Hej Fromsej, tak for din meget udførlige anvisning på den der Combofix 
Her er loggen:
ComboFix 10-03-17.07 - ego 18-03-2010 15:36:05.1.1 - FAT32x86
Microsoft Windows XP Home Edition 5.1.2600.3.1252.45.1030.18.958.499 [GMT 1:00]
Kører fra: c:\documents and settings\ego\Skrivebord\Combofix\ComboFix.exe
Kommandoer benyttet :: c:\documents and settings\ego\Skrivebord\Combofix\CFScript.txt
AV: avast! Antivirus *On-access scanning disabled* (Updated) {7591DB91-41F0-48A3-B128-1A293FD8233D}
FW: COMODO Firewall *enabled* {043803A3-4F86-4ef6-AFC5-F6E02A79969B}
.
((((((((((((((((((((((((((((((((((((((( Andet, der er slettet )))))))))))))))))))))))))))))))))))))))))))))))))
.
c:\documents and settings\ego\Application Data\ezpinst.log
c:\documents and settings\ego\Application Data\inst.exe
c:\windows\system32\autorun.ini
.
((((((((((((((((((((((((((((( Filer skabt fra 2010-02-18 til 2010-03-18 )))))))))))))))))))))))))))))))))))
.
2010-03-17 17:46 . 2010-03-17 17:46 ———— d——-w- c:\programmer\Realtek AC97
2010-03-16 15:48 . 2010-03-16 15:48 ———— d—h—w- c:\windows\ie8
2010-03-16 14:27 . 2010-03-16 14:27 ———— d——-w- c:\programmer\Ashampoo
2010-03-14 21:26 . 2010-03-14 21:26 ———— d——-w- c:\programmer\Auslogics
2010-03-11 21:41 . 2010-03-11 21:41 ———— d——-w- c:\windows\system32\wbem\Repository
2010-03-11 20:57 . 2010-03-11 20:57 ———— d——-w- C:\Softpaq
2010-03-10 14:34 . 2010-03-10 14:34 ———— d——-w- c:\documents and settings\All Users\Application Data\NOS
2010-03-10 07:23 . 2009-10-23 15:28 3558912 ———w- c:\windows\system32\dllcache\moviemk.exe
2010-03-05 14:59 . 2010-03-05 14:59 ———— d——-w- C:\WEBBANK
2010-03-03 08:23 . 2010-03-03 08:23 ———— d——-w- c:\documents and settings\ego\Lokale indstillinger\Application Data\ashampoo
2010-03-03 08:23 . 2010-03-03 08:23 ———— d——-w- c:\documents and settings\All Users\Application Data\ashampoo
2010-03-03 08:19 . 2010-03-03 08:19 ———— d——-w- c:\documents and settings\ego\Application Data\Ashampoo
2010-03-03 01:18 . 2010-03-03 01:18 ———— d——-w- c:\documents and settings\All Users\Application Data\Elaborate Bytes
2010-03-02 18:48 . 2010-03-02 18:48 ———— d——-w- c:\documents and settings\All Users\Application Data\Canneverbe Limited
2010-03-02 18:48 . 2009-11-12 12:48 7168 ——a-w- c:\windows\system32\drivers\StarOpen.sys
2010-03-02 18:48 . 2010-03-02 18:48 ———— d——-w- c:\programmer\CDBurnerXP
2010-03-02 18:28 . 2010-03-02 18:28 ———— d——-w- c:\documents and settings\All Users\Application Data\page
2010-03-01 14:58 . 2009-05-07 07:04 157712 ——a-w- c:\windows\system32\drivers\tmcomm.sys
2010-03-01 14:01 . 2010-03-09 11:12 162640 ——a-w- c:\windows\system32\drivers\aswSP.sys
2010-03-01 14:01 . 2010-03-09 11:08 19024 ——a-w- c:\windows\system32\drivers\aswFsBlk.sys
2010-03-01 14:01 . 2010-03-09 11:12 46672 ——a-w- c:\windows\system32\drivers\aswTdi.sys
2010-03-01 14:01 . 2010-03-09 11:09 23376 ——a-w- c:\windows\system32\drivers\aswRdr.sys
2010-03-01 14:01 . 2010-03-09 11:08 100432 ——a-w- c:\windows\system32\drivers\aswmon2.sys
2010-03-01 14:01 . 2010-03-09 11:08 94800 ——a-w- c:\windows\system32\drivers\aswmon.sys
