.dat
2011-04-07 21:10:49 . 2011-04-07 21:10:49            4,420 ----a-w-  C:\Qoobox\Quarantine\Registry_backups\Service_MpKsl097c72b7.reg.dat
2011-04-07 21:10:49 . 2011-04-07 21:10:49            3,442 ----a-w-  C:\Qoobox\Quarantine\Registry_backups\Service_MpFilter.reg.dat
2011-04-07 21:10:49 . 2011-04-07 21:10:49            2,444 ----a-w-  C:\Qoobox\Quarantine\Registry_backups\Service_LVUVC.reg.dat
2011-04-07 21:10:49 . 2011-04-07 21:10:49            2,498 ----a-w-  C:\Qoobox\Quarantine\Registry_backups\Service_lvpopflt.reg.dat
2011-04-07 21:10:43 . 2011-04-07 21:10:43            2,534 ----a-w-  C:\Qoobox\Quarantine\Registry_backups\Service_itchfltr.reg.dat
2011-04-07 21:10:43 . 2011-04-07 21:10:43            3,590 ----a-w-  C:\Qoobox\Quarantine\Registry_backups\Service_fsssvc.reg.dat
2011-04-07 21:10:43 . 2011-04-07 21:10:43            3,596 ----a-w-  C:\Qoobox\Quarantine\Registry_backups\Service_fssfltr.reg.dat
2011-04-07 21:10:43 . 2011-04-07 21:10:43            2,578 ----a-w-  C:\Qoobox\Quarantine\Registry_backups\Service_FilterService.reg.dat
2011-04-07 21:10:43 . 2011-04-07 21:10:43            2,590 ----a-w-  C:\Qoobox\Quarantine\Registry_backups\Service_AIRPLUS.reg.dat
2011-04-07 21:10:43 . 2011-04-07 21:10:43            2,412 ----a-w-  C:\Qoobox\Quarantine\Registry_backups\Service_aeaudio.reg.dat
2011-04-07 21:10:43 . 2011-04-07 21:10:43            1,334 ----a-w-  C:\Qoobox\Quarantine\Registry_backups\Legacy_OMCI.reg.dat
2011-04-07 21:10:43 . 2011-04-07 21:10:43            1,048 ----a-w-  C:\Qoobox\Quarantine\Registry_backups\Legacy_NVSvc.reg.dat
2011-04-07 21:10:43 . 2011-04-07 21:10:43              882 ----a-w-  C:\Qoobox\Quarantine\Registry_backups\Legacy_nosGetPlusHelper.reg.dat
2011-04-07 21:10:43 . 2011-04-07 21:10:43            1,136 ----a-w-  C:\Qoobox\Quarantine\Registry_backups\Legacy_MsMpSvc.reg.dat
2011-04-07 21:10:43 . 2011-04-07 21:10:43            1,226 ----a-w-  C:\Qoobox\Quarantine\Registry_backups\Legacy_MpKsl097c72b7.reg.dat
2011-04-07 21:10:43 . 2011-04-07 21:10:43            1,158 ----a-w-  C:\Qoobox\Quarantine\Registry_backups\Legacy_MpFilter.reg.dat
2011-04-07 21:10:43 . 2011-04-07 21:10:43              830 ----a-w-  C:\Qoobox\Quarantine\Registry_backups\Legacy_fsssvc.reg.dat
2011-04-07 21:10:43 . 2011-04-07 21:10:43            1,262 ----a-w-  C:\Qoobox\Quarantine\Registry_backups\Legacy_fssfltr.reg.dat
2011-04-07 21:09:29 . 2011-04-07 21:09:29              790 ----a-w-  C:\Qoobox\Quarantine\Registry_backups\Legacy_SSHNAS.reg.dat
2011-04-07 21:09:29 . 2011-04-07 21:09:29              892 ----a-w-  C:\Qoobox\Quarantine\Registry_backups\Legacy_MYWEBSEARCHSERVICE.reg.dat
2011-04-07 21:09:29 . 2011-04-07 21:09:29              798 ----a-w-  C:\Qoobox\Quarantine\Registry_backups\Legacy_ISEXENG.reg.dat
2011-04-07 21:09:22 . 2011-04-07 21:09:22            9,582 ----a-w-  C:\Qoobox\Quarantine\Registry_backups\tcpip.reg
2011-04-07 21:00:57 . 2011-04-07 21:00:57                0 ----a-w-  C:\Qoobox\Quarantine\catchme.txt
2011-04-07 20:45:21 . 2011-04-07 20:54:04              102 ----a-w-  C:\Qoobox\Quarantine\catchme.log
2011-04-07 20:19:45 . 2011-04-07 20:19:45          28,752 ----a-w-  C:\Qoobox\Quarantine\C\Documents and Settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{C351BD04-A8F8-413D-89E3-216909E2317C}\MpKsl097c72b7.sys.vir
2011-04-07 20:13:52 . 2011-04-07 20:13:55        4,345,411 ----a-w-  C:\Qoobox\Quarantine\C\Documents and Settings\Elsebet Rasmussen\Skrivebord\banan.exe.vir
2011-04-07 19:31:50 . 2011-04-07 19:31:50        8,119,328 ----a-w-  C:\Qoobox\Quarantine\C\Documents and Settings\Elsebet Rasmussen\Skrivebord\mseinstall.exe.vir
2011-04-07 18:17:49 . 2011-04-07 18:17:51        1,090,912 ----a-w-  C:\Qoobox\Quarantine\C\Documents and Settings\Elsebet Rasmussen\Skrivebord\avg_remover_stf_x86_2011_1184.exe.vir
2011-04-07 16:33:57 . 2011-04-07 16:33:57          75,264 ----a-w-  C:\Qoobox\Quarantine\C\Documents and Settings\Elsebet Rasmussen\Skrivebord\SystemLook.exe.vir
2011-04-07 11:14:29 . 2011-04-07 11:14:29          580,608 ----a-w-  C:\Qoobox\Quarantine\C\Documents and Settings\Elsebet Rasmussen\Skrivebord\OTL.exe.vir
2011-04-07 10:58:16 . 2011-04-07 10:58:25        7,734,208 ----a-w-  C:\Qoobox\Quarantine\C\Documents and Settings\Elsebet Rasmussen\Skrivebord\mbam-setup-1.50.1.1100.exe.vir
2011-04-07 09:21:30 . 2011-04-07 09:21:31          625,664 ----a-w-  C:\Qoobox\Quarantine\C\Documents and Settings\Elsebet Rasmussen\Skrivebord\dds.pif.vir
2011-04-07 09:19:39 . 2011-04-07 09:20:02          625,664 ----a-w-  C:\Qoobox\Quarantine\C\Documents and Settings\Elsebet Rasmussen\Skrivebord\dds.scr.vir
2011-04-06 20:47:27 . 2011-04-06 20:47:30        1,025,992 ----a-w-  C:\Qoobox\Quarantine\C\Documents and Settings\All Users\Application Data\NOS\Adobe_Downloads\SecurityScan_Release.exe.vir
2011-04-06 20:46:17 . 2011-03-01 07:56:36          52,288 ----a-w-  C:\Qoobox\Quarantine\C\Programmer\NOS\bin\getPlus_Helper_3004.dll.vir
2011-03-12 11:28:40 . 2011-03-12 11:28:40          103,864 ----a-w-  C:\Qoobox\Quarantine\C\Programmer\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll.vir
2011-03-12 11:28:40 . 2011-03-12 11:28:40          103,864 ----a-w-  C:\Qoobox\Quarantine\C\Programmer\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll.vir
2011-03-12 11:28:40 . 2011-03-12 11:28:40          103,864 ----a-w-  C:\Qoobox\Quarantine\C\Programmer\Internet Explorer\PLUGINS\nppdf32.dll.vir
2011-02-16 11:07:06 . 2011-02-16 11:07:06          374,784 ----a-w-  C:\Qoobox\Quarantine\C\Programmer\Microsoft Silverlight\4.0.60129.0\System.Windows.Browser.ni.dll.vir
2011-02-16 11:06:52 . 2011-02-16 11:06:52          138,240 ----a-w-  C:\Qoobox\Quarantine\C\Programmer\Microsoft Silverlight\4.0.60129.0\System.ServiceModel.Web.ni.dll.vir
2011-02-16 11:06:48 . 2011-02-16 11:06:48          844,288 ----a-w-  C:\Qoobox\Quarantine\C\Programmer\Microsoft Silverlight\4.0.60129.0\System.Xml.ni.dll.vir
2011-02-16 11:06:46 . 2011-02-16 11:06:46          652,288 ----a-w-  C:\Qoobox\Quarantine\C\Programmer\Microsoft Silverlight\4.0.60129.0\System.Net.ni.dll.vir
2011-02-16 11:06:36 . 2011-02-16 11:06:36          665,088 ----a-w-  C:\Qoobox\Quarantine\C\Programmer\Microsoft Silverlight\4.0.60129.0\System.ni.dll.vir
2011-01-31 08:44:46 . 2011-01-31 08:44:46          353,712 ----a-w-  C:\Qoobox\Quarantine\C\Programmer\Adobe\Reader 9.0\Reader\AcroRd32.exe.vir
2011-01-31 08:44:43 . 2011-01-31 08:44:43          35,760 ----a-w-  C:\Qoobox\Quarantine\C\Programmer\Adobe\Reader 9.0\Reader\reader_sl.exe.vir
2011-01-31 04:19:00 . 2011-01-31 04:19:00          784,384 ----a-w-  C:\Qoobox\Quarantine\C\Programmer\Adobe\Reader 9.0\Reader\ACE.dll.vir
2011-01-31 00:59:43 . 2011-01-31 00:59:43          550,360 ----a-w-  C:\Qoobox\Quarantine\C\Programmer\Adobe\Reader 9.0\Reader\AdobeCollabSync.exe.vir
2011-01-30 23:26:14 . 2011-01-30 23:26:14          251,296 ----a-w-  C:\Qoobox\Quarantine\C\Programmer\Adobe\Reader 9.0\Reader\A3DUtility.exe.vir
2011-01-30 23:20:01 . 2011-01-30 23:20:01          280,024 ----a-w-  C:\Qoobox\Quarantine\C\Programmer\Adobe\Reader 9.0\Reader\AcroBroker.exe.vir
2011-01-30 23:16:02 . 2011-01-30 23:16:02          99,776 ----a-w-  C:\Qoobox\Quarantine\C\Programmer\Adobe\Reader 9.0\Reader\Eula.exe.vir
2011-01-30 23:01:59 . 2011-01-30 23:01:59          27,048 ----a-w-  C:\Qoobox\Quarantine\C\Programmer\Adobe\Reader 9.0\Reader\AcroTextExtractor.exe.vir
2011-01-30 23:00:37 . 2011-01-30 23:00:37          16,824 ----a-w-  C:\Qoobox\Quarantine\C\Programmer\Adobe\Reader 9.0\Reader\AcroRd32Info.exe.vir
2011-01-30 22:53:24 . 2011-01-30 22:53:24          660,912 ----a-w-  C:\Qoobox\Quarantine\C\Programmer\Fælles filer\Adobe\Acrobat\ActiveX\AcroPDF.dll.vir
2011-01-29 01:06:50 . 2011-01-29 01:06:50          253,952 ----a-w-  C:\Qoobox\Quarantine\C\Programmer\Microsoft Silverlight\4.0.60129.0\Microsoft.VisualBasic.dll.vir
2011-01-29 01:06:50 . 2011-01-29 01:06:50            4,096 ----a-w-  C:\Qoobox\Quarantine\C\Programmer\Microsoft Silverlight\4.0.60129.0\mscorrc.dll.vir
2011-01-29 01:06:50 . 2011-01-29 01:06:50          536,576 ----a-w-  C:\Qoobox\Quarantine\C\Programmer\Microsoft Silverlight\4.0.60129.0\System.Core.dll.vir
2011-01-29 01:06:50 . 2011-01-29 01:06:50          233,472 ----a-w-  C:\Qoobox\Quarantine\C\Programmer\Microsoft Silverlight\4.0.60129.0\system.dll.vir
2011-01-29 01:06:50 . 2011-01-29 01:06:50          225,280 ----a-w-  C:\Qoobox\Quarantine\C\Programmer\Microsoft Silverlight\4.0.60129.0\System.Net.dll.vir
2011-01-29 01:06:50 . 2011-01-29 01:06:50          413,696 ----a-w-  C:\Qoobox\Quarantine\C\Programmer\Microsoft Silverlight\4.0.60129.0\System.Runtime.Serialization.dll.vir
2011-01-29 01:06:50 . 2011-01-29 01:06:50          520,192 ----a-w-  C:\Qoobox\Quarantine\C\Programmer\Microsoft Silverlight\4.0.60129.0\System.ServiceModel.dll.vir
2011-01-29 01:06:50 . 2011-01-29 01:06:50          73,728 ----a-w-  C:\Qoobox\Quarantine\C\Programmer\Microsoft Silverlight\4.0.60129.0\System.ServiceModel.Web.dll.vir
2011-01-29 01:06:50 . 2011-01-29 01:06:50          143,360 ----a-w-  C:\Qoobox\Quarantine\C\Programmer\Microsoft Silverlight\4.0.60129.0\System.Windows.Browser.dll.vir
2011-01-29 01:06:50 . 2011-01-29 01:06:50          319,488 ----a-w-  C:\Qoobox\Quarantine\C\Programmer\Microsoft Silverlight\4.0.60129.0\System.Xml.dll.vir
2011-01-29 01:06:50 . 2011-01-29 01:06:50            4,096 ----a-w-  C:\Qoobox\Quarantine\C\Programmer\Microsoft Silverlight\4.0.60129.0\ar\Microsoft.VisualBasic.resources.dll.vir
2011-01-29 01:06:50 . 2011-01-29 01:06:50            4,608 ----a-w-  C:\Qoobox\Quarantine\C\Programmer\Microsoft Silverlight\4.0.60129.0\ar\mscorlib.resources.dll.vir
2011-01-29 01:06:50 . 2011-01-29 01:06:50            4,096 ----a-w-  C:\Qoobox\Quarantine\C\Programmer\Microsoft Silverlight\4.0.60129.0\ar\mscorrc.dll.vir
2011-01-29 01:06:50 . 2011-01-29 01:06:50            4,608 ----a-w-  C:\Qoobox\Quarantine\C\Programmer\Microsoft Silverlight\4.0.60129.0\ar\system.resources.dll.vir
2011-01-29 01:06:50 . 2011-01-29 01:06:50            4,096 ----a-w-  C:\Qoobox\Quarantine\C\Programmer\Microsoft Silverlight\4.0.60129.0\bg\Microsoft.VisualBasic.resources.dll.vir
2011-01-29 01:06:50 . 2011-01-29 01:06:50            5,120 ----a-w-  C:\Qoobox\Quarantine\C\Programmer\Microsoft Silverlight\4.0.60129.0\bg\mscorlib.resources.dll.vir
2011-01-29 01:06:50 . 2011-01-29 01:06:50            4,096 ----a-w-  C:\Qoobox\Quarantine\C\Programmer\Microsoft Silverlight\4.0.60129.0\bg\mscorrc.dll.vir
2011-01-29 01:06:50 . 2011-01-29 01:06:50            4,608 ----a-w-  C:\Qoobox\Quarantine\C\Programmer\Microsoft Silverlight\4.0.60129.0\bg\system.resources.dll.vir
2011-01-29 01:06:50 . 2011-01-29 01:06:50            4,096 ----a-w-  C:\Qoobox\Quarantine\C\Programmer\Microsoft Silverlight\4.0.60129.0\ca\Microsoft.VisualBasic.resources.dll.vir
2011-01-29 01:06:50 . 2011-01-29 01:06:50            4,608 ----a-w-  C:\Qoobox\Quarantine\C\Programmer\Microsoft Silverlight\4.0.60129.0\ca\mscorlib.resources.dll.vir
2011-01-29 01:06:50 . 2011-01-29 01:06:50            4,608 ----a-w-  C:\Qoobox\Quarantine\C\Programmer\Microsoft Silverlight\4.0.60129.0\ca\mscorrc.dll.vir
2011-01-29 01:06:50 . 2011-01-29 01:06:50            4,608 ----a-w-  C:\Qoobox\Quarantine\C\Programmer\Microsoft Silverlight\4.0.60129.0\ca\system.resources.dll.vir
2011-01-29 01:06:50 . 2011-01-29 01:06:50            4,096 ----a-w-  C:\Qoobox\Quarantine\C\Programmer\Microsoft Silverlight\4.0.60129.0\cs\Microsoft.VisualBasic.resources.dll.vir
2011-01-29 01:06:50 . 2011-01-29 01:06:50            4,608 ----a-w-  C:\Qoobox\Quarantine\C\Programmer\Microsoft Silverlight\4.0.60129.0\cs\mscorlib.resources.dll.vir
2011-01-29 01:06:50 . 2011-01-29 01:06:50            4,096 ----a-w-  C:\Qoobox\Quarantine\C\Programmer\Microsoft Silverlight\4.0.60129.0\cs\mscorrc.dll.vir
2011-01-29 01:06:50 . 2011-01-29 01:06:50            4,608 ----a-w-  C:\Qoobox\Quarantine\C\Programmer\Microsoft Silverlight\4.0.60129.0\cs\system.resources.dll.vir
2011-01-29 01:06:50 . 2011-01-29 01:06:50            4,096 ----a-w-  C:\Qoobox\Quarantine\C\Programmer\Microsoft Silverlight\4.0.60129.0\da\Microsoft.VisualBasic.resources.dll.vir
2011-01-29 01:06:50 . 2011-01-29 01:06:50            4,608 ----a-w-  C:\Qoobox\Quarantine\C\Programmer\Microsoft Silverlight\4.0.60129.0\da\mscorlib.resources.dll.vir
2011-01-29 01:06:50 . 2011-01-29 01:06:50            4,096 ----a-w-  C:\Qoobox\Quarantine\C\Programmer\Microsoft Silverlight\4.0.60129.0\da\mscorrc.dll.vir
2011-01-29 01:06:50 . 2011-01-29 01:06:50            4,096 ----a-w-  C:\Qoobox\Quarantine\C\Programmer\Microsoft Silverlight\4.0.60129.0\da\system.resources.dll.vir
2011-01-29 01:06:50 . 2011-01-29 01:06:50            4,096 ----a-w-  C:\Qoobox\Quarantine\C\Programmer\Microsoft Silverlight\4.0.60129.0\de\Microsoft.VisualBasic.resources.dll.vir
2011-01-29 01:06:50 . 2011-01-29 01:06:50            4,608 ----a-w-  C:\Qoobox\Quarantine\C\Programmer\Microsoft Silverlight\4.0.60129.0\de\mscorlib.resources.dll.vir
2011-01-29 01:06:50 . 2011-01-29 01:06:50            4,608 ----a-w-  C:\Qoobox\Quarantine\C\Programmer\Microsoft Silverlight\4.0.60129.0\de\mscorrc.dll.vir
2011-01-29 01:06:50 . 2011-01-29 01:06:50            4,096 ----a-w-  C:\Qoobox\Quarantine\C\Programmer\Microsoft Silverlight\4.0.60129.0\de\system.resources.dll.vir
2011-01-29 01:06:50 . 2011-01-29 01:06:50            4,096 ----a-w-  C:\Qoobox\Quarantine\C\Programmer\Microsoft Silverlight\4.0.60129.0\el\Microsoft.VisualBasic.resources.dll.vir
2011-01-29 01:06:50 . 2011-01-29 01:06:50            5,120 ----a-w-  C:\Qoobox\Quarantine\C\Programmer\Microsoft Silverlight\4.0.60129.0\el\mscorlib.resources.dll.vir
2011-01-29 01:06:50 . 2011-01-29 01:06:50            4,608 ----a-w-  C:\Qoobox\Quarantine\C\Programmer\Microsoft Silverlight\4.0.60129.0\el\mscorrc.dll.vir
2011-01-29 01:06:50 . 2011-01-29 01:06:50            4,608 ----a-w-  C:\Qoobox\Quarantine\C\Programmer\Microsoft Silverlight\4.0.60129.0\el\system.resources.dll.vir
2011-01-29 01:06:50 . 2011-01-29 01:06:50            4,096 ----a-w-  C:\Qoobox\Quarantine\C\Programmer\Microsoft Silverlight\4.0.60129.0\es\Microsoft.VisualBasic.resources.dll.vir
2011-01-29 01:06:50 . 2011-01-29 01:06:50            4,608 ----a-w-  C:\Qoobox\Quarantine\C\Programmer\Microsoft Silverlight\4.0.60129.0\es\mscorlib.resources.dll.vir
2011-01-29 01:06:50 . 2011-01-29 01:06:50            4,608 ----a-w-  C:\Qoobox\Quarantine\C\Programmer\Microsoft Silverlight\4.0.60129.0\es\mscorrc.dll.vir
2011-01-29 01:06:50 . 2011-01-29 01:06:50            4,608 ----a-w-  C:\Qoobox\Quarantine\C\Programmer\Microsoft Silverlight\4.0.60129.0\es\system.resources.dll.vir
2011-01-29 01:06:50 . 2011-01-29 01:06:50            4,096 ----a-w-  C:\Qoobox\Quarantine\C\Programmer\Microsoft Silverlight\4.0.60129.0\et\Microsoft.VisualBasic.resources.dll.vir
2011-01-29 01:06:50 . 2011-01-29 01:06:50            4,608 ----a-w-  C:\Qoobox\Quarantine\C\Programmer\Microsoft Silverlight\4.0.60129.0\et\mscorlib.resources.dll.vir
2011-01-29 01:06:50 . 2011-01-29 01:06:50            4,096 ----a-w-  C:\Qoobox\Quarantine\C\Programmer\Microsoft Silverlight\4.0.60129.0\et\mscorrc.dll.vir
2011-01-29 01:06:50 . 2011-01-29 01:06:50            4,096 ----a-w-  C:\Qoobox\Quarantine\C\Programmer\Microsoft Silverlight\4.0.60129.0\et\system.resources.dll.vir
2011-01-29 01:06:50 . 2011-01-29 01:06:50            4,096 ----a-w-  C:\Qoobox\Quarantine\C\Programmer\Microsoft Silverlight\4.0.60129.0\eu\Microsoft.VisualBasic.resources.dll.vir
2011-01-29 01:06:50 . 2011-01-29 01:06:50            4,608 ----a-w-  C:\Qoobox\Quarantine\C\Programmer\Microsoft Silverlight\4.0.60129.0\eu\mscorlib.resources.dll.vir
2011-01-29 01:06:50 . 2011-01-29 01:06:50            4,096 ----a-w-  C:\Qoobox\Quarantine\C\Programmer\Microsoft Silverlight\4.0.60129.0\eu\mscorrc.dll.vir
2011-01-29 01:06:50 . 2011-01-29 01:06:50            4,608 ----a-w-  C:\Qoobox\Quarantine\C\Programmer\Microsoft Silverlight\4.0.60129.0\eu\system.resources.dll.vir
2011-01-29 01:06:50 . 2011-01-29 01:06:50            4,096 ----a-w-  C:\Qoobox\Quarantine\C\Programmer\Microsoft Silverlight\4.0.60129.0\fi\Microsoft.VisualBasic.resources.dll.vir
2011-01-29 01:06:50 . 2011-01-29 01:06:50            4,608 ----a-w-  C:\Qoobox\Quarantine\C\Programmer\Microsoft Silverlight\4.0.60129.0\fi\mscorlib.resources.dll.vir
2011-01-29 01:06:50 . 2011-01-29 01:06:50            4,608 ----a-w-  C:\Qoobox\Quarantine\C\Programmer\Microsoft Silverlight\4.0.60129.0\fi\mscorrc.dll.vir
2011-01-29 01:06:50 . 2011-01-29 01:06:50            4,608 ----a-w-  C:\Qoobox\Quarantine\C\Programmer\Microsoft Silverlight\4.0.60129.0\fi\system.resources.dll.vir
2011-01-29 01:06:50 . 2011-01-29 01:06:50            4,096 ----a-w-  C:\Qoobox\Quarantine\C\Programmer\Microsoft Silverlight\4.0.60129.0\fr\Microsoft.VisualBasic.resources.dll.vir
2011-01-29 01:06:50 . 2011-01-29 01:06:50            4,608 ----a-w-  C:\Qoobox\Quarantine\C\Programmer\Microsoft Silverlight\4.0.60129.0\fr\mscorlib.resources.dll.vir
2011-01-29 01:06:50 . 2011-01-29 01:06:50            4,096 ----a-w-  C:\Qoobox\Quarantine\C\Programmer\Microsoft Silverlight\4.0.60129.0\fr\mscorrc.dll.vir
2011-01-29 01:06:50 . 2011-01-29 01:06:50            4,608 ----a-w-  C:\Qoobox\Quarantine\C\Programmer\Microsoft Silverlight\4.0.60129.0\fr\system.resources.dll.vir
2011-01-29 01:06:50 . 2011-01-29 01:06:50            4,096 ----a-w-  C:\Qoobox\Quarantine\C\Programmer\Microsoft Silverlight\4.0.60129.0\he\Microsoft.VisualBasic.resources.dll.vir
2011-01-29 01:06:50 . 2011-01-29 01:06:50            4,608 ----a-w-  C:\Qoobox\Quarantine\C\Programmer\Microsoft Silverlight\4.0.60129.0\he\mscorlib.resources.dll.vir
2011-01-29 01:06:50 . 2011-01-29 01:06:50            4,096 ----a-w-  C:\Qoobox\Quarantine\C\Programmer\Microsoft Silverlight\4.0.60129.0\he\mscorrc.dll.vir
2011-01-29 01:06:50 . 2011-01-29 01:06:50            4,608 ----a-w-  C:\Qoobox\Quarantine\C\Programmer\Microsoft Silverlight\4.0.60129.0\he\system.resources.dll.vir
2011-01-29 01:06:50 . 2011-01-29 01:06:50            4,096 ----a-w-  C:\Qoobox\Quarantine\C\Programmer\Microsoft Silverlight\4.0.60129.0\hr\Microsoft.VisualBasic.resources.dll.vir
2011-01-29 01:06:50 . 2011-01-29 01:06:50            4,608 ----a-w-  C:\Qoobox\Quarantine\C\Programmer\Microsoft Silverlight\4.0.60129.0\hr\mscorlib.resources.dll.vir
2011-01-29 01:06:50 . 2011-01-29 01:06:50            4,608 ----a-w-  C:\Qoobox\Quarantine\C\Programmer\Microsoft Silverlight\4.0.60129.0\hr\mscorrc.dll.vir
2011-01-29 01:06:50 . 2011-01-29 01:06:50            4,608 ----a-w-  C:\Qoobox\Quarantine\C\Programmer\Microsoft Silverlight\4.0.60129.0\hr\system.resources.dll.vir
2011-01-29 01:06:50 . 2011-01-29 01:06:50            4,096 ----a-w-  C:\Qoobox\Quarantine\C\Programmer\Microsoft Silverlight\4.0.60129.0\hu\Microsoft.VisualBasic.resources.dll.vir
2011-01-29 01:06:50 . 2011-01-29 01:06:50            4,608 ----a-w-  C:\Qoobox\Quarantine\C\Programmer\Microsoft Silverlight\4.0.60129.0\hu\mscorlib.resources.dll.vir
2011-01-29 01:06:50 . 2011-01-29 01:06:50            4,096 ----a-w-  C:\Qoobox\Quarantine\C\Programmer\Microsoft Silverlight\4.0.60129.0\hu\mscorrc.dll.vir
2011-01-29 01:06:50 . 2011-01-29 01:06:50            4,608 ----a-w-  C:\Qoobox\Quarantine\C\Programmer\Microsoft Silverlight\4.0.60129.0\hu\system.resources.dll.vir
2011-01-29 01:06:50 . 2011-01-29 01:06:50            4,096 ----a-w-  C:\Qoobox\Quarantine\C\Programmer\Microsoft Silverlight\4.0.60129.0\id\Microsoft.VisualBasic.resources.dll.vir
2011-01-29 01:06:50 . 2011-01-29 01:06:50            4,608 ----a-w-  C:\Qoobox\Quarantine\C\Programmer\Microsoft Silverlight\4.0.60129.0\id\mscorlib.resources.dll.vir
2011-01-29 01:06:50 . 2011-01-29 01:06:50            4,096 ----a-w-  C:\Qoobox\Quarantine\C\Programmer\Microsoft Silverlight\4.0.60129.0\id\mscorrc.dll.vir
2011-01-29 01:06:50 . 2011-01-29 01:06:50            4,096 ----a-w-  C:\Qoobox\Quarantine\C\Programmer\Microsoft Silverlight\4.0.60129.0\id\system.resources.dll.vir
2011-01-29 01:06:50 . 2011-01-29 01:06:50            4,096 ----a-w-  C:\Qoobox\Quarantine\C\Programmer\Microsoft Silverlight\4.0.60129.0\it\Microsoft.VisualBasic.resources.dll.vir
2011-01-29 01:06:50 . 2011-01-29 01:06:50            4,608 ----a-w-  C:\Qoobox\Quarantine\C\Programmer\Microsoft Silverlight\4.0.60129.0\it\mscorlib.resources.dll.vir
2011-01-29 01:06:50 . 2011-01-29 01:06:50            4,096 ----a-w-  C:\Qoobox\Quarantine\C\Programmer\Microsoft Silverlight\4.0.60129.0\it\mscorrc.dll.vir
2011-01-29 01:06:50 . 2011-01-29 01:06:50            4,608 ----a-w-  C:\Qoobox\Quarantine\C\Programmer\Microsoft Silverlight\4.0.60129.0\it\system.resources.dll.vir
2011-01-29 01:06:50 . 2011-01-29 01:06:50            4,096 ----a-w-  C:\Qoobox\Quarantine\C\Programmer\Microsoft Silverlight\4.0.60129.0\ja\Microsoft.VisualBasic.resources.dll.vir
2011-01-29 01:06:50 . 2011-01-29 01:06:50            4,608 ----a-w-  C:\Qoobox\Quarantine\C\Programmer\Microsoft Silverlight\4.0.60129.0\ja\mscorlib.resources.dll.vir
