Spywarefri Forum | Tekst flytter sig og programmer åbner

Tekst flytter sig og programmer åbner - af sig selv

[ Ignorer ] one4me
22.03.2010 05:07:53 Antal indlæg: 262	Hej. Jeg har netop oplevet et par ting på min computer, som jeg på ingen måde bryder mig om. Dels en sætning i et Word ark som markøren stod ud for, der pludselig bevægede sig flere linjer ned ad, af sig selv (rørte overhovedet ikke ved tastaturet), dels et program (E.M.P.T) som åbnede af sig selv. Jeg mener ikke dette under normale omstændigheder burde kunne lade sig gøre. Samtidig kan jeg ikke umiddelbart finde noget mistænkeligt. Jeg har scannet med både ‘Malwarebytes’ Anti-Malware’ og ‘SUPERAntiSpyware Professional’. Ingen af dem fandt noget som helst. Ud over førnævnte programmer benytter jeg ‘ESET NOD32’ og ‘Sunbelt Personal Firewall’. Her er en HijackThis log, som jeg vil blive glad hvis I vil kigge på ... På forhånd tak. Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 04:04:16, on 22-03-2010 Platform: Windows XP SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v8.00 (8.00.6001.18702) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\LEXBCES.EXE C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\system32\LEXPPS.EXE C:\Programmer\Fælles filer\ArcSoft\Connection Service\Bin\ACService.exe C:\Programmer\ESET\ESET NOD32 Antivirus\ekrn.exe C:\WINDOWS\system32\Ati2evxx.exe C:\Programmer\Java\jre6\bin\jqs.exe C:\Programmer\Microsoft Private Folder 1.0\PrfldSvc.exe C:\Programmer\Sunbelt Software\Personal Firewall\SbPFLnch.exe C:\Programmer\Sunbelt Software\Personal Firewall\SbPFSvc.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\SearchIndexer.exe C:\WINDOWS\Explorer.EXE C:\Programmer\Analog Devices\Core\smax4pnp.exe C:\Programmer\ESET\ESET NOD32 Antivirus\egui.exe C:\Programmer\Fælles filer\ArcSoft\Connection Service\Bin\ACDaemon.exe C:\Programmer\Fælles filer\Real\Update_OB\realsched.exe C:\Programmer\Fælles filer\Java\Java Update\jusched.exe C:\WINDOWS\system32\ctfmon.exe C:\Programmer\Eraser\eraser.exe C:\Programmer\Fælles filer\InstallShield\UpdateService\ISUSPM.exe C:\Programmer\Panasonic\PHOTOfunSTUDIO -viewer-\PhAutoRun.exe C:\Programmer\PolderbitS\Recorder\Driver\PBDriverMonitor_uk.exe C:\Programmer\Windows Desktop Search\WindowsSearch.exe C:\Programmer\Sunbelt Software\Personal Firewall\SbPFCl.exe C:\Programmer\Internet Explorer\iexplore.exe C:\Programmer\Internet Explorer\iexplore.exe C:\Programmer\Internet Explorer\iexplore.exe C:\Programmer\Internet Explorer\iexplore.exe C:\Programmer\Internet Explorer\iexplore.exe C:\HijackThis\HiJackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.dk/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Hyperlinks O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Programmer\Fælles filer\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Programmer\Real\RealPlayer\rpbrowserrecordplugin.dll O2 - BHO: Hjælp til tilmelding til Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programmer\Fælles filer\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Programmer\Java\jre6\bin\jp2ssv.dll O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Programmer\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll O4 - HKLM\..\Run: [SoundMAXPnP] C:\Programmer\Analog Devices\Core\smax4pnp.exe O4 - HKLM\..\Run: [egui] “C:\Programmer\ESET\ESET NOD32 Antivirus\egui.exe” /hide /waitservice O4 - HKLM\..\Run: [ArcSoft Connection Service] C:\Programmer\Fælles filer\ArcSoft\Connection Service\Bin\ACDaemon.exe O4 - HKLM\..\Run: [QuickTime Task] “C:\Programmer\QuickTime\qttask.exe” -atboottime O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] “C:\Programmer\Adobe\Reader 9.0\Reader\Reader_sl.exe” O4 - HKLM\..\Run: [TkBellExe] “C:\Programmer\Fælles filer\Real\Update_OB\realsched.exe” -osboot O4 - HKLM\..\Run: [SunJavaUpdateSched] “C:\Programmer\Fælles filer\Java\Java Update\jusched.exe” O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [Eraser] C:\Programmer\Eraser\eraser.exe -hide O4 - HKCU\..\Run: [ISUSPM] “C:\Programmer\Fælles filer\InstallShield\UpdateService\ISUSPM.exe” -scheduler O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User ‘LOKAL TJENESTE’) O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User ‘NETVÆRKSTJENESTE’) O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User ‘SYSTEM’) O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User ‘Default user’) O4 - Global Startup: PHOTOfunSTUDIO -viewer-.lnk = C:\Programmer\Panasonic\PHOTOfunSTUDIO -viewer-\PhAutoRun.exe O4 - Global Startup: PolderbitS Audio Driver Monitor.lnk = C:\Programmer\PolderbitS\Recorder\Driver\PBDriverMonitor_uk.exe O4 - Global Startup: Windows Search.lnk = C:\Programmer\Windows Desktop Search\WindowsSearch.exe O8 - Extra context menu item: E&ksporter; til Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000 O9 - Extra button: Opslag - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra ‘Tools’ menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programmer\Messenger\msmsgs.exe O9 - Extra ‘Tools’ menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programmer\Messenger\msmsgs.exe O15 - Trusted Zone: http://.danid.dk O15 - Trusted Zone: http://.danid.dk (HKLM) O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1263840647338 O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1264474895531 O16 - DPF: {9DF01F00-08E7-4DBE-9070-94841463B3FE} (Util Class) - https://danid.dk/csp/authenticode/csp.exe O16 - DPF: {B1E2B96C-12FE-45E2-BEF1-44A219113CDD} (SABScanProcesses Class) - http://www.superadblocker.com/activex/sabspx.cab O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (MSN Games - Installer) - http://cdn2.zone.msn.com/binFramework/v10/ZPAFramework.cab102118.cab O16 - DPF: {CAC181B0-4D70-402D-B571-C596A47D0CE0} (CBankshotZoneCtrl Class) - http://zone.msn.com/bingame/zpagames/zpa_pool.cab56649.cab O16 - DPF: {D821DC4A-0814-435E-9820-661C543A4679} (CRLDownloadWrapper Class) - http://drmlicense.one.microsoft.com/crlupdate/en/crlocx.ocx O16 - DPF: {DF780F87-FF2B-4DF8-92D0-73DB16A1543A} (PopCapLoader Object) - http://www.popcap.com/webgames/popcaploader_v10.cab O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} (get_atlcom Class) - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab O20 - Winlogon Notify: !SASWinLogon - C:\Programmer\SUPERAntiSpyware\SASWINLO.dll O23 - Service: ArcSoft Connect Daemon (ACDaemon) - ArcSoft - C:\Programmer\Fælles filer\ArcSoft\Connection Service\Bin\ACService.exe O23 - Service: Apache2.2 - Unknown owner - C:\PROGRA~1\EASYPH~1.1\Apache\bin\apache.exe (file missing) O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe O23 - Service: ESET HTTP Server (EhttpSrv) - ESET - C:\Programmer\ESET\ESET NOD32 Antivirus\EHttpSrv.exe O23 - Service: ESET Service (ekrn) - ESET - C:\Programmer\ESET\ESET NOD32 Antivirus\ekrn.exe O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Programmer\Java\jre6\bin\jqs.exe O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINDOWS\system32\LEXBCES.EXE O23 - Service: MySQL - Unknown owner - C:\PROGRA~1\EASYPH~1.1\MySql\bin\mysqld.exe (file missing) O23 - Service: Private Folder Service (prfldsvc) - Unknown owner - C:\Programmer\Microsoft Private Folder 1.0\PrfldSvc.exe O23 - Service: SbPF.Launcher - Sunbelt Software, Inc. - C:\Programmer\Sunbelt Software\Personal Firewall\SbPFLnch.exe O23 - Service: Sunbelt Personal Firewall 4 (SPF4) - Sunbelt Software, Inc. - C:\Programmer\Sunbelt Software\Personal Firewall\SbPFSvc.exe O23 - Service: stllssvr - MicroVision Development, Inc. - C:\Programmer\Fælles filer\SureThing Shared\stllssvr.exe — End of file - 8549 bytes
[ Ignorer ] [ # 1 ] Magic Emeritus
22.03.2010 05:55:47 Administrator Supporter Emeritus Antal indlæg: 29177	Hej Lad os grave lidt dybere -> Hent Combofix, og gem den på dit skrivebord, som alg.exe: ComboFix Luk alle andre vinduer ned. Kør så combofix.exe, og følg anvisningerne. Du må ikke klikke på vinduet imens værktøjet kører, idet det kan få din computer til at fryse. Når Combofix er færdig, og efter det (muligvis) har genstartet, skulle der gerne åbnes en logfil: combofix.txt som ligger her C: Combofix txt Indholdet af denne fil må du gerne lægge herind. NB. Før du sender logfilerne, beder vi dig om at fjerne enhvert P2P/fildelings program, hvis du har nogen, og dette inkluderer Torrent software, før vi renser computeren
[ Ignorer ] [ # 2 ] one4me
22.03.2010 19:13:04 Antal indlæg: 262	Hej. Tak for svaret. Jeg har ingen fildelingsprogrammer installeret. Her er log’en ... ComboFix 10-03-21.05 - Navn 22-03-2010 17:58:27.1.2 - x86 Microsoft Windows XP Professional 5.1.2600.3.1252.45.1030.18.3070.2650 [GMT 1:00] Kører fra: c:\documents and settings\SLETTET BRUGERNAVN\Skrivebord\ComboFix.exe AV: ESET NOD32 Antivirus 4.0 On-access scanning disabled (Updated) {E5E70D32-0101-4F12-8FB0-D96ACA4F34C0} FW: Sunbelt Personal Firewall enabled {82B1150E-9B37-49FC-83EB-D52197D900D0} advarsel -DENNE MASKINE HAR IKKE GENOPRETTELSESKONSOL INSTALLERET !! . ((((((((((((((((((((((((((((((((((((((( Andet, der er slettet ))))))))))))))))))))))))))))))))))))))))))))))))) . c:\windows\Downloaded Program Files\popcaploader.dll c:\windows\Downloaded Program Files\popcaploader.inf . ((((((((((((((((((((((((((((( Filer skabt fra 2010-02-22 til 2010-03-22 ))))))))))))))))))))))))))))))))))) . 2010-03-16 15:11 . 2010-03-16 15:11 ———— d——-w- c:\documents and settings\Navn\Application Data\Cryptomathic 2010-03-16 15:09 . 2010-03-16 15:09 ———— dc-h—w- c:\documents and settings\All Users\Application Data\{237893C1-591F-47E9-9771-FF1BC748C7F6} 2010-03-16 15:09 . 2009-09-23 06:42 3102072 -c—a-w- c:\documents and settings\All Users\Application Data\{237893C1-591F-47E9-9771-FF1BC748C7F6}\csp.exe 2010-03-16 15:09 . 2010-03-16 15:09 ———— d——-w- c:\programmer\DanID 2010-03-16 15:08 . 2010-03-16 15:08 ———— d——-w- c:\documents and settings\Navn\Lokale indstillinger\Application Data\PackageAware 2010-03-10 09:29 . 2010-03-16 16:16 0 ——a-w- c:\documents and settings\Navn\temp.dat 2010-03-10 09:29 . 2010-03-10 09:29 ———— d——-w- c:\documents and settings\Navn\.oces 2010-03-08 22:09 . 2010-03-08 22:10 ———— d——-w- c:\programmer\Fælles filer\Jasc Software Inc 2010-03-08 22:09 . 2010-03-08 22:09 ———— d——-w- c:\programmer\Jasc Software Inc 2010-03-08 22:09 . 