Spywarefri Forum | Systemværktøjer/tilbehør kan ikke startes

Systemværktøjer/tilbehør kan ikke startes

[ Ignorer ] Damgaard
09.03.2010 23:12:40 Antal indlæg: 31	Har problemer med min Windows XP, ved ikke om det er virus. Jeg kan ikke starte mediaPlayer, søgefunktion og systemgendannelse fremtræder blank, Windows hjælp virker ikke, IE8 viser ikke websider korrekt(firefox ser ud til at fungere). Har forsøgt at registrere JScript.dll og VBScript.dll uden held. Jeg bruger TDC Sikkerhedspakke(F-Secure) og har ikke anden beskyttelse installeret. Jeg har en XP-Pro CD, hvis det bliver nødvendigt. Jeg vedlægger en HJT-Log. Mvh. Lars Damgaard Jensen Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 21:34:01, on 09-03-2010 Platform: Windows XP SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v8.00 (8.00.6001.18702) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\Programmer\Fælles filer\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe C:\Programmer\Bonjour\mDNSResponder.exe C:\Programmer\Java\jre6\bin\jqs.exe C:\Programmer\Sony\Shared Plug-Ins\Media Manager\MSSQL$SONY_MEDIAMGR\Binn\sqlservr.exe C:\Programmer\CDBurnerXP\NMSAccessU.exe C:\WINDOWS\system32\nvsvc32.exe C:\Programmer\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe C:\WINDOWS\system32\svchost.exe C:\Programmer\Google\Update\GoogleUpdate.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\System32\svchost.exe C:\Programmer\HP\hpcoretech\hpcmpmgr.exe C:\Programmer\Analog Devices\Core\smax4pnp.exe C:\Programmer\Analog Devices\SoundMAX\Smax4.exe C:\WINDOWS\system32\RUNDLL32.EXE C:\Programmer\Nokia\Nokia PC Suite 6\LaunchApplication.exe C:\Programmer\Java\jre6\bin\jusched.exe C:\Programmer\iTunes\iTunesHelper.exe C:\Programmer\PC Connectivity Solution\ServiceLayer.exe C:\Programmer\Skype\Phone\Skype.exe C:\PROGRA~1\WI1F86~1\MESSEN~1\msnmsgr.exe C:\Programmer\IObit\Advanced SystemCare 3\AWC.exe C:\WINDOWS\system32\ctfmon.exe C:\Programmer\HP\Digital Imaging\bin\hpqtra08.exe C:\Programmer\HP\Digital Imaging\bin\hpqgalry.exe C:\WINDOWS\system32\HPZipm12.exe C:\Programmer\iPod\bin\iPodService.exe C:\Programmer\Skype\Plugin Manager\skypePM.exe C:\Documents and Settings\Lars\Dokumenter\Hentede filer\HiJackThis.exe R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Hyperlinks O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Programmer\Fælles filer\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Programmer\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Programmer\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll O2 - BHO: Hjælp til tilmelding til Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programmer\Fælles filer\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Programmer\Google\Google Toolbar\GoogleToolbar_32.dll O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Programmer\Google\GoogleToolbarNotifier\5.5.4723.1820\swg.dll O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Programmer\Java\jre6\bin\jp2ssv.dll O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Programmer\Windows Live\Toolbar\wltcore.dll O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Programmer\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll O3 - Toolbar: &Windows; Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Programmer\Windows Live\Toolbar\wltcore.dll O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Programmer\Google\Google Toolbar\GoogleToolbar_32.dll O4 - HKLM\..\Run: [F-Secure TNB] “C:\Programmer\TDCSikkerhedspakke\FSGUI\TNBUtil.exe” /CHECKALL /WAITFORSW O4 - HKLM\..\Run: [HP Component Manager] “C:\Programmer\HP\hpcoretech\hpcmpmgr.exe” O4 - HKLM\..\Run: [SoundMAXPnP] C:\Programmer\Analog Devices\Core\smax4pnp.exe O4 - HKLM\..\Run: [SoundMAX] “C:\Programmer\Analog Devices\SoundMAX\Smax4.exe” /tray O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [nwiz] nwiz.exe /install O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit O4 - HKLM\..\Run: [PCSuiteTrayApplication] C:\Programmer\Nokia\Nokia PC Suite 6\LaunchApplication.exe -startup O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] “C:\Programmer\Adobe\Reader 9.0\Reader\Reader_sl.exe” O4 - HKLM\..\Run: [Adobe ARM] “C:\Programmer\Fælles filer\Adobe\ARM\1.0\AdobeARM.exe” O4 - HKLM\..\Run: [SunJavaUpdateSched] “C:\Programmer\Java\jre6\bin\jusched.exe” O4 - HKLM\..\Run: [QuickTime Task] “C:\Programmer\QuickTime\qttask.exe” -atboottime O4 - HKLM\..\Run: [iTunesHelper] “C:\Programmer\iTunes\iTunesHelper.exe” O4 - HKCU\..\Run: [Skype] “C:\Programmer\Skype\Phone\Skype.exe” /nosplash /minimized O4 - HKCU\..\Run: [msnmsgr] “C:\PROGRA~1\WI1F86~1\MESSEN~1\msnmsgr.exe” /background O4 - HKCU\..\Run: [Advanced SystemCare 3] “C:\Programmer\IObit\Advanced SystemCare 3\AWC.exe” /startup O4 - HKCU\..\Run: [swg] C:\Programmer\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User ‘LOKAL TJENESTE’) O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User ‘NETVÆRKSTJENESTE’) O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User ‘SYSTEM’) O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User ‘Default user’) O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Programmer\HP\Digital Imaging\bin\hpqtra08.exe O4 - Global Startup: HP Image Zone Hurtig start.lnk = C:\Programmer\HP\Digital Imaging\bin\hpqthb08.exe O8 - Extra context menu item: Add to Google Photos Screensa&ver; - res://C:\WINDOWS\system32\GPhotos.scr/200 O8 - Extra context menu item: Google Sidewiki ... - res://C:\Programmer\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_96D6FF0C6D236BF8.dll/cmsidewiki.html O9 - Extra button: Børnesikring… - {200DB664-75B5-47c0-8B45-A44ACCF73C00} - C:\Programmer\TDCSikkerhedspakke\FSPC\fspcmsie.dll O9 - Extra button: (no name) - {200DB664-75B5-47c0-8B45-A44ACCF73F01} - C:\Programmer\TDCSikkerhedspakke\FSPC\fspcmsie.dll O9 - Extra ‘Tools’ menuitem: Børnesikring… - {200DB664-75B5-47c0-8B45-A44ACCF73F01} - C:\Programmer\TDCSikkerhedspakke\FSPC\fspcmsie.dll O9 - Extra button: Blog det - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Programmer\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra ‘Tools’ menuitem: &Blog; det i Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Programmer\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Programmer\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra ‘Tools’ menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programmer\Messenger\msmsgs.exe O9 - Extra ‘Tools’ menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programmer\Messenger\msmsgs.exe O10 - Unknown file in Winsock LSP: c:\windows\system32\nwprovau.dll O16 - DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} (Facebook Photo Uploader 5 Control) - http://upload.facebook.com/controls/2008.10.10_v5.5.8/FacebookPhotoUploader5.cab O16 - DPF: {0D41B8C5-2599-4893-8183-00195EC8D5F9} (asusTek_sysctrl Class) - http://support.asus.com/common/asusTek_sys_ctrl.cab O16 - DPF: {304171C0-65EA-4B51-B5D9-93A311E26EB1} (MxPEG_ActiveX Control) - http://192.168.100.52/cgi-bin/MxPEG_ActiveX.cab?dummy=2649499 O16 - DPF: {4871A87A-BFDD-4106-8153-FFDE2BAC2967} (DLM Control) - http://dlm.tools.akamai.com/dlmanager/versions/activex/dlm-activex-2.2.5.0.cab O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab O16 - DPF: {DF780F87-FF2B-4DF8-92D0-73DB16A1543A} (PopCapLoader Object) - http://www.popcap.com/webgames/popcaploader_v10.cab O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab O16 - DPF: {E77F23EB-E7AB-4502-8F37-247DBAF1A147} (Windows Live Hotmail Photo Upload Tool) - http://gfx1.hotmail.com/mail/w4/pr01/photouploadcontrol/MSNPUpld.cab O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\FLLESF~1\Skype\SKYPE4~1.DLL O23 - Service: Apple Mobile Device - Apple Inc. - C:\Programmer\Fælles filer\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe O23 - Service: Bonjour-tjeneste (Bonjour Service) - Apple Inc. - C:\Programmer\Bonjour\mDNSResponder.exe O23 - Service: F-Secure Automatic Update Agent (FSAUA) - F-Secure Corporation - C:\Programmer\TDCSikkerhedspakke\FSAUA\program\fsaua.exe O23 - Service: F-Secure ORSP Client (FSORSPClient) - F-Secure Corporation - C:\Programmer\TDCSikkerhedspakke\ORSP Client\fsorsp.exe O23 - Service: Google Software Updater (gusvc) - Google - C:\Programmer\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: iPod-tjeneste (iPod Service) - Apple Inc. - C:\Programmer\iPod\bin\iPodService.exe O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Programmer\Java\jre6\bin\jqs.exe O23 - Service: NMSAccessU - Unknown owner - C:\Programmer\CDBurnerXP\NMSAccessU.exe O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe O23 - Service: SonicWall VPN Client Service (RampartSvc) - SonicWALL, Inc. - C:\Programmer\SonicWALL\SonicWALL Global VPN Client\RampartSvc.exe O23 - Service: ServiceLayer - Nokia. - C:\Programmer\PC Connectivity Solution\ServiceLayer.exe — End of file - 10445 bytes
[ Ignorer ] [ # 1 ] Magic Emeritus
10.03.2010 04:30:41 Administrator Supporter Emeritus Antal indlæg: 29177	Hej Lad os lige tjekke om det er infektioner, der er årsagen -> Hent og installer Ccleaner her: http://www.filehippo.com/download_ccleaner.html Klik på Download Latest Version Fjern flueben ved - Installer Yahoo toolbar Når du åbner programmet for første gang, vil der være flueben i alle felter. Hvis du ønsker at bevare cookies, kan du fjerne dette flueben. Klik på Kør Cleaner, for at få renset din computer. Du vil nu få en advarsel, om at disse filer slettes fuldstændigt fra dit system, og om du ønsker at fortsætte. Klik på Ok for at svare ja til det. Sæt flueben ved -> Vis mig ikke denne besked igen. Genstart. Hent Malwarebytes Anti-Malware herfra: http://www.spywarefri.dk/downloads1/mbam-setup.exe Eller her -> http://www.download.com/Malwarebytes-Anti-Malware/3000-8022_4-10804572.html?tag=mncol;pop&cdlPid=10878968 Installer programmet - når det er gjort skal du lade programmet opdatere sig. Tryk på Opdater fanen. Herefter åbner et vindue, hvor du skal flytte prikken til “Kør et fuldstændigt systemscan” - klik på Skan Knappen - lad programmet arbejde. Når det er færdig (det tager lidt tid afhængig af hvor meget du har på computeren). Derefter - Tryk på “Vis resultater” knappen efter scanningen - og herefter tryk på “Fjern det valgte” - nu åbnes log’en og du skal gemme den et sted, hvor du kan finde den igen. NB Hvis Malwarebytes Anti-Malware vil genstarte computeren for at fuldføre rensningen så lad den genstarte. Send så malwarebyte loggen herind.