2011-01-29 01:06:50 . 2011-01-29 01:06:50            4,096 ----a-w-  C:\Qoobox\Quarantine\C\Programmer\Microsoft Silverlight\4.0.60129.0\ja\mscorrc.dll.vir
2011-01-29 01:06:50 . 2011-01-29 01:06:50            4,608 ----a-w-  C:\Qoobox\Quarantine\C\Programmer\Microsoft Silverlight\4.0.60129.0\ja\system.resources.dll.vir
2011-01-29 01:06:50 . 2011-01-29 01:06:50            4,096 ----a-w-  C:\Qoobox\Quarantine\C\Programmer\Microsoft Silverlight\4.0.60129.0\ko\Microsoft.VisualBasic.resources.dll.vir
2011-01-29 01:06:50 . 2011-01-29 01:06:50            4,608 ----a-w-  C:\Qoobox\Quarantine\C\Programmer\Microsoft Silverlight\4.0.60129.0\ko\mscorlib.resources.dll.vir
2011-01-29 01:06:50 . 2011-01-29 01:06:50            4,096 ----a-w-  C:\Qoobox\Quarantine\C\Programmer\Microsoft Silverlight\4.0.60129.0\ko\mscorrc.dll.vir
2011-01-29 01:06:50 . 2011-01-29 01:06:50            4,096 ----a-w-  C:\Qoobox\Quarantine\C\Programmer\Microsoft Silverlight\4.0.60129.0\ko\system.resources.dll.vir
2011-01-29 01:06:50 . 2011-01-29 01:06:50            4,096 ----a-w-  C:\Qoobox\Quarantine\C\Programmer\Microsoft Silverlight\4.0.60129.0\lt\Microsoft.VisualBasic.resources.dll.vir
2011-01-29 01:06:50 . 2011-01-29 01:06:50            4,608 ----a-w-  C:\Qoobox\Quarantine\C\Programmer\Microsoft Silverlight\4.0.60129.0\lt\mscorlib.resources.dll.vir
2011-01-29 01:06:50 . 2011-01-29 01:06:50            4,608 ----a-w-  C:\Qoobox\Quarantine\C\Programmer\Microsoft Silverlight\4.0.60129.0\lt\mscorrc.dll.vir
2011-01-29 01:06:50 . 2011-01-29 01:06:50            4,608 ----a-w-  C:\Qoobox\Quarantine\C\Programmer\Microsoft Silverlight\4.0.60129.0\lt\system.resources.dll.vir
2011-01-29 01:06:50 . 2011-01-29 01:06:50            4,096 ----a-w-  C:\Qoobox\Quarantine\C\Programmer\Microsoft Silverlight\4.0.60129.0\lv\Microsoft.VisualBasic.resources.dll.vir
2011-01-29 01:06:50 . 2011-01-29 01:06:50            4,608 ----a-w-  C:\Qoobox\Quarantine\C\Programmer\Microsoft Silverlight\4.0.60129.0\lv\mscorlib.resources.dll.vir
2011-01-29 01:06:50 . 2011-01-29 01:06:50            4,096 ----a-w-  C:\Qoobox\Quarantine\C\Programmer\Microsoft Silverlight\4.0.60129.0\lv\mscorrc.dll.vir
2011-01-29 01:06:50 . 2011-01-29 01:06:50            4,608 ----a-w-  C:\Qoobox\Quarantine\C\Programmer\Microsoft Silverlight\4.0.60129.0\lv\system.resources.dll.vir
2011-01-29 01:06:50 . 2011-01-29 01:06:50            4,096 ----a-w-  C:\Qoobox\Quarantine\C\Programmer\Microsoft Silverlight\4.0.60129.0\ms\Microsoft.VisualBasic.resources.dll.vir
2011-01-29 01:06:50 . 2011-01-29 01:06:50            4,608 ----a-w-  C:\Qoobox\Quarantine\C\Programmer\Microsoft Silverlight\4.0.60129.0\ms\mscorlib.resources.dll.vir
2011-01-29 01:06:50 . 2011-01-29 01:06:50            4,096 ----a-w-  C:\Qoobox\Quarantine\C\Programmer\Microsoft Silverlight\4.0.60129.0\ms\mscorrc.dll.vir
2011-01-29 01:06:50 . 2011-01-29 01:06:50            4,096 ----a-w-  C:\Qoobox\Quarantine\C\Programmer\Microsoft Silverlight\4.0.60129.0\ms\system.resources.dll.vir
2011-01-29 01:06:50 . 2011-01-29 01:06:50            4,096 ----a-w-  C:\Qoobox\Quarantine\C\Programmer\Microsoft Silverlight\4.0.60129.0\nl\Microsoft.VisualBasic.resources.dll.vir
2011-01-29 01:06:50 . 2011-01-29 01:06:50            4,608 ----a-w-  C:\Qoobox\Quarantine\C\Programmer\Microsoft Silverlight\4.0.60129.0\nl\mscorlib.resources.dll.vir
2011-01-29 01:06:50 . 2011-01-29 01:06:50            4,096 ----a-w-  C:\Qoobox\Quarantine\C\Programmer\Microsoft Silverlight\4.0.60129.0\nl\mscorrc.dll.vir
2011-01-29 01:06:50 . 2011-01-29 01:06:50            4,608 ----a-w-  C:\Qoobox\Quarantine\C\Programmer\Microsoft Silverlight\4.0.60129.0\nl\system.resources.dll.vir
2011-01-29 01:06:50 . 2011-01-29 01:06:50            4,096 ----a-w-  C:\Qoobox\Quarantine\C\Programmer\Microsoft Silverlight\4.0.60129.0\no\Microsoft.VisualBasic.resources.dll.vir
2011-01-29 01:06:50 . 2011-01-29 01:06:50            4,608 ----a-w-  C:\Qoobox\Quarantine\C\Programmer\Microsoft Silverlight\4.0.60129.0\no\mscorlib.resources.dll.vir
2011-01-29 01:06:50 . 2011-01-29 01:06:50            4,096 ----a-w-  C:\Qoobox\Quarantine\C\Programmer\Microsoft Silverlight\4.0.60129.0\no\mscorrc.dll.vir
2011-01-29 01:06:50 . 2011-01-29 01:06:50            4,096 ----a-w-  C:\Qoobox\Quarantine\C\Programmer\Microsoft Silverlight\4.0.60129.0\no\system.resources.dll.vir
2011-01-29 01:06:50 . 2011-01-29 01:06:50            4,096 ----a-w-  C:\Qoobox\Quarantine\C\Programmer\Microsoft Silverlight\4.0.60129.0\pl\Microsoft.VisualBasic.resources.dll.vir
2011-01-29 01:06:50 . 2011-01-29 01:06:50            4,608 ----a-w-  C:\Qoobox\Quarantine\C\Programmer\Microsoft Silverlight\4.0.60129.0\pl\mscorlib.resources.dll.vir
2011-01-29 01:06:50 . 2011-01-29 01:06:50            4,096 ----a-w-  C:\Qoobox\Quarantine\C\Programmer\Microsoft Silverlight\4.0.60129.0\pl\mscorrc.dll.vir
2011-01-29 01:06:50 . 2011-01-29 01:06:50            4,608 ----a-w-  C:\Qoobox\Quarantine\C\Programmer\Microsoft Silverlight\4.0.60129.0\pl\system.resources.dll.vir
2011-01-29 01:06:50 . 2011-01-29 01:06:50            4,096 ----a-w-  C:\Qoobox\Quarantine\C\Programmer\Microsoft Silverlight\4.0.60129.0\pt\Microsoft.VisualBasic.resources.dll.vir
2011-01-29 01:06:50 . 2011-01-29 01:06:50            4,608 ----a-w-  C:\Qoobox\Quarantine\C\Programmer\Microsoft Silverlight\4.0.60129.0\pt\mscorlib.resources.dll.vir
2011-01-29 01:06:50 . 2011-01-29 01:06:50            4,096 ----a-w-  C:\Qoobox\Quarantine\C\Programmer\Microsoft Silverlight\4.0.60129.0\pt\mscorrc.dll.vir
2011-01-29 01:06:50 . 2011-01-29 01:06:50            4,608 ----a-w-  C:\Qoobox\Quarantine\C\Programmer\Microsoft Silverlight\4.0.60129.0\pt\system.resources.dll.vir
2011-01-29 01:06:50 . 2011-01-29 01:06:50            4,096 ----a-w-  C:\Qoobox\Quarantine\C\Programmer\Microsoft Silverlight\4.0.60129.0\pt-BR\Microsoft.VisualBasic.resources.dll.vir
2011-01-29 01:06:50 . 2011-01-29 01:06:50            4,608 ----a-w-  C:\Qoobox\Quarantine\C\Programmer\Microsoft Silverlight\4.0.60129.0\pt-BR\mscorlib.resources.dll.vir
2011-01-29 01:06:50 . 2011-01-29 01:06:50            4,096 ----a-w-  C:\Qoobox\Quarantine\C\Programmer\Microsoft Silverlight\4.0.60129.0\pt-BR\mscorrc.dll.vir
2011-01-29 01:06:50 . 2011-01-29 01:06:50            4,608 ----a-w-  C:\Qoobox\Quarantine\C\Programmer\Microsoft Silverlight\4.0.60129.0\pt-BR\system.resources.dll.vir
2011-01-29 01:06:50 . 2011-01-29 01:06:50            4,096 ----a-w-  C:\Qoobox\Quarantine\C\Programmer\Microsoft Silverlight\4.0.60129.0\ro\Microsoft.VisualBasic.resources.dll.vir
2011-01-29 01:06:50 . 2011-01-29 01:06:50            4,608 ----a-w-  C:\Qoobox\Quarantine\C\Programmer\Microsoft Silverlight\4.0.60129.0\ro\mscorlib.resources.dll.vir
2011-01-29 01:06:50 . 2011-01-29 01:06:50            4,096 ----a-w-  C:\Qoobox\Quarantine\C\Programmer\Microsoft Silverlight\4.0.60129.0\ro\mscorrc.dll.vir
2011-01-29 01:06:50 . 2011-01-29 01:06:50            4,608 ----a-w-  C:\Qoobox\Quarantine\C\Programmer\Microsoft Silverlight\4.0.60129.0\ro\system.resources.dll.vir
2011-01-29 01:06:50 . 2011-01-29 01:06:50            4,096 ----a-w-  C:\Qoobox\Quarantine\C\Programmer\Microsoft Silverlight\4.0.60129.0\ru\Microsoft.VisualBasic.resources.dll.vir
2011-01-29 01:06:50 . 2011-01-29 01:06:50            5,120 ----a-w-  C:\Qoobox\Quarantine\C\Programmer\Microsoft Silverlight\4.0.60129.0\ru\mscorlib.resources.dll.vir
2011-01-29 01:06:50 . 2011-01-29 01:06:50            4,096 ----a-w-  C:\Qoobox\Quarantine\C\Programmer\Microsoft Silverlight\4.0.60129.0\ru\mscorrc.dll.vir
2011-01-29 01:06:50 . 2011-01-29 01:06:50            4,608 ----a-w-  C:\Qoobox\Quarantine\C\Programmer\Microsoft Silverlight\4.0.60129.0\ru\system.resources.dll.vir
2011-01-29 01:06:50 . 2011-01-29 01:06:50            4,096 ----a-w-  C:\Qoobox\Quarantine\C\Programmer\Microsoft Silverlight\4.0.60129.0\sk\Microsoft.VisualBasic.resources.dll.vir
2011-01-29 01:06:50 . 2011-01-29 01:06:50            4,608 ----a-w-  C:\Qoobox\Quarantine\C\Programmer\Microsoft Silverlight\4.0.60129.0\sk\mscorlib.resources.dll.vir
2011-01-29 01:06:50 . 2011-01-29 01:06:50            4,096 ----a-w-  C:\Qoobox\Quarantine\C\Programmer\Microsoft Silverlight\4.0.60129.0\sk\mscorrc.dll.vir
2011-01-29 01:06:50 . 2011-01-29 01:06:50            4,608 ----a-w-  C:\Qoobox\Quarantine\C\Programmer\Microsoft Silverlight\4.0.60129.0\sk\system.resources.dll.vir
2011-01-29 01:06:50 . 2011-01-29 01:06:50            4,096 ----a-w-  C:\Qoobox\Quarantine\C\Programmer\Microsoft Silverlight\4.0.60129.0\sl\Microsoft.VisualBasic.resources.dll.vir
2011-01-29 01:06:50 . 2011-01-29 01:06:50            4,608 ----a-w-  C:\Qoobox\Quarantine\C\Programmer\Microsoft Silverlight\4.0.60129.0\sl\mscorlib.resources.dll.vir
2011-01-29 01:06:50 . 2011-01-29 01:06:50            4,608 ----a-w-  C:\Qoobox\Quarantine\C\Programmer\Microsoft Silverlight\4.0.60129.0\sl\mscorrc.dll.vir
2011-01-29 01:06:50 . 2011-01-29 01:06:50            4,608 ----a-w-  C:\Qoobox\Quarantine\C\Programmer\Microsoft Silverlight\4.0.60129.0\sl\system.resources.dll.vir
2011-01-29 01:06:50 . 2011-01-29 01:06:50            4,096 ----a-w-  C:\Qoobox\Quarantine\C\Programmer\Microsoft Silverlight\4.0.60129.0\sr-Cyrl-CS\Microsoft.VisualBasic.resources.dll.vir
2011-01-29 01:06:50 . 2011-01-29 01:06:50            5,120 ----a-w-  C:\Qoobox\Quarantine\C\Programmer\Microsoft Silverlight\4.0.60129.0\sr-Cyrl-CS\mscorlib.resources.dll.vir
2011-01-29 01:06:50 . 2011-01-29 01:06:50            4,096 ----a-w-  C:\Qoobox\Quarantine\C\Programmer\Microsoft Silverlight\4.0.60129.0\sr-Cyrl-CS\mscorrc.dll.vir
2011-01-29 01:06:50 . 2011-01-29 01:06:50            4,608 ----a-w-  C:\Qoobox\Quarantine\C\Programmer\Microsoft Silverlight\4.0.60129.0\sr-Cyrl-CS\system.resources.dll.vir
2011-01-29 01:06:50 . 2011-01-29 01:06:50            4,096 ----a-w-  C:\Qoobox\Quarantine\C\Programmer\Microsoft Silverlight\4.0.60129.0\sr-Latn-CS\Microsoft.VisualBasic.resources.dll.vir
2011-01-29 01:06:50 . 2011-01-29 01:06:50            4,608 ----a-w-  C:\Qoobox\Quarantine\C\Programmer\Microsoft Silverlight\4.0.60129.0\sr-Latn-CS\mscorlib.resources.dll.vir
2011-01-29 01:06:50 . 2011-01-29 01:06:50            4,096 ----a-w-  C:\Qoobox\Quarantine\C\Programmer\Microsoft Silverlight\4.0.60129.0\sr-Latn-CS\mscorrc.dll.vir
2011-01-29 01:06:50 . 2011-01-29 01:06:50            4,608 ----a-w-  C:\Qoobox\Quarantine\C\Programmer\Microsoft Silverlight\4.0.60129.0\sr-Latn-CS\system.resources.dll.vir
2011-01-29 01:06:50 . 2011-01-29 01:06:50            4,096 ----a-w-  C:\Qoobox\Quarantine\C\Programmer\Microsoft Silverlight\4.0.60129.0\sv\Microsoft.VisualBasic.resources.dll.vir
2011-01-29 01:06:50 . 2011-01-29 01:06:50            4,608 ----a-w-  C:\Qoobox\Quarantine\C\Programmer\Microsoft Silverlight\4.0.60129.0\sv\mscorlib.resources.dll.vir
2011-01-29 01:06:50 . 2011-01-29 01:06:50            4,096 ----a-w-  C:\Qoobox\Quarantine\C\Programmer\Microsoft Silverlight\4.0.60129.0\sv\mscorrc.dll.vir
2011-01-29 01:06:50 . 2011-01-29 01:06:50            4,608 ----a-w-  C:\Qoobox\Quarantine\C\Programmer\Microsoft Silverlight\4.0.60129.0\sv\system.resources.dll.vir
2011-01-29 01:06:50 . 2011-01-29 01:06:50            4,096 ----a-w-  C:\Qoobox\Quarantine\C\Programmer\Microsoft Silverlight\4.0.60129.0\th\Microsoft.VisualBasic.resources.dll.vir
2011-01-29 01:06:50 . 2011-01-29 01:06:50            5,120 ----a-w-  C:\Qoobox\Quarantine\C\Programmer\Microsoft Silverlight\4.0.60129.0\th\mscorlib.resources.dll.vir
2011-01-29 01:06:50 . 2011-01-29 01:06:50            4,096 ----a-w-  C:\Qoobox\Quarantine\C\Programmer\Microsoft Silverlight\4.0.60129.0\th\mscorrc.dll.vir
2011-01-29 01:06:50 . 2011-01-29 01:06:50            4,608 ----a-w-  C:\Qoobox\Quarantine\C\Programmer\Microsoft Silverlight\4.0.60129.0\th\system.resources.dll.vir
2011-01-29 01:06:50 . 2011-01-29 01:06:50            4,096 ----a-w-  C:\Qoobox\Quarantine\C\Programmer\Microsoft Silverlight\4.0.60129.0\tr\Microsoft.VisualBasic.resources.dll.vir
2011-01-29 01:06:50 . 2011-01-29 01:06:50            4,608 ----a-w-  C:\Qoobox\Quarantine\C\Programmer\Microsoft Silverlight\4.0.60129.0\tr\mscorlib.resources.dll.vir
2011-01-29 01:06:50 . 2011-01-29 01:06:50            4,096 ----a-w-  C:\Qoobox\Quarantine\C\Programmer\Microsoft Silverlight\4.0.60129.0\tr\mscorrc.dll.vir
2011-01-29 01:06:50 . 2011-01-29 01:06:50            4,608 ----a-w-  C:\Qoobox\Quarantine\C\Programmer\Microsoft Silverlight\4.0.60129.0\tr\system.resources.dll.vir
2011-01-29 01:06:50 . 2011-01-29 01:06:50            4,096 ----a-w-  C:\Qoobox\Quarantine\C\Programmer\Microsoft Silverlight\4.0.60129.0\uk\Microsoft.VisualBasic.resources.dll.vir
2011-01-29 01:06:50 . 2011-01-29 01:06:50            5,120 ----a-w-  C:\Qoobox\Quarantine\C\Programmer\Microsoft Silverlight\4.0.60129.0\uk\mscorlib.resources.dll.vir
2011-01-29 01:06:50 . 2011-01-29 01:06:50            4,096 ----a-w-  C:\Qoobox\Quarantine\C\Programmer\Microsoft Silverlight\4.0.60129.0\uk\mscorrc.dll.vir
2011-01-29 01:06:50 . 2011-01-29 01:06:50            4,608 ----a-w-  C:\Qoobox\Quarantine\C\Programmer\Microsoft Silverlight\4.0.60129.0\uk\system.resources.dll.vir
2011-01-29 01:06:50 . 2011-01-29 01:06:50            4,096 ----a-w-  C:\Qoobox\Quarantine\C\Programmer\Microsoft Silverlight\4.0.60129.0\vi\Microsoft.VisualBasic.resources.dll.vir
2011-01-29 01:06:50 . 2011-01-29 01:06:50            4,608 ----a-w-  C:\Qoobox\Quarantine\C\Programmer\Microsoft Silverlight\4.0.60129.0\vi\mscorlib.resources.dll.vir
2011-01-29 01:06:50 . 2011-01-29 01:06:50            4,096 ----a-w-  C:\Qoobox\Quarantine\C\Programmer\Microsoft Silverlight\4.0.60129.0\vi\mscorrc.dll.vir
2011-01-29 01:06:50 . 2011-01-29 01:06:50            4,608 ----a-w-  C:\Qoobox\Quarantine\C\Programmer\Microsoft Silverlight\4.0.60129.0\vi\system.resources.dll.vir
2011-01-29 01:06:50 . 2011-01-29 01:06:50            4,096 ----a-w-  C:\Qoobox\Quarantine\C\Programmer\Microsoft Silverlight\4.0.60129.0\zh-Hans\Microsoft.VisualBasic.resources.dll.vir
2011-01-29 01:06:50 . 2011-01-29 01:06:50            4,608 ----a-w-  C:\Qoobox\Quarantine\C\Programmer\Microsoft Silverlight\4.0.60129.0\zh-Hans\mscorlib.resources.dll.vir
2011-01-29 01:06:50 . 2011-01-29 01:06:50            3,584 ----a-w-  C:\Qoobox\Quarantine\C\Programmer\Microsoft Silverlight\4.0.60129.0\zh-Hans\mscorrc.dll.vir
2011-01-29 01:06:50 . 2011-01-29 01:06:50            3,584 ----a-w-  C:\Qoobox\Quarantine\C\Programmer\Microsoft Silverlight\4.0.60129.0\zh-Hans\system.resources.dll.vir
2011-01-29 01:06:50 . 2011-01-29 01:06:50            4,096 ----a-w-  C:\Qoobox\Quarantine\C\Programmer\Microsoft Silverlight\4.0.60129.0\zh-Hant\Microsoft.VisualBasic.resources.dll.vir
2011-01-29 01:06:50 . 2011-01-29 01:06:50            4,608 ----a-w-  C:\Qoobox\Quarantine\C\Programmer\Microsoft Silverlight\4.0.60129.0\zh-Hant\mscorlib.resources.dll.vir
2011-01-29 01:06:50 . 2011-01-29 01:06:50            3,584 ----a-w-  C:\Qoobox\Quarantine\C\Programmer\Microsoft Silverlight\4.0.60129.0\zh-Hant\mscorrc.dll.vir
2011-01-29 01:06:50 . 2011-01-29 01:06:50            4,608 ----a-w-  C:\Qoobox\Quarantine\C\Programmer\Microsoft Silverlight\4.0.60129.0\zh-Hant\system.resources.dll.vir
2011-01-28 23:18:58 . 2011-01-28 23:18:58          73,552 ----a-w-  C:\Qoobox\Quarantine\C\Programmer\Microsoft Silverlight\4.0.60129.0\coregen.exe.vir
2011-01-10 12:06:24 . 2011-01-10 12:06:24          464,272 ----a-w-  C:\Qoobox\Quarantine\C\WINDOWS\Downloaded Program Files\wlscBase.dll.vir
2010-11-30 11:20:36 . 2010-11-30 11:20:36          997,408 ----a-w-  C:\Qoobox\Quarantine\C\Programmer\Microsoft Security Client\msseces.exe.vir
2010-11-11 10:26:40 . 2010-11-11 10:26:40          11,736 ----a-w-  C:\Qoobox\Quarantine\C\Programmer\Microsoft Security Client\Antimalware\MsMpEng.exe.vir
2010-10-28 09:37:50 . 2010-10-28 09:37:50      12,248,424 ----a-w-  C:\Qoobox\Quarantine\C\WINDOWS\Downloaded Program Files\GarminAxControl.ocx.vir
2010-10-24 19:25:38 . 2010-10-24 19:25:38          165,264 ----a-w-  C:\Qoobox\Quarantine\C\WINDOWS\system32\drivers\MpFilter.sys.vir
2010-10-09 11:55:00 . 2010-10-09 11:55:03        1,187,896 ----a-w-  C:\Qoobox\Quarantine\C\Documents and Settings\Elsebet Rasmussen\Skrivebord\ccsetup236.exe.vir
2010-10-09 02:40:40 . 2010-10-09 06:37:19              72 ----a-w-  C:\Qoobox\Quarantine\C\Documents and Settings\Gæst\Application Data\PriceGong\Data\mru.xml.vir
2010-07-27 20:46:25 . 2009-11-12 12:48:56            7,168 ----a-w-  C:\Qoobox\Quarantine\C\WINDOWS\system32\drivers\StarOpen.sys.vir
2010-07-15 11:10:12 . 2011-04-01 17:43:11              72 ----a-w-  C:\Qoobox\Quarantine\C\Documents and Settings\Jens Rasmussen\Application Data\PriceGong\Data\mru.xml.vir
2010-07-15 09:22:44 . 2011-04-04 07:21:35              72 ----a-w-  C:\Qoobox\Quarantine\C\Documents and Settings\Elsebet Rasmussen\Application Data\PriceGong\Data\mru.xml.vir
2010-05-24 06:08:18 . 2010-05-24 06:08:18              64 ----a-w-  C:\Qoobox\Quarantine\C\Documents and Settings\Elsebet Rasmussen\Application Data\PriceGong\Data\1.xml.vir
2010-05-24 06:08:18 . 2010-05-24 06:08:18              64 ----a-w-  C:\Qoobox\Quarantine\C\Documents and Settings\Elsebet Rasmussen\Application Data\PriceGong\Data\a.xml.vir
2010-05-24 06:08:18 . 2010-05-24 06:08:18              64 ----a-w-  C:\Qoobox\Quarantine\C\Documents and Settings\Elsebet Rasmussen\Application Data\PriceGong\Data\b.xml.vir
2010-05-24 06:08:18 . 2010-05-24 06:08:18              64 ----a-w-  C:\Qoobox\Quarantine\C\Documents and Settings\Elsebet Rasmussen\Application Data\PriceGong\Data\c.xml.vir
2010-05-24 06:08:18 . 2010-05-24 06:08:18              64 ----a-w-  C:\Qoobox\Quarantine\C\Documents and Settings\Elsebet Rasmussen\Application Data\PriceGong\Data\d.xml.vir
2010-05-24 06:08:18 . 2010-05-24 06:08:18              64 ----a-w-  C:\Qoobox\Quarantine\C\Documents and Settings\Elsebet Rasmussen\Application Data\PriceGong\Data\e.xml.vir
2010-05-24 06:08:18 . 2010-05-24 06:08:18              64 ----a-w-  C:\Qoobox\Quarantine\C\Documents and Settings\Elsebet Rasmussen\Application Data\PriceGong\Data\f.xml.vir
2010-05-24 06:08:18 . 2010-05-24 06:08:18              64 ----a-w-  C:\Qoobox\Quarantine\C\Documents and Settings\Elsebet Rasmussen\Application Data\PriceGong\Data\g.xml.vir
2010-05-24 06:08:18 . 2010-05-24 06:08:18              64 ----a-w-  C:\Qoobox\Quarantine\C\Documents and Settings\Elsebet Rasmussen\Application Data\PriceGong\Data\h.xml.vir
2010-05-24 06:08:18 . 2010-05-24 06:08:18              64 ----a-w-  C:\Qoobox\Quarantine\C\Documents and Settings\Elsebet Rasmussen\Application Data\PriceGong\Data\i.xml.vir
2010-05-24 06:08:18 . 2010-05-24 06:08:18              64 ----a-w-  C:\Qoobox\Quarantine\C\Documents and Settings\Elsebet Rasmussen\Application Data\PriceGong\Data\J.xml.vir
2010-05-24 06:08:18 . 2010-05-24 06:08:18              64 ----a-w-  C:\Qoobox\Quarantine\C\Documents and Settings\Elsebet Rasmussen\Application Data\PriceGong\Data\k.xml.vir
2010-05-24 06:08:18 . 2010-05-24 06:08:18              64 ----a-w-  C:\Qoobox\Quarantine\C\Documents and Settings\Elsebet Rasmussen\Application Data\PriceGong\Data\l.xml.vir
2010-05-24 06:08:18 . 2010-05-24 06:08:18              64 ----a-w-  C:\Qoobox\Quarantine\C\Documents and Settings\Elsebet Rasmussen\Application Data\PriceGong\Data\m.xml.vir
2010-05-24 06:08:18 . 2010-05-24 06:08:18              64 ----a-w-  C:\Qoobox\Quarantine\C\Documents and Settings\Elsebet Rasmussen\Application Data\PriceGong\Data\n.xml.vir
2010-05-24 06:08:18 . 2010-05-24 06:08:18              64 ----a-w-  C:\Qoobox\Quarantine\C\Documents and Settings\Elsebet Rasmussen\Application Data\PriceGong\Data\o.xml.vir
2010-05-24 06:08:18 . 2010-05-24 06:08:18              64 ----a-w-  C:\Qoobox\Quarantine\C\Documents and Settings\Elsebet Rasmussen\Application Data\PriceGong\Data\p.xml.vir
2010-05-24 06:08:18 . 2010-05-24 06:08:18              64 ----a-w-  C:\Qoobox\Quarantine\C\Documents and Settings\Elsebet Rasmussen\Application Data\PriceGong\Data\q.xml.vir
2010-05-24 06:08:18 . 2010-05-24 06:08:18              64 ----a-w-  C:\Qoobox\Quarantine\C\Documents and Settings\Elsebet Rasmussen\Application Data\PriceGong\Data\r.xml.vir
2010-05-24 06:08:18 . 2010-05-24 06:08:18              64 ----a-w-  C:\Qoobox\Quarantine\C\Documents and Settings\Elsebet Rasmussen\Application Data\PriceGong\Data\s.xml.vir
2010-05-24 06:08:18 . 2010-05-24 06:08:18              64 ----a-w-  C:\Qoobox\Quarantine\C\Documents and Settings\Elsebet Rasmussen\Application Data\PriceGong\Data\t.xml.vir
2010-05-24 06:08:18 . 2010-05-24 06:08:18              64 ----a-w-  C:\Qoobox\Quarantine\C\Documents and Settings\Elsebet Rasmussen\Application Data\PriceGong\Data\u.xml.vir
2010-05-24 06:08:18 . 2010-05-24 06:08:18              64 ----a-w-  C:\Qoobox\Quarantine\C\Documents and Settings\Elsebet Rasmussen\Application Data\PriceGong\Data\v.xml.vir
2010-05-24 06:08:18 . 2010-05-24 06:08:18              64 ----a-w-  C:\Qoobox\Quarantine\C\Documents and Settings\Elsebet Rasmussen\Application Data\PriceGong\Data\w.xml.vir