2010-03-01 14:01 . 2010-03-09 11:08 28880 ——a-w- c:\windows\system32\drivers\aavmker4.sys
2010-03-01 14:01 . 2010-03-09 11:24 153184 ——a-w- c:\windows\system32\aswBoot.exe
2010-03-01 14:01 . 2010-02-11 18:53 38848 ——a-w- c:\windows\system32\avastSS.scr
2010-03-01 10:19 . 2010-03-01 10:19 ———— d——-w- c:\programmer\Alwil Software
2010-03-01 10:13 . 2010-03-01 10:13 ———— d——-w- c:\documents and settings\All Users\Application Data\Comodo
2010-03-01 10:13 . 2010-03-01 10:13 87104 ——a-w- c:\windows\system32\drivers\inspect.sys
2010-03-01 10:13 . 2010-03-01 10:13 25160 ——a-w- c:\windows\system32\drivers\cmdhlp.sys
2010-03-01 10:13 . 2010-03-01 10:13 171552 ——a-w- c:\windows\system32\guard32.dll
2010-03-01 10:13 . 2010-03-01 10:13 134344 ——a-w- c:\windows\system32\drivers\cmdguard.sys
2010-03-01 10:13 . 2010-03-01 10:13 ———— d——-w- c:\programmer\COMODO
2010-02-21 18:16 . 2010-02-21 18:16 ———— d——-w- c:\documents and settings\All Users\Application Data\F-Secure
.
(((((((((((((((((((((((((((((((((((((((( Find3M Rapport ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-03-17 18:06 . 2005-01-26 18:34 1024 —-h—r- c:\windows\system32\NTIBUN4.dll
2010-03-17 18:03 . 2005-01-26 18:33 1024 —-h—r- c:\windows\system32\NTIMPEG2.dll
2010-03-17 18:03 . 2005-01-26 18:33 1024 —-h—r- c:\windows\system32\NTIMP3.dll
2010-03-17 18:03 . 2005-01-26 18:33 1024 —-h—r- c:\windows\system32\NTIFCD3.dll
2010-03-17 18:03 . 2005-01-26 18:33 1024 —-h—r- c:\windows\system32\NTICDMK7.dll
2010-03-17 18:03 . 2005-01-26 18:33 6144 ——a-w- c:\windows\system32\drivers\NTIDrvr.sys
2010-03-17 17:52 . 2010-02-06 15:38 80336 ——a-w- c:\windows\system32\perfc006.dat
2010-03-17 17:52 . 2010-02-06 15:38 451196 ——a-w- c:\windows\system32\perfh006.dat
2010-02-08 12:19 . 2010-02-08 12:19 95259 ——a-w- c:\windows\system32\drivers\klick.dat
2010-02-08 12:19 . 2010-02-08 12:19 108059 ——a-w- c:\windows\system32\drivers\klin.dat
2010-02-08 12:12 . 2010-02-08 12:12 ———— d——-w- c:\documents and settings\ego\Application Data\TeamViewer
2010-02-07 21:07 . 2010-02-07 21:07 ———— d——-w- c:\documents and settings\ego\Application Data\Auslogics
2010-01-26 18:20 . 2010-01-26 18:20 ———— d——-w- c:\programmer\Winamp Detect
2010-01-23 18:41 . 2010-01-23 18:41 503808 ——a-w- c:\documents and settings\ego\Application Data\Sun\Java\Deployment\SystemCache\6.0\54\1a209876-7569c29a-n\msvcp71.dll
2010-01-23 18:41 . 2010-01-23 18:41 499712 ——a-w- c:\documents and settings\ego\Application Data\Sun\Java\Deployment\SystemCache\6.0\54\1a209876-7569c29a-n\jmc.dll
2010-01-23 18:41 . 2010-01-23 18:41 348160 ——a-w- c:\documents and settings\ego\Application Data\Sun\Java\Deployment\SystemCache\6.0\54\1a209876-7569c29a-n\msvcr71.dll
2010-01-23 18:41 . 2010-01-23 18:41 ———— d——-w- c:\programmer\Fælles filer\Java
2010-01-23 18:41 . 2010-01-23 18:41 61440 ——a-w- c:\documents and settings\ego\Application Data\Sun\Java\Deployment\SystemCache\6.0\17\6d0ad391-68a4431f-n\decora-sse.dll
2010-01-23 18:41 . 2010-01-23 18:41 12800 ——a-w- c:\documents and settings\ego\Application Data\Sun\Java\Deployment\SystemCache\6.0\17\6d0ad391-68a4431f-n\decora-d3d.dll