[ Ignorer ] [ # 2 ] Damgaard
10.03.2010 22:25:35 Antal indlæg: 31	Det tager godt nok lang tid med sådan en scanning. Nå men her er en mbam-log. Malwarebytes’ Anti-Malware 1.44 Database version: 3847 Windows 5.1.2600 Service Pack 3 Internet Explorer 8.0.6001.18702 10-03-2010 21:16:01 mbam-log-2010-03-10 (21-16-01).txt Skan type: Fuldstændig skanning (C:\\|E:\\|) Objekter skannet: 647097 Tid tilbagelagt: 4 hour(s), 40 minute(s), 28 second(s) Inficerede Hukommelses Processer: 0 Inficerede Hukommelses Moduler: 0 Inficerede Registeringsdatabase Nøgler: 3 Inficerede Registeringsdatabase Værdier: 0 Inficerede Registeringsdatabase Filer: 0 Inficerede Mapper: 19 Inficerede Filer: 142 Inficerede Hukommelses Processer: (Ingen mistænkelige filer fundet) Inficerede Hukommelses Moduler: (Ingen mistænkelige filer fundet) Inficerede Registeringsdatabase Nøgler: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\setup.exe (Adware.Hotbar) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\popcaploader.popcaploaderctrl2 (Adware.PopCap) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\popcaploader.popcaploaderctrl2.1 (Adware.PopCap) -> Quarantined and deleted successfully. Inficerede Registeringsdatabase Værdier: (Ingen mistænkelige filer fundet) Inficerede Registeringsdatabase Filer: (Ingen mistænkelige filer fundet) Inficerede Mapper: C:\Documents and Settings\Lars\Application Data\RegTool (Rogue.RegTool) -> Quarantined and deleted successfully. C:\Documents and Settings\Lars\Application Data\RegTool\Logs (Rogue.RegTool) -> Quarantined and deleted successfully. C:\Documents and Settings\Lars\Application Data\RegTool\QuarantineW (Rogue.RegTool) -> Quarantined and deleted successfully. C:\Documents and Settings\Lars\Application Data\RegTool\QuarantineW\2009-01-28 23-26-100 (Rogue.RegTool) -> Quarantined and deleted successfully. C:\Documents and Settings\Lars\Application Data\Seekmo (Trojan.Agent) -> Quarantined and deleted successfully. C:\Documents and Settings\Lars\Application Data\Seekmo\v3.5 (Trojan.Agent) -> Quarantined and deleted successfully. C:\Documents and Settings\Lars\Application Data\Seekmo\v3.5\Seekmo (Trojan.Agent) -> Quarantined and deleted successfully. C:\Documents and Settings\Lars\Application Data\Seekmo\v3.5\Seekmo\static (Trojan.Agent) -> Quarantined and deleted successfully. C:\Documents and Settings\Lars\Application Data\Seekmo\v3.5\Seekmo\static\1 (Trojan.Agent) -> Quarantined and deleted successfully. C:\Documents and Settings\Lars\Application Data\Seekmo\v3.5\Seekmo\static\DownLoad (Trojan.Agent) -> Quarantined and deleted successfully. C:\Documents and Settings\Lars\Application Data\Seekmo\Weather (Trojan.Agent) -> Quarantined and deleted successfully. C:\Documents and Settings\Lars\Application Data\Seekmo\Weather\Weather_XML (Trojan.Agent) -> Quarantined and deleted successfully. C:\Documents and Settings\All Users\Application Data\SeekmoSA (Adware.Seekmo) -> Quarantined and deleted successfully. C:\Programmer\Seekmo (Adware.180Solutions) -> Quarantined and deleted successfully. C:\Programmer\Seekmo\bin (Adware.180Solutions) -> Quarantined and deleted successfully. C:\Programmer\Seekmo\bin\11.0.96.0 (Adware.180Solutions) -> Quarantined and deleted successfully. C:\Programmer\Seekmo\bin\11.0.96.0\firefox (Adware.180Solutions) -> Quarantined and deleted successfully. C:\Programmer\Seekmo\bin\11.0.96.0\firefox\extensions (Adware.180Solutions) -> Quarantined and deleted successfully. C:\Programmer\Seekmo\bin\11.0.96.0\firefox\extensions\components (Adware.180Solutions) -> Quarantined and deleted successfully. Inficerede Filer: C:\Documents and Settings\Cecilie\Dokumenter\Hentede filer\setup(2).exe (Adware.Hotbar) -> Quarantined and deleted successfully. C:\Documents and Settings\Cecilie\Dokumenter\Hentede filer\setup.exe (Adware.Hotbar) -> Quarantined and deleted successfully. C:\Documents and Settings\Julie\Application Data\Desktopicon\eBayShortcuts.exe (Adware.ADON) -> Quarantined and deleted successfully. C:\System Volume Information\_restore{6C0A27A7-7A94-453B-864A-EA7E2D42D55F}\RP355\A0130167.dll (Adware.Seekmo) -> Quarantined and deleted successfully. C:\System Volume Information\_restore{6C0A27A7-7A94-453B-864A-EA7E2D42D55F}\RP355\A0130172.dll (Adware.Seekmo) -> Quarantined and deleted successfully. C:\System Volume Information\_restore{6C0A27A7-7A94-453B-864A-EA7E2D42D55F}\RP355\A0130178.exe (Adware.Zango) -> Quarantined and deleted successfully. C:\System Volume Information\_restore{6C0A27A7-7A94-453B-864A-EA7E2D42D55F}\RP355\A0130179.dll (Adware.Seekmo) -> Quarantined and deleted successfully. C:\System Volume Information\_restore{6C0A27A7-7A94-453B-864A-EA7E2D42D55F}\RP355\A0130180.exe (Adware.Seekmo) -> Quarantined and deleted successfully. C:\System Volume Information\_restore{6C0A27A7-7A94-453B-864A-EA7E2D42D55F}\RP355\A0130182.exe (Adware.Seekmo) -> Quarantined and deleted successfully. C:\Documents and Settings\Lars\Application Data\RegTool\resultsw.db (Rogue.RegTool) -> Quarantined and deleted successfully. C:\Documents and Settings\Lars\Application Data\RegTool\QuarantineW\2009-01-28 23-26-100\filelist.db (Rogue.RegTool) -> Quarantined and deleted successfully. C:\Documents and Settings\Lars\Application Data\RegTool\QuarantineW\2009-01-28 23-26-100\regb-0.db (Rogue.RegTool) -> Quarantined and deleted successfully. C:\Documents and Settings\Lars\Application Data\RegTool\QuarantineW\2009-01-28 23-26-100\regb-1.db (Rogue.RegTool) -> Quarantined and deleted successfully. C:\Documents and Settings\Lars\Application Data\RegTool\QuarantineW\2009-01-28 23-26-100\regb-10.db (Rogue.RegTool) -> Quarantined and deleted successfully. C:\Documents and Settings\Lars\Application Data\RegTool\QuarantineW\2009-01-28 23-26-100\regb-11.db (Rogue.RegTool) -> Quarantined and deleted successfully. C:\Documents and Settings\Lars\Application Data\RegTool\QuarantineW\2009-01-28 23-26-100\regb-12.db (Rogue.RegTool) -> Quarantined and deleted successfully. C:\Documents and Settings\Lars\Application Data\RegTool\QuarantineW\2009-01-28 23-26-100\regb-13.db (Rogue.RegTool) -> Quarantined and deleted successfully. C:\Documents and Settings\Lars\Application Data\RegTool\QuarantineW\2009-01-28 23-26-100\regb-14.db (Rogue.RegTool) -> Quarantined and deleted successfully. C:\Documents and Settings\Lars\Application Data\RegTool\QuarantineW\2009-01-28 23-26-100\regb-15.db (Rogue.RegTool) -> Quarantined and deleted successfully. C:\Documents and