2010-05-24 06:08:18 . 2010-05-24 06:08:18              64 ----a-w-  C:\Qoobox\Quarantine\C\Documents and Settings\Elsebet Rasmussen\Application Data\PriceGong\Data\x.xml.vir
2010-05-24 06:08:18 . 2010-05-24 06:08:18              64 ----a-w-  C:\Qoobox\Quarantine\C\Documents and Settings\Elsebet Rasmussen\Application Data\PriceGong\Data\y.xml.vir
2010-05-24 06:08:18 . 2010-05-24 06:08:18              64 ----a-w-  C:\Qoobox\Quarantine\C\Documents and Settings\Elsebet Rasmussen\Application Data\PriceGong\Data\z.xml.vir
2010-05-24 06:08:18 . 2010-05-24 06:08:18              64 ----a-w-  C:\Qoobox\Quarantine\C\Documents and Settings\Gæst\Application Data\PriceGong\Data\1.xml.vir
2010-05-24 06:08:18 . 2010-05-24 06:08:18              64 ----a-w-  C:\Qoobox\Quarantine\C\Documents and Settings\Gæst\Application Data\PriceGong\Data\a.xml.vir
2010-05-24 06:08:18 . 2010-05-24 06:08:18              64 ----a-w-  C:\Qoobox\Quarantine\C\Documents and Settings\Gæst\Application Data\PriceGong\Data\b.xml.vir
2010-05-24 06:08:18 . 2010-05-24 06:08:18              64 ----a-w-  C:\Qoobox\Quarantine\C\Documents and Settings\Gæst\Application Data\PriceGong\Data\c.xml.vir
2010-05-24 06:08:18 . 2010-05-24 06:08:18              64 ----a-w-  C:\Qoobox\Quarantine\C\Documents and Settings\Gæst\Application Data\PriceGong\Data\d.xml.vir
2010-05-24 06:08:18 . 2010-05-24 06:08:18              64 ----a-w-  C:\Qoobox\Quarantine\C\Documents and Settings\Gæst\Application Data\PriceGong\Data\e.xml.vir
2010-05-24 06:08:18 . 2010-05-24 06:08:18              64 ----a-w-  C:\Qoobox\Quarantine\C\Documents and Settings\Gæst\Application Data\PriceGong\Data\f.xml.vir
2010-05-24 06:08:18 . 2010-05-24 06:08:18              64 ----a-w-  C:\Qoobox\Quarantine\C\Documents and Settings\Gæst\Application Data\PriceGong\Data\g.xml.vir
2010-05-24 06:08:18 . 2010-05-24 06:08:18              64 ----a-w-  C:\Qoobox\Quarantine\C\Documents and Settings\Gæst\Application Data\PriceGong\Data\h.xml.vir
2010-05-24 06:08:18 . 2010-05-24 06:08:18              64 ----a-w-  C:\Qoobox\Quarantine\C\Documents and Settings\Gæst\Application Data\PriceGong\Data\i.xml.vir
2010-05-24 06:08:18 . 2010-05-24 06:08:18              64 ----a-w-  C:\Qoobox\Quarantine\C\Documents and Settings\Gæst\Application Data\PriceGong\Data\J.xml.vir
2010-05-24 06:08:18 . 2010-05-24 06:08:18              64 ----a-w-  C:\Qoobox\Quarantine\C\Documents and Settings\Gæst\Application Data\PriceGong\Data\k.xml.vir
2010-05-24 06:08:18 . 2010-05-24 06:08:18              64 ----a-w-  C:\Qoobox\Quarantine\C\Documents and Settings\Gæst\Application Data\PriceGong\Data\l.xml.vir
2010-05-24 06:08:18 . 2010-05-24 06:08:18              64 ----a-w-  C:\Qoobox\Quarantine\C\Documents and Settings\Gæst\Application Data\PriceGong\Data\m.xml.vir
2010-05-24 06:08:18 . 2010-05-24 06:08:18              64 ----a-w-  C:\Qoobox\Quarantine\C\Documents and Settings\Gæst\Application Data\PriceGong\Data\n.xml.vir
2010-05-24 06:08:18 . 2010-05-24 06:08:18              64 ----a-w-  C:\Qoobox\Quarantine\C\Documents and Settings\Gæst\Application Data\PriceGong\Data\o.xml.vir
2010-05-24 06:08:18 . 2010-05-24 06:08:18              64 ----a-w-  C:\Qoobox\Quarantine\C\Documents and Settings\Gæst\Application Data\PriceGong\Data\p.xml.vir
2010-05-24 06:08:18 . 2010-05-24 06:08:18              64 ----a-w-  C:\Qoobox\Quarantine\C\Documents and Settings\Gæst\Application Data\PriceGong\Data\q.xml.vir
2010-05-24 06:08:18 . 2010-05-24 06:08:18              64 ----a-w-  C:\Qoobox\Quarantine\C\Documents and Settings\Gæst\Application Data\PriceGong\Data\r.xml.vir
2010-05-24 06:08:18 . 2010-05-24 06:08:18              64 ----a-w-  C:\Qoobox\Quarantine\C\Documents and Settings\Gæst\Application Data\PriceGong\Data\s.xml.vir
2010-05-24 06:08:18 . 2010-05-24 06:08:18              64 ----a-w-  C:\Qoobox\Quarantine\C\Documents and Settings\Gæst\Application Data\PriceGong\Data\t.xml.vir
2010-05-24 06:08:18 . 2010-05-24 06:08:18              64 ----a-w-  C:\Qoobox\Quarantine\C\Documents and Settings\Gæst\Application Data\PriceGong\Data\u.xml.vir
2010-05-24 06:08:18 . 2010-05-24 06:08:18              64 ----a-w-  C:\Qoobox\Quarantine\C\Documents and Settings\Gæst\Application Data\PriceGong\Data\v.xml.vir
2010-05-24 06:08:18 . 2010-05-24 06:08:18              64 ----a-w-  C:\Qoobox\Quarantine\C\Documents and Settings\Gæst\Application Data\PriceGong\Data\w.xml.vir
2010-05-24 06:08:18 . 2010-05-24 06:08:18              64 ----a-w-  C:\Qoobox\Quarantine\C\Documents and Settings\Gæst\Application Data\PriceGong\Data\x.xml.vir
2010-05-24 06:08:18 . 2010-05-24 06:08:18              64 ----a-w-  C:\Qoobox\Quarantine\C\Documents and Settings\Gæst\Application Data\PriceGong\Data\y.xml.vir
2010-05-24 06:08:18 . 2010-05-24 06:08:18              64 ----a-w-  C:\Qoobox\Quarantine\C\Documents and Settings\Gæst\Application Data\PriceGong\Data\z.xml.vir
2010-05-24 06:08:18 . 2010-05-24 06:08:18              64 ----a-w-  C:\Qoobox\Quarantine\C\Documents and Settings\Jens Rasmussen\Application Data\PriceGong\Data\1.xml.vir
2010-05-24 06:08:18 . 2010-05-24 06:08:18              64 ----a-w-  C:\Qoobox\Quarantine\C\Documents and Settings\Jens Rasmussen\Application Data\PriceGong\Data\a.xml.vir
2010-05-24 06:08:18 . 2010-05-24 06:08:18              64 ----a-w-  C:\Qoobox\Quarantine\C\Documents and Settings\Jens Rasmussen\Application Data\PriceGong\Data\b.xml.vir
2010-05-24 06:08:18 . 2010-05-24 06:08:18              64 ----a-w-  C:\Qoobox\Quarantine\C\Documents and Settings\Jens Rasmussen\Application Data\PriceGong\Data\c.xml.vir
2010-05-24 06:08:18 . 2010-05-24 06:08:18              64 ----a-w-  C:\Qoobox\Quarantine\C\Documents and Settings\Jens Rasmussen\Application Data\PriceGong\Data\d.xml.vir
2010-05-24 06:08:18 . 2010-05-24 06:08:18              64 ----a-w-  C:\Qoobox\Quarantine\C\Documents and Settings\Jens Rasmussen\Application Data\PriceGong\Data\e.xml.vir
2010-05-24 06:08:18 . 2010-05-24 06:08:18              64 ----a-w-  C:\Qoobox\Quarantine\C\Documents and Settings\Jens Rasmussen\Application Data\PriceGong\Data\f.xml.vir
2010-05-24 06:08:18 . 2010-05-24 06:08:18              64 ----a-w-  C:\Qoobox\Quarantine\C\Documents and Settings\Jens Rasmussen\Application Data\PriceGong\Data\g.xml.vir
2010-05-24 06:08:18 . 2010-05-24 06:08:18              64 ----a-w-  C:\Qoobox\Quarantine\C\Documents and Settings\Jens Rasmussen\Application Data\PriceGong\Data\h.xml.vir
2010-05-24 06:08:18 . 2010-05-24 06:08:18              64 ----a-w-  C:\Qoobox\Quarantine\C\Documents and Settings\Jens Rasmussen\Application Data\PriceGong\Data\i.xml.vir
2010-05-24 06:08:18 . 2010-05-24 06:08:18              64 ----a-w-  C:\Qoobox\Quarantine\C\Documents and Settings\Jens Rasmussen\Application Data\PriceGong\Data\J.xml.vir
2010-05-24 06:08:18 . 2010-05-24 06:08:18              64 ----a-w-  C:\Qoobox\Quarantine\C\Documents and Settings\Jens Rasmussen\Application Data\PriceGong\Data\k.xml.vir
2010-05-24 06:08:18 . 2010-05-24 06:08:18              64 ----a-w-  C:\Qoobox\Quarantine\C\Documents and Settings\Jens Rasmussen\Application Data\PriceGong\Data\l.xml.vir
2010-05-24 06:08:18 . 2010-05-24 06:08:18              64 ----a-w-  C:\Qoobox\Quarantine\C\Documents and Settings\Jens Rasmussen\Application Data\PriceGong\Data\m.xml.vir
2010-05-24 06:08:18 . 2010-05-24 06:08:18              64 ----a-w-  C:\Qoobox\Quarantine\C\Documents and Settings\Jens Rasmussen\Application Data\PriceGong\Data\n.xml.vir
2010-05-24 06:08:18 . 2010-05-24 06:08:18              64 ----a-w-  C:\Qoobox\Quarantine\C\Documents and Settings\Jens Rasmussen\Application Data\PriceGong\Data\o.xml.vir
2010-05-24 06:08:18 . 2010-05-24 06:08:18              64 ----a-w-  C:\Qoobox\Quarantine\C\Documents and Settings\Jens Rasmussen\Application Data\PriceGong\Data\p.xml.vir
2010-05-24 06:08:18 . 2010-05-24 06:08:18              64 ----a-w-  C:\Qoobox\Quarantine\C\Documents and Settings\Jens Rasmussen\Application Data\PriceGong\Data\q.xml.vir
2010-05-24 06:08:18 . 2010-05-24 06:08:18              64 ----a-w-  C:\Qoobox\Quarantine\C\Documents and Settings\Jens Rasmussen\Application Data\PriceGong\Data\r.xml.vir
2010-05-24 06:08:18 . 2010-05-24 06:08:18              64 ----a-w-  C:\Qoobox\Quarantine\C\Documents and Settings\Jens Rasmussen\Application Data\PriceGong\Data\s.xml.vir
2010-05-24 06:08:18 . 2010-05-24 06:08:18              64 ----a-w-  C:\Qoobox\Quarantine\C\Documents and Settings\Jens Rasmussen\Application Data\PriceGong\Data\t.xml.vir
2010-05-24 06:08:18 . 2010-05-24 06:08:18              64 ----a-w-  C:\Qoobox\Quarantine\C\Documents and Settings\Jens Rasmussen\Application Data\PriceGong\Data\u.xml.vir
2010-05-24 06:08:18 . 2010-05-24 06:08:18              64 ----a-w-  C:\Qoobox\Quarantine\C\Documents and Settings\Jens Rasmussen\Application Data\PriceGong\Data\v.xml.vir
2010-05-24 06:08:18 . 2010-05-24 06:08:18              64 ----a-w-  C:\Qoobox\Quarantine\C\Documents and Settings\Jens Rasmussen\Application Data\PriceGong\Data\w.xml.vir
2010-05-24 06:08:18 . 2010-05-24 06:08:18              64 ----a-w-  C:\Qoobox\Quarantine\C\Documents and Settings\Jens Rasmussen\Application Data\PriceGong\Data\x.xml.vir
2010-05-24 06:08:18 . 2010-05-24 06:08:18              64 ----a-w-  C:\Qoobox\Quarantine\C\Documents and Settings\Jens Rasmussen\Application Data\PriceGong\Data\y.xml.vir
2010-05-24 06:08:18 . 2010-05-24 06:08:18              64 ----a-w-  C:\Qoobox\Quarantine\C\Documents and Settings\Jens Rasmussen\Application Data\PriceGong\Data\z.xml.vir
2010-04-28 06:44:02 . 2009-08-05 20:48:42          704,864 ----a-w-  C:\Qoobox\Quarantine\C\Programmer\Windows Live\Family Safety\fsssvc.exe.vir
2010-04-17 00:53:08 . 2009-07-10 11:16:32          307,048 ----a-w-  C:\Qoobox\Quarantine\C\WINDOWS\WLXPGSS.SCR.vir
2009-07-25 19:17:25 . 2009-08-05 20:48:42          54,752 ----a-w-  C:\Qoobox\Quarantine\C\WINDOWS\system32\drivers\fssfltr_tdi.sys.vir
2009-03-17 13:20:58 . 2009-03-17 13:20:58          16,384 ----a-w-  C:\Qoobox\Quarantine\C\Programmer\Internet Explorer\iexplore.exe.mui.vir
2009-03-08 02:35:32 . 2010-12-20 23:52:40          743,424 ----a-w-  C:\Qoobox\Quarantine\C\Programmer\Internet Explorer\iedvtool.dll.vir
2009-03-08 02:35:12 . 2009-03-08 02:35:12          233,984 ----a-w-  C:\Qoobox\Quarantine\C\Programmer\Internet Explorer\jsprofilerui.dll.vir
2009-03-08 02:35:04 . 2009-03-08 02:35:04          144,384 ----a-w-  C:\Qoobox\Quarantine\C\Programmer\Internet Explorer\ExtExport.exe.vir
2009-03-08 02:35:04 . 2010-10-18 11:10:56            7,680 ----a-w-  C:\Qoobox\Quarantine\C\Programmer\Internet Explorer\iecompat.dll.vir
2009-03-08 02:35:04 . 2009-03-08 02:35:04          118,272 ----a-w-  C:\Qoobox\Quarantine\C\Programmer\Internet Explorer\JSProfilerCore.dll.vir
2009-03-08 02:35:02 . 2009-03-08 02:35:02          521,216 ----a-w-  C:\Qoobox\Quarantine\C\Programmer\Internet Explorer\jsdbgui.dll.vir
2009-03-08 02:35:02 . 2009-03-08 02:35:02          121,344 ----a-w-  C:\Qoobox\Quarantine\C\Programmer\Internet Explorer\jsdebuggeride.dll.vir
2009-03-08 02:33:18 . 2010-12-20 23:52:41          12,800 ----a-w-  C:\Qoobox\Quarantine\C\Programmer\Internet Explorer\xpshims.dll.vir
2009-01-07 16:20:54 . 2009-01-07 16:20:54          134,144 ----a-w-  C:\Qoobox\Quarantine\C\Programmer\Internet Explorer\sqmapi.dll.vir
2008-10-09 15:11:54 . 2008-10-09 15:11:54        2,488,320 ----a-w-  C:\Qoobox\Quarantine\C\Programmer\IEToolbar\Forbrugerliv XtraSaver\xtrasaverLive.dll.vir
2008-07-29 17:24:50 . 2008-07-29 17:24:50          881,664 ----a-w-  C:\Qoobox\Quarantine\C\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe.vir
2008-07-29 17:16:38 . 2008-07-29 17:16:38          132,096 ----a-w-  C:\Qoobox\Quarantine\C\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe.vir
2008-07-25 09:16:40 . 2008-07-25 09:16:40          34,312 ----a-w-  C:\Qoobox\Quarantine\C\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe.vir
2007-07-19 22:39:50 . 2007-07-19 22:39:50        2,142,488 ----a-w-  C:\Qoobox\Quarantine\C\WINDOWS\system32\drivers\LVMVdrv.sys.vir
2007-07-19 22:37:56 . 2007-07-19 22:37:56        2,109,592 ----a-w-  C:\Qoobox\Quarantine\C\WINDOWS\system32\drivers\Lvckap.sys.vir
2007-07-18 15:42:42 . 2007-07-18 15:42:42          25,624 ----a-w-  C:\Qoobox\Quarantine\C\WINDOWS\system32\drivers\LVPr2Mon.sys.vir
2007-06-21 08:11:16 . 2011-04-06 02:00:24          530,832 ----a-w-  C:\Qoobox\Quarantine\C\Programmer\Windows Live Safety Center\mpasdlta.vdm.vir
2007-06-21 08:08:36 . 2011-01-10 12:06:24          417,168 ----a-w-  C:\Qoobox\Quarantine\C\Programmer\Windows Live Safety Center\scnPI.dll.vir
2007-06-21 08:08:28 . 2011-01-10 12:06:24          299,408 ----a-w-  C:\Qoobox\Quarantine\C\Programmer\Windows Live Safety Center\wlscUploader.exe.vir
2007-06-21 08:08:28 . 2011-01-10 12:06:24          577,424 ----a-w-  C:\Qoobox\Quarantine\C\Programmer\Windows Live Safety Center\scnAVAS.dll.vir
2007-06-21 08:07:46 . 2011-01-10 12:06:24          764,304 ----a-w-  C:\Qoobox\Quarantine\C\Programmer\Windows Live Safety Center\wlscCtrl.dll.vir
2007-06-21 08:07:37 . 2011-01-10 12:06:24          424,848 ----a-w-  C:\Qoobox\Quarantine\C\Programmer\Windows Live Safety Center\wlscCore.dll.vir
2007-05-11 15:30:04 . 2007-07-19 00:42:28        1,920,920 ----a-w-  C:\Qoobox\Quarantine\C\WINDOWS\system32\drivers\lvpopflt.sys.vir
2007-02-24 04:33:08 . 2011-04-06 14:43:12            5,120 ----a-w-  C:\Qoobox\Quarantine\C\WINDOWS\system32\Thumbs.db.vir
2006-11-19 09:07:07 . 2006-11-19 09:07:07                0 ----a-w-  C:\Qoobox\Quarantine\C\Documents and Settings\Elsebet Rasmussen\err.log.vir
2006-11-18 23:34:28 . 2006-11-18 23:34:28                0 ----a-w-  C:\Qoobox\Quarantine\C\Documents and Settings\Jens Rasmussen\err.log.vir
2006-11-15 08:30:28 . 2006-11-15 08:30:28          198,144 ----a-w-  C:\Qoobox\Quarantine\C\Programmer\Windows Media Player\wmpnssci.dll.vir
2006-11-15 08:30:20 . 2006-11-15 08:30:20          204,288 ----a-w-  C:\Qoobox\Quarantine\C\Programmer\Windows Media Player\wmpnscfg.exe.vir
2006-11-15 08:30:12 . 2006-11-15 08:30:12          914,432 ----a-w-  C:\Qoobox\Quarantine\C\Programmer\Windows Media Player\wmpnetwk.exe.vir
2006-11-07 20:03:36 . 2006-11-07 20:03:36          33,792 ----a-w-  C:\Qoobox\Quarantine\C\Programmer\Internet Explorer\custsat.dll.vir
2006-11-07 20:03:36 . 2010-12-20 23:52:41          247,808 ----a-w-  C:\Qoobox\Quarantine\C\Programmer\Internet Explorer\ieproxy.dll.vir
2006-10-18 19:47:22 . 2006-10-18 19:47:22          133,632 ----a-w-  C:\Qoobox\Quarantine\C\WINDOWS\system32\WPDShServiceObj.dll.vir
2006-10-18 19:47:18 . 2006-10-18 19:47:18          284,160 ----a-w-  C:\Qoobox\Quarantine\C\WINDOWS\system32\PortableDeviceApi.dll.vir
2006-10-18 19:47:18 . 2006-10-18 19:47:18          166,912 ----a-w-  C:\Qoobox\Quarantine\C\WINDOWS\system32\PortableDeviceTypes.dll.vir
2006-10-18 18:04:40 . 2006-10-18 18:04:40          493,568 ----a-w-  C:\Qoobox\Quarantine\C\Programmer\Windows Media Player\wmdbexport.exe.vir
2006-10-18 18:04:30 . 2006-10-18 18:04:30          36,864 ----a-w-  C:\Qoobox\Quarantine\C\Programmer\Windows Media Player\wmpshare.exe.vir
2006-09-28 17:00:34 . 2006-09-28 17:00:34          82,944 ----a-w-  C:\Qoobox\Quarantine\C\WINDOWS\system32\drivers\WudfRd.sys.vir
2006-09-28 16:56:14 . 2006-09-28 16:56:14          55,808 ----a-w-  C:\Qoobox\Quarantine\C\WINDOWS\system32\WudfSvc.dll.vir
2006-09-28 16:55:50 . 2006-09-28 16:55:50          77,568 ----a-w-  C:\Qoobox\Quarantine\C\WINDOWS\system32\drivers\WudfPf.sys.vir
2006-06-27 17:00:26 . 2006-06-27 17:00:26          410,928 ----a-w-  C:\Qoobox\Quarantine\C\Programmer\Windows Media Player\LegitLibM.dll.vir
2005-11-09 11:22:58 . 2007-07-19 00:44:00          41,752 ----a-w-  C:\Qoobox\Quarantine\C\WINDOWS\system32\drivers\LVUSBSta.sys.vir
2005-11-09 11:22:58 . 2007-07-19 00:44:22        3,599,000 ----a-w-  C:\Qoobox\Quarantine\C\WINDOWS\system32\drivers\lvuvc.sys.vir
2005-11-09 11:22:53 . 2007-07-19 00:44:22          22,296 ----a-w-  C:\Qoobox\Quarantine\C\WINDOWS\system32\drivers\lvuvcflt.sys.vir
2005-10-11 11:08:58 . 1999-10-11 01:00:00          41,984 ----a-w-  C:\Qoobox\Quarantine\C\WINDOWS\Ctregrun.exe.vir
2005-10-06 22:24:58 . 2007-12-16 21:04:12          12,288 ----a-w-  C:\Qoobox\Quarantine\C\Thumbs.db.vir
2005-10-03 15:01:52 . 2003-12-17 07:50:00          70,801 ----a-w-  C:\Qoobox\Quarantine\C\WINDOWS\system32\drivers\LMouFlt2.Sys.vir
2005-10-03 15:01:52 . 2003-12-17 07:50:00          25,505 ----a-w-  C:\Qoobox\Quarantine\C\WINDOWS\system32\drivers\LHidFlt2.Sys.vir
2005-10-03 15:01:52 . 2003-12-17 07:50:00          51,729 ----a-w-  C:\Qoobox\Quarantine\C\WINDOWS\system32\drivers\L8042pr2.Sys.vir
2005-09-28 07:48:57 . 2005-05-27 07:32:52        1,317,152 ----a-w-  C:\Qoobox\Quarantine\C\WINDOWS\system32\drivers\lvcm.sys.vir
2005-07-11 13:54:53 . 2004-08-01 15:01:02          47,616 ----a-w-  C:\Qoobox\Quarantine\C\Programmer\Windows Media Player\msoobci.dll.vir
2005-07-11 13:54:53 . 2006-11-01 16:31:38        1,669,120 ----a-w-  C:\Qoobox\Quarantine\C\Programmer\Windows Media Player\wmsetsdk.exe.vir
2005-04-24 15:49:51 . 2005-04-24 15:49:51          90,112 ----a-w-  C:\Qoobox\Quarantine\C\Programmer\Internet Explorer\PLUGINS\npqtplugin5.dll.vir
2005-04-24 15:49:51 . 2005-04-24 15:49:51          90,112 ----a-w-  C:\Qoobox\Quarantine\C\Programmer\Internet Explorer\PLUGINS\npqtplugin4.dll.vir
2005-04-24 15:49:51 . 2005-04-24 15:49:51          90,112 ----a-w-  C:\Qoobox\Quarantine\C\Programmer\Internet Explorer\PLUGINS\npqtplugin3.dll.vir
2005-04-24 15:49:51 . 2005-04-24 15:49:50          90,112 ----a-w-  C:\Qoobox\Quarantine\C\Programmer\Internet Explorer\PLUGINS\npqtplugin2.dll.vir
2005-04-24 15:49:51 . 2005-04-24 15:49:50          90,112 ----a-w-  C:\Qoobox\Quarantine\C\Programmer\Internet Explorer\PLUGINS\npqtplugin.dll.vir
2004-11-05 13:04:56 . 2004-03-10 12:42:24          12,953 ----a-w-  C:\Qoobox\Quarantine\C\WINDOWS\system32\drivers\itchfltr.sys.vir
2004-08-10 19:52:18 . 2006-10-18 18:05:00          241,664 ----a-w-  C:\Qoobox\Quarantine\C\Programmer\Windows Media Player\wmlaunch.exe.vir
2004-08-10 19:52:18 . 2006-10-18 18:05:02          25,600 ----a-w-  C:\Qoobox\Quarantine\C\Programmer\Windows Media Player\wmpenc.exe.vir
2004-06-18 12:40:50 . 2004-06-18 12:40:50          33,280 ----a-w-  C:\Qoobox\Quarantine\C\WINDOWS\muninst.exe.vir
2003-12-18 11:26:11 . 2002-04-01 12:15:00            4,816 ----a-w-  C:\Qoobox\Quarantine\C\WINDOWS\system32\drivers\aeaudio.sys.vir
2003-12-18 11:26:10 . 2003-02-28 08:17:18          545,024 ----a-w-  C:\Qoobox\Quarantine\C\WINDOWS\system32\drivers\smwdm.sys.vir
2003-10-06 13:16:00 . 2003-10-06 13:16:00          81,920 ----a-w-  C:\Qoobox\Quarantine\C\WINDOWS\system32\nvsvc32.exe.vir
2003-08-20 20:57:00 . 2002-11-09 01:02:58          16,384 ----a-w-  C:\Qoobox\Quarantine\C\Programmer\Windows Media Player\pidgen.dll.vir
2003-08-20 19:01:37 . 2002-09-09 21:13:22          520,192 ----a-w-  C:\Qoobox\Quarantine\C\Programmer\Windows Media Player\wmpvis.dll.vir
2003-08-20 18:49:44 . 2008-04-14 16:05:47          294,912 ----a-w-  C:\Qoobox\Quarantine\C\Programmer\Windows Media Player\dlimport.exe.vir
2003-08-06 22:46:30 . 2003-08-06 22:46:30          133,688 ----a-w-  C:\Qoobox\Quarantine\C\Programmer\Fælles filer\System\SNAPVIEW.OCX.vir
2003-07-21 16:47:38 . 2004-03-03 08:50:00          37,887 ----a-w-  C:\Qoobox\Quarantine\C\WINDOWS\system32\drivers\Lhidusb.sys.vir
2003-07-07 12:05:18 . 2003-07-07 12:05:18          33,792 ----a-w-  C:\Qoobox\Quarantine\C\WINDOWS\oeuninst.exe.vir
2003-06-21 10:23:45 . 2003-03-05 16:24:46          155,520 ----a-w-  C:\Qoobox\Quarantine\C\WINDOWS\system32\drivers\AIRPLUS.SYS.vir
2003-06-21 10:01:48 . 2001-08-22 06:42:58          13,632 ----a-w-  C:\Qoobox\Quarantine\C\WINDOWS\system32\drivers\omci.sys.vir
2003-06-21 09:51:48 . 2001-10-09 12:00:00          28,160 ----a-w-  C:\Qoobox\Quarantine\C\Programmer\Windows NT\hypertrm.exe.vir
2003-03-03 15:26:16 . 2003-03-03 15:26:16          33,792 ----a-w-  C:\Qoobox\Quarantine\C\WINDOWS\Q820223.exe.vir
2003-03-03 14:26:16 . 2003-03-03 14:26:16          33,792 ----a-w-  C:\Qoobox\Quarantine\C\WINDOWS\ieuninst.exe.vir
2003-03-03 13:26:16 . 2003-03-03 13:26:16          33,792 ----a-w-  C:\Qoobox\Quarantine\C\WINDOWS\Q330994.exe.vir
2002-12-17 10:32:58 . 2002-12-17 10:32:58          61,424 ----a-w-  C:\Qoobox\Quarantine\C\WINDOWS\system32\drivers\cdr4_xp.sys.vir
2002-12-17 10:32:46 . 2002-12-17 10:32:46          23,436 ----a-w-  C:\Qoobox\Quarantine\C\WINDOWS\system32\drivers\cdralw2k.sys.vir
2002-10-14 20:07:01 . 2002-10-14 20:07:01          57,344 ----a-w-  C:\Qoobox\Quarantine\C\Programmer\Lexmark X74-X75\lxbbbmgr.exe.vir
2002-10-14 20:03:18 . 2003-08-18 14:37:10          303,104 ----a-w-  C:\Qoobox\Quarantine\C\WINDOWS\system32\LEXBCES.EXE.vir
2002-09-10 00:24:58 . 2002-09-10 00:24:58          14,336 ----a-w-  C:\Qoobox\Quarantine\C\Programmer\Internet Explorer\iedetect.dll.vir
20