2010-03-08 22:09 ———— d——-w- c:\documents and settings\Navn\Application Data\Jasc Software Inc 2010-03-08 20:41 . 2010-03-08 20:41 ———— d——-w- c:\programmer\Fælles filer\Java 2010-03-08 20:41 . 2010-03-08 20:41 503808 ——a-w- c:\documents and settings\Navn\Application Data\Sun\Java\Deployment\SystemCache\6.0\54\1a209876-3cc085aa-n\msvcp71.dll 2010-03-08 20:41 . 2010-03-08 20:41 499712 ——a-w- c:\documents and settings\Navn\Application Data\Sun\Java\Deployment\SystemCache\6.0\54\1a209876-3cc085aa-n\jmc.dll 2010-03-08 20:41 . 2010-03-08 20:41 348160 ——a-w- c:\documents and settings\Navn\Application Data\Sun\Java\Deployment\SystemCache\6.0\54\1a209876-3cc085aa-n\msvcr71.dll 2010-03-08 20:41 . 2010-03-08 20:41 61440 ——a-w- c:\documents and settings\Navn\Application Data\Sun\Java\Deployment\SystemCache\6.0\17\6d0ad391-628ffebc-n\decora-sse.dll 2010-03-08 20:41 . 2010-03-08 20:41 12800 ——a-w- c:\documents and settings\Navn\Application Data\Sun\Java\Deployment\SystemCache\6.0\17\6d0ad391-628ffebc-n\decora-d3d.dll 2010-03-07 20:51 . 2010-02-12 10:03 293376 ———w- c:\windows\system32\browserchoice.exe 2010-03-01 00:51 . 2010-03-01 00:51 15827136 ——a-w- c:\programmer\EasyPHP-5.3.1-setup.exe 2010-02-28 18:49 . 2010-02-28 18:49 ———— d——-w- c:\documents and settings\All Users\Application Data\MumboJumbo 2010-02-28 18:43 . 2010-02-28 18:43 197968352 ——a-w- c:\programmer\luxor_adventures-setup.exe 2010-02-21 17:01 . 2010-02-21 17:01 ———— d——-w- c:\documents and settings\Navn\Application Data\Maguma Studio 2010-02-21 17:01 . 2010-02-21 17:01 ———— d——-w- c:\programmer\Maguma 2010-02-21 17:00 . 2010-02-21 17:01 2156107 ——a-w- c:\programmer\maguma_studio-1.3.4rc2-basic.exe . (((((((((((((((((((((((((((((((((((((((( Find3M Rapport )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2010-03-22 11:05 . 2010-01-18 20:48 ———— d——-w- c:\programmer\Eraser 2010-03-19 19:21 . 2010-01-18 21:42 ———— d——-w- c:\documents and settings\Navn\Application Data\FileZilla 2010-03-17 20:20 . 2010-01-18 20:44 ———— d——-w- c:\programmer\UltimateZip 2007 2010-03-16 23:47 . 2008-04-14 23:00 91848 ——a-w- c:\windows\system32\perfc006.dat 2010-03-16 23:47 . 2008-04-14 23:00 482074 ——a-w- c:\windows\system32\perfh006.dat 2010-03-13 17:07 . 2010-01-18 23:41 ———— d—-a-w- c:\documents and settings\All Users\Application Data\TEMP 2010-03-08 20:40 . 2010-01-18 23:57 ———— d——-w- c:\programmer\Java 2010-03-01 20:35 . 2010-01-18 20:55 14 ——a-w- c:\windows\popcinfo.dat 2010-02-28 18:48 . 2010-01-18 23:37 ———— d——-w- c:\programmer\Oberon Media 2010-02-28 18:48 . 2010-01-18 23:37 ———— d——-w- c:\programmer\MSN Games 2010-02-26 00:36 . 2010-01-18 21:42 ———— d——-w- c:\programmer\FileZilla FTP Client 2010-02-18 22:44 . 2010-01-18 17:30 2293 ——a-w- c:\programmer\License.xbin 2010-02-18 22:12 . 2010-02-18 22:12 ———— d——-w- c:\documents and settings\Navn\Application Data\PlayFirst 2010-02-18 22:12 . 2010-02-18 22:12 ———— d——-w- c:\documents and settings\All Users\Application Data\PlayFirst 2010-02-18 22:06 . 2010-02-18 22:06 ———— d——-w- c:\documents and settings\Navn\Application Data\iWin 2010-02-09 23:40 . 2010-02-09 23:40 6386822 ——a-w- c:\programmer\riseofatlantisscreensaver.exe 2010-02-08 21:49 . 2010-02-08 21:49 ———— d——-w- c:\programmer\Fælles filer\Windows Live 2010-02-03 01:14 . 2010-02-03 01:13 ———— d——-w- c:\documents and settings\Navn\Application Data\ArcSoft 2010-02-03 01:10 . 2010-02-03 01:10 ———— d——-w- c:\programmer\Fælles filer\ArcSoft 2010-02-03 01:09 . 2010-02-03 01:09 ———— d——-w- c:\programmer\ArcSoft 2010-02-03 01:09 . 2010-01-18 16:13 ———— d—h—w- c:\programmer\InstallShield Installation Information 2010-02-01 13:46 . 2010-02-01 13:46 11919248 ——a-w- c:\programmer\AdventureInlay_msgh-setup.exe 2010-01-30 20:18 . 2010-01-30 20:18 ———— d——-w- c:\documents and settings\All Users\Application Data\PopCap 2010-01-27 22:30 . 2010-01-27 22:30 ———— d——-w- c:\documents and settings\All Users\Application Data\TERMINAL Studio 2010-01-27 01:24 . 2010-01-18 17:14 19456 ——a-w- c:\documents and settings\Navn\Lokale indstillinger\Application Data\GDIPFONTCACHEV1.DAT 2010-01-26 03:30 . 2010-01-26 03:30 ———— d——-w- c:\documents and settings\All Users\Application Data\Office Genuine Advantage 2010-01-26 03:30 . 2010-01-26 03:30 ———— d——-w- c:\documents and settings\Navn\Application Data\Office Genuine Advantage 2010-01-26 03:23 . 2010-01-26 03:23 ———— d——-w- c:\programmer\Microsoft Silverlight 2010-01-26 01:52 . 2010-01-26 01:52 ———— d——-w- c:\programmer\Lavalys 2010-01-26 01:51 . 2010-01-26 01:51 4179293 ——a-w- c:\programmer\everesthome220.exe 2010-01-24 17:19 . 2010-01-24 17:19 ———— d——-w- c:\documents and settings\Navn\Application Data\Apple Computer 2010-01-23 22:46 . 2010-01-18 18:41 ———— d——-w- c:\programmer\FavOrg 2010-01-20 14:58 . 2010-01-20 14:58 203776 ——a-w- c:\windows\system32\clrviddc.dll 2010-01-20 04:45 . 2010-01-20 04:45 16974384 ——a-w- c:\programmer\Bubbletown-setup.exe 2010-01-19 03:43 . 2010-01-18 15:59 87263 ——a-w- c:\windows\pchealth\helpctr\OfflineCache\index.dat 2010-01-19 03:09 . 2010-01-19 00:37 22 ——a-w- c:\programmer\PTLE73_32851.zip 2010-01-19 00:13 . 2010-01-19 00:13 15442876 ——a-w- c:\programmer\klcodec561f.exe 2010-01-18 23:59 . 