Settings\Lars\Application Data\RegTool\QuarantineW\2009-01-28 23-26-100\regb-16.db (Rogue.RegTool) -> Quarantined and deleted successfully. C:\Documents and Settings\Lars\Application Data\RegTool\QuarantineW\2009-01-28 23-26-100\regb-17.db (Rogue.RegTool) -> Quarantined and deleted successfully. C:\Documents and Settings\Lars\Application Data\RegTool\QuarantineW\2009-01-28 23-26-100\regb-18.db (Rogue.RegTool) -> Quarantined and deleted successfully. C:\Documents and Settings\Lars\Application Data\RegTool\QuarantineW\2009-01-28 23-26-100\regb-19.db (Rogue.RegTool) -> Quarantined and deleted successfully. C:\Documents and Settings\Lars\Application Data\RegTool\QuarantineW\2009-01-28 23-26-100\regb-2.db (Rogue.RegTool) -> Quarantined and deleted successfully. C:\Documents and Settings\Lars\Application Data\RegTool\QuarantineW\2009-01-28 23-26-100\regb-20.db (Rogue.RegTool) -> Quarantined and deleted successfully. C:\Documents and Settings\Lars\Application Data\RegTool\QuarantineW\2009-01-28 23-26-100\regb-21.db (Rogue.RegTool) -> Quarantined and deleted successfully. C:\Documents and Settings\Lars\Application Data\RegTool\QuarantineW\2009-01-28 23-26-100\regb-22.db (Rogue.RegTool) -> Quarantined and deleted successfully. C:\Documents and Settings\Lars\Application Data\RegTool\QuarantineW\2009-01-28 23-26-100\regb-23.db (Rogue.RegTool) -> Quarantined and deleted successfully. C:\Documents and Settings\Lars\Application Data\RegTool\QuarantineW\2009-01-28 23-26-100\regb-3.db (Rogue.RegTool) -> Quarantined and deleted successfully. C:\Documents and Settings\Lars\Application Data\RegTool\QuarantineW\2009-01-28 23-26-100\regb-4.db (Rogue.RegTool) -> Quarantined and deleted successfully. C:\Documents and Settings\Lars\Application Data\RegTool\QuarantineW\2009-01-28 23-26-100\regb-5.db (Rogue.RegTool) -> Quarantined and deleted successfully. C:\Documents and Settings\Lars\Application Data\RegTool\QuarantineW\2009-01-28 23-26-100\regb-6.db (Rogue.RegTool) -> Quarantined and deleted successfully. C:\Documents and Settings\Lars\Application Data\RegTool\QuarantineW\2009-01-28 23-26-100\regb-7.db (Rogue.RegTool) -> Quarantined and deleted successfully. C:\Documents and Settings\Lars\Application Data\RegTool\QuarantineW\2009-01-28 23-26-100\regb-8.db (Rogue.RegTool) -> Quarantined and deleted successfully. C:\Documents and Settings\Lars\Application Data\RegTool\QuarantineW\2009-01-28 23-26-100\regb-9.db (Rogue.RegTool) -> Quarantined and deleted successfully. C:\Documents and Settings\Lars\Application Data\Seekmo\v3.5\Seekmo\static\1\blackdomain.list (Trojan.Agent) -> Quarantined and deleted successfully. C:\Documents and Settings\Lars\Application Data\Seekmo\v3.5\Seekmo\static\1\btntrans.idx (Trojan.Agent) -> Quarantined and deleted successfully. C:\Documents and Settings\Lars\Application Data\Seekmo\v3.5\Seekmo\static\1\btntrans1.dat (Trojan.Agent) -> Quarantined and deleted successfully. C:\Documents and Settings\Lars\Application Data\Seekmo\v3.5\Seekmo\static\1\buttondir.txt (Trojan.Agent) -> Quarantined and deleted successfully. C:\Documents and Settings\Lars\Application Data\Seekmo\v3.5\Seekmo\static\1\components.cdf (Trojan.Agent) -> Quarantined and deleted successfully. C:\Documents and Settings\Lars\Application Data\Seekmo\v3.5\Seekmo\static\1\cursors.res (Trojan.Agent) -> Quarantined and deleted successfully. C:\Documents and Settings\Lars\Application Data\Seekmo\v3.5\Seekmo\static\1\default.cdf (Trojan.Agent) -> Quarantined and deleted successfully. C:\Documents and Settings\Lars\Application Data\Seekmo\v3.5\Seekmo\static\1\Default_511745-514279.mnu (Trojan.Agent) -> Quarantined and deleted successfully. C:\Documents and Settings\Lars\Application Data\Seekmo\v3.5\Seekmo\static\1\Default_categorize.mnu (Trojan.Agent) -> Quarantined and deleted successfully. C:\Documents and Settings\Lars\Application Data\Seekmo\v3.5\Seekmo\static\1\Default_comparison.mnu (Trojan.Agent) -> Quarantined and deleted successfully. C:\Documents and Settings\Lars\Application Data\Seekmo\v3.5\Seekmo\static\1\Default_explorer-Mails.mnu (Trojan.Agent) -> Quarantined and deleted successfully. C:\Documents and Settings\Lars\Application Data\Seekmo\v3.5\Seekmo\static\1\Default_explorer-people.mnu (Trojan.Agent) -> Quarantined and deleted successfully. C:\Documents and Settings\Lars\Application Data\Seekmo\v3.5\Seekmo\static\1\Default_favorites.mnu (Trojan.Agent) -> Quarantined and deleted successfully. C:\Documents and Settings\Lars\Application Data\Seekmo\v3.5\Seekmo\static\1\Default_Games.mnu (Trojan.Agent) -> Quarantined and deleted successfully. C:\Documents and Settings\Lars\Application Data\Seekmo\v3.5\Seekmo\static\1\Default_Hide.mnu (Trojan.Agent) -> Quarantined and deleted successfully. C:\Documents and Settings\Lars\Application Data\Seekmo\v3.5\Seekmo\static\1\Default_hotbarcom.mnu (Trojan.Agent) -> Quarantined and deleted successfully. C:\Documents and Settings\Lars\Application Data\Seekmo\v3.5\Seekmo\static\1\Default_Hotmail.mnu (Trojan.Agent) -> Quarantined and deleted successfully. C:\Documents and Settings\Lars\Application Data\Seekmo\v3.5\Seekmo\static\1\Default_hsskin.mnu (Trojan.Agent) -> Quarantined and deleted successfully. C:\Documents and Settings\Lars\Application Data\Seekmo\v3.5\Seekmo\static\1\Default_Mails.mnu (Trojan.Agent) -> Quarantined and deleted successfully. C:\Documents and Settings\Lars\Application Data\Seekmo\v3.5\Seekmo\static\1\Default_new.mnu (Trojan.Agent) -> Quarantined and deleted successfully. C:\Documents and Settings\Lars\Application Data\Seekmo\v3.5\Seekmo\static\1\Default_premium.mnu (Trojan.Agent) -> Quarantined and deleted successfully. C:\Documents and Settings\Lars\Application Data\Seekmo\v3.5\Seekmo\static\1\Default_searchfor.mnu (Trojan.Agent) -> Quarantined and deleted successfully. C:\Documents and Settings\Lars\Application Data\Seekmo\v3.5\Seekmo\static\1\Default_searchgo.mnu (Trojan.Agent) -> Quarantined and deleted successfully. C:\Documents and Settings\Lars\Application Data\Seekmo\v3.5\Seekmo\static\1\Default_weather.mnu (Trojan.Agent) -> Quarantined and deleted successfully. C:\Documents and Settings\Lars\Application Data\Seekmo\v3.5\Seekmo\static\1\Default_yellowpages.mnu (Trojan.Agent) -> Quarantined and deleted successfully. C:\Documents and Settings\Lars\Application Data\Seekmo\v3.5\Seekmo\static\1\d_icons_buttons_1000.res (Trojan.Agent) -> Quarantined and deleted successfully. C:\Documents and Settings\Lars\Application