ComboFix 11-04-07.01 - Elsebet Rasmussen 07-04-2011  23:01:02.1.2 - x86
Microsoft Windows XP Professional  5.1.2600.3.1252.45.1030.18.511.287 [GMT 2:00]
Kører fra: c:\documents and settings\Elsebet Rasmussen\Skrivebord\banan.exe
Kommandoer benyttet :: c:\documents and settings\Elsebet Rasmussen\Skrivebord\CFScript.txt
AV: Microsoft Security Essentials *Disabled/Updated* {EDB4FA23-53B8-4AFA-8C5D-99752CCA7095}
.
advarsel -DENNE MASKINE HAR IKKE GENOPRETTELSESKONSOL INSTALLERET !!
.
.
(((((((((((((((((((((((((((((((((((((((  Andet, der er slettet  )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{C351BD04-A8F8-413D-89E3-216909E2317C}\MpKsl097c72b7.sys
c:\documents and settings\All Users\Application Data\NOS\Adobe_Downloads\SecurityScan_Release.exe
c:\documents and settings\Elsebet Rasmussen\Application Data\PriceGong
c:\documents and settings\Elsebet Rasmussen\Application Data\PriceGong\Data\1.xml
c:\documents and settings\Elsebet Rasmussen\Application Data\PriceGong\Data\a.xml
c:\documents and settings\Elsebet Rasmussen\Application Data\PriceGong\Data\b.xml
c:\documents and settings\Elsebet Rasmussen\Application Data\PriceGong\Data\c.xml
c:\documents and settings\Elsebet Rasmussen\Application Data\PriceGong\Data\d.xml
c:\documents and settings\Elsebet Rasmussen\Application Data\PriceGong\Data\e.xml
c:\documents and settings\Elsebet Rasmussen\Application Data\PriceGong\Data\f.xml
c:\documents and settings\Elsebet Rasmussen\Application Data\PriceGong\Data\g.xml
c:\documents and settings\Elsebet Rasmussen\Application Data\PriceGong\Data\h.xml
c:\documents and settings\Elsebet Rasmussen\Application Data\PriceGong\Data\i.xml
c:\documents and settings\Elsebet Rasmussen\Application Data\PriceGong\Data\J.xml
c:\documents and settings\Elsebet Rasmussen\Application Data\PriceGong\Data\k.xml
c:\documents and settings\Elsebet Rasmussen\Application Data\PriceGong\Data\l.xml
c:\documents and settings\Elsebet Rasmussen\Application Data\PriceGong\Data\m.xml
c:\documents and settings\Elsebet Rasmussen\Application Data\PriceGong\Data\mru.xml
c:\documents and settings\Elsebet Rasmussen\Application Data\PriceGong\Data\n.xml
c:\documents and settings\Elsebet Rasmussen\Application Data\PriceGong\Data\o.xml
c:\documents and settings\Elsebet Rasmussen\Application Data\PriceGong\Data\p.xml
c:\documents and settings\Elsebet Rasmussen\Application Data\PriceGong\Data\q.xml
c:\documents and settings\Elsebet Rasmussen\Application Data\PriceGong\Data\r.xml
c:\documents and settings\Elsebet Rasmussen\Application Data\PriceGong\Data\s.xml
c:\documents and settings\Elsebet Rasmussen\Application Data\PriceGong\Data\t.xml
c:\documents and settings\Elsebet Rasmussen\Application Data\PriceGong\Data\u.xml
c:\documents and settings\Elsebet Rasmussen\Application Data\PriceGong\Data\v.xml
c:\documents and settings\Elsebet Rasmussen\Application Data\PriceGong\Data\w.xml
c:\documents and settings\Elsebet Rasmussen\Application Data\PriceGong\Data\x.xml
c:\documents and settings\Elsebet Rasmussen\Application Data\PriceGong\Data\y.xml
c:\documents and settings\Elsebet Rasmussen\Application Data\PriceGong\Data\z.xml
c:\documents and settings\Elsebet Rasmussen\err.log
c:\documents and settings\Elsebet Rasmussen\Skrivebord\avg_remover_stf_x86_2011_1184.exe
c:\documents and settings\Elsebet Rasmussen\Skrivebord\banan.exe
c:\documents and settings\Elsebet Rasmussen\Skrivebord\ccsetup236.exe
c:\documents and settings\Elsebet Rasmussen\Skrivebord\dds.pif
c:\documents and settings\Elsebet Rasmussen\Skrivebord\dds.scr
c:\documents and settings\Elsebet Rasmussen\Skrivebord\mbam-setup-1.50.1.1100.exe
c:\documents and settings\Elsebet Rasmussen\Skrivebord\mseinstall.exe
c:\documents and settings\Elsebet Rasmussen\Skrivebord\OTL.exe
c:\documents and settings\Elsebet Rasmussen\Skrivebord\SystemLook.exe
c:\documents and settings\Elsebet Rasmussen\WINDOWS
c:\documents and settings\Gæst\Application Data\PriceGong
c:\documents and settings\Gæst\Application Data\PriceGong\Data\1.xml
c:\documents and settings\Gæst\Application Data\PriceGong\Data\a.xml
c:\documents and settings\Gæst\Application Data\PriceGong\Data\b.xml
c:\documents and settings\Gæst\Application Data\PriceGong\Data\c.xml
c:\documents and settings\Gæst\Application Data\PriceGong\Data\d.xml
c:\documents and settings\Gæst\Application Data\PriceGong\Data\e.xml
c:\documents and settings\Gæst\Application Data\PriceGong\Data\f.xml
c:\documents and settings\Gæst\Application Data\PriceGong\Data\g.xml
c:\documents and settings\Gæst\Application Data\PriceGong\Data\h.xml
c:\documents and settings\Gæst\Application Data\PriceGong\Data\i.xml
c:\documents and settings\Gæst\Application Data\PriceGong\Data\J.xml
c:\documents and settings\Gæst\Application Data\PriceGong\Data\k.xml
c:\documents and settings\Gæst\Application Data\PriceGong\Data\l.xml
c:\documents and settings\Gæst\Application Data\PriceGong\Data\m.xml
c:\documents and settings\Gæst\Application Data\PriceGong\Data\mru.xml
c:\documents and settings\Gæst\Application Data\PriceGong\Data\n.xml
c:\documents and settings\Gæst\Application Data\PriceGong\Data\o.xml
c:\documents and settings\Gæst\Application Data\PriceGong\Data\p.xml
c:\documents and settings\Gæst\Application Data\PriceGong\Data\q.xml
c:\documents and settings\Gæst\Application Data\PriceGong\Data\r.xml
c:\documents and settings\Gæst\Application Data\PriceGong\Data\s.xml
c:\documents and settings\Gæst\Application Data\PriceGong\Data\t.xml
c:\documents and settings\Gæst\Application Data\PriceGong\Data\u.xml
c:\documents and settings\Gæst\Application Data\PriceGong\Data\v.xml
c:\documents and settings\Gæst\Application Data\PriceGong\Data\w.xml
c:\documents and settings\Gæst\Application Data\PriceGong\Data\x.xml
c:\documents and settings\Gæst\Application Data\PriceGong\Data\y.xml
c:\documents and settings\Gæst\Application Data\PriceGong\Data\z.xml
c:\documents and settings\Jens Rasmussen\Application Data\PriceGong
c:\documents and settings\Jens Rasmussen\Application Data\PriceGong\Data\1.xml
c:\documents and settings\Jens Rasmussen\Application Data\PriceGong\Data\a.xml
c:\documents and settings\Jens Rasmussen\Application Data\PriceGong\Data\b.xml
c:\documents and settings\Jens Rasmussen\Application Data\PriceGong\Data\c.xml
c:\documents and settings\Jens Rasmussen\Application Data\PriceGong\Data\d.xml
c:\documents and settings\Jens Rasmussen\Application Data\PriceGong\Data\e.xml
c:\documents and settings\Jens Rasmussen\Application Data\PriceGong\Data\f.xml
c:\documents and settings\Jens Rasmussen\Application Data\PriceGong\Data\g.xml
c:\documents and settings\Jens Rasmussen\Application Data\PriceGong\Data\h.xml
c:\documents and settings\Jens Rasmussen\Application Data\PriceGong\Data\i.xml
c:\documents and settings\Jens Rasmussen\Application Data\PriceGong\Data\J.xml
c:\documents and settings\Jens Rasmussen\Application Data\PriceGong\Data\k.xml
c:\documents and settings\Jens Rasmussen\Application Data\PriceGong\Data\l.xml
c:\documents and settings\Jens Rasmussen\Application Data\PriceGong\Data\m.xml
c:\documents and settings\Jens Rasmussen\Application Data\PriceGong\Data\mru.xml
c:\documents and settings\Jens Rasmussen\Application Data\PriceGong\Data\n.xml
c:\documents and settings\Jens Rasmussen\Application Data\PriceGong\Data\o.xml
c:\documents and settings\Jens Rasmussen\Application Data\PriceGong\Data\p.xml
c:\documents and settings\Jens Rasmussen\Application Data\PriceGong\Data\q.xml
c:\documents and settings\Jens Rasmussen\Application Data\PriceGong\Data\r.xml
c:\documents and settings\Jens Rasmussen\Application Data\PriceGong\Data\s.xml
c:\documents and settings\Jens Rasmussen\Application Data\PriceGong\Data\t.xml
c:\documents and settings\Jens Rasmussen\Application Data\PriceGong\Data\u.xml
c:\documents and settings\Jens Rasmussen\Application Data\PriceGong\Data\v.xml
c:\documents and settings\Jens Rasmussen\Application Data\PriceGong\Data\w.xml
c:\documents and settings\Jens Rasmussen\Application Data\PriceGong\Data\x.xml
c:\documents and settings\Jens Rasmussen\Application Data\PriceGong\Data\y.xml
c:\documents and settings\Jens Rasmussen\Application Data\PriceGong\Data\z.xml
c:\documents and settings\Jens Rasmussen\err.log
c:\programmer\Adobe\Reader 9.0\Reader\A3DUtility.exe
c:\programmer\Adobe\Reader 9.0\Reader\ACE.dll
c:\programmer\Adobe\Reader 9.0\Reader\AcroBroker.exe
c:\programmer\Adobe\Reader 9.0\Reader\AcroRd32.exe
c:\programmer\Adobe\Reader 9.0\Reader\AcroRd32Info.exe
c:\programmer\Adobe\Reader 9.0\Reader\AcroTextExtractor.exe
c:\programmer\Adobe\Reader 9.0\Reader\AdobeCollabSync.exe
c:\programmer\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll
c:\programmer\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll
c:\programmer\Adobe\Reader 9.0\Reader\Eula.exe
c:\programmer\Adobe\Reader 9.0\Reader\reader_sl.exe
c:\programmer\Fælles filer\Adobe\Acrobat\ActiveX\AcroPDF.dll
c:\programmer\Fælles filer\Microsoft Shared\MSInfo\MSIOFF9.OCX
c:\programmer\Fælles filer\System\SNAPVIEW.OCX
c:\programmer\IEToolbar
c:\programmer\IEToolbar\Forbrugerliv XtraSaver\xtrasaverLive.dll
c:\programmer\Internet Explorer\custsat.dll
c:\programmer\Internet Explorer\ExtExport.exe
c:\programmer\Internet Explorer\iecompat.dll
c:\programmer\Internet Explorer\iedetect.dll
c:\programmer\Internet Explorer\iedvtool.dll
c:\programmer\Internet Explorer\ieproxy.dll
c:\programmer\Internet Explorer\iexplore.exe.mui
c:\programmer\Internet Explorer\jsdbgui.dll
c:\programmer\Internet Explorer\jsdebuggeride.dll
c:\programmer\Internet Explorer\JSProfilerCore.dll
c:\programmer\Internet Explorer\jsprofilerui.dll
c:\programmer\Internet Explorer\PLUGINS\nppdf32.dll
c:\programmer\Internet Explorer\Plugins\npqtplugin.dll
c:\programmer\Internet Explorer\Plugins\npqtplugin2.dll
c:\programmer\Internet Explorer\Plugins\npqtplugin3.dll
c:\programmer\Internet Explorer\Plugins\npqtplugin4.dll
c:\programmer\Internet Explorer\Plugins\npqtplugin5.dll
c:\programmer\Internet Explorer\sqmapi.dll
c:\programmer\Internet Explorer\xpshims.dll
c:\programmer\Lexmark X74-X75\lxbbbmgr.exe
c:\programmer\Microsoft Security Client\Antimalware\MsMpEng.exe
c:\programmer\Microsoft Security Client\msseces.exe
c:\programmer\Microsoft Silverlight\4.0.60129.0\ar\Microsoft.VisualBasic.resources.dll
c:\programmer\Microsoft Silverlight\4.0.60129.0\ar\mscorlib.resources.dll
c:\programmer\Microsoft Silverlight\4.0.60129.0\ar\mscorrc.dll
c:\programmer\Microsoft Silverlight\4.0.60129.0\ar\system.resources.dll
c:\programmer\Microsoft Silverlight\4.0.60129.0\bg\Microsoft.VisualBasic.resources.dll
c:\programmer\Microsoft Silverlight\4.0.60129.0\bg\mscorlib.resources.dll
c:\programmer\Microsoft Silverlight\4.0.60129.0\bg\mscorrc.dll
c:\programmer\Microsoft Silverlight\4.0.60129.0\bg\system.resources.dll
c:\programmer\Microsoft Silverlight\4.0.60129.0\ca\Microsoft.VisualBasic.resources.dll
c:\programmer\Microsoft Silverlight\4.0.60129.0\ca\mscorlib.resources.dll
c:\programmer\Microsoft Silverlight\4.0.60129.0\ca\mscorrc.dll
c:\programmer\Microsoft Silverlight\4.0.60129.0\ca\system.resources.dll
c:\programmer\Microsoft Silverlight\4.0.60129.0\coregen.exe
c:\programmer\Microsoft Silverlight\4.0.60129.0\cs\Microsoft.VisualBasic.resources.dll
c:\programmer\Microsoft Silverlight\4.0.60129.0\cs\mscorlib.resources.dll
c:\programmer\Microsoft Silverlight\4.0.60129.0\cs\mscorrc.dll
c:\programmer\Microsoft Silverlight\4.0.60129.0\cs\system.resources.dll
c:\programmer\Microsoft Silverlight\4.0.60129.0\da\Microsoft.VisualBasic.resources.dll
c:\programmer\Microsoft Silverlight\4.0.60129.0\da\mscorlib.resources.dll
c:\programmer\Microsoft Silverlight\4.0.60129.0\da\mscorrc.dll
c:\programmer\Microsoft Silverlight\4.0.60129.0\da\system.resources.dll
c:\programmer\Microsoft Silverlight\4.0.60129.0\de\Microsoft.VisualBasic.resources.dll
c:\programmer\Microsoft Silverlight\4.0.60129.0\de\mscorlib.resources.dll
c:\programmer\Microsoft Silverlight\4.0.60129.0\de\mscorrc.dll
c:\programmer\Microsoft Silverlight\4.0.60129.0\de\system.resources.dll
c:\programmer\Microsoft Silverlight\4.0.60129.0\el\Microsoft.VisualBasic.resources.dll
c:\programmer\Microsoft Silverlight\4.0.60129.0\el\mscorlib.resources.dll
c:\programmer\Microsoft Silverlight\4.0.60129.0\el\mscorrc.dll
c:\programmer\Microsoft Silverlight\4.0.60129.0\el\system.resources.dll
c:\programmer\Microsoft Silverlight\4.0.60129.0\es\Microsoft.VisualBasic.resources.dll
c:\programmer\Microsoft Silverlight\4.0.60129.0\es\mscorlib.resources.dll
c:\programmer\Microsoft Silverlight\4.0.60129.0\es\mscorrc.dll
c:\programmer\Microsoft Silverlight\4.0.60129.0\es\system.resources.dll
c:\programmer\Microsoft Silverlight\4.0.60129.0\et\Microsoft.VisualBasic.resources.dll
c:\programmer\Microsoft Silverlight\4.0.60129.0\et\mscorlib.resources.dll
c:\programmer\Microsoft Silverlight\4.0.60129.0\et\mscorrc.dll
c:\programmer\Microsoft Silverlight\4.0.60129.0\et\system.resources.dll
c:\programmer\Microsoft Silverlight\4.0.60129.0\eu\Microsoft.VisualBasic.resources.dll
c:\programmer\Microsoft Silverlight\4.0.60129.0\eu\mscorlib.resources.dll
c:\programmer\Microsoft Silverlight\4.0.60129.0\eu\mscorrc.dll
c:\programmer\Microsoft Silverlight\4.0.60129.0\eu\system.resources.dll
c:\programmer\Microsoft Silverlight\4.0.60129.0\fi\Microsoft.VisualBasic.resources.dll
c:\programmer\Microsoft Silverlight\4.0.60129.0\fi\mscorlib.resources.dll
c:\programmer\Microsoft Silverlight\4.0.60129.0\fi\mscorrc.dll
c:\programmer\Microsoft Silverlight\4.0.60129.0\fi\system.resources.dll
c:\programmer\Microsoft Silverlight\4.0.60129.0\fr\Microsoft.VisualBasic.resources.dll
c:\programmer\Microsoft Silverlight\4.0.60129.0\fr\mscorlib.resources.dll
c:\programmer\Microsoft Silverlight\4.0.60129.0\fr\mscorrc.dll
c:\programmer\Microsoft Silverlight\4.0.60129.0\fr\system.resources.dll
c:\programmer\Microsoft Silverlight\4.0.60129.0\he\Microsoft.VisualBasic.resources.dll
c:\programmer\Microsoft Silverlight\4.0.60129.0\he\mscorlib.resources.dll
c:\programmer\Microsoft Silverlight\4.0.60129.0\he\mscorrc.dll
c:\programmer\Microsoft Silverlight\4.0.60129.0\he\system.resources.dll
c:\programmer\Microsoft Silverlight\4.0.60129.0\hr\Microsoft.VisualBasic.resources.dll
c:\programmer\Microsoft Silverlight\4.0.60129.0\hr\mscorlib.resources.dll
c:\programmer\Microsoft Silverlight\4.0.60129.0\hr\mscorrc.dll
c:\programmer\Microsoft Silverlight\4.0.60129.0\hr\system.resources.dll
c:\programmer\Microsoft Silverlight\4.0.60129.0\hu\Microsoft.VisualBasic.resources.dll
c:\programmer\Microsoft Silverlight\4.0.60129.0\hu\mscorlib.resources.dll
c:\programmer\Microsoft Silverlight\4.0.60129.0\hu\mscorrc.dll
c:\programmer\Microsoft Silverlight\4.0.60129.0\hu\system.resources.dll
c:\programmer\Microsoft Silverlight\4.0.60129.0\id\Microsoft.VisualBasic.resources.dll
c:\programmer\Microsoft Silverlight\4.0.60129.0\id\mscorlib.resources.dll
c:\programmer\Microsoft Silverlight\4.0.60129.0\id\mscorrc.dll
c:\programmer\Microsoft Silverlight\4.0.60129.0\id\system.resources.dll
c:\programmer\Microsoft Silverlight\4.0.60129.0\it\Microsoft.VisualBasic.resources.dll
c:\programmer\Microsoft Silverlight\4.0.60129.0\it\mscorlib.resources.dll
c:\programmer\Microsoft Silverlight\4.0.60129.0\it\mscorrc.dll
c:\programmer\Microsoft Silverlight\4.0.60129.0\it\system.resources.dll
c:\programmer\Microsoft Silverlight\4.0.60129.0\ja\Microsoft.VisualBasic.resources.dll
c:\programmer\Microsoft Silverlight\4.0.60129.0\ja\mscorlib.resources.dll
c:\programmer\Microsoft Silverlight\4.0.60129.0\ja\mscorrc.dll
c:\programmer\Microsoft Silverlight\4.0.60129.0\ja\system.resources.dll
c:\programmer\Microsoft Silverlight\4.0.60129.0\ko\Microsoft.VisualBasic.resources.dll
c:\programmer\Microsoft Silverlight\4.0.60129.0\ko\mscorlib.resources.dll
c:\programmer\Microsoft Silverlight\4.0.60129.0\ko\mscorrc.dll
c:\programmer\Microsoft Silverlight\4.0.60129.0\ko\system.resources.dll
c:\programmer\Microsoft Silverlight\4.0.60129.0\lt\Microsoft.VisualBasic.resources.dll
c:\programmer\Microsoft Silverlight\4.0.60129.0\lt\mscorlib.resources.dll
c:\programmer\Microsoft Silverlight\4.0.60129.0\lt\mscorrc.dll
c:\programmer\Microsoft Silverlight\4.0.60129.0\lt\system.resources.dll
c:\programmer\Microsoft Silverlight\4.0.60129.0\lv\Microsoft.VisualBasic.resources.dll
c:\programmer\Microsoft Silverlight\4.0.60129.0\lv\mscorlib.resources.dll
c:\programmer\Microsoft Silverlight\4.0.60129.0\lv\mscorrc.dll
c:\programmer\Microsoft Silverlight\4.0.60129.0\lv\system.resources.dll
c:\programmer\Microsoft Silverlight\4.0.60129.0\Microsoft.VisualBasic.dll
c:\programmer\Microsoft Silverlight\4.0.60129.0\ms\Microsoft.VisualBasic.resources.dll
c:\programmer\Microsoft Silverlight\4.0.60129.0\ms\mscorlib.resources.dll
c:\programmer\Microsoft Silverlight\4.0.60129.0\ms\mscorrc.dll
c:\programmer\Microsoft Silverlight\4.0.60129.0\ms\system.resources.dll
c:\programmer\Microsoft Silverlight\4.0.60129.0\mscorrc.dll
c:\programmer\Microsoft Silverlight\4.0.60129.0\nl\Microsoft.VisualBasic.resources.dll
c:\programmer\Microsoft Silverlight\4.0.60129.0\nl\mscorlib.resources.dll
c:\programmer\Microsoft Silverlight\4.0.60129.0\nl\mscorrc.dll
c:\programmer\Microsoft Silverlight\4.0.60129.0\nl\system.resources.dll
c:\programmer\Microsoft Silverlight\4.0.60129.0\no\Microsoft.VisualBasic.resources.dll
c:\programmer\Microsoft Silverlight\4.0.60129.0\no\mscorlib.resources.dll
c:\programmer\Microsoft Silverlight\4.0.60129.0\no\mscorrc.dll
c:\programmer\Microsoft Silverlight\4.0.60129.0\no\system.resources.dll
c:\programmer\Microsoft Silverlight\4.0.60129.0\pl\Microsoft.VisualBasic.resources.dll
c:\programmer\Microsoft Silverlight\4.0.60129.0\pl\mscorlib.resources.dll
c:\programmer\Microsoft Silverlight\4.0.60129.0\pl\mscorrc.dll
c:\programmer\Microsoft Silverlight\4.0.60129.0\pl\system.resources.dll
c:\programmer\Microsoft Silverlight\4.0.60129.0\pt-BR\Microsoft.VisualBasic.resources.dll
c:\programmer\Microsoft Silverlight\4.0.60129.0\pt-BR\mscorlib.resources.dll
c:\programmer\Microsoft Silverlight\4.0.60129.0\pt-BR\mscorrc.dll
c:\programmer\Microsoft Silverlight\4.0.60129.0\pt-BR\system.resources.dll
