CPU 100% meget sløv PC, service.exe belaster
Antal indlæg: 105

Hej,

Inden for den seneste ca 1½ uge er min PC blevet stadig mere sløv og i perioder kan den fryse i op til 1-2 minutter for at køre næsten normalt i alt fra 2 til 15 min. Så sker det igen i mange omgange at den sløves. Samtidig begynder blæseren er køre ret kraftigt, for at pludselig at vende tilbage til normal.

Hvis jeg åbner Windows (XP) jobliste er det tilsyneladende disse tre programmer som bruger mange ressourcer:

service.exe
apdproxy.exe
avp.exe

Når Kaspersky kører rootkit scanning bliver den rigtig langsom.

Håber I kan hjælpe.

Administrator
Avatar
Antal indlæg: 36422

Hej  


service.exe kan være en infektion, så lad os lige se hvad der kører på compputeren ->


Hent og installer Ccleaner: Her
Klik på Download Latest Version

Fjern flueben ved -  Installer Yahoo toolbar

Når du åbner programmet for første gang, vil der være flueben i alle felter.
Hvis du ønsker at bevare cookies, kan du fjerne dette flueben.

Klik på Kør Cleaner, for at få renset din computer.

Du vil nu få en advarsel, om at disse filer slettes fuldstændigt fra dit system, og om du ønsker at fortsætte. Klik på Ok for at svare ja til det. Sæt flueben ved ->  Vis mig ikke denne besked igen.


Genstart.


Hent DDS og gem programmet på dit Skrivebord:
Her
Dobbeltklik på DDS.scr og tillad programmet at køre.
Når programmet er færdig vil det åbne to logs/tekst-filer.
Gem begge filer på dit Skrivebord og kopier indholdet af txt filerne herind i dit næste indlæg.

Da de er forholdsvis lange, kan du blive nødt til at sende dem i flere indlæg.

Før du sender logfilerne, beder vi dig om at fjerne enhvert P2P/fildelings program, hvis du har nogen, og dette inkluderer Torrent software, før vi renser computeren.

Signatur

Download IKKE Programmer fra Disse  suspekte sider

Antal indlæg: 105

DDS (Ver_10-03-17.01) - NTFSx86
Run by Søren at 11:49:16,25 on 03-07-2010
Internet Explorer: 8.0.6001.18702 BrowserJavaVersion: 1.6.0_20
Microsoft Windows XP Home Edition 5.1.2600.3.1252.45.1030.18.2047.1299 [GMT 2:00]

AV: Kaspersky Internet Security *On-access scanning enabled* (Updated)  {2C4D4BC6-0793-4956-A9F9-E252435469C0}
FW: Kaspersky Internet Security *enabled*  {2C4D4BC6-0793-4956-A9F9-E252435469C0}