Data\Seekmo\v3.5\Seekmo\static\1\d_icons_buttons_2000.res (Trojan.Agent) -> Quarantined and deleted successfully. C:\Documents and Settings\Lars\Application Data\Seekmo\v3.5\Seekmo\static\1\d_icons_buttons_3000.res (Trojan.Agent) -> Quarantined and deleted successfully. C:\Documents and Settings\Lars\Application Data\Seekmo\v3.5\Seekmo\static\1\d_icons_buttons_bar.res (Trojan.Agent) -> Quarantined and deleted successfully. C:\Documents and Settings\Lars\Application Data\Seekmo\v3.5\Seekmo\static\1\d_icons_buttons_bbar1.res (Trojan.Agent) -> Quarantined and deleted successfully. C:\Documents and Settings\Lars\Application Data\Seekmo\v3.5\Seekmo\static\1\d_icons_buttons_logos.res (Trojan.Agent) -> Quarantined and deleted successfully. C:\Documents and Settings\Lars\Application Data\Seekmo\v3.5\Seekmo\static\1\d_icons_buttons_other.res (Trojan.Agent) -> Quarantined and deleted successfully. C:\Documents and Settings\Lars\Application Data\Seekmo\v3.5\Seekmo\static\1\d_icons_weather.res (Trojan.Agent) -> Quarantined and deleted successfully. C:\Documents and Settings\Lars\Application Data\Seekmo\v3.5\Seekmo\static\1\email-def-511724-548964.mnu (Trojan.Agent) -> Quarantined and deleted successfully. C:\Documents and Settings\Lars\Application Data\Seekmo\v3.5\Seekmo\static\1\email-def-511724-9595.mnu (Trojan.Agent) -> Quarantined and deleted successfully. C:\Documents and Settings\Lars\Application Data\Seekmo\v3.5\Seekmo\static\1\email-t1-bg.res (Trojan.Agent) -> Quarantined and deleted successfully. C:\Documents and Settings\Lars\Application Data\Seekmo\v3.5\Seekmo\static\1\icons2.res (Trojan.Agent) -> Quarantined and deleted successfully. C:\Documents and Settings\Lars\Application Data\Seekmo\v3.5\Seekmo\static\1\ie_games_icon.res (Trojan.Agent) -> Quarantined and deleted successfully. C:\Documents and Settings\Lars\Application Data\Seekmo\v3.5\Seekmo\static\1\ie_video.res (Trojan.Agent) -> Quarantined and deleted successfully. C:\Documents and Settings\Lars\Application Data\Seekmo\v3.5\Seekmo\static\1\keywords.idx (Trojan.Agent) -> Quarantined and deleted successfully. C:\Documents and Settings\Lars\Application Data\Seekmo\v3.5\Seekmo\static\1\keywords1.dat (Trojan.Agent) -> Quarantined and deleted successfully. C:\Documents and Settings\Lars\Application Data\Seekmo\v3.5\Seekmo\static\1\layout.cdf (Trojan.Agent) -> Quarantined and deleted successfully. C:\Documents and Settings\Lars\Application Data\Seekmo\v3.5\Seekmo\static\1\linkpathlegal.txt (Trojan.Agent) -> Quarantined and deleted successfully. C:\Documents and Settings\Lars\Application Data\Seekmo\v3.5\Seekmo\static\1\privatemode.mnu (Trojan.Agent) -> Quarantined and deleted successfully. C:\Documents and Settings\Lars\Application Data\Seekmo\v3.5\Seekmo\static\1\private_mode.res (Trojan.Agent) -> Quarantined and deleted successfully. C:\Documents and Settings\Lars\Application Data\Seekmo\v3.5\Seekmo\static\1\progress.res (Trojan.Agent) -> Quarantined and deleted successfully. C:\Documents and Settings\Lars\Application Data\Seekmo\v3.5\Seekmo\static\1\sales_buttons.res (Trojan.Agent) -> Quarantined and deleted successfully. C:\Documents and Settings\Lars\Application Data\Seekmo\v3.5\Seekmo\static\1\seekmo.res (Trojan.Agent) -> Quarantined and deleted successfully. C:\Documents and Settings\Lars\Application Data\Seekmo\v3.5\Seekmo\static\1\seekmo_ie_menu.res (Trojan.Agent) -> Quarantined and deleted successfully. C:\Documents and Settings\Lars\Application Data\Seekmo\v3.5\Seekmo\static\1\s_icons_buttons.res (Trojan.Agent) -> Quarantined and deleted successfully. C:\Documents and Settings\Lars\Application Data\Seekmo\v3.5\Seekmo\static\1\t2_bg.res (Trojan.Agent) -> Quarantined and deleted successfully. C:\Documents and Settings\Lars\Application Data\Seekmo\v3.5\Seekmo\static\1\theweb.mnu (Trojan.Agent) -> Quarantined and deleted successfully. C:\Documents and Settings\Lars\Application Data\Seekmo\v3.5\Seekmo\static\1\top7.cdf (Trojan.Agent) -> Quarantined and deleted successfully. C:\Documents and Settings\Lars\Application Data\Seekmo\v3.5\Seekmo\static\1\Top7_theweb.mnu (Trojan.Agent) -> Quarantined and deleted successfully. C:\Documents and Settings\Lars\Application Data\Seekmo\v3.5\Seekmo\static\1\tsd_bg.res (Trojan.Agent) -> Quarantined and deleted successfully. C:\Documents and Settings\Lars\Application Data\Seekmo\v3.5\Seekmo\static\1\weathericon.res (Trojan.Agent) -> Quarantined and deleted successfully. C:\Documents and Settings\Lars\Application Data\Seekmo\v3.5\Seekmo\static\DownLoad\blackdomain.xip (Trojan.Agent) -> Quarantined and deleted successfully. C:\Documents and Settings\Lars\Application Data\Seekmo\v3.5\Seekmo\static\DownLoad\BtnTrans.xip (Trojan.Agent) -> Quarantined and deleted successfully. C:\Documents and Settings\Lars\Application Data\Seekmo\v3.5\Seekmo\static\DownLoad\BtnTrans1.xip (Trojan.Agent) -> Quarantined and deleted successfully. C:\Documents and Settings\Lars\Application Data\Seekmo\v3.5\Seekmo\static\DownLoad\buttondir.xip (Trojan.Agent) -> Quarantined and deleted successfully. C:\Documents and Settings\Lars\Application Data\Seekmo\v3.5\Seekmo\static\DownLoad\cursors.xip (Trojan.Agent) -> Quarantined and deleted successfully. C:\Documents and Settings\Lars\Application Data\Seekmo\v3.5\Seekmo\static\DownLoad\default.xip (Trojan.Agent) -> Quarantined and deleted successfully. C:\Documents and Settings\Lars\Application Data\Seekmo\v3.5\Seekmo\static\DownLoad\d_icons_buttons_1000.xip (Trojan.Agent) -> Quarantined and deleted successfully. C:\Documents and Settings\Lars\Application Data\Seekmo\v3.5\Seekmo\static\DownLoad\d_icons_buttons_2000.xip (Trojan.Agent) -> Quarantined and deleted successfully. C:\Documents and Settings\Lars\Application Data\Seekmo\v3.5\Seekmo\static\DownLoad\d_icons_buttons_3000.xip (Trojan.Agent) -> Quarantined and deleted successfully. C:\Documents and Settings\Lars\Application Data\Seekmo\v3.5\Seekmo\static\DownLoad\d_icons_buttons_bar.xip (Trojan.Agent) -> Quarantined and deleted successfully. C:\Documents and Settings\Lars\Application Data\Seekmo\v3.5\Seekmo\static\DownLoad\d_icons_buttons_bbar1.xip (Trojan.Agent) -> Quarantined and deleted successfully. C:\Documents and Settings\Lars\Application Data\Seekmo\v3.5\Seekmo\static\DownLoad\d_icons_buttons_logos.xip (Trojan.Agent) -> Quarantined and deleted successfully. C:\Documents and Settings\Lars\Application Data\Seekmo\v3.5\Seekmo\static\DownLoad\d_icons_buttons_other.xip (Trojan.Agent) -> Quarantined