c:\programmer\Microsoft Silverlight\4.0.60129.0\pt\Microsoft.VisualBasic.resources.dll
c:\programmer\Microsoft Silverlight\4.0.60129.0\pt\mscorlib.resources.dll
c:\programmer\Microsoft Silverlight\4.0.60129.0\pt\mscorrc.dll
c:\programmer\Microsoft Silverlight\4.0.60129.0\pt\system.resources.dll
c:\programmer\Microsoft Silverlight\4.0.60129.0\ro\Microsoft.VisualBasic.resources.dll
c:\programmer\Microsoft Silverlight\4.0.60129.0\ro\mscorlib.resources.dll
c:\programmer\Microsoft Silverlight\4.0.60129.0\ro\mscorrc.dll
c:\programmer\Microsoft Silverlight\4.0.60129.0\ro\system.resources.dll
c:\programmer\Microsoft Silverlight\4.0.60129.0\ru\Microsoft.VisualBasic.resources.dll
c:\programmer\Microsoft Silverlight\4.0.60129.0\ru\mscorlib.resources.dll
c:\programmer\Microsoft Silverlight\4.0.60129.0\ru\mscorrc.dll
c:\programmer\Microsoft Silverlight\4.0.60129.0\ru\system.resources.dll
c:\programmer\Microsoft Silverlight\4.0.60129.0\sk\Microsoft.VisualBasic.resources.dll
c:\programmer\Microsoft Silverlight\4.0.60129.0\sk\mscorlib.resources.dll
c:\programmer\Microsoft Silverlight\4.0.60129.0\sk\mscorrc.dll
c:\programmer\Microsoft Silverlight\4.0.60129.0\sk\system.resources.dll
c:\programmer\Microsoft Silverlight\4.0.60129.0\sl\Microsoft.VisualBasic.resources.dll
c:\programmer\Microsoft Silverlight\4.0.60129.0\sl\mscorlib.resources.dll
c:\programmer\Microsoft Silverlight\4.0.60129.0\sl\mscorrc.dll
c:\programmer\Microsoft Silverlight\4.0.60129.0\sl\system.resources.dll
c:\programmer\Microsoft Silverlight\4.0.60129.0\sr-Cyrl-CS\Microsoft.VisualBasic.resources.dll
c:\programmer\Microsoft Silverlight\4.0.60129.0\sr-Cyrl-CS\mscorlib.resources.dll
c:\programmer\Microsoft Silverlight\4.0.60129.0\sr-Cyrl-CS\mscorrc.dll
c:\programmer\Microsoft Silverlight\4.0.60129.0\sr-Cyrl-CS\system.resources.dll
c:\programmer\Microsoft Silverlight\4.0.60129.0\sr-Latn-CS\Microsoft.VisualBasic.resources.dll
c:\programmer\Microsoft Silverlight\4.0.60129.0\sr-Latn-CS\mscorlib.resources.dll
c:\programmer\Microsoft Silverlight\4.0.60129.0\sr-Latn-CS\mscorrc.dll
c:\programmer\Microsoft Silverlight\4.0.60129.0\sr-Latn-CS\system.resources.dll
c:\programmer\Microsoft Silverlight\4.0.60129.0\sv\Microsoft.VisualBasic.resources.dll
c:\programmer\Microsoft Silverlight\4.0.60129.0\sv\mscorlib.resources.dll
c:\programmer\Microsoft Silverlight\4.0.60129.0\sv\mscorrc.dll
c:\programmer\Microsoft Silverlight\4.0.60129.0\sv\system.resources.dll
c:\programmer\Microsoft Silverlight\4.0.60129.0\System.Core.dll
c:\programmer\Microsoft Silverlight\4.0.60129.0\system.dll
c:\programmer\Microsoft Silverlight\4.0.60129.0\System.Net.dll
c:\programmer\Microsoft Silverlight\4.0.60129.0\System.Net.ni.dll
c:\programmer\Microsoft Silverlight\4.0.60129.0\System.ni.dll
c:\programmer\Microsoft Silverlight\4.0.60129.0\System.Runtime.Serialization.dll
c:\programmer\Microsoft Silverlight\4.0.60129.0\System.ServiceModel.dll
c:\programmer\Microsoft Silverlight\4.0.60129.0\System.ServiceModel.Web.dll
c:\programmer\Microsoft Silverlight\4.0.60129.0\System.ServiceModel.Web.ni.dll
c:\programmer\Microsoft Silverlight\4.0.60129.0\System.Windows.Browser.dll
c:\programmer\Microsoft Silverlight\4.0.60129.0\System.Windows.Browser.ni.dll
c:\programmer\Microsoft Silverlight\4.0.60129.0\System.Xml.dll
c:\programmer\Microsoft Silverlight\4.0.60129.0\System.Xml.ni.dll
c:\programmer\Microsoft Silverlight\4.0.60129.0\th\Microsoft.VisualBasic.resources.dll
c:\programmer\Microsoft Silverlight\4.0.60129.0\th\mscorlib.resources.dll
c:\programmer\Microsoft Silverlight\4.0.60129.0\th\mscorrc.dll
c:\programmer\Microsoft Silverlight\4.0.60129.0\th\system.resources.dll
c:\programmer\Microsoft Silverlight\4.0.60129.0\tr\Microsoft.VisualBasic.resources.dll
c:\programmer\Microsoft Silverlight\4.0.60129.0\tr\mscorlib.resources.dll
c:\programmer\Microsoft Silverlight\4.0.60129.0\tr\mscorrc.dll
c:\programmer\Microsoft Silverlight\4.0.60129.0\tr\system.resources.dll
c:\programmer\Microsoft Silverlight\4.0.60129.0\uk\Microsoft.VisualBasic.resources.dll
c:\programmer\Microsoft Silverlight\4.0.60129.0\uk\mscorlib.resources.dll
c:\programmer\Microsoft Silverlight\4.0.60129.0\uk\mscorrc.dll
c:\programmer\Microsoft Silverlight\4.0.60129.0\uk\system.resources.dll
c:\programmer\Microsoft Silverlight\4.0.60129.0\vi\Microsoft.VisualBasic.resources.dll
c:\programmer\Microsoft Silverlight\4.0.60129.0\vi\mscorlib.resources.dll
c:\programmer\Microsoft Silverlight\4.0.60129.0\vi\mscorrc.dll
c:\programmer\Microsoft Silverlight\4.0.60129.0\vi\system.resources.dll
c:\programmer\Microsoft Silverlight\4.0.60129.0\zh-Hans\Microsoft.VisualBasic.resources.dll
c:\programmer\Microsoft Silverlight\4.0.60129.0\zh-Hans\mscorlib.resources.dll
c:\programmer\Microsoft Silverlight\4.0.60129.0\zh-Hans\mscorrc.dll
c:\programmer\Microsoft Silverlight\4.0.60129.0\zh-Hans\system.resources.dll
c:\programmer\Microsoft Silverlight\4.0.60129.0\zh-Hant\Microsoft.VisualBasic.resources.dll
c:\programmer\Microsoft Silverlight\4.0.60129.0\zh-Hant\mscorlib.resources.dll
c:\programmer\Microsoft Silverlight\4.0.60129.0\zh-Hant\mscorrc.dll
c:\programmer\Microsoft Silverlight\4.0.60129.0\zh-Hant\system.resources.dll
c:\programmer\NOS\bin\getPlus_Helper_3004.dll
c:\programmer\Windows Live Safety Center\mpasdlta.vdm
c:\programmer\Windows Live Safety Center\scnAVAS.dll
c:\programmer\Windows Live Safety Center\scnPI.dll
c:\programmer\Windows Live Safety Center\wlscCore.dll
c:\programmer\Windows Live Safety Center\wlscCtrl.dll
c:\programmer\Windows Live Safety Center\wlscUploader.exe
c:\programmer\Windows Live\Family Safety\fsssvc.exe
c:\programmer\Windows Media Player\dlimport.exe
c:\programmer\Windows Media Player\LegitLibM.dll
c:\programmer\Windows Media Player\msoobci.dll
c:\programmer\Windows Media Player\pidgen.dll
c:\programmer\Windows Media Player\wmdbexport.exe
c:\programmer\Windows Media Player\wmlaunch.exe
c:\programmer\Windows Media Player\wmpenc.exe
c:\programmer\Windows Media Player\WMPNetwk.exe
c:\programmer\Windows Media Player\wmpnscfg.exe
c:\programmer\Windows Media Player\wmpnssci.dll
c:\programmer\Windows Media Player\wmpshare.exe
c:\programmer\Windows Media Player\wmpvis.dll
c:\programmer\Windows Media Player\wmsetsdk.exe
c:\programmer\Windows NT\hypertrm.exe
C:\Thumbs.db
c:\windows\Ctregrun.exe
c:\windows\Downloaded Program Files\GarminAxControl.ocx
c:\windows\Downloaded Program Files\wlscBase.dll
c:\windows\ieuninst.exe
c:\windows\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe
c:\windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
c:\windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
c:\windows\muninst.exe
c:\windows\oeuninst.exe
c:\windows\Q330994.exe
c:\windows\Q820223.exe
c:\windows\system32\Cache
c:\windows\system32\drivers\aeaudio.sys
c:\windows\system32\DRIVERS\airplus.sys
c:\windows\system32\driVERs\Cdr4_xp.sys
c:\windows\system32\driVERs\Cdralw2k.sys
c:\windows\system32\DRIVERS\fssfltr_tdi.sys
c:\windows\system32\DRIVERS\itchfltr.sys
c:\windows\system32\DRIVERS\L8042pr2.Sys
c:\windows\system32\DRIVERS\LHidFlt2.Sys
c:\windows\system32\Drivers\LHidUsb.Sys
c:\windows\system32\DRIVERS\LMouFlt2.Sys
c:\windows\system32\DRIVERS\LVcKap.sys
c:\windows\system32\DRIVERS\LVCM.sys
c:\windows\system32\DRIVERS\LVMVDrv.sys
c:\windows\system32\DRIVERS\lvpopflt.sys
c:\windows\system32\DRIVERS\LVPr2Mon.sys
c:\windows\system32\drivers\LVUSBSta.sys
c:\windows\system32\DRIVERS\lvuvc.sys
c:\windows\system32\DRIVERS\lvuvcflt.sys
c:\windows\system32\DRIVERS\MpFilter.sys
c:\windows\SYSTEM32\DRIVERS\OMCI.SYS
c:\windows\system32\DRIVERS\secdrv.sys
c:\windows\system32\drivers\smwdm.sys
c:\windows\system32\driVERs\StarOpen.sys
c:\windows\system32\DRIVERS\WudfPf.sys
c:\windows\system32\DRIVERS\wudfrd.sys
c:\windows\system32\LEXBCES.EXE
c:\windows\System32\nvsvc32.exe
c:\windows\system32\PortableDeviceApi.dll
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\Thumbs.db
c:\windows\system32\WPDShServiceObj.dll
c:\windows\System32\WUDFSvc.dll
c:\windows\WLXPGSS.SCR
.
.
(((((((((((((((((((((((((((((((((((((((  Drivers/Tjenester  )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Legacy_ISEXENG
-------\Legacy_MYWEBSEARCHSERVICE
-------\Legacy_SSHNAS
-------\Legacy_fssfltr
-------\Legacy_fsssvc
-------\Legacy_MpFilter
-------\Legacy_MpKsl097c72b7
-------\Legacy_MsMpSvc
-------\Legacy_nosGetPlusHelper
-------\Legacy_NVSvc
-------\Legacy_OMCI
-------\Service_aeaudio
-------\Service_AIRPLUS
-------\Service_FilterService
-------\Service_fssfltr
-------\Service_fsssvc
-------\Service_itchfltr
-------\Service_lvpopflt
-------\Service_LVUVC
-------\Service_MpFilter
-------\Service_MpKsl097c72b7
-------\Service_MsMpSvc
-------\Service_nosGetPlusHelper
-------\Service_NVSvc
-------\Service_OMCI
-------\Service_QCMerced
-------\Service_smwdm
-------\Service_StarOpen
.
.
(((((((((((((((((((((((((((((  Filer skabt fra 2011-03-07 til 2011-04-07  )))))))))))))))))))))))))))))))))))
.
.
2011-04-07 20:18 . 2011-01-12 23:41    5890896    ----a-w-    c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll
2011-04-07 20:16 . 2011-03-14 19:05    6792528    ----a-w-    c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{C351BD04-A8F8-413D-89E3-216909E2317C}\mpengine.dll
2011-04-07 20:06 . 2011-04-07 20:06    --------    d-----w-    c:\documents and settings\Elsebet Rasmussen\Lokale indstillinger\Application Data\PCHealth
2011-04-07 20:05 . 2011-04-07 21:12    --------    d-----w-    c:\programmer\Microsoft Security Client
2011-04-07 18:20 . 2011-04-07 18:20    --------    d-----w-    C:\_OTL
2011-04-07 10:59 . 2010-12-20 16:09    38224    ----a-w-    c:\windows\system32\drivers\mbamswissarmy.sys
2011-04-07 10:59 . 2010-12-20 16:08    20952    ----a-w-    c:\windows\system32\drivers\mbam.sys
2011-04-07 03:12 . 2011-04-07 03:12    --------    d-----w-    c:\windows\system32\wbem\Repository
2011-04-07 03:07 . 2011-04-07 03:07    --------    d-----w-    c:\documents and settings\All Users\Application Data\NOS
2011-04-07 03:07 . 2011-04-07 03:07    --------    d-----w-    c:\programmer\NOS
2011-03-29 14:47 . 2011-03-29 14:47    --------    d-----w-    c:\documents and settings\Elsebet Rasmussen\.oces2
2011-03-15 19:27 . 2011-03-15 19:27    --------    d-----w-    c:\documents and settings\Gæst\Application Data\AVG10
2011-03-09 18:05 . 2011-03-09 18:05    --------    d-sh--w-    c:\documents and settings\Default User\IETldCache
2011-03-09 10:54 . 2011-03-09 10:54    --------    d-----w-    c:\documents and settings\NetworkService\Application Data\McAfee
.
.
((((((((((((((((((((((((((((((((((((((((  Find3M Rapport  ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-02-09 13:53 . 2003-08-20 18:58    270848    ------w-    c:\windows\system32\sbe.dll
2011-02-09 13:53 . 2003-08-20 18:58    186880    ------w-    c:\windows\system32\encdec.dll
2011-02-02 07:58 . 2003-08-20 18:57    2067456    ----a-w-    c:\windows\system32\mstscax.dll
2011-01-27 11:57 . 2003-08-20 18:57    677888    ----a-w-    c:\windows\system32\mstsc.exe
2011-01-21 14:44 . 2003-08-20 19:00    439808    ----a-w-    c:\windows\system32\shimgvw.dll
.
.
(((((((((((((((((((((((((((((((((((  Start steder i reg.basen  ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Bemærk* tomme linier & lovlige standard linier vises ikke 
REGEDIT4
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"nwiz"="nwiz.exe" [2003-10-06 741376]
"siService.exe"="c:\programmer\GIANT Company Software\Spam Inspector\siService.exe" [2003-11-15 204800]
"zBrowser Launcher"="c:\program files\Logitech\iTouch\iTouch.exe" [2004-03-18 892928]
"NvCplDaemon"="c:\windows\System32\NvCpl.dll" [2003-10-06 5058560]
"LogitechCommunicationsManager"="c:\programmer\Fælles filer\LogiShrd\LComMgr\Communications_Helper.exe" [2007-07-25 563984]
"LogitechQuickCamRibbon"="c:\programmer\Logitech\QuickCam\Quickcam.exe" [2007-07-25 2027792]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\System32\CTFMON.EXE" [2008-04-14 15360]
"DWQueuedReporting"="c:\progra~1\FLLESF~1\MICROS~1\DW\dwtrig20.exe" [2007-02-25 437160]
.
c:\documents and settings\All Users\Menuen Start\Programmer\Start\
Digimax Viewer 2.1 (2).lnk - c:\programmer\Samsung\Digimax Viewer 2.1\STImgBrowser.exe [2005-2-4 634880]
Digimax Viewer 2.1.lnk - c:\programmer\Samsung\Digimax Viewer 2.1\STImgBrowser.exe [2005-2-4 634880]
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\swg]
2008-04-09 08:55    68856    ----a-w-    c:\programmer\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Programmer\\GIANT Company Software\\Spam Inspector\\siMailProxyServer.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\WINDOWS\\system32\\mmc.exe"=
"c:\\Programmer\\Windows Live\\Sync\\WindowsLiveSync.exe"=
"c:\\Programmer\\Skype\\Plugin Manager\\skypePM.exe"=
"c:\\Programmer\\Windows Live\\Messenger\\msnmsgr.exe"=
"c:\\Programmer\\Skype\\Phone\\Skype.exe"=
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"3389:TCP"= 3389:TCP:*:Disabled:@xpsp2res.dll,-22009
.
S3 AVG Security Toolbar Service;AVG Security Toolbar Service;c:\programmer\AVG\AVG10\Toolbar\ToolbarBroker.exe --> c:\programmer\AVG\AVG10\Toolbar\ToolbarBroker.exe [?]
S4 gupdate;Tjenesten Google Update (gupdate);c:\programmer\Google\Update\GoogleUpdate.exe [29-01-2010 09:42 135664]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
nosGetPlusHelper    REG_MULTI_SZ      nosGetPlusHelper
.
Indhold af mappen 'Planlagte Opgaver'
.
2011-02-26 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\programmer\Google\Update\GoogleUpdate.exe [2010-01-29 07:41]
.
2010-12-19 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\programmer\Google\Update\GoogleUpdate.exe [2010-01-29 07:41]
.
2011-04-07 c:\windows\Tasks\MP Scheduled Scan.job
- c:\programmer\Microsoft Security Client\Antimalware\MpCmdRun.exe [2010-11-11 10:26]
.
2011-04-07 c:\windows\Tasks\MpIdleTask.job
- c:\programmer\Microsoft Security Client\Antimalware\MpCmdRun.exe [2010-11-11 10:26]
.
2010-12-10 c:\windows\Tasks\PCDoctorBackgroundMonitorTask.job
- c:\programmer\Dell Support Center\uaclauncher.exe [2010-11-18 15:13]
.
2010-12-18 c:\windows\Tasks\SystemToolsDailyTest.job
- c:\programmer\Dell Support Center\pcdrcui.exe [2010-11-18 15:13]
.
2011-01-09 c:\windows\Tasks\User_Feed_Synchronization-{DA084563-BAEF-4A28-BE00-F7B13C84962A}.job
- c:\windows\system32\msfeedssync.exe [2006-10-17 02:31]
.
.
------- Yderligere scanning -------
.
uStart Page = hxxp://www.google.com/
uSearchMigratedDefaultURL = hxxp://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?}
uDefault_Search_URL = hxxp://www.google.com/ie
uInternet Connection Wizard,ShellNext = iexplore
uInternet Settings,ProxyOverride = <local>
uSearchAssistant = hxxp://www.google.com/ie
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
IE: Add to Windows &Live Favorites - http://favorites.live.com/quickadd.aspx
IE: E&xport to Microsoft Excel
IE: Google Sidewiki ... - c:\programmer\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_D183CA64F05FDD98.dll/cmsidewiki.html
Handler: avgsecuritytoolbar - {F2DDE6B2-9684-4A55-86D4-E255E237B77C} -
DPF: Garmin Communicator Plug-In - hxxps://static.garmincdn.com/gcp/ie/2.9.3.0/GarminAxControl.CAB
DPF: {07D09E9E-C667-45DD-B035-217BC2A61A3B} - hxxps://www.basisbank.dk/package/sdc/external/activex/ActiveXSikkerhedssoftware-prod-1.30.cab
DPF: {1469FF24-47F6-11D2-8805-006008C537E3} - hxxp://www.kps.dk/codebase/ffmail.cab
DPF: {92EB6641-286A-11D2-A68E-00A0C996A6DD} - hxxp://www.kps.dk/codebase/jfsignature.cab
DPF: {AD90E8D1-3B47-11D2-A696-00A0C996A6DD} - hxxp://www.kps.dk/codebase/jfcrypto.cab
.
- - - - TOMME GENVEJE FJERNET - - - -
.
WebBrowser-{CCC7A320-B3CA-4199-B1A6-9F516DD69829} - (no file)
HKLM-Run-Lexmark X74-X75 - c:\programmer\Lexmark X74-X75\lxbbbmgr.exe
HKLM-Run-MSC - c:\programmer\Microsoft Security Client\msseces.exe
SafeBoot-MsMpSvc
AddRemove-KB870669 - c:\windows\muninst.exe
AddRemove-WebCyberCoach_wtrb - c:\programmer\WebCyberCoach\b_Dell\WCC_Wipe.exe WebCyberCoach ext\wtrb
AddRemove-Windows Media Format Runtime - c:\programmer\Windows Media Player\wmsetsdk.exe
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2011-04-07 23:26
Windows 5.1.2600 Service Pack 3 NTFS
.
scanner skjulte processer ... 
.
scanner skjulte autostarter ...
.
scanner skjulte filer ... 
.
scanning gennemført med succes
skjulte filer: 0
.
**************************************************************************
.
--------------------- LÅSTE REGISTRERINGS NØGLER ---------------------
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil10o_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
@="c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil10o_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
@Denied: (A 2) (Everyone)
@="IFlashBroker4"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\software\Microsoft\Active Setup\Installed Components\{abcdf74f-9a64-4e6e-b8eb-6e5a41de6550}\0406]
"Version"="1.0.0.2"
.
--------------------- DLLs startet under kørende Processer ---------------------
.
- - - - - - - > 'explorer.exe'(5240)
c:\programmer\Fælles filer\Logishrd\LVMVFM\LVPrcInj.dll
c:\programmer\Fælles filer\Logitech\Scrolling\LgMsgHk.dll
c:\windows\system32\msi.dll
c:\windows\system32\webcheck.dll
.
------------------------ Andre kørende processer ------------------------
.
c:\programmer\Java\jre6\bin\jqs.exe
c:\programmer\Fælles filer\LogiShrd\LVCOMSER\LVComSer.exe
c:\windows\system32\msiexec.exe
c:\programmer\Fælles filer\LogiShrd\LVMVFM\LVPrcSrv.exe
c:\windows\system32\wscntfy.exe
c:\programmer\GIANT Company Software\Spam Inspector\siMailProxyServer.exe
c:\programmer\GIANT Company Software\Spam Inspector\siSpamFilterEngine.exe
c:\programmer\Fælles filer\Logishrd\LQCVFX\COCIManager.exe
c:\programmer\logitech\quickcam\lu\lulnchr.exe
c:\programmer\logitech\quickcam\lu\LogitechUpdate.exe
.
**************************************************************************
.
Gennemført tid: 2011-04-07  23:32:03 - maskinen blev genstartet
ComboFix-quarantined-files.txt  2011-04-07 21:31
.
Pre-Kørsel: 34.346.188.800 byte ledig
Post-Kørsel: 34.173.915.136 byte ledig
.
- - End Of File - - B9B07BBEA72F9BFACA3E9F73369EA490