2010-01-23 18:41 . 2010-01-23 18:41 411368 ——a-w- c:\windows\system32\deploytk.dll
2010-01-23 18:41 . 2010-01-23 18:41 ———— d——-w- c:\programmer\Java
2010-01-23 18:08 . 2010-01-23 18:08 ———— d——-w- c:\documents and settings\All Users\Application Data\Alwil Software
2010-01-23 18:01 . 2010-01-23 18:01 5115824 ——a-w- c:\documents and settings\All Users\Application Data\Malwarebytes\Malwarebytes’ Anti-Malware\mbam-setup.exe
2010-01-07 15:07 . 2010-01-07 15:07 38224 ——a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2010-01-07 15:07 . 2010-01-07 15:07 19160 ——a-w- c:\windows\system32\drivers\mbam.sys
2009-12-31 16:50 . 2008-12-11 10:57 353792 ——a-w- c:\windows\system32\drivers\srv.sys
2009-12-21 19:08 . 2009-12-21 19:08 916480 ——a-w- c:\windows\system32\wininet.dll
2009-02-24 20:34 . 2009-02-24 20:34 1044480 ——a-w- c:\programmer\mozilla firefox\plugins\libdivx.dll
2009-02-24 20:34 . 2009-02-24 20:34 200704 ——a-w- c:\programmer\mozilla firefox\plugins\ssldivx.dll
2005-10-24 10:13 . 2005-10-24 10:13 66560 —sha-r- c:\windows\MOTA113.exe
2005-06-26 14:32 . 2005-06-26 14:32 616448 —sha-r- c:\windows\system32\cygwin1.dll
2005-06-21 21:37 . 2005-06-21 21:37 45568 —sha-r- c:\windows\system32\cygz.dll
2004-01-24 23:00 . 2004-01-24 23:00 70656 —sha-r- c:\windows\system32\i420vfw.dll
2004-01-24 23:00 . 2004-01-24 23:00 70656 —sha-r- c:\windows\system32\yv12vfw.dll
2005-02-28 12:16 . 2005-02-28 12:16 240128 —sha-r- c:\windows\system32\x.264.exe
2005-07-14 11:31 . 2005-07-14 11:31 27648 —sha-r- c:\windows\system32\AVSredirect.dll
2008-04-14 17:05 . 2008-04-14 17:05 1695232 —sh—w- c:\windows\ServicePackFiles\i386\msmsgs.exe
.
((((((((((((((((((((((((((((((((((( Start steder i reg.basen ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Bemærk* tomme linier & lovlige standard linier vises ikke
REGEDIT4
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
“LaunchApp”=“Alaunch” [X]
“IMJPMIG8.1”=“c:\windows\IME\imjp8_1\IMJPMIG.EXE” [2004-08-27 208952]
“MSPY2002”=“c:\windows\system32\IME\PINTLGNT\ImScInst.exe” [2004-08-27 59392]
“PHIME2002ASync”=“c:\windows\system32\IME\TINTLGNT\TINTSETP.EXE” [2004-08-27 455168]
“PHIME2002A”=“c:\windows\system32\IME\TINTLGNT\TINTSETP.EXE” [2004-08-27 455168]
“AGRSMMSG”=“AGRSMMSG.exe” [2004-04-13 88363]
“nwiz”=“nwiz.exe” [2005-11-11 1519616]
“AspireService”=“c:\programmer\Acer\Acer eMode Management\AspireService.exe” [2005-09-29 114688]
“eRecoveryService”=“c:\acer\Empowering Technology\eRecovery\Monitor.exe” [2005-11-16 397312]
“ATICCC”=“c:\programmer\ATI Technologies\ATI.ACE\cli.exe” [2005-08-06 61440]
“NvMediaCenter”=“c:\windows\system32\NvMcTray.dll” [2005-11-11 86016]
“NvCplDaemon”=“c:\windows\system32\NvCpl.dll” [2005-11-11 7311360]
“Malwarebytes’ Anti-Malware”=“c:\programmer\Malwarebytes’ Anti-Malware\mbamgui.exe” [2010-01-07 429392]
“Adobe Reader Speed Launcher”=“c:\programmer\Adobe\Reader 9.0\Reader\Reader_sl.exe” [2009-12-22 35760]
“Adobe ARM”=“c:\programmer\Fælles filer\Adobe\ARM\1.0\AdobeARM.exe” [2009-12-11 948672]
“SunJavaUpdateSched”=“c:\programmer\Fælles filer\Java\Java Update\jusched.exe” [2010-01-11 246504]