and deleted successfully. C:\Documents and Settings\Lars\Application Data\Seekmo\v3.5\Seekmo\static\DownLoad\d_icons_weather.xip (Trojan.Agent) -> Quarantined and deleted successfully. C:\Documents and Settings\Lars\Application Data\Seekmo\v3.5\Seekmo\static\DownLoad\email-t1-bg.xip (Trojan.Agent) -> Quarantined and deleted successfully. C:\Documents and Settings\Lars\Application Data\Seekmo\v3.5\Seekmo\static\DownLoad\icons2.xip (Trojan.Agent) -> Quarantined and deleted successfully. C:\Documents and Settings\Lars\Application Data\Seekmo\v3.5\Seekmo\static\DownLoad\ie_games_icon.xip (Trojan.Agent) -> Quarantined and deleted successfully. C:\Documents and Settings\Lars\Application Data\Seekmo\v3.5\Seekmo\static\DownLoad\ie_video.xip (Trojan.Agent) -> Quarantined and deleted successfully. C:\Documents and Settings\Lars\Application Data\Seekmo\v3.5\Seekmo\static\DownLoad\keywords.xip (Trojan.Agent) -> Quarantined and deleted successfully. C:\Documents and Settings\Lars\Application Data\Seekmo\v3.5\Seekmo\static\DownLoad\keywords1.xip (Trojan.Agent) -> Quarantined and deleted successfully. C:\Documents and Settings\Lars\Application Data\Seekmo\v3.5\Seekmo\static\DownLoad\layout.xip (Trojan.Agent) -> Quarantined and deleted successfully. C:\Documents and Settings\Lars\Application Data\Seekmo\v3.5\Seekmo\static\DownLoad\linkpathlegal.xip (Trojan.Agent) -> Quarantined and deleted successfully. C:\Documents and Settings\Lars\Application Data\Seekmo\v3.5\Seekmo\static\DownLoad\private_mode.xip (Trojan.Agent) -> Quarantined and deleted successfully. C:\Documents and Settings\Lars\Application Data\Seekmo\v3.5\Seekmo\static\DownLoad\progress.xip (Trojan.Agent) -> Quarantined and deleted successfully. C:\Documents and Settings\Lars\Application Data\Seekmo\v3.5\Seekmo\static\DownLoad\sales_buttons.xip (Trojan.Agent) -> Quarantined and deleted successfully. C:\Documents and Settings\Lars\Application Data\Seekmo\v3.5\Seekmo\static\DownLoad\samplegroups2.txt (Trojan.Agent) -> Quarantined and deleted successfully. C:\Documents and Settings\Lars\Application Data\Seekmo\v3.5\Seekmo\static\DownLoad\samplegroups2.xip (Trojan.Agent) -> Quarantined and deleted successfully. C:\Documents and Settings\Lars\Application Data\Seekmo\v3.5\Seekmo\static\DownLoad\seekmo.xip (Trojan.Agent) -> Quarantined and deleted successfully. C:\Documents and Settings\Lars\Application Data\Seekmo\v3.5\Seekmo\static\DownLoad\seekmo_ie_menu.xip (Trojan.Agent) -> Quarantined and deleted successfully. C:\Documents and Settings\Lars\Application Data\Seekmo\v3.5\Seekmo\static\DownLoad\s_icons_buttons.xip (Trojan.Agent) -> Quarantined and deleted successfully. C:\Documents and Settings\Lars\Application Data\Seekmo\v3.5\Seekmo\static\DownLoad\t2_bg.xip (Trojan.Agent) -> Quarantined and deleted successfully. C:\Documents and Settings\Lars\Application Data\Seekmo\v3.5\Seekmo\static\DownLoad\top7.xip (Trojan.Agent) -> Quarantined and deleted successfully. C:\Documents and Settings\Lars\Application Data\Seekmo\v3.5\Seekmo\static\DownLoad\tsd_bg.xip (Trojan.Agent) -> Quarantined and deleted successfully. C:\Documents and Settings\Lars\Application Data\Seekmo\v3.5\Seekmo\static\DownLoad\weathericon.xip (Trojan.Agent) -> Quarantined and deleted successfully. C:\Documents and Settings\Lars\Application Data\Seekmo\Weather\WeatherStartup.xml (Trojan.Agent) -> Quarantined and deleted successfully. C:\Documents and Settings\Lars\Application Data\Seekmo\Weather\Weather_XML\General (Trojan.Agent) -> Quarantined and deleted successfully. C:\Documents and Settings\All Users\Application Data\SeekmoSA\SeekmoSA.dat (Adware.Seekmo) -> Quarantined and deleted successfully. C:\Documents and Settings\All Users\Application Data\SeekmoSA\SeekmoSAAbout.mht (Adware.Seekmo) -> Quarantined and deleted successfully. C:\Documents and Settings\All Users\Application Data\SeekmoSA\SeekmoSAau.dat (Adware.Seekmo) -> Quarantined and deleted successfully. C:\Documents and Settings\All Users\Application Data\SeekmoSA\SeekmoSAEula.mht (Adware.Seekmo) -> Quarantined and deleted successfully. C:\Documents and Settings\All Users\Application Data\SeekmoSA\SeekmoSA_hpk.dat (Adware.Seekmo) -> Quarantined and deleted successfully. C:\Documents and Settings\All Users\Application Data\SeekmoSA\SeekmoSA_kyf.dat (Adware.Seekmo) -> Quarantined and deleted successfully. C:\Programmer\Seekmo\bin\11.0.96.0\copyright.txt (Adware.180Solutions) -> Quarantined and deleted successfully. C:\Programmer\Seekmo\bin\11.0.96.0\firefox\extensions\install.rdf (Adware.180Solutions) -> Quarantined and deleted successfully. C:\Programmer\Seekmo\bin\11.0.96.0\firefox\extensions\components\npclntax.xpt (Adware.180Solutions) -> Quarantined and deleted successfully. C:\Programmer\MBCom.dll (Spyware.OnlineGames) -> Quarantined and deleted successfully. C:\Programmer\MBEngine.dll (Spyware.OnlineGames) -> Quarantined and deleted successfully. C:\Programmer\mbruntime.dll (Spyware.OnlineGames) -> Quarantined and deleted successfully. C:\Programmer\remove.dll (Spyware.OnlineGames) -> Quarantined and deleted successfully. C:\Programmer\SteamboatApp.dll (Spyware.OnlineGames) -> Quarantined and deleted successfully. C:\WINDOWS\Tasks\RegTool Scan.job (Rogue.RegTool) -> Quarantined and deleted successfully. Mvh. Lars Damgaard Jensen
[ Ignorer ] [ # 3 ] Magic Emeritus
11.03.2010 04:36:38 Administrator Supporter Emeritus Antal indlæg: 29177	Det tager godt nok lang tid med sådan en scanning. Enig, men det var da også en utrolig masse skrammel der blev fjernet der Så, lad os tjekke om der er mere der ligger og gemmer sig -> Hent Combofix, og gem den på dit skrivebord, som alg.exe: ComboFix Luk alle andre vinduer ned. Kør så combofix.exe, og følg anvisningerne. Du må ikke klikke på vinduet imens værktøjet kører, idet det kan få din computer til at fryse. Når Combofix er færdig, og efter det (muligvis) har genstartet, skulle der gerne åbnes en logfil: combofix.txt som ligger her C: Combofix txt Indholdet af denne fil må du gerne lægge herind NB. Før du sender logfilerne, beder vi dig om at fjerne enhvert P2P/fildelings program, hvis du har nogen, og dette inkluderer Torrent software, før vi renser computeren.
[ Ignorer ] [ # 4 ] Damgaard
11.03.2010 10:10:42 Antal indlæg: 31	Hej. Skal jeg deaktivere TDC sikkerhedspakke. Jeg kan ikke åbne sikkerhedspakken for at komme ind og deaktivere, tilføj/fjern programmer kan åbenbart heller ikke fjerne sikkerhedspakken. Mvh. Lars Damgaard jensen.