Har hentet værktøjet og kan via min mail få det over på den anden pc. GEMMER det lige til jeg ser hvad du siger...

Jeg omdøbtge combofix til banan før jeg gemte. Den har også gemt en fil som hedder: bamam.exe.vir - men den vil den ikke åbne (gemt i Qoobox,,,(

Hent og kør denne:

http://download.bleepingcomputer.com/sUBs/MiniFixes/CF-undo-All.exe

Fortæl så hvordan Pcn kører!

Den ComboFix må IKKE køres igen!!!!!

De to logs fortalte det jeg skulle vide, så du behøver ikke køre SystemLook.

Jeg henter det du skriver.

Jeg kan slet ikke finde combofix program-filen - den er vist slettet???

Nu har jeg hentet det - og sendt via mail til min fars pc. MEN hans aoutlook blokerer filen som potientel usikker...

Kan du hjælpe - hvordan får jeg outlook til at godtage den undoo.all fil jeg sender med programmet på?

Eneste måde jeg kan få noget ind og ud af hans pc ligenu...


??

Omdøb den inden du sender den, eller du kan zippe den. Eventuelt med Password.

Kan den hentes som en zip-fil - har kun et eller andet rar-program virker ikke på min fars pc. Omdøber jeg den kan jeg jo ikke omdøbe selve exe delen vel? Og det er den den blokerer.

Du kan kalde den exe1 istedet for exe. Bare højreklik -> omdøb.

Ja - men når jeg så indsætter den så hedder den exe1.exe - den sætter aut exe bagefter

Nu beder jeg dig om noget lidt træls (ked af at tage så meget af din tid - men er så taknemmelig for din hjælp) VIL du zippe den fil for mig - og maile den til jens@boyen.dk - så kommer den frem og jeg kan unzippe den der og køre programmet?

Når du indsætter hvad, hvor og hvordan. Nu er jeg ikke med. Hvilken Windows bruger [B]du[/b]?

Du kan prøve 7-Zip.
http://www.7-zip.org/

Super - tak.
Kører nu - vender tilbage - laver undo af ændringer combofix har lavet. log kommer..

SÅ...NU sker der altså noget:-)

Den kører - også nettet. Fik kørt undo - kører udne virusbesk.- sætte det til hvis det virker nu.

Musen har en tendens til at låse lidt...men begge mus og tastaturer virker nu:-)

Vil gerne køre en f-secure online??

Er der mere jeg gør / må ikke må gøre liegnu.

Musen låser...?

Security Ess. er NU slået til:-)

Prøvede t se om den ville køre en F-secure - MEN det vil den ikke. fejl id 27 igen..

cc og mailwareb. eller?

ms ess. kunne også køre en scanning?

Hvorfor er du så ivrig efter at køre F-secure?

Hent en ny ComboFix.

Hent og gem ComboFix på dit skrivebord.

Højreklik på skrivebordet og vælg ny->tekstdokument og kopier det fremhævede ind og gem filen som CFScript

Killall::
Snapshot::

Da Combofix kan konflikte med dine sikkerhedsprogrammer er det vigtigt at du deaktiverer dem.

Tag så fat i den nye fil med musen, og før den hen over ComboFix-filen, hvorefter du "giver slip" med musen.
http://www.fromsej.saknet.dk/billeder/cfscript.gif

Så skulle Combofix gerne give sig til at arbejde. Muligvis vil den kræve en genstart, hvilket du skal tillade. Du bør ikke klikke på vinduet imens værktøjet kører, idet det kan få din computer til at fryse.
Når Combofix er færdig, og efter det (muligvis) har genstartet, skulle der gerne åbnes en logfil: combofix.txt som ligger her C:\Combofix.txt

Indholdet af denne fil må du gerne lægge herind.

hehe - Jeg er totalt tilhænger af F-secure:-) Når den kører 'ved' jeg at det går bedre:-)

Jeg krydser fingre og prøver Combofix igen.

Jeg skal lige høre FØR jeg gør det - NÅR combofix er færdig og genstarter - så skal jeg ind igen via password (de gamle har password på) - OG da må jeg gerne taste password for at komme ind igen - også selv om combofix jo egentlig kun er ved at genstarte??? 

Det var nemlig herefter at noget gik i udu igår??

Der fik du mig - det har jeg aldrig prøvet. Kan du ikke fjerne det Password midlertidigt?

PS Har du set den Interne Besked jeg sendte?

Hehe:-) Det er fjernet - dvs. jeg gik ind over min fars brugerkonto istedet - og der er ikke password.

NU kører combo - jeg har ikke set beskeden - det gør jeg lige om 2 sec...

vender tilbage:-) TAK TAK

Fjong - starede fint op og kører nu

Combo-log:

KØRER HURTIGERE DET HELE - MUSEN LÅSER ENDNU..