“COMODO Internet Security”=“c:\programmer\COMODO\COMODO Internet Security\cfp.exe” [2010-03-01 1800464]
“avast5”=“c:\programmer\Alwil Software\Avast5\avastUI.exe” [2010-03-09 2769336]
“SoundMan”=“SOUNDMAN.EXE” [2005-09-22 90112]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
“CTFMON.EXE”=“c:\windows\system32\CTFMON.EXE” [2008-04-14 15360]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
“AppInit_DLLs”=c:\windows\system32\guard32.dll
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Malwarebytes’ Anti-Malware]
2010-01-07 15:07 429392 ——a-w- c:\programmer\Malwarebytes’ Anti-Malware\mbamgui.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MediaSync]
2005-09-21 12:48 425984 ——a-w- c:\programmer\Acer\Acer eConsole\MediaSync.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ntiMUI]
2005-05-11 17:15 45056 ——a-w- c:\programmer\NewTech Infosystems\NTI CD & DVD-Maker 7\ntiMUI.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RemoteControl]
2004-11-02 19:24 32768 ——a-w- c:\programmer\CyberLink\PowerDVD\PDVDServ.exe
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run-]
“SpybotSD TeaTimer”=c:\programmer\Spybot - Search & Destroy\TeaTimer.exe
“MSMSGS”=“c:\programmer\Messenger\msmsgs.exe” /background
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-]
“CloneCDTray”=“c:\programmer\SlySoft\CloneCD\CloneCDTray.exe” /s
“NvCplDaemon”=RUNDLL32.EXE c:\windows\system32\NvCpl.dll,NvStartup
“InCD”=c:\programmer\Ahead\InCD\InCD.exe
“QuickTime Task”=“c:\programmer\QuickTime\qttask.exe” -atboottime
“NeroFilterCheck”=c:\windows\system32\NeroCheck.exe
“RemoteControl”=c:\programmer\CyberLink\PowerDVD\PDVDServ.exe
“VirtualCloneDrive”=“c:\programmer\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe” /s
“WinampAgent”=c:\programmer\Winamp\winampa.exe
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
“EnableFirewall”= 0 (0x0)
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
“d:\\PRG.SET’UPS\\PRG-SET-UP’s\\utorrent.exe”=
“c:\\WINDOWS\\system32\\sessmgr.exe”=
“%windir%\\Network Diagnostic\\xpnetdiag.exe”=
“%windir%\\system32\\sessmgr.exe”=
R1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [01-03-2010 15:01 162640]
R1 cmdGuard;COMODO Internet Security Sandbox Driver;c:\windows\system32\drivers\cmdguard.sys [01-03-2010 11:13 134344]
R1 cmdHlp;COMODO Internet Security Helper Driver;c:\windows\system32\drivers\cmdhlp.sys [01-03-2010 11:13 25160]
R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [01-03-2010 15:01 19024]
R2 Digital Music Software: Audio Transcoder update permissions manager. 1543.;Digital Music Software: Audio Transcoder update permissions manager. 1543.;c:\programmer\AudioTranscoder\updtr.exe -PermissionManagerRun—> c:\programmer\AudioTranscoder\updtr.exe -PermissionManagerRun [?]
R2 MBAMService;MBAMService;c:\programmer\Malwarebytes’ Anti-Malware\mbamservice.exe [07-01-2010 16:07 236368]
R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [07-01-2010 16:07 19160]
.
Indhold af mappen ‘Planlagte Opgaver’
2010-03-17 c:\windows\Tasks\Malwarebytes’ Scheduled Update for ego.job
- c:\programmer\Malwarebytes’ Anti-Malware\mbam.exe [2010-01-07 15:07]
.
.