2010-01-18 23:59 1956528 ——a-w- c:\documents and settings\All Users\Application Data\NOS\Adobe_Downloads\install_flash_player_ax.exe 2010-01-18 23:57 . 2010-01-18 23:57 152576 ——a-w- c:\documents and settings\Navn\Application Data\Sun\Java\jre1.6.0_17\lzma.dll 2010-01-18 23:56 . 2010-01-18 23:56 79488 ——a-w- c:\documents and settings\Navn\Application Data\Sun\Java\jre1.6.0_17\gtapi.dll 2010-01-18 23:33 . 2010-01-18 23:33 5115823 ——a-w- c:\documents and settings\All Users\Application Data\Malwarebytes\Malwarebytes’ Anti-Malware\mbam-setup.exe 2010-01-18 21:58 . 2010-01-18 21:58 24 ——a-w- c:\windows\system32\Drv64_32.dat 2010-01-18 21:58 . 2010-01-18 21:58 350240 ——a-w- c:\windows\system32\PbsAuDrvPropPage_uk.dll 2010-01-18 21:58 . 2010-01-18 21:58 110752 ——a-w- c:\windows\system32\drivers\pbsaudrv.sys 2010-01-18 21:47 . 2010-01-18 21:47 499712 ——a-w- c:\windows\system32\msvcp71.dll 2010-01-18 21:47 . 2010-01-18 21:47 348160 ——a-w- c:\windows\system32\msvcr71.dll 2010-01-18 20:00 . 2010-01-18 20:00 144 ——a-w- c:\documents and settings\Navn\Lokale indstillinger\Application Data\fusioncache.dat 2010-01-18 18:32 . 2010-01-18 18:32 6000608 ——a-w- c:\programmer\sunbelt-personal-firewall.exe 2010-01-18 16:17 . 2010-01-18 16:17 0 ——a-w- c:\windows\ativpsrm.bin 2010-01-18 16:06 . 2010-01-18 16:06 45056 ——a-r- c:\documents and settings\Navn\Application Data\Microsoft\Installer\{42929F0F-CE14-47AF-9FC7-FF297A603021}\NewShortcut1_42929F0FCE1447AF9FC7FF297A603021_1.exe 2010-01-18 16:06 . 2010-01-18 16:06 10134 ——a-r- c:\documents and settings\Navn\Application Data\Microsoft\Installer\{42929F0F-CE14-47AF-9FC7-FF297A603021}\ARPPRODUCTICON.exe 2010-01-18 15:57 . 2010-01-18 15:57 21644 ——a-w- c:\windows\system32\emptyregdb.dat 2010-01-15 01:18 . 2010-01-18 17:30 108683400 ——a-w- c:\programmer\ghost_town_mysteries-setup.exe 2010-01-07 15:07 . 2010-01-18 23:30 38224 ——a-w- c:\windows\system32\drivers\mbamswissarmy.sys 2010-01-07 15:07 . 2010-01-18 23:30 19160 ——a-w- c:\windows\system32\drivers\mbam.sys 2010-01-05 18:00 . 2010-01-19 00:16 85504 ——a-w- c:\windows\system32\ff_vfw.dll 2009-12-31 16:50 . 2008-04-14 23:00 353792 ——a-w- c:\windows\system32\drivers\srv.sys 2009-12-19 20:13 . 2010-01-18 17:30 21286648 ——a-w- c:\programmer\The_Rise_of_Atlantis-setup.exe 2009-12-18 19:58 . 2010-01-18 17:30 301347160 ——a-w- c:\programmer\murder_she_wrote_24351999-setup.exe 2009-11-28 17:13 . 2010-01-18 17:30 92593640 ——a-w- c:\programmer\zumas_revenge-setup.exe 2009-07-08 22:42 . 2010-01-18 17:30 31224320 ——a-w- c:\programmer\eav_nt32_dan.msi 2009-05-08 18:40 . 2010-01-18 17:30 171088 ——a-w- c:\programmer\dm_112472141710415213242.exe 2008-06-17 17:18 . 2010-01-18 17:30 6292504 ——a-w- c:\programmer\SUPERAntiSpywarePro1241.exe 2008-03-10 21:25 . 2010-01-18 17:30 1114094 ——a-w- c:\programmer\MSPF10ENU.rar 2008-03-10 21:24 . 2010-01-18 21:19 1448082 ——a-w- c:\programmer\acdc3223.exe 2007-10-03 21:35 . 2010-01-18 17:30 2963760 ——a-w- c:\programmer\ntp495full.exe 2007-10-01 15:07 . 2010-01-18 17:30 11701480 ——a-w- c:\programmer\GP5FULL.exe 2007-04-19 12:41 . 2010-01-18 17:30 26043880 ——a-w- c:\programmer\R56532.EXE 2007-01-20 00:27 . 2010-01-18 17:30 14542040 ——a-w- c:\programmer\Diskeeper2007-Home.exe 2007-01-07 15:26 . 2010-01-18 17:30 384512 ——a-w- c:\programmer\GraphPaperPrinter.exe 2007-01-07 14:50 . 2010-01-18 17:30 3616048 ——a-w- c:\programmer\UltimateZip3.1.exe 2007-01-07 05:19 . 2010-01-18 17:30 2694679 ——a-w- c:\programmer\eraser582setup.exe 2007-01-07 05:05 . 2010-01-18 17:30 3053544 ——a-w- c:\programmer\WinDynomite.exe 2007-01-07 03:28 . 2010-01-18 17:30 665732 ——a-w- c:\programmer\emptemp2.8.3.exe 2007-01-07 03:24 . 2010-01-18 17:30 4900399 ——a-w- c:\programmer\schmaili841.exe 2007-01-07 03:01 . 2010-01-18 17:30 508872 ——a-w- c:\programmer\favorg.zip 2007-01-07 02:59 . 2010-01-18 17:30 150192 ——a-w- c:\programmer\TweakUi.exe . ((((((((((((((((((((((((((((((((((( Start steder i reg.basen )))))))))))))))))))))))))))))))))))))))))))))))) . . Bemærk tomme linier & lovlige standard linier vises ikke REGEDIT4 [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] “Eraser”=“c:\programmer\Eraser\eraser.exe” [2006-12-26 643072] “ISUSPM”=“c:\programmer\Fælles filer\InstallShield\UpdateService\ISUSPM.exe” [2006-09-11 218032] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] “SoundMAXPnP”=“c:\programmer\Analog Devices\Core\smax4pnp.exe” [2008-06-19 1044480] “egui”=“c:\programmer\ESET\ESET NOD32 Antivirus\egui.exe” [2009-05-14 2029640] “ArcSoft Connection Service”=“c:\programmer\Fælles filer\ArcSoft\Connection Service\Bin\ACDaemon.exe” [2007-10-11 31232] “QuickTime Task”=“c:\programmer\QuickTime\qttask.exe” [2009-11-10 417792] “Adobe Reader Speed Launcher”=“c:\programmer\Adobe\Reader 9.0\Reader\Reader_sl.exe” [2009-12-22 35760] “TkBellExe”=“c:\programmer\Fælles filer\Real\Update_OB\realsched.exe” [2010-01-18 198160] “SunJavaUpdateSched”=“c:\programmer\Fælles filer\Java\Java Update\jusched.exe” [2010-01-11 246504] [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run] “CTFMON.EXE”=“c:\windows\system32\CTFMON.EXE” [2008-04-14 15360] c:\documents and settings\All Users\Menuen Start\Programmer\Start\ PHOTOfunSTUDIO -viewer-.lnk - c:\programmer\Panasonic\PHOTOfunSTUDIO -viewer-\PhAutoRun.exe [2010-1-19 40960] PolderbitS Audio Driver Monitor.lnk - c:\programmer\PolderbitS\Recorder\Driver\PBDriverMonitor_uk.exe [2010-1-18 157728] Windows Search.lnk - c:\programmer\Windows Desktop Search\WindowsSearch.exe [2008-5-26 123904] [hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks] “{56F9679E-7826-4C84-81F3-532071A8BCC5}”= “c:\programmer\Windows Desktop Search\MSNLNamespaceMgr.dll” [2009-05-24 304128] “{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}”= “c:\programmer\SUPERAntiSpyware\SASSEH.DLL” [2006-12-20 77824] [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\!SASWinLogon] 2007-04-19 11:41 294912 ——a-w- c:\programmer\SUPERAntiSpyware\SASWINLO.dll [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32] “MIDI2”=diomidi.dll [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile] “EnableFirewall”= 0 (0x0) [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] “%windir%\\Network Diagnostic\\xpnetdiag.exe”= “%windir%\\system32\\sessmgr.exe”= R0 SFAUDIO;Sonic Focus DSP Driver;c:\windows\system32\drivers\sfaudio.sys [18-01-2010 17:12 24064] R1 ehdrv;ehdrv;c:\windows\system32\drivers\ehdrv.sys [14-05-2009 15:47 107256] R1 epfwtdir;epfwtdir;c:\windows\system32\drivers\epfwtdir.sys [14-05-2009 15:49 94360] R1 SASDIFSV;SASDIFSV;c:\programmer\SUPERAntiSpyware\sasdifsv.sys [29-02-2008 16:03 8944] R1 SASKUTIL;SASKUTIL;c:\programmer\SUPERAntiSpyware\SASKUTIL.SYS [29-02-2008 16:03 51440] R1 SbFw;SbFw;c:\windows\system32\drivers\SbFw.sys [18-01-2010 19:33 270888] R1 sbhips;Sunbelt HIPS Driver;c:\windows\system32\drivers\sbhips.sys [21-06-2008 04:54 66600] R2 ekrn;ESET Service;c:\programmer\ESET\ESET NOD32 Antivirus\ekrn.exe [14-05-2009 15:47 731840] R2 Prvflder;Prvflder;c:\windows\system32\drivers\prvflder.sys [21-04-2006 08:22 70912] R2 SbPF.Launcher;SbPF.Launcher;c:\programmer\Sunbelt Software\Personal Firewall\SbPFLnch.exe [31-10-2008 07:24 95528] R2 SPF4;Sunbelt Personal Firewall 4;c:\programmer\Sunbelt Software\Personal Firewall\SbPFSvc.exe [31-10-2008 07:24 1365288] R3 k57w2k;Broadcom NetLink (TM) Gigabit Ethernet;c:\windows\system32\drivers\k57xp32.sys [18-01-2010 17:21 176640] R3 PbsAuDrv;PolderbitS Audio Driver;c:\windows\system32\drivers\pbsaudrv.sys [18-01-2010 22:58 110752] R3 SASENUM;SASENUM;c:\programmer\SUPERAntiSpyware\SASENUM.SYS [16-02-2006 16:51 4096] R3 SBFWIMCL;Sunbelt Software Firewall NDIS IM Filter Miniport;c:\windows\system32\drivers\SbFwIm.sys [18-01-2010 19:33 65576] S0 cerc6;cerc6; [x] S2 Apache2.2;Apache2.2;“c:\progra~1\EASYPH~1.1\Apache\bin\apache.exe” -k runservice—> c:\progra~1\EASYPH~1.1\Apache\bin\apache.exe [?] S3 dalwdmservice;dal service;c:\windows\system32\drivers\Dalwdm.sys [21-01-2010 19:51 107008] [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost] getPlusHelper REG_MULTI_SZ getPlusHelper . Indhold af mappen ‘Planlagte Opgaver’ 2010-03-22 c:\windows\Tasks\User_Feed_Synchronization-{50A100B3-4891-4015-ABA8-E15CB08BC359}.job - c:\windows\system32\msfeedssync.exe [2009-03-08 03:31] . . ———- Yderligere scanning———- . uStart Page = hxxp://www.google.dk/ IE: E&ksporter; til Microsoft Excel - c:\progra~1\MICROS~2\OFFICE11\EXCEL.EXE/3000 Trusted Zone: danid.dk Trusted Zone: danid.dk DPF: {9DF01F00-08E7-4DBE-9070-94841463B3FE} - hxxps://danid.dk/csp/authenticode/csp.exe . ************************************************************************ catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2010-03-22 18:04 Windows 5.1.2600 Service Pack 3 NTFS scanner skjulte processer ... scanner skjulte autostarter ... scanner skjulte filer ... scanning gennemført med succes skjulte filer: 0 ************************************************************************ . ——————————- DLLs startet under kørende Processer——————————- - - - - - - - > ‘winlogon.exe’(992) c:\programmer\SUPERAntiSpyware\SASWINLO.dll c:\windows\system32\Ati2evxx.dll . Gennemført tid: 2010-03-22 18:06:25 ComboFix-quarantined-files.txt 2010-03-22 17:06 Pre-Kørsel: 138.420.109.312 byte ledig Post-Kørsel: 138.538.844.160 byte ledig - - End Of File - - E25E6D0A722246117A80615E50CAA0BC [ Rettet: 23.03.2010, 09:10 af Thomas Huulbæk ]
[ Ignorer ] [ # 3 ] one4me
22.03.2010 19:15:14 Antal indlæg: 262	SHIT! Nu troede jeg at jeg havde pillet mit navn ud alle steder. Fjern det venligst for mig!! På forhånd tak Man kan jo ikke selv rette i det her længere ... :/
[ Ignorer ] [ # 4 ] Thomas Huulbæk
23.03.2010 09:12:30 Redaktør Antal indlæg: 1265	Hermed rettet
[ Ignorer ] [ # 5 ] Magic Emeritus
23.03.2010 12:02:17 Administrator Supporter Emeritus Antal indlæg: 29177	Det ser egentlig godt nok ud, men jeg synes lige du skal køre en scanning mere, for at være helt sikker -> Download Lop S&D by Eric_71 og gem det på dit Skrivebord. http://eric.71.mespages.googlepages.com/lop.sd.en Klik på - Download knappen til venstre —Kør LopSD. Tast e - for Engelsk. Tryk Enter. Tast så 2 = (Fix + Hosts) Tryk Enter. Så kører scanningen. Lad programmet gennemføre en rensning. Når scanningen er færdig, ligger der en log fil her C:lopR txt, som du godt må kopiere ind i dit næste svar.