ComboFix 11-04-07.08 - Jens Rasmussen 08-04-2011  13:28:42.1.2 - x86
Microsoft Windows XP Professional  5.1.2600.3.1252.45.1030.18.511.302 [GMT 2:00]
Kører fra: c:\documents and settings\Jens Rasmussen\Skrivebord\melon.exe
Kommandoer benyttet :: c:\documents and settings\Jens Rasmussen\Skrivebord\CFScript.txt
AV: Microsoft Security Essentials *Disabled/Updated* {EDB4FA23-53B8-4AFA-8C5D-99752CCA7095}
.
advarsel -DENNE MASKINE HAR IKKE GENOPRETTELSESKONSOL INSTALLERET !!
.
.
(((((((((((((((((((((((((((((((((((((((  Andet, der er slettet  )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\documents and settings\Elsebet Rasmussen\Application Data\PriceGong
c:\documents and settings\Elsebet Rasmussen\Application Data\PriceGong\Data\1.xml
c:\documents and settings\Elsebet Rasmussen\Application Data\PriceGong\Data\a.xml
c:\documents and settings\Elsebet Rasmussen\Application Data\PriceGong\Data\b.xml
c:\documents and settings\Elsebet Rasmussen\Application Data\PriceGong\Data\c.xml
c:\documents and settings\Elsebet Rasmussen\Application Data\PriceGong\Data\d.xml
c:\documents and settings\Elsebet Rasmussen\Application Data\PriceGong\Data\e.xml
c:\documents and settings\Elsebet Rasmussen\Application Data\PriceGong\Data\f.xml
c:\documents and settings\Elsebet Rasmussen\Application Data\PriceGong\Data\g.xml
c:\documents and settings\Elsebet Rasmussen\Application Data\PriceGong\Data\h.xml
c:\documents and settings\Elsebet Rasmussen\Application Data\PriceGong\Data\i.xml
c:\documents and settings\Elsebet Rasmussen\Application Data\PriceGong\Data\J.xml
c:\documents and settings\Elsebet Rasmussen\Application Data\PriceGong\Data\k.xml
c:\documents and settings\Elsebet Rasmussen\Application Data\PriceGong\Data\l.xml
c:\documents and settings\Elsebet Rasmussen\Application Data\PriceGong\Data\m.xml
c:\documents and settings\Elsebet Rasmussen\Application Data\PriceGong\Data\mru.xml
c:\documents and settings\Elsebet Rasmussen\Application Data\PriceGong\Data\n.xml
c:\documents and settings\Elsebet Rasmussen\Application Data\PriceGong\Data\o.xml
c:\documents and settings\Elsebet Rasmussen\Application Data\PriceGong\Data\p.xml
c:\documents and settings\Elsebet Rasmussen\Application Data\PriceGong\Data\q.xml
c:\documents and settings\Elsebet Rasmussen\Application Data\PriceGong\Data\r.xml
c:\documents and settings\Elsebet Rasmussen\Application Data\PriceGong\Data\s.xml
c:\documents and settings\Elsebet Rasmussen\Application Data\PriceGong\Data\t.xml
c:\documents and settings\Elsebet Rasmussen\Application Data\PriceGong\Data\u.xml
c:\documents and settings\Elsebet Rasmussen\Application Data\PriceGong\Data\v.xml
c:\documents and settings\Elsebet Rasmussen\Application Data\PriceGong\Data\w.xml
c:\documents and settings\Elsebet Rasmussen\Application Data\PriceGong\Data\x.xml
c:\documents and settings\Elsebet Rasmussen\Application Data\PriceGong\Data\y.xml
c:\documents and settings\Elsebet Rasmussen\Application Data\PriceGong\Data\z.xml
c:\documents and settings\Elsebet Rasmussen\err.log
c:\documents and settings\Elsebet Rasmussen\WINDOWS
c:\documents and settings\Gæst\Application Data\PriceGong
c:\documents and settings\Gæst\Application Data\PriceGong\Data\1.xml.vir
c:\documents and settings\Gæst\Application Data\PriceGong\Data\a.xml.vir
c:\documents and settings\Gæst\Application Data\PriceGong\Data\b.xml.vir
c:\documents and settings\Gæst\Application Data\PriceGong\Data\c.xml.vir
c:\documents and settings\Gæst\Application Data\PriceGong\Data\d.xml.vir
c:\documents and settings\Gæst\Application Data\PriceGong\Data\e.xml.vir
c:\documents and settings\Gæst\Application Data\PriceGong\Data\f.xml.vir
c:\documents and settings\Gæst\Application Data\PriceGong\Data\g.xml.vir
c:\documents and settings\Gæst\Application Data\PriceGong\Data\h.xml.vir
c:\documents and settings\Gæst\Application Data\PriceGong\Data\i.xml.vir
c:\documents and settings\Gæst\Application Data\PriceGong\Data\J.xml.vir
c:\documents and settings\Gæst\Application Data\PriceGong\Data\k.xml.vir
c:\documents and settings\Gæst\Application Data\PriceGong\Data\l.xml.vir
c:\documents and settings\Gæst\Application Data\PriceGong\Data\m.xml.vir
c:\documents and settings\Gæst\Application Data\PriceGong\Data\mru.xml.vir
c:\documents and settings\Gæst\Application Data\PriceGong\Data\n.xml.vir
c:\documents and settings\Gæst\Application Data\PriceGong\Data\o.xml.vir
c:\documents and settings\Gæst\Application Data\PriceGong\Data\p.xml.vir
c:\documents and settings\Gæst\Application Data\PriceGong\Data\q.xml.vir
c:\documents and settings\Gæst\Application Data\PriceGong\Data\r.xml.vir
c:\documents and settings\Gæst\Application Data\PriceGong\Data\s.xml.vir
c:\documents and settings\Gæst\Application Data\PriceGong\Data\t.xml.vir
c:\documents and settings\Gæst\Application Data\PriceGong\Data\u.xml.vir
c:\documents and settings\Gæst\Application Data\PriceGong\Data\v.xml.vir
c:\documents and settings\Gæst\Application Data\PriceGong\Data\w.xml.vir
c:\documents and settings\Gæst\Application Data\PriceGong\Data\x.xml.vir
c:\documents and settings\Gæst\Application Data\PriceGong\Data\y.xml.vir
c:\documents and settings\Gæst\Application Data\PriceGong\Data\z.xml.vir
c:\documents and settings\Jens Rasmussen\Application Data\PriceGong
c:\documents and settings\Jens Rasmussen\Application Data\PriceGong\Data\1.xml
c:\documents and settings\Jens Rasmussen\Application Data\PriceGong\Data\a.xml
c:\documents and settings\Jens Rasmussen\Application Data\PriceGong\Data\b.xml
c:\documents and settings\Jens Rasmussen\Application Data\PriceGong\Data\c.xml
c:\documents and settings\Jens Rasmussen\Application Data\PriceGong\Data\d.xml
c:\documents and settings\Jens Rasmussen\Application Data\PriceGong\Data\e.xml
c:\documents and settings\Jens Rasmussen\Application Data\PriceGong\Data\f.xml
c:\documents and settings\Jens Rasmussen\Application Data\PriceGong\Data\g.xml
c:\documents and settings\Jens Rasmussen\Application Data\PriceGong\Data\h.xml
c:\documents and settings\Jens Rasmussen\Application Data\PriceGong\Data\i.xml
c:\documents and settings\Jens Rasmussen\Application Data\PriceGong\Data\J.xml
c:\documents and settings\Jens Rasmussen\Application Data\PriceGong\Data\k.xml
c:\documents and settings\Jens Rasmussen\Application Data\PriceGong\Data\l.xml
c:\documents and settings\Jens Rasmussen\Application Data\PriceGong\Data\m.xml
c:\documents and settings\Jens Rasmussen\Application Data\PriceGong\Data\mru.xml
c:\documents and settings\Jens Rasmussen\Application Data\PriceGong\Data\n.xml
c:\documents and settings\Jens Rasmussen\Application Data\PriceGong\Data\o.xml
c:\documents and settings\Jens Rasmussen\Application Data\PriceGong\Data\p.xml
c:\documents and settings\Jens Rasmussen\Application Data\PriceGong\Data\q.xml
c:\documents and settings\Jens Rasmussen\Application Data\PriceGong\Data\r.xml
c:\documents and settings\Jens Rasmussen\Application Data\PriceGong\Data\s.xml
c:\documents and settings\Jens Rasmussen\Application Data\PriceGong\Data\t.xml
c:\documents and settings\Jens Rasmussen\Application Data\PriceGong\Data\u.xml
c:\documents and settings\Jens Rasmussen\Application Data\PriceGong\Data\v.xml
c:\documents and settings\Jens Rasmussen\Application Data\PriceGong\Data\w.xml
c:\documents and settings\Jens Rasmussen\Application Data\PriceGong\Data\x.xml
c:\documents and settings\Jens Rasmussen\Application Data\PriceGong\Data\y.xml
c:\documents and settings\Jens Rasmussen\Application Data\PriceGong\Data\z.xml
c:\documents and settings\Jens Rasmussen\err.log
c:\programmer\IEToolbar
c:\programmer\IEToolbar\Forbrugerliv XtraSaver\xtrasaverLive.dll
C:\Thumbs.db
c:\windows\system32\Cache
c:\windows\system32\Thumbs.db
.
.
(((((((((((((((((((((((((((((((((((((((  Drivers/Tjenester  )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Legacy_ISEXENG
-------\Legacy_MYWEBSEARCHSERVICE
-------\Legacy_SSHNAS
.
.
(((((((((((((((((((((((((((((  Filer skabt fra 2011-03-08 til 2011-04-08  )))))))))))))))))))))))))))))))))))
.
.
2011-04-08 10:34 . 2011-04-08 10:34    28752    ----a-w-    c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{3AFF43EF-68BB-425E-BC9D-31D4DF1F7781}\MpKslf433aa87.sys
2011-04-08 10:33 . 2011-03-14 19:05    6792528    ----a-w-    c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{3AFF43EF-68BB-425E-BC9D-31D4DF1F7781}\mpengine.dll
2011-04-08 10:20 . 2009-07-10 11:16    307048    ----a-w-    c:\windows\WLXPGSS.SCR
2011-04-07 20:18 . 2011-01-12 23:41    5890896    ----a-w-    c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll
2011-04-07 20:06 . 2011-04-07 20:06    --------    d-----w-    c:\documents and settings\Elsebet Rasmussen\Lokale indstillinger\Application Data\PCHealth
2011-04-07 20:05 . 2011-04-08 10:20    --------    d-----w-    c:\programmer\Microsoft Security Client
2011-04-07 18:20 . 2011-04-07 18:20    --------    d-----w-    C:\_OTL
2011-04-07 10:59 . 2010-12-20 16:09    38224    ----a-w-    c:\windows\system32\drivers\mbamswissarmy.sys
2011-04-07 10:59 . 2010-12-20 16:08    20952    ----a-w-    c:\windows\system32\drivers\mbam.sys
2011-04-07 03:12 . 2011-04-07 03:12    --------    d-----w-    c:\windows\system32\wbem\Repository
2011-04-07 03:07 . 2011-04-07 21:12    --------    d-----w-    c:\programmer\NOS
2011-04-07 03:07 . 2011-04-07 21:10    --------    d-----w-    c:\documents and settings\All Users\Application Data\NOS
2011-03-29 14:47 . 2011-03-29 14:47    --------    d-----w-    c:\documents and settings\Elsebet Rasmussen\.oces2
2011-03-15 19:27 . 2011-03-15 19:27    --------    d-----w-    c:\documents and settings\Gæst\Application Data\AVG10
2011-03-09 18:05 . 2011-03-09 18:05    --------    d-sh--w-    c:\documents and settings\Default User\IETldCache
.
.
((((((((((((((((((((((((((((((((((((((((  Find3M Rapport  ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-02-09 13:53 . 2003-08-20 18:58    270848    ----a-w-    c:\windows\system32\sbe.dll
2011-02-09 13:53 . 2003-08-20 18:58    186880    ----a-w-    c:\windows\system32\encdec.dll
2011-02-02 07:58 . 2003-08-20 18:57    2067456    ----a-w-    c:\windows\system32\mstscax.dll
2011-01-27 11:57 . 2003-08-20 18:57    677888    ----a-w-    c:\windows\system32\mstsc.exe
2011-01-21 14:44 . 2003-08-20 19:00    439808    ----a-w-    c:\windows\system32\shimgvw.dll
.
.
(((((((((((((((((((((((((((((((((((  Start steder i reg.basen  ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Bemærk* tomme linier & lovlige standard linier vises ikke 
REGEDIT4
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"nwiz"="nwiz.exe" [2003-10-06 741376]
"siService.exe"="c:\programmer\GIANT Company Software\Spam Inspector\siService.exe" [2003-11-15 204800]
"Lexmark X74-X75"="c:\programmer\Lexmark X74-X75\lxbbbmgr.exe" [2002-10-14 57344]
"zBrowser Launcher"="c:\program files\Logitech\iTouch\iTouch.exe" [2004-03-18 892928]
"NvCplDaemon"="c:\windows\System32\NvCpl.dll" [2003-10-06 5058560]
"MSC"="c:\programmer\Microsoft Security Client\msseces.exe" [2010-11-30 997408]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\System32\CTFMON.EXE" [2008-04-14 15360]
"DWQueuedReporting"="c:\progra~1\FLLESF~1\MICROS~1\DW\dwtrig20.exe" [2007-02-25 437160]
.
c:\documents and settings\All Users\Menuen Start\Programmer\Start\
Digimax Viewer 2.1 (2).lnk - c:\programmer\Samsung\Digimax Viewer 2.1\STImgBrowser.exe [2005-2-4 634880]
Digimax Viewer 2.1.lnk - c:\programmer\Samsung\Digimax Viewer 2.1\STImgBrowser.exe [2005-2-4 634880]
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
@="Service"
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\swg]
2008-04-09 08:55    68856    ----a-w-    c:\programmer\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Programmer\\GIANT Company Software\\Spam Inspector\\siMailProxyServer.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\WINDOWS\\system32\\mmc.exe"=
"c:\\Programmer\\Windows Live\\Sync\\WindowsLiveSync.exe"=
"c:\\Programmer\\Skype\\Plugin Manager\\skypePM.exe"=
"c:\\Programmer\\Windows Live\\Messenger\\msnmsgr.exe"=
"c:\\Programmer\\Skype\\Phone\\Skype.exe"=
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"3389:TCP"= 3389:TCP:*:Disabled:@xpsp2res.dll,-22009
.
R1 MpKslf433aa87;MpKslf433aa87;c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{3AFF43EF-68BB-425E-BC9D-31D4DF1F7781}\MpKslf433aa87.sys [08-04-2011 12:34 28752]
S1 MpKsl097c72b7;MpKsl097c72b7;\??\c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{C351BD04-A8F8-413D-89E3-216909E2317C}\MpKsl097c72b7.sys --> c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{C351BD04-A8F8-413D-89E3-216909E2317C}\MpKsl097c72b7.sys [?]
S3 AVG Security Toolbar Service;AVG Security Toolbar Service;c:\programmer\AVG\AVG10\Toolbar\ToolbarBroker.exe --> c:\programmer\AVG\AVG10\Toolbar\ToolbarBroker.exe [?]
S3 nosGetPlusHelper;getPlus(R) Helper 3004;c:\windows\System32\svchost.exe -k nosGetPlusHelper [09-10-2001 14:00 14336]
S4 gupdate;Tjenesten Google Update (gupdate);c:\programmer\Google\Update\GoogleUpdate.exe [29-01-2010 09:42 135664]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
nosGetPlusHelper    REG_MULTI_SZ      nosGetPlusHelper
.
Indhold af mappen 'Planlagte Opgaver'
.
2011-04-07 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\programmer\Google\Update\GoogleUpdate.exe [2010-01-29 07:41]
.
2010-12-19 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\programmer\Google\Update\GoogleUpdate.exe [2010-01-29 07:41]
.
2011-04-08 c:\windows\Tasks\MP Scheduled Scan.job
- c:\programmer\Microsoft Security Client\Antimalware\MpCmdRun.exe [2010-11-11 10:26]
.
2011-04-08 c:\windows\Tasks\MpIdleTask.job
- c:\programmer\Microsoft Security Client\Antimalware\MpCmdRun.exe [2010-11-11 10:26]
.
2011-04-07 c:\windows\Tasks\PCDoctorBackgroundMonitorTask-Delay.job
- c:\programmer\Dell Support Center\uaclauncher.exe [2010-11-18 15:13]
.
2011-04-07 c:\windows\Tasks\PCDoctorBackgroundMonitorTask.job
- c:\programmer\Dell Support Center\uaclauncher.exe [2010-11-18 15:13]
.
2011-04-07 c:\windows\Tasks\SystemToolsDailyTest.job
- c:\programmer\Dell Support Center\pcdrcui.exe [2010-11-18 15:13]
.
2011-04-07 c:\windows\Tasks\User_Feed_Synchronization-{DA084563-BAEF-4A28-BE00-F7B13C84962A}.job
- c:\windows\system32\msfeedssync.exe [2006-10-17 02:31]
.
.
------- Yderligere scanning -------
.
uStart Page = hxxp://www.google.com/
uSearchMigratedDefaultURL = hxxp://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?}
uDefault_Search_URL = hxxp://www.google.com/ie
uInternet Connection Wizard,ShellNext = iexplore
uInternet Settings,ProxyOverride = <local>
uSearchAssistant = hxxp://www.google.com/ie
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
IE: Add to Windows &Live Favorites - http://favorites.live.com/quickadd.aspx
IE: E&xport to Microsoft Excel
IE: Google Sidewiki ... - c:\programmer\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_D183CA64F05FDD98.dll/cmsidewiki.html
Handler: avgsecuritytoolbar - {F2DDE6B2-9684-4A55-86D4-E255E237B77C} -
DPF: Garmin Communicator Plug-In - hxxps://static.garmincdn.com/gcp/ie/2.9.3.0/GarminAxControl.CAB
DPF: {07D09E9E-C667-45DD-B035-217BC2A61A3B} - hxxps://www.basisbank.dk/package/sdc/external/activex/ActiveXSikkerhedssoftware-prod-1.30.cab
DPF: {1469FF24-47F6-11D2-8805-006008C537E3} - hxxp://www.kps.dk/codebase/ffmail.cab
DPF: {92EB6641-286A-11D2-A68E-00A0C996A6DD} - hxxp://www.kps.dk/codebase/jfsignature.cab
DPF: {AD90E8D1-3B47-11D2-A696-00A0C996A6DD} - hxxp://www.kps.dk/codebase/jfcrypto.cab
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2011-04-08 13:48
Windows 5.1.2600 Service Pack 3 NTFS
.
scanner skjulte processer ... 
.
scanner skjulte autostarter ...
.
scanner skjulte filer ... 
.
scanning gennemført med succes
skjulte filer: 0
.
**************************************************************************
.
--------------------- LÅSTE REGISTRERINGS NØGLER ---------------------
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil10o_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
@="c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil10o_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
@Denied: (A 2) (Everyone)
@="IFlashBroker4"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
--------------------- DLLs startet under kørende Processer ---------------------
.
- - - - - - - > 'explorer.exe'(4648)
c:\programmer\Fælles filer\Logishrd\LVMVFM\LVPrcInj.dll
c:\program files\Logitech\iTouch\iTchHk.dll
c:\programmer\Fælles filer\Logitech\Scrolling\LgMsgHk.dll
c:\windows\system32\msi.dll
c:\windows\system32\webcheck.dll
c:\windows\system32\WPDShServiceObj.dll
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
.
------------------------ Andre kørende processer ------------------------
.
c:\programmer\Microsoft Security Client\Antimalware\MsMpEng.exe
c:\windows\system32\LEXBCES.EXE
c:\windows\system32\LEXPPS.EXE
c:\programmer\Fælles filer\LogiShrd\LVMVFM\LVPrcSrv.exe
c:\programmer\Java\jre6\bin\jqs.exe
c:\programmer\Fælles filer\LogiShrd\LVCOMSER\LVComSer.exe
c:\windows\System32\nvsvc32.exe
c:\windows\system32\wscntfy.exe
c:\programmer\Fælles filer\LogiShrd\LVCOMSER\LVComSer.exe
c:\programmer\Lexmark X74-X75\lxbbbmon.exe
c:\programmer\GIANT Company Software\Spam Inspector\siMailProxyServer.exe
c:\programmer\GIANT Company Software\Spam Inspector\siSpamFilterEngine.exe
.
**************************************************************************
.
Gennemført tid: 2011-04-08  13:56:40 - maskinen blev genstartet
ComboFix-quarantined-files.txt  2011-04-08 11:56
ComboFix2.txt  2011-04-07 21:32
.
Pre-Kørsel: 34.422.448.128 byte ledig
Post-Kørsel: 34.412.818.432 byte ledig
.
- - End Of File - - 93E0F2EE58E3AD1B72B0D0FB8AFE6616

Højreklik på skrivebordet og vælg ny->tekstdokument og kopier det fremhævede ind og gem filen som CFScript

Killall::
Snapshot::
Folder::
c:\documents and settings\Gæst\Application Data\AVG10
Driver::
MpKsl097c72b7
AVG Security Toolbar Service

Da Combofix kan konflikte med dine sikkerhedsprogrammer er det vigtigt at du deaktiverer dem.

Tag så fat i den nye fil med musen, og før den hen over Combofix-filen, hvorefter du "giver slip" med musen.
http://www.fromsej.saknet.dk/billeder/cfscript.gif

Så skulle Combofix gerne give sig til at arbejde. Muligvis vil den kræve en genstart, hvilket du skal tillade. Du bør ikke klikke på vinduet imens værktøjet kører, idet det kan få din computer til at fryse.
Når Combofix er færdig, og efter det (muligvis) har genstartet, skulle der gerne åbnes en logfil combofix.txt som ligger her C:\Combofix.txt

Indholdet af denne fil må du gerne lægge herind.

------

Deaktiver dit antivirus-program, kør en online scanning med ESET Online Scanner:
http://www.eset.com/onlinescan/

Du skal acceptere betingelserne for brug, og klik på Start.
Efter ActiveX Control er indlæst, vil det tage et par minutter for scanneren at blive klar.
Dernæst skal du sætte flueben i følgende felter: (kun dem)

Scan archives

under advanced settings
Scan for potentialy unwanted applications
Scan for potentially unsafe applications
Enable anti-stealth technology

Klik på Start. Denne scanning kan tage et stykke tid, så vær tålmodig.
En log vil åbne, når scanningen er færdig.

(hvis ikke, skal du gå til C:\Programmer\EsetOnlineScanner\ og åbne filen Log.txt).

Kopier den herind i næste indlæg.

------

Jeg vil gerne se:

1. Log fra ComboFix.

2. Resultat fra ESET Online Scanner.

ComboFix 11-04-07.08 - Jens Rasmussen 08-04-2011  15:30:49.2.2 - x86
Microsoft Windows XP Professional  5.1.2600.3.1252.45.1030.18.511.196 [GMT 2:00]
Kører fra: c:\documents and settings\Jens Rasmussen\Skrivebord\melon.exe
Kommandoer benyttet :: c:\documents and settings\Jens Rasmussen\Skrivebord\CFScript.txt
AV: Microsoft Security Essentials *Disabled/Updated* {EDB4FA23-53B8-4AFA-8C5D-99752CCA7095}
.
advarsel -DENNE MASKINE HAR IKKE GENOPRETTELSESKONSOL INSTALLERET !!
.
.
(((((((((((((((((((((((((((((((((((((((  Andet, der er slettet  )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\documents and settings\Gæst\Application Data\AVG10
c:\documents and settings\Gæst\Application Data\AVG10\cfgall\outlook.cfg
c:\documents and settings\Gæst\Application Data\AVG10\cfgall\usergui.cfg
.
.
(((((((((((((((((((((((((((((((((((((((  Drivers/Tjenester  )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Legacy_AVG_SECURITY_TOOLBAR_SERVICE
-------\Legacy_MPKSL097C72B7
-------\Service_AVG Security Toolbar Service
-------\Service_MpKsl097c72b7
.
.
(((((((((((((((((((((((((((((  Filer skabt fra 2011-03-08 til 2011-04-08  )))))))))))))))))))))))))))))))))))
.
.
2011-04-08 12:04 . 2011-04-08 12:04    28752    ----a-w-    c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{F74F4F55-CE12-40D0-9DA7-1CF638A91352}\MpKsl17113228.sys
2011-04-08 11:59 . 2011-03-14 19:05    6792528    ----a-w-    c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{F74F4F55-CE12-40D0-9DA7-1CF638A91352}\mpengine.dll
2011-04-08 10:20 . 2009-07-10 11:16    307048    ----a-w-    c:\windows\WLXPGSS.SCR
2011-04-07 20:18 . 2011-01-12 23:41    5890896    ----a-w-    c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll
2011-04-07 20:06 . 2011-04-07 20:06    --------    d-----w-    c:\documents and settings\Elsebet Rasmussen\Lokale indstillinger\Application Data\PCHealth
2011-04-07 20:05 . 2011-04-08 10:20    --------    d-----w-    c:\programmer\Microsoft Security Client
2011-04-07 18:20 . 2011-04-07 18:20    --------    d-----w-    C:\_OTL
2011-04-07 10:59 . 2010-12-20 16:09    38224    ----a-w-    c:\windows\system32\drivers\mbamswissarmy.sys
2011-04-07 10:59 . 2010-12-20 16:08    20952    ----a-w-    c:\windows\system32\drivers\mbam.sys
2011-04-07 03:12 . 2011-04-07 03:12    --------    d-----w-    c:\windows\system32\wbem\Repository
2011-04-07 03:07 . 2011-04-07 21:12    --------    d-----w-    c:\programmer\NOS
2011-04-07 03:07 . 2011-04-07 21:10    --------    d-----w-    c:\documents and settings\All Users\Application Data\NOS
2011-03-29 14:47 . 2011-03-29 14:47    --------    d-----w-    c:\documents and settings\Elsebet Rasmussen\.oces2
2011-03-09 18:05 . 2011-03-09 18:05    --------    d-sh--w-    c:\documents and settings\Default User\IETldCache
.
.
((((((((((((((((((((((((((((((((((((((((  Find3M Rapport  ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-02-09 13:53 . 2003-08-20 18:58    270848    ----a-w-    c:\windows\system32\sbe.dll
2011-02-09 13:53 . 2003-08-20 18:58    186880    ----a-w-    c:\windows\system32\encdec.dll
2011-02-02 07:58 . 2003-08-20 18:57    2067456    ----a-w-    c:\windows\system32\mstscax.dll
2011-01-27 11:57 . 2003-08-20 18:57    677888    ----a-w-    c:\windows\system32\mstsc.exe
2011-01-21 14:44 . 2003-08-20 19:00    439808    ----a-w-    c:\windows\system32\shimgvw.dll
.
.
(((((((((((((((((((((((((((((((((((  Start steder i reg.basen  ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Bemærk* tomme linier & lovlige standard linier vises ikke 
REGEDIT4
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"nwiz"="nwiz.exe" [2003-10-06 741376]
"siService.exe"="c:\programmer\GIANT Company Software\Spam Inspector\siService.exe" [2003-11-15 204800]
"Lexmark X74-X75"="c:\programmer\Lexmark X74-X75\lxbbbmgr.exe" [2002-10-14 57344]
"zBrowser Launcher"="c:\program files\Logitech\iTouch\iTouch.exe" [2004-03-18 892928]
"NvCplDaemon"="c:\windows\System32\NvCpl.dll" [2003-10-06 5058560]
"MSC"="c:\programmer\Microsoft Security Client\msseces.exe" [2010-11-30 997408]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\System32\CTFMON.EXE" [2008-04-14 15360]
"DWQueuedReporting"="c:\progra~1\FLLESF~1\MICROS~1\DW\dwtrig20.exe" [2007-02-25 437160]
.
c:\documents and settings\All Users\Menuen Start\Programmer\Start\
Digimax Viewer 2.1 (2).lnk - c:\programmer\Samsung\Digimax Viewer 2.1\STImgBrowser.exe [2005-2-4 634880]
Digimax Viewer 2.1.lnk - c:\programmer\Samsung\Digimax Viewer 2.1\STImgBrowser.exe [2005-2-4 634880]
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
@="Service"
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\swg]
2008-04-09 08:55    68856    ----a-w-    c:\programmer\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Programmer\\GIANT Company Software\\Spam Inspector\\siMailProxyServer.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\WINDOWS\\system32\\mmc.exe"=
"c:\\Programmer\\Windows Live\\Sync\\WindowsLiveSync.exe"=
"c:\\Programmer\\Skype\\Plugin Manager\\skypePM.exe"=
"c:\\Programmer\\Windows Live\\Messenger\\msnmsgr.exe"=
"c:\\Programmer\\Skype\\Phone\\Skype.exe"=
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"3389:TCP"= 3389:TCP:*:Disabled:@xpsp2res.dll,-22009
.
R1 MpKsl17113228;MpKsl17113228;c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{F74F4F55-CE12-40D0-9DA7-1CF638A91352}\MpKsl17113228.sys [08-04-2011 14:04 28752]
S1 MpKslf433aa87;MpKslf433aa87;\??\c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{3AFF43EF-68BB-425E-BC9D-31D4DF1F7781}\MpKslf433aa87.sys --> c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{3AFF43EF-68BB-425E-BC9D-31D4DF1F7781}\MpKslf433aa87.sys [?]
S3 nosGetPlusHelper;getPlus(R) Helper 3004;c:\windows\System32\svchost.exe -k nosGetPlusHelper [09-10-2001 14:00 14336]
S4 gupdate;Tjenesten Google Update (gupdate);c:\programmer\Google\Update\GoogleUpdate.exe [29-01-2010 09:42 135664]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
nosGetPlusHelper    REG_MULTI_SZ      nosGetPlusHelper
.
Indhold af mappen 'Planlagte Opgaver'
.
2011-04-07 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\programmer\Google\Update\GoogleUpdate.exe [2010-01-29 07:41]
.
2011-04-08 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\programmer\Google\Update\GoogleUpdate.exe [2010-01-29 07:41]
.
2011-04-08 c:\windows\Tasks\MP Scheduled Scan.job
- c:\programmer\Microsoft Security Client\Antimalware\MpCmdRun.exe [2010-11-11 10:26]
.
2011-04-08 c:\windows\Tasks\MpIdleTask.job
- c:\programmer\Microsoft Security Client\Antimalware\MpCmdRun.exe [2010-11-11 10:26]
.
2011-04-07 c:\windows\Tasks\PCDoctorBackgroundMonitorTask-Delay.job
- c:\programmer\Dell Support Center\uaclauncher.exe [2010-11-18 15:13]
.
2011-04-07 c:\windows\Tasks\PCDoctorBackgroundMonitorTask.job
- c:\programmer\Dell Support Center\uaclauncher.exe [2010-11-18 15:13]
.
2011-04-08 c:\windows\Tasks\SystemToolsDailyTest.job
- c:\programmer\Dell Support Center\pcdrcui.exe [2010-11-18 15:13]
.
2011-04-08 c:\windows\Tasks\User_Feed_Synchronization-{DA084563-BAEF-4A28-BE00-F7B13C84962A}.job
- c:\windows\system32\msfeedssync.exe [2006-10-17 02:31]
.
.
------- Yderligere scanning -------
.
uStart Page = hxxp://www.google.com/
uSearchMigratedDefaultURL = hxxp://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?}
uDefault_Search_URL = hxxp://www.google.com/ie
uInternet Connection Wizard,ShellNext = iexplore
uInternet Settings,ProxyOverride = <local>
uSearchAssistant = hxxp://www.google.com/ie
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
IE: Add to Windows &Live Favorites - http://favorites.live.com/quickadd.aspx
IE: E&xport to Microsoft Excel
IE: Google Sidewiki ... - c:\programmer\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_D183CA64F05FDD98.dll/cmsidewiki.html
DPF: Garmin Communicator Plug-In - hxxps://static.garmincdn.com/gcp/ie/2.9.3.0/GarminAxControl.CAB
DPF: {07D09E9E-C667-45DD-B035-217BC2A61A3B} - hxxps://www.basisbank.dk/package/sdc/external/activex/ActiveXSikkerhedssoftware-prod-1.30.cab
DPF: {1469FF24-47F6-11D2-8805-006008C537E3} - hxxp://www.kps.dk/codebase/ffmail.cab
DPF: {92EB6641-286A-11D2-A68E-00A0C996A6DD} - hxxp://www.kps.dk/codebase/jfsignature.cab
DPF: {AD90E8D1-3B47-11D2-A696-00A0C996A6DD} - hxxp://www.kps.dk/codebase/jfcrypto.cab
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2011-04-08 15:44
Windows 5.1.2600 Service Pack 3 NTFS
.
scanner skjulte processer ... 
.
scanner skjulte autostarter ...
.
scanner skjulte filer ... 
.
scanning gennemført med succes
skjulte filer: 0
.
**************************************************************************
.
--------------------- LÅSTE REGISTRERINGS NØGLER ---------------------
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil10o_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
@="c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil10o_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
@Denied: (A 2) (Everyone)
@="IFlashBroker4"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
--------------------- DLLs startet under kørende Processer ---------------------
.
- - - - - - - > 'explorer.exe'(5580)
c:\programmer\Fælles filer\Logishrd\LVMVFM\LVPrcInj.dll
c:\program files\Logitech\iTouch\iTchHk.dll
c:\programmer\Fælles filer\Logitech\Scrolling\LgMsgHk.dll
c:\windows\system32\msi.dll
c:\windows\system32\webcheck.dll
c:\windows\system32\WPDShServiceObj.dll
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
.
------------------------ Andre kørende processer ------------------------
.
c:\programmer\Microsoft Security Client\Antimalware\MsMpEng.exe
c:\windows\system32\LEXBCES.EXE
c:\windows\system32\LEXPPS.EXE
c:\programmer\Fælles filer\LogiShrd\LVMVFM\LVPrcSrv.exe
c:\programmer\Java\jre6\bin\jqs.exe
c:\programmer\Fælles filer\LogiShrd\LVCOMSER\LVComSer.exe
c:\windows\System32\nvsvc32.exe
c:\windows\system32\wscntfy.exe
c:\programmer\Fælles filer\LogiShrd\LVCOMSER\LVComSer.exe
c:\programmer\Lexmark X74-X75\lxbbbmon.exe
c:\programmer\GIANT Company Software\Spam Inspector\siMailProxyServer.exe
c:\programmer\GIANT Company Software\Spam Inspector\siSpamFilterEngine.exe
.
**************************************************************************
.
Gennemført tid: 2011-04-08  15:52:54 - maskinen blev genstartet
ComboFix-quarantined-files.txt  2011-04-08 13:52
ComboFix2.txt  2011-04-08 11:56
ComboFix3.txt  2011-04-07 21:32
.
Pre-Kørsel: 34.383.413.248 byte ledig
Post-Kørsel: 34.383.351.808 byte ledig
.
- - End Of File - - 4440BDA70AE7E22F1951A4D30022C695

ESET igang - har fundet orm - log asap

Kørt - men pcen er 'lidt tung' pg harddisken brummer når den arbejder. Musen er rigtig træls - låser meget nu.

her er log: (men det er vel heller ikke fjernet men blot scannet) ESETSmartInstaller@High as CAB hook log:
OnlineScanner.ocx - registred OK
# version=7
# iexplore.exe=8.00.6001.18702 (longhorn_ie8_rtm(wmbla).090308-0339)
# OnlineScanner.ocx=1.0.0.6425
# api_version=3.0.2
# EOSSerial=41feae5f64e0d24b8c07aabe2be9b249
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=true
# antistealth_checked=true
# utc_time=2011-04-08 03:35:08
# local_time=2011-04-08 05:35:08 (+0100, Rom, sommertid)
# country="Denmark"
# lang=1033
# osver=5.1.2600 NT Service Pack 3
# compatibility_mode=512 16777215 100 0 15631981 15631981 0 0
# compatibility_mode=5891 16776869 42 87 7028 14322944 0 0
# compatibility_mode=8192 67108863 100 0 167 167 0 0
# scanned=59062
# found=2
# cleaned=0
# scan_time=5628
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\MyWayMyWebSearch1.zip    Win32/Bagle.gen.zip worm (unable to clean)    00000000000000000000000000000000    I
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\MyWayMyWebSearch4.zip    Win32/Bagle.gen.zip worm (unable to clean)    00000000000000000000000000000000    I

Hejsa.