———- Yderligere scanning———-
.
uStart Page = about:blank
uInternet Connection Wizard,ShellNext = hxxp://pralerts.zonelabs.com/pralerts/pranalyze.jsp?PN=CLI+Application+(Command+Line+Interface)&VER=1.2.2044.224&FN=CLI.exe&Created=330608ef&Size=61440&MD5=0fa537e4e4729b97676ce68893e72dae&SKIMP=d2fe2873f4aff3290e2163d492c26fcd&&RIPA;=127.0.0.1&RP=1030&Connect=1&Pgmstatus=1&Zone=1&Keycode=j5hvqhisiu3s4he7bhx644bu4g0&Product=ZoneAlarm&ProductVersion=6.1.744.001&HU100=ZLN41191311044106-1023&DTST=56265&QSRC=1&OS=Windows+XP-5.1.2600-Service+Pack+2-SP&LANG=1030&CL=en&LICFLAG=1&OEM=1023&SKU=0&Mode=1
TCP: {01F659E5-8033-4259-973F-5D1919EB28D0} = 208.67.222.222,208.67.220.220
FF - ProfilePath - c:\documents and settings\ego\Application Data\Mozilla\Firefox\Profiles\pafvnqr7.default\
FF - prefs.js: browser.startup.homepage -
FF - plugin: c:\programmer\Mozilla Firefox\plugins\npwachk.dll
FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
——FIREFOX POLITIKKER——
c:\programmer\Mozilla Firefox\greprefs\all.js - pref(“ui.use_native_colors”, true);
c:\programmer\Mozilla Firefox\greprefs\all.js - pref(“ui.use_native_popup_windows”, false);
c:\programmer\Mozilla Firefox\greprefs\all.js - pref(“browser.enable_click_image_resizing”, true);
c:\programmer\Mozilla Firefox\greprefs\all.js - pref(“accessibility.browsewithcaret_shortcut.enabled”, true);
c:\programmer\Mozilla Firefox\greprefs\all.js - pref(“javascript.options.mem.high_water_mark”, 32);
c:\programmer\Mozilla Firefox\greprefs\all.js - pref(“javascript.options.mem.gc_frequency”, 1600);
c:\programmer\Mozilla Firefox\greprefs\all.js - pref(“network.auth.force-generic-ntlm”, false);
c:\programmer\Mozilla Firefox\greprefs\all.js - pref(“svg.smil.enabled”, false);
c:\programmer\Mozilla Firefox\greprefs\all.js - pref(“ui.trackpoint_hack.enabled”, -1);
c:\programmer\Mozilla Firefox\greprefs\all.js - pref(“browser.formfill.debug”, false);
c:\programmer\Mozilla Firefox\greprefs\all.js - pref(“browser.formfill.agedWeight”, 2);
c:\programmer\Mozilla Firefox\greprefs\all.js - pref(“browser.formfill.bucketSize”, 1);
c:\programmer\Mozilla Firefox\greprefs\all.js - pref(“browser.formfill.maxTimeGroupings”, 25);
c:\programmer\Mozilla Firefox\greprefs\all.js - pref(“browser.formfill.timeGroupingSize”, 604800);
c:\programmer\Mozilla Firefox\greprefs\all.js - pref(“browser.formfill.boundaryWeight”, 25);
c:\programmer\Mozilla Firefox\greprefs\all.js - pref(“browser.formfill.prefixWeight”, 5);
c:\programmer\Mozilla Firefox\greprefs\all.js - pref(“html5.enable”, false);
c:\programmer\Mozilla Firefox\defaults\pref\firefox-branding.js - pref(“app.update.download.backgroundInterval”, 600);
c:\programmer\Mozilla Firefox\defaults\pref\firefox-branding.js - pref(“app.update.url.manual”, “http://www.firefox.com”);
c:\programmer\Mozilla Firefox\defaults\pref\firefox-branding.js - pref(“browser.search.param.yahoo-fr-ja”, “mozff”);
c:\programmer\Mozilla Firefox\defaults\pref\firefox.js - pref(“extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.name”, “chrome://browser/locale/browser.properties”);
c:\programmer\Mozilla Firefox\defaults\pref\firefox.js - pref(“extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.description”, “chrome://browser/locale/browser.properties”);
c:\programmer\Mozilla Firefox\defaults\pref\firefox.js - pref(“xpinstall.whitelist.add”, “addons.mozilla.org”);
c:\programmer\Mozilla Firefox\defaults\pref\firefox.js - pref(“xpinstall.whitelist.add.36”, “getpersonas.com”);
c:\programmer\Mozilla Firefox\defaults\pref\firefox.js - pref(“lightweightThemes.update.enabled”, true);
c:\programmer\Mozilla Firefox\defaults\pref\firefox.js - pref(“browser.allTabs.previews”, false);
c:\programmer\Mozilla Firefox\defaults\pref\firefox.js - pref(“plugins.hide_infobar_for_outdated_plugin”, false);
c:\programmer\Mozilla Firefox\defaults\pref\firefox.js - pref(“plugins.update.notifyUser”, false);
c:\programmer\Mozilla Firefox\defaults\pref\firefox.js - pref(“toolbar.customization.usesheet”, false);
c:\programmer\Mozilla Firefox\defaults\pref\firefox.js - pref(“browser.taskbar.previews.enable”, false);
c:\programmer\Mozilla Firefox\defaults\pref\firefox.js - pref(“browser.taskbar.previews.max”, 20);
c:\programmer\Mozilla Firefox\defaults\pref\firefox.js - pref(“browser.taskbar.previews.cachetime”, 20);
.