[ Ignorer ] [ # 6 ] one4me
23.03.2010 18:14:34 Antal indlæg: 262	——————————\\ Lop S&D 4.2.5-0 XP/Vista Microsoft Windows XP Professional ( v5.1.2600 ) Service Pack 3 X86-based PC ( Multiprocessor Free : Intel Pentium III Xeon-processor ) BIOS : Phoenix ROM BIOS PLUS Version 1.10 A02 USER : Navn ( Administrator ) BOOT : Normal boot Antivirus : ESET NOD32 Antivirus 4.0 4.0 (Activated) Firewall : Sunbelt Personal Firewall 4.6.1861 T (Activated) A:\ (USB) C:\ (Local Disk) - NTFS - Total:148 Go (Free:129 Go) D:\ (Local Disk) - NTFS - Total:149 Go (Free:120 Go) E:\ (CD or DVD) “C:\Lop SD” ( MAJ : 19-12-2008\|23:40 ) Option : [2] ( 23-03-2010\|16:52 ) \\\\\\\\\\\\\\\\\\\\\\\\\\\\\\ ——————————\\ Listing folders in APPLIC~1 [16-03-2010\|16:09] C:\DOCUME~1\ALLUSE~1\APPLIC~1\{237893C1-591F-47E9-9771-FF1BC748C7F6} [20-01-2010\|15:55] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Adobe [18-01-2010\|22:52] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Apple [18-01-2010\|22:53] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Apple Computer [18-01-2010\|20:55] C:\DOCUME~1\ALLUSE~1\APPLIC~1\ATI [18-01-2010\|23:27] C:\DOCUME~1\ALLUSE~1\APPLIC~1\AVS4YOU [19-01-2010\|00:12] C:\DOCUME~1\ALLUSE~1\APPLIC~1\CyberLink [19-01-2010\|00:01] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Dell [18-01-2010\|19:17] C:\DOCUME~1\ALLUSE~1\APPLIC~1\ESET [19-01-2010\|00:18] C:\DOCUME~1\ALLUSE~1\APPLIC~1\InstallShield [19-01-2010\|00:30] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Malwarebytes [08-02-2010\|22:52] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Microsoft [28-02-2010\|19:49] C:\DOCUME~1\ALLUSE~1\APPLIC~1\MumboJumbo [19-01-2010\|01:02] C:\DOCUME~1\ALLUSE~1\APPLIC~1\NOS [26-01-2010\|04:30] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Office Genuine Advantage [19-01-2010\|03:28] C:\DOCUME~1\ALLUSE~1\APPLIC~1\PACE Anti-Piracy [18-02-2010\|23:12] C:\DOCUME~1\ALLUSE~1\APPLIC~1\PlayFirst [30-01-2010\|21:18] C:\DOCUME~1\ALLUSE~1\APPLIC~1\PopCap [18-01-2010\|22:47] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Real [19-01-2010\|00:19] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Sonic [08-03-2010\|21:41] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Sun [18-01-2010\|21:32] C:\DOCUME~1\ALLUSE~1\APPLIC~1\SUPERAntiSpyware.com [13-03-2010\|18:07] C:\DOCUME~1\ALLUSE~1\APPLIC~1\TEMP [27-01-2010\|23:30] C:\DOCUME~1\ALLUSE~1\APPLIC~1\TERMINAL Studio [19-01-2010\|00:21] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Uninstall [18-01-2010\|19:54] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Windows Genuine Advantage [0\|fil(er)] C:\DOCUME~1\ALLUSE~1\APPLIC~1\byte [28\|mappe(r)] C:\DOCUME~1\ALLUSE~1\APPLIC~1\byte ledig [18-01-2010\|17:00] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Microsoft [0\|fil(er)] C:\DOCUME~1\DEFAUL~1\APPLIC~1\byte [3\|mappe(r)] C:\DOCUME~1\DEFAUL~1\APPLIC~1\byte ledig [18-01-2010\|22:15] C:\DOCUME~1\Navn~1\APPLIC~1\ACD Systems [17-02-2010\|02:18] C:\DOCUME~1\Navn~1\APPLIC~1\Adobe [24-01-2010\|18:19] C:\DOCUME~1\Navn~1\APPLIC~1\Apple Computer [03-02-2010\|02:14] C:\DOCUME~1\Navn~1\APPLIC~1\ArcSoft [18-01-2010\|20:55] C:\DOCUME~1\Navn~1\APPLIC~1\ATI [18-01-2010\|23:27] C:\DOCUME~1\Navn~1\APPLIC~1\AVS4YOU [16-03-2010\|16:11] C:\DOCUME~1\Navn~1\APPLIC~1\Cryptomathic [19-01-2010\|00:03] C:\DOCUME~1\Navn~1\APPLIC~1\CyberLink [19-03-2010\|20:21] C:\DOCUME~1\Navn~1\APPLIC~1\FileZilla [18-01-2010\|17:04] C:\DOCUME~1\Navn~1\APPLIC~1\Identities [19-01-2010\|00:18] C:\DOCUME~1\Navn~1\APPLIC~1\InstallShield [18-02-2010\|23:06] C:\DOCUME~1\Navn~1\APPLIC~1\iWin [08-03-2010\|23:09] C:\DOCUME~1\Navn~1\APPLIC~1\Jasc Software Inc [19-01-2010\|00:59] C:\DOCUME~1\Navn~1\APPLIC~1\Macromedia [21-02-2010\|18:01] C:\DOCUME~1\Navn~1\APPLIC~1\Maguma Studio [19-01-2010\|00:30] C:\DOCUME~1\Navn~1\APPLIC~1\Malwarebytes [19-01-2010\|04:11] C:\DOCUME~1\Navn~1\APPLIC~1\Media Player Classic [19-02-2010\|15:42] C:\DOCUME~1\Navn~1\APPLIC~1\Microsoft [26-01-2010\|04:30] C:\DOCUME~1\Navn~1\APPLIC~1\Office Genuine Advantage [19-01-2010\|03:28] C:\DOCUME~1\Navn~1\APPLIC~1\PACE Anti-Piracy [19-01-2010\|00:16] C:\DOCUME~1\Navn~1\APPLIC~1\Panasonic [18-02-2010\|23:12] C:\DOCUME~1\Navn~1\APPLIC~1\PlayFirst [18-01-2010\|22:49] C:\DOCUME~1\Navn~1\APPLIC~1\Real [20-01-2010\|15:12] C:\DOCUME~1\Navn~1\APPLIC~1\Roxio [19-01-2010\|00:56] C:\DOCUME~1\Navn~1\APPLIC~1\Sun [18-01-2010\|21:32] C:\DOCUME~1\Navn~1\APPLIC~1\SUPERAntiSpyware.com [18-01-2010\|20:44] C:\DOCUME~1\Navn~1\APPLIC~1\Windows Desktop Search [19-01-2010\|04:06] C:\DOCUME~1\Navn~1\APPLIC~1\Windows Search [0\|fil(er)] C:\DOCUME~1\Navn~1\APPLIC~1\byte [30\|mappe(r)] C:\DOCUME~1\Navn~1\APPLIC~1\byte ledig [20-01-2010\|03:55] C:\DOCUME~1\LOCALS~1\APPLIC~1\Microsoft [0\|fil(er)] C:\DOCUME~1\LOCALS~1\APPLIC~1\byte [3\|mappe(r)] C:\DOCUME~1\LOCALS~1\APPLIC~1\byte ledig [18-01-2010\|17:00] C:\DOCUME~1\NETWOR~1\APPLIC~1\Microsoft [0\|fil(er)] C:\DOCUME~1\NETWOR~1\APPLIC~1\byte [3\|mappe(r)] C:\DOCUME~1\NETWOR~1\APPLIC~1\byte ledig ——————————\\ Scheduled Tasks located in C:\WINDOWS\Tasks [23-03-2010 14:41][—ah——-] C:\WINDOWS\tasks\User_Feed_Synchronization-{50A100B3-4891-4015-ABA8-E15CB08BC359}.job [23-03-2010 11:48][—ah——-] C:\WINDOWS\tasks\SA.DAT [15-04-2008 00:00][-r-h——-] C:\WINDOWS\tasks\desktop.ini ——————————\\ Listing Folders in C:\Programmer [18-01-2010\|22:21] C:\Programmer\ACDSee32 [18-01-2010\|22:07] C:\Programmer\Adobe [18-01-2010\|17:13] C:\Programmer\Analog Devices [18-01-2010\|22:52] C:\Programmer\Apple Software Update [03-02-2010\|02:09] C:\Programmer\ArcSoft [18-01-2010\|17:19] C:\Programmer\ATI Technologies [18-01-2010\|23:27] C:\Programmer\AVS4YOU [18-01-2010\|17:21] C:\Programmer\Broadcom [18-01-2010\|16:57] C:\Programmer\ComPlus Applications [19-01-2010\|00:11] C:\Programmer\CyberLink [16-03-2010\|16:09] C:\Programmer\DanID [18-01-2010\|17:05] C:\Programmer\Dell [18-01-2010\|18:39] C:\Programmer\Dell A940 [18-01-2010\|18:39] C:\Programmer\Dell AIO Printer A940 [18-01-2010\|21:39] C:\Programmer\Empty Temp Folders 2.8.3 [23-03-2010\|03:37] C:\Programmer\Eraser [18-01-2010\|19:17] C:\Programmer\ESET [23-01-2010\|23:46] C:\Programmer\FavOrg [26-02-2010\|01:36] C:\Programmer\FileZilla FTP Client [22-03-2010\|18:01] C:\Programmer\F‘lles filer [18-01-2010\|23:51] C:\Programmer\Guitar Pro 5 [03-02-2010\|02:09] C:\Programmer\InstallShield Installation Information [18-01-2010\|17:09] C:\Programmer\Intel [09-02-2010\|13:54] C:\Programmer\Internet Explorer [08-03-2010\|23:09] C:\Programmer\Jasc Software Inc [08-03-2010\|21:40] C:\Programmer\Java [18-01-2010\|23:59] C:\Programmer\jv16 PowerTools 2009 [19-01-2010\|01:17] C:\Programmer\K-Lite Codec Pack [26-01-2010\|02:52] C:\Programmer\Lavalys [21-02-2010\|18:01] C:\Programmer\Maguma [19-01-2010\|00:34] C:\Programmer\Malwarebytes’ Anti-Malware [18-01-2010\|20:08] C:\Programmer\Messenger [18-01-2010\|17:00] C:\Programmer\microsoft frontpage [18-01-2010\|18:37] C:\Programmer\Microsoft Office [18-01-2010\|22:31] C:\Programmer\Microsoft Private Folder 1.0 [26-01-2010\|04:23] C:\Programmer\Microsoft Silverlight [10-03-2010\|22:25] C:\Programmer\Movie Maker [18-01-2010\|20:47] C:\Programmer\MSBuild [28-02-2010\|19:48] C:\Programmer\MSN Games [18-01-2010\|16:57] C:\Programmer\MSN Gaming Zone [18-01-2010\|16:58] C:\Programmer\NetMeeting [19-01-2010\|00:59] C:\Programmer\NOS [18-01-2010\|21:41] C:\Programmer\NoteTab Pro [28-02-2010\|19:48] C:\Programmer\Oberon Media [18-01-2010\|16:59] C:\Programmer\Onlinetjenester [18-01-2010\|20:12] C:\Programmer\Outlook Express [19-01-2010\|00:14] C:\Programmer\Panasonic [18-01-2010\|22:58] C:\Programmer\PolderbitS [18-01-2010\|22:53] C:\Programmer\QuickTime [18-01-2010\|22:47] C:\Programmer\Real [18-01-2010\|20:47] C:\Programmer\Reference Assemblies [20-01-2010\|15:19] C:\Programmer\Roxio [18-01-2010\|21:41] C:\Programmer\Schmaili84 [18-01-2010\|19:33] C:\Programmer\Sunbelt Software [18-01-2010\|21:32] C:\Programmer\SUPERAntiSpyware [17-03-2010\|21:20] C:\Programmer\UltimateZip 2007 [18-01-2010\|17:04] C:\Programmer\Uninstall Information [18-01-2010\|21:04] C:\Programmer\Windows Desktop Search [18-01-2010\|20:43] C:\Programmer\Windows Media Connect 2 [18-01-2010\|20:43] C:\Programmer\Windows Media Player [18-01-2010\|16:57] C:\Programmer\Windows NT [18-01-2010\|16:59] C:\Programmer\WindowsUpdate [18-01-2010\|17:00] C:\Programmer\xerox [0\|fil(er)] C:\Programmer\byte [65\|mappe(r)] C:\Programmer\byte ledig ——————————\\ Listing Folders in C:\Programmer\F‘lles filer [18-01-2010\|22:18] C:\Programmer\F‘lles filer\ACD Systems [18-01-2010\|22:07] C:\Programmer\F‘lles filer\Adobe [18-01-2010\|22:52] C:\Programmer\F‘lles filer\Apple [03-02-2010\|02:10] C:\Programmer\F‘lles filer\ArcSoft [18-01-2010\|23:27] C:\Programmer\F‘lles filer\AVSMedia [18-01-2010\|18:37] C:\Programmer\F‘lles filer\DESIGNER [19-01-2010\|03:27] C:\Programmer\F‘lles filer\Digidesign [19-01-2010\|00:18] C:\Programmer\F‘lles filer\InstallShield [08-03-2010\|23:10] C:\Programmer\F‘lles filer\Jasc Software Inc [08-03-2010\|21:41] C:\Programmer\F‘lles filer\Java [08-02-2010\|22:52] C:\Programmer\F‘lles filer\Microsoft Shared [18-01-2010\|16:58] C:\Programmer\F‘lles filer\MSSoap [18-01-2010\|17:51] C:\Programmer\F‘lles filer\ODBC [19-01-2010\|03:28] C:\Programmer\F‘lles filer\PACE Anti-Piracy [18-01-2010\|22:47] C:\Programmer\F‘lles filer\Real [19-01-2010\|00:19] C:\Programmer\F‘lles filer\Roxio Shared [20-01-2010\|15:17] C:\Programmer\F‘lles filer\Sonic Shared [18-01-2010\|17:51] C:\Programmer\F‘lles filer\SpeechEngines [19-01-2010\|00:19] C:\Programmer\F‘lles filer\SureThing Shared [18-01-2010\|18:37] C:\Programmer\F‘lles filer\System [18-01-2010\|16:58] C:\Programmer\F‘lles filer\Tjenester [08-02-2010\|22:49] C:\Programmer\F‘lles filer\Windows Live [18-01-2010\|21:31] C:\Programmer\F‘lles filer\Wise Installation Wizard [18-01-2010\|22:47] C:\Programmer\F‘lles filer\xing shared [0\|fil(er)] C:\Programmer\F‘lles filer\byte [26\|mappe(r)] C:\Programmer\F‘lles filer\byte ledig ——————————\\ Process ( 43 Processes ) ... OK ! ——————————\\ Searching with S_Lop No Lop folder found ! ——————————\\ Searching for Lop Files - Folders No Lop folder found ! ——————————\\ Searching within the Registry ..... OK ! ——————————\\ Checking the Hosts file Hosts file CLEAN ——————————\\ Searching for hidden files with Catchme catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2010-03-23 17:00:39 Windows 5.1.2600 Service Pack 3 NTFS scanning hidden processes ... scanning hidden files ... scan completed successfully hidden processes: 0 hidden files: 0 ——————————\\ Searching for other infections No other infections found ! [F:4][D:8]-> C:\DOCUME~1\Navn~1\LOKALE~1\Temp [F:24][D:0]-> C:\DOCUME~1\Navn~1\Cookies [F:945][D:4]-> C:\DOCUME~1\Navn~1\LOKALE~1\TEMPOR~1\content.IE5 1 - “C:\Lop SD\LopR_1.txt” - 23-03-2010\|17:02 - Option : [2] ——————————\\ Scan completed at 17:02:12
[ Ignorer ] [ # 7 ] one4me
23.03.2010 19:14:55 Antal indlæg: 262	Så vidt jeg kan se er der ikke fundet noget. Så konklussionen må vel være “mystisk, men harmløst”, går jeg ud fra?
[ Ignorer ] [ # 8 ] Magic Emeritus
24.03.2010 05:24:54 Administrator Supporter Emeritus Antal indlæg: 29177	Ja, fortæl lige hvordan tingene kører nu ?
[ Ignorer ] [ # 9 ] one4me
25.03.2010 02:24:52 Antal indlæg: 262	Der har ikke været andre hændelser end de allerede nævnte.
[ Ignorer ] [ # 10 ] Peder TeamSpywarefri
26.03.2010 10:21:36 Redaktør Team Spywarefri Antal indlæg: 12994	Har du været udsat for problemet efter de scanninger. Kører du med trådløs tastatur eller mus.
[ Ignorer ] [ # 11 ] one4me
27.03.2010 18:33:08 Antal indlæg: 262	Jeg har kun oplevet det nævnte en enkelt gang. Tastatur og mus er ikke trådløs.