Skal jeg fjerne de to win32/bagle.gen.zip ?

De ligger i Spybot karantæne - så de betyder ikke ret meget.

Klik Start -> Kør og kopier dette ind. Devmgmt.msc
Klik OK.

Er der nogen gule Advarselstegn?
Hvad står der under "musen"

PS 512 MB Ram er i underkanten - men send lige en ny HJT log herind.

Hej.

Ja, 512 er ikke så meget - men...det har ikke været der hele tiden med musen. Kom pludselig forleden da min far sad på banken og så gik den i udu og pcen gik i lås. Og siden har det været galt.

Jeg havde samme problem med min mus (i sin tid) det gik væk efter I havde hjulpet mig igennem alt dette:-)

Der står 2  forskellige mus: HID Compatibel Wheel Mouse
                        og  HID compatibel mouse.

Og 2 forskellige tastaturer.

INGEN gule advarselstegn.

Spybot og spaminspekter skal jeg ikke afinstallere dem når der nu er MS essnt.??

Her er HJthis:

  Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 19:22:16, on 08-04-2011
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
c:\Programmer\Microsoft Security Client\Antimalware\MsMpEng.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\LEXBCES.EXE
C:\WINDOWS\system32\LEXPPS.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Programmer\Fælles filer\LogiShrd\LVMVFM\LVPrcSrv.exe
C:\Programmer\Java\jre6\bin\jqs.exe
C:\Programmer\Fælles filer\LogiShrd\LVCOMSER\LVComSer.exe
C:\WINDOWS\System32\nvsvc32.exe
C:\WINDOWS\System32\svchost.exe
C:\Programmer\Fælles filer\LogiShrd\LVCOMSER\LVComSer.exe
C:\Programmer\GIANT Company Software\Spam Inspector\siService.exe
C:\Programmer\Lexmark X74-X75\lxbbbmgr.exe
C:\Program Files\Logitech\iTouch\iTouch.exe
C:\Programmer\Lexmark X74-X75\lxbbbmon.exe
C:\Programmer\Microsoft Security Client\msseces.exe
C:\Programmer\GIANT Company Software\Spam Inspector\siMailProxyServer.exe
C:\Programmer\GIANT Company Software\Spam Inspector\siSpamFilterEngine.exe
C:\Programmer\Samsung\Digimax Viewer 2.1\STImgBrowser.exe
C:\WINDOWS\explorer.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Programmer\Google\Update\GoogleUpdate.exe
C:\Programmer\internet explorer\iexplore.exe
C:\Programmer\internet explorer\iexplore.exe
C:\Programmer\Windows Live\Photo Gallery\WLXQuickTimeControlHost.exe
C:\Programmer\Trend Micro\HiJackThis\HiJackThis.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Hyperlinks
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Programmer\Fælles filer\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - (no file)
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Programmer\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Programmer\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: (no name) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - (no file)
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [siService.exe] "C:\Programmer\GIANT Company Software\Spam Inspector\siService.exe"
O4 - HKLM\..\Run: [Lexmark X74-X75] "C:\Programmer\Lexmark X74-X75\lxbbbmgr.exe"
O4 - HKLM\..\Run: [zBrowser Launcher] C:\Program Files\Logitech\iTouch\iTouch.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [MSC] "c:\Programmer\Microsoft Security Client\msseces.exe" -hide -runkey
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\Run: [DWQueuedReporting] "c:\PROGRA~1\FLLESF~1\MICROS~1\DW\dwtrig20.exe" -t (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: Digimax Viewer 2.1 (2).lnk = ?
O4 - Global Startup: Digimax Viewer 2.1.lnk = C:\Programmer\Samsung\Digimax Viewer 2.1\STImgBrowser.exe
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\WINDOWS\system32\GPhotos.scr/200
O8 - Extra context menu item: Add to Windows &Live Favorites - http://favorites.live.com/quickadd.aspx
O8 - Extra context menu item: Google Sidewiki ... - res://C:\Programmer\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_D183CA64F05FDD98.dll/cmsidewiki.html
O9 - Extra button: Blog det - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Programmer\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Blog det i Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Programmer\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\WINDOWS\System32\shdocvw.dll
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\WINDOWS\System32\shdocvw.dll
O12 - Plugin for .mov: C:\Programmer\Internet Explorer\PLUGINS\npqtplugin.dll
O12 - Plugin for .mpeg: C:\Programmer\Internet Explorer\PLUGINS\npqtplugin3.dll
O12 - Plugin for .tif: C:\Programmer\Internet Explorer\PLUGINS\npqtplugin5.dll
O16 - DPF: Garmin Communicator Plug-In - https://static.garmincdn.com/gcp/ie/2.9.3.0/GarminAxControl.CAB
O16 - DPF: {07D09E9E-C667-45DD-B035-217BC2A61A3B} - https://www.basisbank.dk/package/sdc/external/activex/ActiveXSikkerhedssoftware-prod-1.30.cab
O16 - DPF: {11818680-FCF6-11D0-9808-0800092A4865} - http://www.kps.dk/Codebase/FormCtl.cab
O16 - DPF: {1469FF24-47F6-11D2-8805-006008C537E3} - http://www.kps.dk/codebase/ffmail.cab
O16 - DPF: {22492231-AEF0-49FC-9180-CE8969AB1273} - http://download.sp.f-secure.com/ols/f-secure-rtm/resources/fslauncher.cab
O16 - DPF: {5ED80217-570B-4DA9-BF44-BE107C0EC166} (Windows Live Safety Center Base Module) - http://cdn.scan.onecare.live.com/resource/download/scanner/wlscbase6886.cab
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1127924061312
O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} (OnlineScanner Control) - http://download.eset.com/special/eos/OnlineScanner.cab
O16 - DPF: {92EB6641-286A-11D2-A68E-00A0C996A6DD} - http://www.kps.dk/codebase/jfsignature.cab
O16 - DPF: {AD90E8D1-3B47-11D2-A696-00A0C996A6DD} - http://www.kps.dk/codebase/jfcrypto.cab
O16 - DPF: {B9F79165-A264-4C4A-A211-133A5E8D647F} (F-Secure Health Check 1.1) - http://support.f-secure.com/enu/home/onlineservices/fshc/fscax.cab
O16 - DPF: {CDDCFBB3-4D93-11D2-B1A9-00A0C9B742BE} - http://www.kps.dk/codebase/scriptobject.cab
O16 - DPF: {D8575CE3-3432-4540-88A9-85A1325D3375} (e-Safekey) - https://netbank.danskebank.dk/html/activex/e-Safekey/DB/e-Safekey.cab
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O16 - DPF: {EF2FB80F-0975-408E-A871-B00CC863478A} - http://www.kps.dk/codebase/fontinstaller.cab
O18 - Protocol: avgsecuritytoolbar - {F2DDE6B2-9684-4A55-86D4-E255E237B77C} - (no file)
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\FLLESF~1\Skype\SKYPE4~1.DLL
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\System32\browseui.dll
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\System32\browseui.dll
O23 - Service: Google Software Updater (gusvc) - Google - C:\Programmer\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Programmer\Java\jre6\bin\jqs.exe
O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINDOWS\system32\LEXBCES.EXE
O23 - Service: LVCOMSer - Logitech Inc. - C:\Programmer\Fælles filer\LogiShrd\LVCOMSER\LVComSer.exe
O23 - Service: Process Monitor (LVPrcSrv) - Logitech Inc. - C:\Programmer\Fælles filer\LogiShrd\LVMVFM\LVPrcSrv.exe
O23 - Service: LVSrvLauncher - Logitech Inc. - C:\Programmer\Fælles filer\LogiShrd\SrvLnch\SrvLnch.exe
O23 - Service: Intel NCS NetService (NetSvc) - Intel(R) Corporation - C:\Programmer\Intel\NCS\Sync\NetSvc.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe

--
End of file - 8373 bytes

OG når jeg IKKE kan gå ind på F-secure - men den kommer med fejl må der være et eller andet som er galt. Har altid kunnet gå ind på den - og virker på min bærbare.

Så ET eller andet ligger der altså og blokerer eller laver noget andet.

Men hvad kan det dog være?

Måske malwarebytes igen og så lade MS Ess. køre en  fuld scanning?

Som du selv er inde på - opdater Malwarebytes og kør en scanning med den.

Selv om der ingen advarsler er, kan driveren godt være korrupt.
Har du en mulighed for at geninstallere?

Hej.

Kunne nu køre en F-secure. Fandt 4 inf. filer renset.

Geninstallere - mener du geninstallere hele styresystmet - xp eller ??

Hvordan kan man tjekke om driveren er kurrupt? Må slutte for nu -
er nødt til at tage hjem. Men kommer herned tirsdag igen og køre mailwb. osv.

MEN kunne godt tænkt mig lige at vide hvad du tænker med  geninstallering?

Jeg vil - for nu - sige 10000000 tak for al din hjælp. Jeg arbejder videre med det tirsdag.

VH Marianne

Hvis den lavede en log, vil jeg gerne se den. Den plejer at finde ComboFix filer.


Det var nu kun musen jeg tænkte på.

PS Husk den Cd, så vi kan prøve en sfc /scannow

Så er jeg kommet hjemJ. Jeg kører måske til Vejle igen imorgen - for musen gik helt amok for min far efter at jeg var kørt. Jeg tænker at jeg skal have den afinstalleret - og den installerer jo sådan set sig selv - gør den ikke. Når den bliver tilsluttet igen -men jeg at windows selv plejer at finde ny hardware...?

Godt det kun var musen..føler ikke den store lyst til eller mod på at formattere pcen...

Tjekker om der var en log af f-sec. Og lægger den ind hvis der er.

OG Ja, jeg må endelig huske cd'en. Hvad er det sfc/scannow laver?

Herinde på 'eskperten' - kommer windows iøvrigt (også på min egen pc) og meddeler at der køres et script som sløver maskinen i kan sætte den i stå - og man ønsker at stoppe det...

Da F-SECURE kan ha' beskadiget ComboFix, må du naturligvis ikke køre den igen.

Ang.  sfc/scannow:
http://support.microsoft.com/kb/310747/da


Det er en fejl den har lavet flere gange før. Desværre har Admin/coadmin ikke reageret på henvendelser via http://www.eksperten.dk/spm/Eksperten/Fejl/

De har vist for travlt, til at ta' brugerne alvorligt.

Du kan skifte Browser da det ikke sker i Firefox.

Hej F...(er det Flemming eller ?)

Tak. Jeg har slettet combofix - er der noget med at den egentlig skal afinstalleres på en speciel måde?

Jeg er kørt til Vejle igen - det rider mig som en marre når jeg er igang med noget og må køre før jeg er færdig..

Så nu vil jeg starte med at afinstallere musene - MEN mon ikke det er både mus og tastatur jeg skal afinstallere - tastaturet har også lidt 'et eller andet'.

Det var jo noget med Logitech den kom frem og skrev om jeg ville opdatere - da den kørte den combofix som ikke duede.

Mon jeg skulle prøve at opdatere driverne først eller tror du jeg skal afinstallere, tilslutte igen og så opdatere.

Herefter kører jeg så cc før den scannow - jeg har taget cden med.

(Uha. jeg ville så utrolig gerne om jeg kunne få den istand til at køre ordentlig for dem. Det er jo frisk i en alder af 76 at være pc-bruger synes jeg - og de kan slet ikke undvære deres daglige 'pc-fix' hehe - Så hvis jeg kunne få det ordentlig igang ville det være SÅÅÅ dejligt)

Kan jeg ikke få lov at sende dig et par flasker vin bagefter som tak for hjælpen - som jeg er så taknemmelig for. Havde aldrig selv fundet igennem alt dette?

VH Marianne

PC'en laver iøvrigt noget -

Når der lukkes/eller genstartes kommer den med: Afslutning af program DDE server - som så skal afsluttes før den lukker ned - ?

Lad os starte med musen - har du en CD med Logitech muse driveren?

Jeg vil iøvrigt gerne se en Result.txt nu.

Hent og gem MiniToolBox af Farbar.

Start den og sæt flueben i følgende.

List content of Hosts
List last 10 Event Wiewer Errors.

Klik så på GO. Den laver Result.txt, som du gerne må kopiere herind.

Hvorfra kommer Result.txt nu - fra kør eller?

Jeg har en cd - ja, faktisk 2 fulgte der med (også et Ituchprogram - som må være til tastaturet) til den sidste mus og tastatur - er cordless desktop EX 100 - og tilsyneladende kun opsat som tastatur.

Den anden mus ved jeg ikke rigtig med..Og tastaturet er et gammelt Dell..Drivere dertil??

Jeg har en cd med Mouseware 9.1 (men den udgave der ligger derinde er vist nyere - måske der er hentet opdateringer sidenhen?

Henter programmet.

Jeg var igang med at afinstaller den trådløse del - men det har den nu ikke gjort - ? Så det ser ud til at det bare er som det hele tiden har været.Hmm.. Godt du dukkede op - er jeg rigtig glad for. Jeg ved for lidt om dette...:-/

Øh - bøh resultat.txt har du jo forklaret - fik jeg ikke set - bekalger ! Henter og kører..

MiniToolBox by Farbar
Ran by Elsebet Rasmussen at 2011-04-09 21:59:21
Microsoft Windows XP  Service Pack 3 (X86)

***************************************************************************

=============== Hosts content: ============================================ 

127.0.0.1      localhost

=============== End of Hosts ==============================================

========================= Event log errors: ===============================

Application errors:
==================
Error: (04/09/2011 09:46:42 PM) (Source: PerfNet) (User: )
Description: Servertjenesten kan ikke åbnes. Der bliver ikke returneret
serverydelsesdata. Den returnerede fejlkode er i dataene DWORD 0.

Error: (04/09/2011 11:02:07 AM) (Source: PerfNet) (User: )
Description: Servertjenesten kan ikke åbnes. Der bliver ikke returneret
serverydelsesdata. Den returnerede fejlkode er i dataene DWORD 0.

Error: (04/08/2011 08:33:04 PM) (Source: PerfNet) (User: )
Description: Servertjenesten kan ikke åbnes. Der bliver ikke returneret
serverydelsesdata. Den returnerede fejlkode er i dataene DWORD 0.

Error: (04/08/2011 08:18:01 PM) (Source: PerfNet) (User: )
Description: Servertjenesten kan ikke åbnes. Der bliver ikke returneret
serverydelsesdata. Den returnerede fejlkode er i dataene DWORD 0.

Error: (04/08/2011 03:01:00 PM) (Source: PerfNet) (User: )
Description: Servertjenesten kan ikke åbnes. Der bliver ikke returneret
serverydelsesdata. Den returnerede fejlkode er i dataene DWORD 0.

Error: (04/08/2011 02:17:02 PM) (Source: PerfNet) (User: )
Description: Servertjenesten kan ikke åbnes. Der bliver ikke returneret
serverydelsesdata. Den returnerede fejlkode er i dataene DWORD 0.

Error: (04/08/2011 01:00:02 PM) (Source: PerfNet) (User: )
Description: Servertjenesten kan ikke åbnes. Der bliver ikke returneret
serverydelsesdata. Den returnerede fejlkode er i dataene DWORD 0.

Error: (04/08/2011 10:00:44 AM) (Source: PerfNet) (User: )
Description: Servertjenesten kan ikke åbnes. Der bliver ikke returneret
serverydelsesdata. Den returnerede fejlkode er i dataene DWORD 0.

Error: (04/08/2011 09:12:46 AM) (Source: PerfNet) (User: )
Description: Servertjenesten kan ikke åbnes. Der bliver ikke returneret
serverydelsesdata. Den returnerede fejlkode er i dataene DWORD 0.

Error: (04/08/2011 09:05:44 AM) (Source: PerfNet) (User: )
Description: Servertjenesten kan ikke åbnes. Der bliver ikke returneret
serverydelsesdata. Den returnerede fejlkode er i dataene DWORD 0.


System errors:
=============
Error: (04/09/2011 09:46:03 PM) (Source: DCOM) (User: SYSTEM)
Description: Fejlen "%%1058" opstod på DCOM under forsøg på at starte tjenesten IISADMIN med argumenterne ""
for at køre serveren:
{A9E69610-B80D-11D0-B9B9-00A0C922E750}

Error: (04/09/2011 09:45:32 PM) (Source: Service Control Manager) (User: )
Description: Tjenesten Windows-billedscanning hang ved start.

Error: (04/09/2011 09:33:21 PM) (Source: DCOM) (User: SYSTEM)
Description: Fejlen "%%1058" opstod på DCOM under forsøg på at starte tjenesten IISADMIN med argumenterne ""
for at køre serveren:
{A9E69610-B80D-11D0-B9B9-00A0C922E750}

Error: (04/09/2011 09:32:51 PM) (Source: Service Control Manager) (User: )
Description: Tjenesten Windows-billedscanning hang ved start.

Error: (04/09/2011 09:30:31 PM) (Source: DCOM) (User: SYSTEM)
Description: Fejlen "%%1084" opstod på DCOM under forsøg på at starte tjenesten EventSystem med argumenterne ""
for at køre serveren:
{1BE1F766-5536-11D1-B726-00C04FB926AF}

Error: (04/09/2011 09:28:21 PM) (Source: DCOM) (User: Elsebet Rasmussen)
Description: Fejlen "%%1084" opstod på DCOM under forsøg på at starte tjenesten wuauserv med argumenterne ""
for at køre serveren:
{E60687F7-01A1-40AA-86AC-DB1CBF673334}

Error: (04/09/2011 09:22:44 PM) (Source: DCOM) (User: Elsebet Rasmussen)
Description: Fejlen "%%1084" opstod på DCOM under forsøg på at starte tjenesten StiSvc med argumenterne ""
for at køre serveren:
{A1F4E726-8CF1-11D1-BF92-0060081ED811}

Error: (04/09/2011 09:20:01 PM) (Source: Service Control Manager) (User: )
Description: Følgende boot-start- eller system-start-driver kunne ikke indlæses:
Fips
intelppm
MpFilter
OMCI

Error: (04/09/2011 09:19:45 PM) (Source: DCOM) (User: SYSTEM)
Description: Fejlen "%%1084" opstod på DCOM under forsøg på at starte tjenesten EventSystem med argumenterne ""
for at køre serveren:
{1BE1F766-5536-11D1-B726-00C04FB926AF}

Error: (04/09/2011 09:26:15 AM) (Source: Service Control Manager) (User: )
Description: Tjenesten Windows-billedscanning hang ved start.


Microsoft Office Sessions:
=========================
Error: (04/09/2011 09:46:42 PM) (Source: PerfNet)(User: )
Description:

Error: (04/09/2011 11:02:07 AM) (Source: PerfNet)(User: )
Description:

Error: (04/08/2011 08:33:04 PM) (Source: PerfNet)(User: )
Description:

Error: (04/08/2011 08:18:01 PM) (Source: PerfNet)(User: )
Description:

Error: (04/08/2011 03:01:00 PM) (Source: PerfNet)(User: )
Description:

Error: (04/08/2011 02:17:02 PM) (Source: PerfNet)(User: )
Description:

Error: (04/08/2011 01:00:02 PM) (Source: PerfNet)(User: )
Description:

Error: (04/08/2011 10:00:44 AM) (Source: PerfNet)(User: )
Description:

Error: (04/08/2011 09:12:46 AM) (Source: PerfNet)(User: )
Description:

Error: (04/08/2011 09:05:44 AM) (Source: PerfNet)(User: )
Description:


========================= End of Event log errors =========================

Jeg vil gerne ha' du kører den  sfc /scannow nu.

Klik Start -> Kør -> Skriv: sfc /scannow - bemærk mellemrummet efter sfc -> Klik OK
Der kommer en bjælke så længe scanningen kører, og når den er færdig, forsvinder den igen, og du får ikke andre meldinger.
Indsæt din Windows CD, hvis den be'r om det.
Genstart computeren

Fortæl hvad resutatet er.

Kan jeg lige teste min xp cd først ? Det en en kopi jeg har fået af en anden - og jeg vil jo gerne være sikker på at den også er ok? (Det skulle den være - men for at VIDE at den er ok?)

Satte den i min pc - for at se mapperne i den - den skriver tom cd...ringer ham lige op...

Det kører da rigtig godt...

Er det sikkert at den beder om xp cd?

Prøv uden - det kan være den kan gøre det uden.

Jeg prøver om jeg kan finde en anden løsning, men det kan godt ta' lidt tid.

Installerede du en anden Browser - bare nysgerrig.

Kan recovery cd ikke bruges?

Jeg fik ikke skiftet browser - endnu - Det er KUN herinde den gør det - ikke andre steder.

Jeg prøver at se om den vil lave scannow uden (Krydser fingre og alt hvad der krydses kan...)

Har prøvet kør: sfc /scannow nu.

- der kommer bare en lille sort skærm (som combofix str. bare i sort) den er der i ET sekund og er VÆK - spørger ikke om noget overhovedet - ???

skrev naturligvis ikke kør...men fra sfc

og sletter så lige ordet nu...Argh...

Og så kører den og skriver:

FILER SOM ER NØDVENDIGE FOR AT WINDOWS KAN KØRE KORREKT SKAL KOPIERES FRA dLL-CACHEN...INDSÆT xp...:-( - Jeg annullerer.

Men den stopper jo ikke og beder om cden igen..

stoppet (undskyld jeg er så uvidende og smådum)

Det ligner en Dansk XP - er det rigtigt?

Hent og installer ERUNT: http://www.derfisch.de/lars/erunt-setup.exe

Start den og lad den lave en Backup af Registreringsdatabasen.

Hej F-arn.
Har sendt dig en besked.

HVIS de har en dansk xp udgave - KAN jeg så bruge en cd med ex engelsk? eller skal den være dansk? Kæmper for at få en ny xp skive...