============== Running Processes ===============

C:\WINDOWS\system32\svchost -k DcomLaunch
svchost.exe
C:\WINDOWS\System32\svchost.exe -k netsvcs
C:\WINDOWS\system32\svchost.exe -k WudfServiceGroup
svchost.exe
C:\WINDOWS\system32\brsvc01a.exe
C:\WINDOWS\system32\brss01a.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
svchost.exe
C:\Programmer\Adobe\Photoshop Elements 6.0\PhotoshopElementsFileAgent.exe
C:\Programmer\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe
C:\Programmer\Bonjour\mDNSResponder.exe
svchost.exe
C:\WINDOWS\System32\svchost.exe -k HTTPFilter
C:\Programmer\iolo\common\lib\ioloServiceManager.exe
C:\Programmer\Java\jre6\bin\jqs.exe
C:\Programmer\Fælles filer\LightScribe\LSSrvc.exe
C:\Programmer\CA\SharedComponents\CA_LIC\LogWatNT.exe
C:\Programmer\Fælles filer\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Programmer\Nero\Nero8\Nero BackItUp\NBService.exe
C:\WINDOWS\System32\svchost.exe -k HPZ12
C:\WINDOWS\system32\nvsvc32.exe
C:\Programmer\Sony Ericsson\Sony Ericsson PC Suite\SupServ.exe
C:\WINDOWS\system32\PGPserv.exe
C:\WINDOWS\system32\IoctlSvc.exe
C:\WINDOWS\System32\svchost.exe -k HPZ12
C:\WINDOWS\system32\PSIService.exe
C:\Programmer\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
C:\WINDOWS\system32\ssoftsrv.exe
C:\WINDOWS\System32\svchost.exe -k imgsvc
C:\Programmer\TomTom HOME 2\TomTomHOMEService.exe
C:\WINDOWS\system32\fxssvc.exe
C:\Programmer\Canon\CAL\CALMAIN.exe
C:\WINDOWS\zHotkey.exe
C:\WINDOWS\Dit.exe
C:\WINDOWS\system32\rundll32.exe
C:\WINDOWS\DitExp.exe
C:\WINDOWS\system32\taskswitch.exe
C:\Programmer\Brother\ControlCenter3\brccMCtl.exe
C:\Programmer\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe
C:\Programmer\Microsoft IntelliType Pro\itype.exe
C:\Programmer\Microsoft IntelliPoint\ipoint.exe
C:\Programmer\Brother\Brmfcmon\BrMfcWnd.exe
C:\Programmer\USB Server\Networking USB Server\Networking USB Server.exe
C:\Programmer\Microsoft IntelliPoint\dpupdchk.exe
C:\Programmer\Adobe\Photoshop Elements 6.0\apdproxy.exe
C:\Programmer\Hewlett-Packard\HP Software Update\HPWuSchd2.exe
C:\Programmer\Fælles filer\Java\Java Update\jusched.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Programmer\PC Connectivity Solution\ServiceLayer.exe
C:\Programmer\TomTom HOME 2\TomTomHOMERunner.exe
C:\Programmer\Sony Ericsson\Sony Ericsson PC Suite\SEPCSuite.exe
C:\Garmin\gStart.exe
C:\Programmer\Brother\Brmfcmon\BrMfimon.exe
C:\Programmer\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Programmer\Windows Media Player\WMPNSCFG.exe
C:\Programmer\PC Connectivity Solution\Transports\NclUSBSrv.exe
C:\Programmer\SEC\Natural Color Pro\NCProTray.exe
C:\Programmer\PC Connectivity Solution\Transports\NclRSSrv.exe
C:\Programmer\PC Connectivity Solution\Transports\NclMSBTSrv.exe
C:\WINDOWS\system32\taskmgr.exe
C:\Programmer\Mozilla Firefox\firefox.exe
C:\Programmer\Kaspersky Lab\Kaspersky Internet Security 2010\klwtblfs.exe
C:\Programmer\Fælles filer\Microsoft Shared\Source Engine\OSE.EXE
C:\Documents and Settings\Søren\Skrivebord\INTERNET DOWNLOAD\dds.scr