[ Ignorer ] [ # 5 ] Fromsej TeamSpywarefri
11.03.2010 10:15:04 Administrator Team Spywarefri Antal indlæg: 54701	Prøv bare Combofix alligevel. Signatur Member of “Alliance of Security Analysis Professionals” - Alle angaben wie immer “nur mit pistole” Græd du også over eventyret om smedens kat, da du var lille? http://www.spywarefri.dk/medarbejderne/ Nierne bomaye - You’ll never walk alone qui potest, obligatur
[ Ignorer ] [ # 6 ] Damgaard
11.03.2010 17:13:13 Antal indlæg: 31	Hej Spywarefri SÅ er jeg klar med en Combofix log. ComboFix 10-03-10.05 - Lars 11-03-2010 9:53.1.2 - x86 Microsoft Windows XP Professional 5.1.2600.3.1252.45.1030.18.3326.2741 [GMT 1:00] Kører fra: c:\documents and settings\Lars\Skrivebord\ComboFix.exe AV: TDC Sikkerhedspakke 8.01 On-access scanning enabled (Updated) {E7512ED5-4245-4B4D-AF3A-382D3F313F15} FW: TDC Sikkerhedspakke 8.01 enabled {D4747503-0346-49EB-9262-997542F79BF4} advarsel -DENNE MASKINE HAR IKKE GENOPRETTELSESKONSOL INSTALLERET !! . ((((((((((((((((((((((((((((((((((((((( Andet, der er slettet ))))))))))))))))))))))))))))))))))))))))))))))))) . c:\documents and settings\Julie\Application Data\Desktopicon c:\documents and settings\Julie\Application Data\Desktopicon\config.ini c:\programmer\Mozilla Firefox\components\npclntax.xpt c:\windows\Downloaded Program Files\popcaploader.dll c:\windows\Downloaded Program Files\popcaploader.inf . ((((((((((((((((((((((((((((( Filer skabt fra 2010-02-11 til 2010-03-11 ))))))))))))))))))))))))))))))))))) . 2010-03-10 14:48 . 2010-03-10 14:48 ———— dc-h—w- c:\documents and settings\Lars\Lokale indstillinger\Application Data\{237893C1-591F-47E9-9771-FF1BC748C7F6} 2010-03-10 14:48 . 2010-03-10 14:48 ———— d——-w- c:\programmer\DanID 2010-03-10 14:48 . 2010-03-10 14:48 ———— d——-w- c:\documents and settings\Lars\Lokale indstillinger\Application Data\PackageAware 2010-03-10 05:39 . 2010-03-10 05:39 5115823 ——a-w- c:\documents and settings\All Users\Application Data\Malwarebytes\Malwarebytes’ Anti-Malware\mbam-setup.exe 2010-03-10 05:38 . 2010-03-10 05:38 ———— d——-w- c:\documents and settings\Lars\Application Data\Malwarebytes 2010-03-10 05:38 . 2010-01-07 15:07 19160 ——a-w- c:\windows\system32\drivers\mbam.sys 2010-03-10 05:38 . 2010-01-07 15:07 38224 ——a-w- c:\windows\system32\drivers\mbamswissarmy.sys 2010-03-10 05:38 . 2010-03-10 05:39 ———— d——-w- c:\programmer\Malwarebytes’ Anti-Malware 2010-03-10 05:38 . 2010-03-10 05:38 ———— d——-w- c:\documents and settings\All Users\Application Data\Malwarebytes 2010-03-09 17:44 . 2004-08-27 12:00 5632 -c—a-w- c:\windows\system32\dllcache\kbda3.dll 2010-03-08 22:41 . 2008-04-14 16:05 116224 -c—a-w- c:\windows\system32\dllcache\xrxwiadr.dll 2010-03-08 22:40 . 2004-08-03 21:29 23615 -c—a-w- c:\windows\system32\dllcache\wch7xxnt.sys 2010-03-08 22:39 . 2001-08-17 20:28 794399 -c—a-w- c:\windows\system32\dllcache\usr1806v.sys 2010-03-08 22:38 . 2001-10-04 16:07 440576 -c—a-w- c:\windows\system32\dllcache\tridkb.dll 2010-03-08 22:37 . 2001-10-04 16:07 172768 -c—a-w- c:\windows\system32\dllcache\t2r4disp.dll 2010-03-08 22:36 . 2001-08-17 20:51 61824 -c—a-w- c:\windows\system32\dllcache\speed.sys 2010-03-08 22:35 . 2001-10-04 16:07 28160 -c—a-w- c:\windows\system32\dllcache\sm91w.dll 2010-03-08 22:34 . 2001-08-17 20:52 11648 -c—a-w- c:\windows\system32\dllcache\scsiprnt.sys 2010-03-08 22:33 . 2001-08-17 19:12 19017 -c—a-w- c:\windows\system32\dllcache\rtl8029.sys 2010-03-08 22:32 . 2001-10-04 16:07 5632 -c—a-w- c:\windows\system32\dllcache\ptpusb.dll 2010-03-08 22:31 . 2004-08-03 21:31 29502 -c—a-w- c:\windows\system32\dllcache\pca200e.sys 2010-03-08 22:30 . 2001-08-17 20:53 7552 -c—a-w- c:\windows\system32\dllcache\nsmmc.sys 2010-03-08 22:29 . 2001-08-17 19:50 103296 -c—a-w- c:\windows\system32\dllcache\mtxvideo.sys 2010-03-08 22:28 . 2004-08-03 21:39 20864 -c—a-w- c:\windows\system32\dllcache\lwadihid.sys 2010-03-08 22:27 . 2001-10-04 16:07 90200 -c—a-w- c:\windows\system32\dllcache\io8ports.dll 2010-03-08 22:26 . 2001-08-17 20:28 488383 -c—a-w- c:\windows\system32\dllcache\hsf_v124.sys 2010-03-08 22:26 . 2001-08-17 20:28 50751 -c—a-w- c:\windows\system32\dllcache\hsf_tone.sys 2010-03-08 22:26 . 2001-08-17 20:28 73279 -c—a-w- c:\windows\system32\dllcache\hsf_spkp.sys 2010-03-08 22:26 . 2001-08-17 20:28 44863 -c—a-w- c:\windows\system32\dllcache\hsf_soar.sys 2010-03-08 22:26 . 2001-08-17 20:28 57471 -c—a-w- c:\windows\system32\dllcache\hsf_samp.sys 2010-03-08 22:26 . 2001-08-17 20:28 542879 -c—a-w- c:\windows\system32\dllcache\hsf_msft.sys 2010-03-08 22:26 . 2001-08-17 20:28 391199 -c—a-w- c:\windows\system32\dllcache\hsf_k56k.sys 2010-03-08 22:26 . 2001-10-04 16:07 9759 -c—a-w- c:\windows\system32\dllcache\hsf_inst.dll 2010-03-08 22:26 . 2001-08-17 20:28 115807 -c—a-w- c:\windows\system32\dllcache\hsf_fsks.sys 2010-03-08 22:26 . 2001-08-17 20:28 199711 -c—a-w- c:\windows\system32\dllcache\hsf_faxx.sys 2010-03-08 22:26 . 2001-08-17 20:28 289887 -c—a-w- c:\windows\system32\dllcache\hsf_fall.sys 2010-03-08 22:26 . 2001-08-17 20:28 67167 -c—a-w- c:\windows\system32\dllcache\hsf_bsc2.sys 2010-03-08 22:26 . 2001-08-17 20:28 150239 -c—a-w- c:\windows\system32\dllcache\hsf_amos.sys 2010-03-08 11:40 . 2008-04-14 15:38 28416 -c—a-w- c:\windows\system32\dllcache\grserial.sys 2010-03-08 11:39 . 2004-08-03 21:32 137088 -c—a-w- c:\windows\system32\dllcache\essm2e.sys 2010-03-08 11:38 . 2008-04-13 18:40 8320 -c—a-w- c:\windows\system32\dllcache\dlttape.sys 2010-03-08 11:37 . 2001-10-04 16:07 216064 -c—a-w- c:\windows\system32\dllcache\cpscan.dll 2010-03-08 11:36 . 2001-10-04 16:07 41472 -c—a-w- c:\windows\system32\dllcache\brmfusb.dll 2010-03-08 11:35 . 2001-10-04 16:07 66048 -c—a-w- c:\windows\system32\dllcache\s3legacy.dll 2010-03-08 11:22 . 2010-03-08 11:22 ———— d——-w- c:\documents and settings\Lars\Application Data\Uniblue 2010-03-08 11:22 . 2010-03-08 11:22 ———— d——-w- c:\programmer\Uniblue 2010-03-02 23:46 . 2010-03-02 23:46 ———— d——-w- c:\programmer\BC Catering Grossisten 2010-03-02 14:33 . 2010-03-02 15:13 ———— d——-w- c:\programmer\Det Afskyelige Spejl 2010-03-01 15:24 . 2010-03-01 15:24 ———— d——-w- c:\documents and settings\Trine\Lokale indstillinger\Application Data\Apple 2010-02-23 05:33 . 2010-02-23 05:34 ———— d——-w- C:\0b43b7ef1e1602f16dbf2e0e 2010-02-23 05:32 . 2010-02-23 05:33 ———— d——-w- C:\e88f6f19df6061a206 2010-02-22 15:35 . 2010-02-22 15:35 ———— d——-w- c:\programmer\iPod 2010-02-22 15:29 . 2010-02-22 15:29 72488 ——a-w- c:\documents and settings\All Users\Application Data\Apple Computer\Installer Cache\iTunes 9.0.3.15\SetupAdmin.exe 2010-02-19 23:47 . 2010-02-19 23:47 3604480 ——a-w- c:\windows\system32\GPhotos.scr . (((((((((((((((((((((((((((((((((((((((( Find3M Rapport )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2010-03-11 09:04 . 2009-02-01 17:33 ———— d——-w- c:\documents and settings\Lars\Application Data\Skype 2010-03-11 07:09 . 2009-02-01 17:39 ———— d——-w- c:\documents and settings\Lars\Application Data\skypePM 2010-03-10 14:59 . 2009-02-01 18:11 41712 ——a-w- c:\documents and settings\Trine\Lokale indstillinger\Application Data\GDIPFONTCACHEV1.DAT 2010-03-10 05:30 . 2009-12-18 13:46 ———— d——-w- c:\programmer\CCleaner 2010-03-09 17:49 . 