- - - - TOMME GENVEJE FJERNET - - - -
ShellExecuteHooks-{4F07DA45-8170-4859-9B5F-037EF2970034} - (no file)
MSConfigStartUp-AnyDVD - c:\programmer\SlySoft\AnyDVD\AnyDVD.exe
MSConfigStartUp-NBJ - c:\programmer\Ahead\Nero BackItUp\NBJ.exe
**************************************************************************
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2010-03-18 15:43
Windows 5.1.2600 Service Pack 3 FAT NTAPI
scanner skjulte processer ...
scanner skjulte autostarter ...
scanner skjulte filer ...
scanning gennemført med succes
skjulte filer: 0
**************************************************************************
“ServiceDll”=”%SystemRoot%\System32\dhcpcsvc.dll”
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Digital Music Software: Audio Transcoder update permissions manager. 1543.]
.
——————————- LÅSTE REGISTRERINGS NØGLER——————————-
[HKEY_USERS\S-1-5-21-3242847100-2614902147-801667920-1007\Software\Zepter Software\RegLib*1a1a1b96\AnyDVD/1]
“1”=dword:44f06344
“2”=dword:4511be7b
[HKEY_USERS\S-1-5-21-3242847100-2614902147-801667920-1007\Software\Zepter Software\RegLib*1a1a1b96\CloneDVD2/2]
“1”=dword:44f06373
“2”=dword:49316c1d
.
——————————- DLLs startet under kørende Processer——————————-
- - - - - - - > ‘winlogon.exe’(568)
c:\windows\system32\Ati2evxx.dll
- - - - - - - > ‘explorer.exe’(3032)
c:\windows\system32\webcheck.dll
c:\windows\system32\WPDShServiceObj.dll
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
.
————————————Andre kørende processer————————————
.
c:\programmer\Ahead\InCD\InCDsrv.exe
c:\programmer\Alwil Software\Avast5\AvastSvc.exe
c:\windows\AGRSMMSG.exe
c:\windows\SOUNDMAN.EXE
c:\programmer\Acer\Acer eConsole\MediaServerService.exe
c:\programmer\AudioTranscoder\updtr.exe
c:\programmer\Java\jre6\bin\jqs.exe
c:\programmer\CDBurnerXP\NMSAccessU.exe
c:\windows\system32\nvsvc32.exe
c:\windows\system32\wscntfy.exe
c:\programmer\Alwil Software\Avast5\setup\avast.setup
.
**************************************************************************
.
Gennemført tid: 2010-03-18 15:46:21 - maskinen blev genstartet
ComboFix-quarantined-files.txt 2010-03-18 14:46
Pre-Kørsel: 108.590.989.312 byte ledig
Post-Kørsel: 108.546.031.616 byte ledig
WindowsXP-KB310994-SP2-Home-BootDisk-DAN.exe
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(2)\WINDOWS
[operating systems]
c:\cmdcons\BOOTSECT.DAT=“Microsoft Windows Recovery Console” /cmdcons
multi(0)disk(0)rdisk(0)partition(2)\WINDOWS=“Microsoft Windows XP Home Edition” /noexecute=optin /fastdetect
- - End Of File - - D088E6A84AD76B3DCB8C6E5651EB11CE
, så dem venter jeg på.