2009-01-31 15:46 41712 ——a-w- c:\documents and settings\Lars\Lokale indstillinger\Application Data\GDIPFONTCACHEV1.DAT 2010-03-09 15:23 . 2009-02-04 13:55 ———— d——-w- c:\documents and settings\Cecilie\Application Data\Skype 2010-03-09 14:13 . 2009-04-11 15:25 1 ——a-w- c:\documents and settings\Cecilie\Application Data\OpenOffice.org\3\user\uno_packages\cache\stamp.sys 2010-03-08 18:39 . 2009-02-04 14:01 ———— d——-w- c:\documents and settings\Cecilie\Application Data\skypePM 2010-03-07 15:51 . 2009-02-10 17:15 1 ——a-w- c:\documents and settings\Julie\Application Data\OpenOffice.org\3\user\uno_packages\cache\stamp.sys 2010-02-23 05:33 . 2009-05-31 22:57 ———— d——-w- c:\programmer\Windows Media Connect 2 2010-02-22 15:35 . 2009-12-24 20:32 ———— d——-w- c:\programmer\iTunes 2010-02-22 15:35 . 2009-10-25 19:54 ———— d——-w- c:\programmer\Fælles filer\Apple 2010-02-22 15:33 . 2009-10-25 19:55 ———— d——-w- c:\programmer\QuickTime 2010-02-17 21:46 . 2009-12-19 21:58 ———— d——-w- c:\documents and settings\Lars\Application Data\DivX 2010-02-16 21:38 . 2009-02-19 22:02 1 ——a-w- c:\documents and settings\Lars\Application Data\OpenOffice.org\3\user\uno_packages\cache\stamp.sys 2010-02-15 09:29 . 2009-11-17 12:28 ———— d——-w- c:\documents and settings\All Users\Application Data\NOS 2010-02-08 23:06 . 2009-02-09 16:02 ———— d——-w- c:\programmer\Google 2010-02-06 10:28 . 2009-01-31 18:43 ———— d——-w- c:\programmer\Fælles filer\Adobe 2010-01-24 21:59 . 2010-01-24 22:25 253844 ——a-w- c:\windows\pchealth\helpctr\Config\Cache\Professional_32_1030.dat 2010-01-21 12:24 . 2009-06-21 18:19 ———— d——-w- c:\programmer\Microsoft Silverlight 2010-01-18 07:02 . 2010-01-18 07:02 ———— d——-w- c:\documents and settings\All Users\Application Data\PopCap 2010-01-08 16:03 . 2009-04-23 19:09 1 ——a-w- c:\documents and settings\Trine\Application Data\OpenOffice.org\3\user\uno_packages\cache\stamp.sys 2010-01-05 16:59 . 2010-01-05 16:26 20 ——a-w- c:\windows\popcinfot.dat 2009-12-31 16:50 . 2004-08-27 12:00 353792 ——a-w- c:\windows\system32\drivers\srv.sys 2009-12-24 14:57 . 2009-03-02 19:11 1 ——a-w- c:\documents and settings\Simone\Application Data\OpenOffice.org\3\user\uno_packages\cache\stamp.sys 2009-12-22 18:39 . 2009-12-22 18:39 922112 ———w- c:\windows\system32\imapi2fs.dll 2009-12-22 18:39 . 2009-12-22 18:39 426496 ———w- c:\windows\system32\imapi2.dll 2009-12-21 19:08 . 2004-08-27 12:00 916480 ——a-w- c:\windows\system32\wininet.dll 2009-12-18 14:43 . 2009-12-18 14:43 0 ——a-w- c:\windows\nsreg.dat 2009-12-18 13:42 . 2009-01-31 22:54 1984 ——a-w- c:\windows\system32\d3d9caps.dat 2009-12-17 07:41 . 2009-01-27 21:52 344576 ——a-w- c:\windows\system32\mspaint.exe 2009-12-14 07:09 . 2004-08-27 12:00 33280 ——a-w- c:\windows\system32\csrsrv.dll 2009-10-06 18:21 . 2009-10-06 18:21 13229 ——a-w- c:\programmer\Furnish Pro uninstal.log 2009-08-28 12:49 . 2009-02-11 14:38 223133 ——a-w- c:\programmer\log.txt 2009-08-28 12:48 . 2009-02-11 14:38 356197 ——a-w- c:\programmer\steamboat.log 2009-08-28 12:48 . 2009-02-11 15:47 41909 ——a-w- c:\programmer\savedgame4.ini 2009-08-28 12:48 . 2009-02-11 14:40 189 ——a-w- c:\programmer\SGDB.ini 2009-02-11 15:47 . 2009-02-11 15:47 41509 ——a-w- c:\programmer\savedgame2.ini 2009-02-11 15:46 . 2009-02-11 15:44 41676 ——a-w- c:\programmer\savedgame8.ini 2009-02-11 15:41 . 2009-02-11 14:42 41869 ——a-w- c:\programmer\savedgame7.ini 2009-02-11 14:39 . 2009-02-11 14:37 594088 ——a-w- c:\programmer\DeIsL1.isu 2001-06-28 23:13 . 2009-02-11 14:38 295 ——a-w- c:\programmer\engine.ini 2001-06-28 23:13 . 2009-02-11 14:38 12432 ——a-w- c:\programmer\steamboat.ini 2001-06-26 17:06 . 2009-02-11 14:38 905960 ——a-w- c:\programmer\Mickey3D.hlp 2001-05-29 18:38 . 2009-02-11 14:38 2753536 ——a-w- c:\programmer\MBEngine.pdb 2001-05-29 18:38 . 2009-02-11 14:37 189440 ——a-w- c:\programmer\MBCom.pdb 2001-05-29 18:38 . 2009-02-11 14:38 304128 ——a-w- c:\programmer\mbruntime.pdb 2001-05-29 18:38 . 2009-02-11 14:38 4047872 ——a-w- c:\programmer\SteamboatApp.pdb 2001-05-29 18:38 . 2009-02-11 14:38 77915 ——a-w- c:\programmer\Steamboat.exe 2001-05-29 18:38 . 2009-02-11 14:38 295936 ——a-w- c:\programmer\Steamboat.pdb 2001-05-24 20:48 . 2009-02-11 14:37 40960 ——a-w- c:\programmer\M3DOptions.exe . ((((((((((((((((((((((((((((((((((( Start steder i reg.basen )))))))))))))))))))))))))))))))))))))))))))))))) . . Bemærk tomme linier & lovlige standard linier vises ikke REGEDIT4 [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] “Skype”=“c:\programmer\Skype\Phone\Skype.exe” [2008-11-18 21633320] “msnmsgr”=“c:\progra~1\WI1F86~1\MESSEN~1\msnmsgr.exe” [2009-07-26 3883856] “Advanced SystemCare 3”=“c:\programmer\IObit\Advanced SystemCare 3\AWC.exe” [2009-11-20 2335880] “swg”=“c:\programmer\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe” [2010-01-08 39408] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] “F-Secure TNB”=“c:\programmer\TDCSikkerhedspakke\FSGUI\TNBUtil.exe” [2008-12-04 957024] “HP Component Manager”=“c:\programmer\HP\hpcoretech\hpcmpmgr.exe” [2004-05-12 241664] “SoundMAXPnP”=“c:\programmer\Analog Devices\Core\smax4pnp.exe” [2009-01-31 868352] “NvCplDaemon”=“c:\windows\system32\NvCpl.dll” [2008-12-25 13680640] “nwiz”=“nwiz.exe” [2008-12-25 1657376] “NvMediaCenter”=“c:\windows\system32\NvMcTray.dll” [2008-12-25 86016] “PCSuiteTrayApplication”=“c:\programmer\Nokia\Nokia PC Suite 6\LaunchApplication.exe” [2007-06-18 271360] “Adobe Reader Speed Launcher”=“c:\programmer\Adobe\Reader 9.0\Reader\Reader_sl.exe” [2009-10-03 35696] “Adobe ARM”=“c:\programmer\Fælles filer\Adobe\ARM\1.0\AdobeARM.exe” [2009-09-04 935288] “SunJavaUpdateSched”=“c:\programmer\Java\jre6\bin\jusched.exe” [2009-10-11 149280] “QuickTime Task”=“c:\programmer\QuickTime\qttask.exe” [2009-11-10 417792] “iTunesHelper”=“c:\programmer\iTunes\iTunesHelper.exe” [2010-02-15 141608] “WinVNC”=“c:\programmer\TightVNC\WinVNC.exe” [2009-03-05 585728] [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run] “CTFMON.EXE”=“c:\windows\system32\CTFMON.EXE” [2008-04-14 15360] “Nokia.PCSync”=“c:\programmer\Nokia\Nokia PC Suite 6\PcSync2.exe” [2007-06-19 1241088] c:\documents and settings\Trine\Menuen Start\Programmer\Start\ OpenOffice.org 3.0.lnk - c:\programmer\OpenOffice.org 3\program\quickstart.exe [2009-1-15 393216] c:\documents and settings\Cecilie\Menuen Start\Programmer\Start\ OpenOffice.org 3.0.lnk - c:\programmer\OpenOffice.org 3\program\quickstart.exe [2009-1-15 393216] c:\documents and settings\Julie\Menuen Start\Programmer\Start\ OpenOffice.org 3.0.lnk - c:\programmer\OpenOffice.org 3\program\quickstart.exe [2009-1-15 393216] c:\documents and settings\Simone\Menuen Start\Programmer\Start\ OpenOffice.org 3.0.lnk - c:\programmer\OpenOffice.org 3\program\quickstart.exe [2009-1-15 393216] c:\documents and settings\All Users\Menuen Start\Programmer\Start\ HP Digital Imaging Monitor.lnk - c:\programmer\HP\Digital Imaging\bin\hpqtra08.exe [2004-5-28 241664] HP Image Zone Hurtig start.lnk - c:\programmer\HP\Digital Imaging\bin\hpqthb08.exe [2004-5-28 53248] [HKLM\~\startupfolder\C:^Documents and Settings^Lars^Menuen Start^Programmer^Start^OpenOffice.org 3.0.lnk] path=c:\documents and settings\Lars\Menuen Start\Programmer\Start\OpenOffice.org 3.0.lnk backup=c:\windows\pss\OpenOffice.org 3.0.lnkStartup [HKLM\~\startupfolder\C:^Documents and Settings^Lars^Menuen Start^Programmer^Start^Thoosje Sidebar.lnk] path=c:\documents and settings\Lars\Menuen Start\Programmer\Start\Thoosje Sidebar.lnk backup=c:\windows\pss\Thoosje Sidebar.lnkStartup [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services] “gusvc”=2 (0x2) “gupdate1c98d2cd3c8ccc”=2 (0x2) [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile] “EnableFirewall”= 0 (0x0) [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] “%windir%\\system32\\sessmgr.exe”= “%windir%\\Network Diagnostic\\xpnetdiag.exe”= “c:\\Programmer\\Messenger\\msmsgs.exe”= “c:\\Programmer\\SonicWALL\\SonicWALL Global VPN Client\\SWGVpnClient.exe”= “c:\\Programmer\\Bonjour\\mDNSResponder.exe”= “c:\\Programmer\\Windows Live\\Messenger\\msnmsgr.exe”= “c:\\Programmer\\Windows Live\\Sync\\WindowsLiveSync.exe”= “c:\\Programmer\\iTunes\\iTunes.exe”= “c:\\Programmer\\Skype\\Phone\\Skype.exe”= [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List] “3389:TCP”= 3389:TCP:@xpsp2res.dll,-22009 “4100:UDP”= 4100:UDP:uPNP Router Control Port R0 fsbts;fsbts;c:\windows\system32\drivers\fsbts.sys [31-01-2009 15:04 33920] R1 F-Secure HIPS;F-Secure HIPS Driver;c:\programmer\TDCSikkerhedspakke\HIPS\drivers\fshs.sys [31-01-2009 15:03 67808] R1 RCFOX;SonicWALL IPsec Driver;c:\windows\system32\drivers\RCFOX.SYS [16-04-2009 06:45 86552] R2 fssfltr;FssFltr;c:\windows\system32\drivers\fssfltr_tdi.sys [02-08-2009 13:48 54752] S3 FSORSPClient;F-Secure ORSP Client;c:\programmer\TDCSikkerhedspakke\ORSP Client\fsorsp.exe [31-01-2009 15:03 55904] S3 fsssvc;Windows Live-tjenesten Family Safety;c:\programmer\Windows Live\Family Safety\fsssvc.exe [05-08-2009 22:48 704864] S3 rcvpn;SonicWALL VPN Adapter;c:\windows\system32\drivers\rcvpn.sys [16-04-2009 06:44 24876] S3 USBAAPL;Apple Mobile USB Driver;c:\windows\system32\drivers\usbaapl.sys [25-10-2009 20:54 40448] S4 gupdate1c98d2cd3c8ccc;Google Update Service (gupdate1c98d2cd3c8ccc);c:\programmer\Google\Update\GoogleUpdate.exe [12-02-2009 17:07 133104] . Indhold af mappen ‘Planlagte Opgaver’ 2010-03-08 c:\windows\Tasks\AppleSoftwareUpdate.job - c:\programmer\Apple Software Update\SoftwareUpdate.exe [2008-07-30 11:34] 2010-03-11 c:\windows\Tasks\Google Software Updater.job - c:\programmer\Google\Common\Google Updater\GoogleUpdaterService.exe [2009-02-09 07:27] 2010-03-11 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job - c:\programmer\Google\Update\GoogleUpdate.exe [2009-02-12 16:07] 2010-03-11 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job - c:\programmer\Google\Update\GoogleUpdate.exe [2009-02-12 16:07] 2010-03-07 c:\windows\Tasks\SmartDefrag.job - c:\programmer\IObit\IObit SmartDefrag\IObit SmartDefrag.exe [2009-09-02 07:22] 2010-03-11 c:\windows\Tasks\User_Feed_Synchronization-{D0366365-4C13-4432-A8C3-27A01332389F}.job - c:\windows\system32\msfeedssync.exe [2007-08-13 02:31] . . ———- Yderligere scanning———- . IE: Add to Google Photos Screensa&ver; - c:\windows\system32\GPhotos.scr/200 IE: Google Sidewiki ... - c:\programmer\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_96D6FF0C6D236BF8.dll/cmsidewiki.html LSP: c:\programmer\TDCSikkerhedspakke\FSPS\program\FSLSP.DLL Trusted Zone: danid.dk Trusted Zone: danid.dk DPF: {304171C0-65EA-4B51-B5D9-93A311E26EB1} - hxxp://192.168.100.52/cgi-bin/MxPEG_ActiveX.cab?dummy=2649499 FF - ProfilePath - c:\documents and settings\Lars\Application Data\Mozilla\Firefox\Profiles\1q7dgroj.default\ FF - plugin: c:\programmer\Google\Google Earth\plugin\npgeplugin.dll FF - plugin: c:\programmer\Google\Picasa3\npPicasa3.dll FF - plugin: c:\programmer\Google\Update\1.2.183.17\npGoogleOneClick8.dll FF - plugin: c:\programmer\Windows Live\Photo Gallery\NPWLPG.dll FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\ ——FIREFOX POLITIKKER—— c:\programmer\Mozilla Firefox\defaults\pref\firefox-l10n.js - pref(“browser.fixup.alternate.suffix”, “.dk”); . - - - - TOMME GENVEJE FJERNET - - - - AddRemove-KB923789 - c:\windows\system32\MacroMed\Flash\genuinst.exe ************************************************************************ scanner skjulte processer ... scanner skjulte autostarter ... scanner skjulte filer ... scanning gennemført med succes skjulte filer: ************************************************************************ . ——————————- DLLs startet under kørende Processer——————————- - - - - - - - > ‘lsass.exe’(1068) c:\programmer\TDCSikkerhedspakke\FSPS\program\FSLSP.DLL . Gennemført tid: 2010-03-11 10:05:15 ComboFix-quarantined-files.txt 2010-03-11 09:05 Pre-Kørsel: 147.159.257.088 byte ledig Post-Kørsel: 152.888.041.472 byte ledig - - End Of File - - 72E75E0ACA8B7C0FB4A5A0E7E3789A70
[ Ignorer ] [ # 7 ] Fromsej TeamSpywarefri
11.03.2010 18:42:25 Administrator Team Spywarefri Antal indlæg: 54701	Det ser fint ud, er dit problem løst? Signatur Member of “Alliance of Security Analysis Professionals” - Alle angaben wie immer “nur mit pistole” Græd du også over eventyret om smedens kat, da du var lille? http://www.spywarefri.dk/medarbejderne/ Nierne bomaye - You’ll never walk alone qui potest, obligatur
[ Ignorer ] [ # 8 ] Damgaard
11.03.2010 20:16:45 Antal indlæg: 31	Hej igen. Jeg kan stadig ikke starte media player, søgefunktion er stadig blank, internetsider vises stadig ikke rigtigt når jeg bruger IE, det går fint med firefox. Når jeg forsøger at registrere jscript.dll (regsvr32 jscript.dll i kør) får jeg følgende svar “DllRegisterServer i jscript.dll mislykkedes. Returkoden var: 0x80004005. Det gik fint med at registrere vbscript.dll. Hvis i har andre forslag er jeg selvfølgelig meget interesseret. Mvh. Lars Damgaard Jensen.
[ Ignorer ] [ # 9 ] Fromsej TeamSpywarefri
12.03.2010 09:07:07 Administrator Team Spywarefri Antal indlæg: 54701	Umiddelbart ville jeg køre en Repair: http://www.fromsej.dk/Vejledninger/html/repairvej.htm Lav backup af dine vigtige ting først, det kan gå galt. Signatur Member of “Alliance of Security Analysis Professionals” - Alle angaben wie immer “nur mit pistole” Græd du også over eventyret om smedens kat, da du var lille? http://www.spywarefri.dk/medarbejderne/ Nierne bomaye - You’ll never walk alone qui potest, obligatur
[ Ignorer ] [ # 10 ] Damgaard
16.03.2010 20:08:33 Antal indlæg: 31	Hej igen. Jeg opgav det med en repair, jeg fik ikke klistret ægthedsbevisen på min PC da jeg installerede XP, så nu er min produktnøgle væk, det kan jeg kun takke mig selv for. Nu har jeg så besluttet at installere Windows 7 istedet. Der er vist kun tilbage at sige mange tak for jeres hjælp, den rensning var sandelig tiltrængt. Mvh. Lars Damgaard Jensen.
[ Ignorer ] [ # 11 ] Fromsej TeamSpywarefri
16.03.2010 21:09:54 Administrator Team Spywarefri Antal indlæg: 54701	Du kan finde din produktnøgle med Magicjellybean. http://www.magicaljellybean.com/keyfinder/ Men det skal nu ikke afholde dig fra at købe Win 7. Signatur Member of “Alliance of Security Analysis Professionals” - Alle angaben wie immer “nur mit pistole” Græd du også over eventyret om smedens kat, da du var lille? http://www.spywarefri.dk/medarbejderne/ Nierne bomaye - You’ll never walk alone qui potest, obligatur
[ Ignorer ] [ # 12 ] Damgaard
17.03.2010 08:42:12 Antal indlæg: 31	Hej. Det vil jeg prøve iaften når jeg kommer hjem.