============== Pseudo HJT Report ===============

uStart Page = about:blank
uSearchMigratedDefaultURL = hxxp://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8
uInternet Settings,ProxyOverride = 127.0.0.1;localhost;*.local
uSearchURL,(Default) = hxxp://g.msn.dk/0SEDADK/SAOS01?FORM=TOOLBR
BHO: MetaProducts Inquiry Helper: {001165c1-a640-11d7-9fd9-0080481ada61} - c:\programmer\metaproducts inquiry\inquiry.dll
BHO: Adobe PDF Reader Link Helper: {06849e9f-c8d7-4d59-b87d-784b7d6be0b3} - c:\programmer\fælles filer\adobe\acrobat\activex\AcroIEHelper.dll
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\programmer\fælles filer\adobe\acrobat\activex\AcroIEHelperShim.dll
BHO: IEVkbdBHO Class: {59273ab4-e7d3-40f9-a1a8-6fa9cca1862c} - c:\programmer\kaspersky lab\kaspersky internet security 2010\ievkbd.dll
BHO: Search Helper: {6ebf7485-159f-4bff-a14f-b9e3aac4465b} - c:\programmer\microsoft\search enhancement pack\search helper\SEPsearchhelperie.dll
BHO: Hjælp til tilmelding til Windows Live: {9030d464-4c02-4abf-8ecc-5164760863c6} - c:\programmer\fælles filer\microsoft shared\windows live\WindowsLiveLogin.dll
BHO: Google Toolbar Helper: {aa58ed58-01dd-4d91-8333-cf10577473f7} - c:\programmer\google\google toolbar\GoogleToolbar_32.dll
BHO: Google Toolbar Notifier BHO: {af69de43-7d58-4638-b6fa-ce66b5ad205d} - c:\programmer\google\googletoolbarnotifier\5.5.5126.1836\swg.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\programmer\java\jre6\bin\jp2ssv.dll
BHO: Windows Live Toolbar Helper: {e15a8dc0-8516-42a1-81ea-dc94ec1acf10} - c:\programmer\windows live\toolbar\wltcore.dll
BHO: FilterBHO Class: {e33cf602-d945-461a-83f0-819f76a199f8} - c:\programmer\kaspersky lab\kaspersky internet security 2010\klwtbbho.dll
BHO: JQSIEStartDetectorImpl Class: {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - c:\programmer\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
TB: MetaProducts Inquiry Bar: {b8238b20-ff2c-11d7-9fd9-0080481ada61} - c:\programmer\metaproducts inquiry\inquiry.dll
TB: &Windows; Live Toolbar: {21fa44ef-376d-4d53-9b0f-8a89d3229068} - c:\programmer\windows live\toolbar\wltcore.dll
TB: FireShot: {6e6e744e-4d20-4ce3-9a7a-26dfffe22f68} - c:\programmer\fireshot for ie\fsaddin-0.83.dll
TB: Google Toolbar: {2318c2b1-4965-11d4-9b18-009027a5cd4f} - c:\programmer\google\google toolbar\GoogleToolbar_32.dll
TB: {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - No File
EB: {32683183-48a0-441b-a342-7c2a440a9478} - No File
EB: MetaProducts &Inquiry;: {579f8165-8aaf-11d7-9fd9-0080481ada61} - c:\programmer\metaproducts inquiry\inquiry.dll
uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe
uRun: [TomTomHOME.exe] “c:\programmer\tomtom home 2\TomTomHOMERunner.exe”
uRun: [Sony Ericsson PC Suite] “c:\programmer\sony ericsson\sony ericsson pc suite\SEPCSuite.exe” /systray /nologon
uRun: [gStart] c:\garmin\gStart.exe
uRun: [swg] “c:\programmer\google\googletoolbarnotifier\GoogleToolbarNotifier.exe”
uRun: [WMPNSCFG] c:\programmer\windows media player\WMPNSCFG.exe
mRun: [CHotkey] zHotkey.exe
mRun: [Dit] Dit.exe
mRun: [NvCplDaemon] “RUNDLL32.EXE” c:\windows\system32\NvCpl.dll,NvStartup
mRun: [ControlCenter2.0] c:\programmer\brother\controlcenter2\brctrcen.exe /autorun
mRun: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
mRun: [CoolSwitch] c:\windows\system32\taskswitch.exe
mRun: [nwiz] nwiz.exe /install
mRun: [avp] “c:\programmer\kaspersky lab\kaspersky internet security 2010\avp.exe”
mRun: [itype] “c:\programmer\microsoft intellitype pro\itype.exe”
mRun: [IntelliPoint] “c:\programmer\microsoft intellipoint\ipoint.exe”
mRun: [Adobe ARM] “c:\programmer\fælles filer\adobe\arm\1.0\AdobeARM.exe”
mRun: [HPUsageTracking] “c:\programmer\hewlett-packard\hp ut\bin\hppusg.exe” “c:\programmer\hewlett-packard\hp ut\”
mRun: [ToolBoxFX] “c:\programmer\hewlett-packard\toolboxfx\bin\HPTLBXFX.exe” /enum:on /alerts:on /notifications:on /fl:on /fr:on /appData:on /tmcp:on
mRun: [BrMfcWnd] c:\programmer\brother\brmfcmon\BrMfcWnd.exe /AUTORUN
mRun: [ControlCenter3] c:\programmer\brother\controlcenter3\brctrcen.exe /autorun
mRun: [Networking USB Server] c:\programmer\usb server\networking usb server\Networking USB Server.exe /h
mRun: [Adobe Photo Downloader] “c:\programmer\adobe\photoshop elements 6.0\apdproxy.exe”
mRun: [HP Software Update] c:\programmer\hewlett-packard\hp software update\HPWuSchd2.exe
mRun: [<NO NAME>]
mRun: [SunJavaUpdateSched] “c:\programmer\fælles filer\java\java update\jusched.exe”
dRun: [CTFMON.EXE] c:\windows\system32\CTFMON.EXE
StartupFolder: c:\docume~1\alluse~1\menuen~1\progra~1\start\ncprot~1.lnk - c:\programmer\sec\natural color pro\NCProTray.exe
IE: + Offline &Explorer;: Download the link - file://c:\programmer\offline explorer\Add_UrlO.htm
IE: + Offline E&xplorer;: Download the current page - file://c:\programmer\offline explorer\Add_AllO.htm
IE: E&ksporter; til Microsoft Excel - c:\progra~1\micros~3\office11\EXCEL.EXE/3000
IE: Easy-WebPrint Add To Print List - c:\programmer\canon\easy-webprint\Resource.dll/RC_AddToList.html
IE: Easy-WebPrint High Speed Print - c:\programmer\canon\easy-webprint\Resource.dll/RC_HSPrint.html
IE: Easy-WebPrint Preview - c:\programmer\canon\easy-webprint\Resource.dll/RC_Preview.html
IE: Easy-WebPrint Print - c:\programmer\canon\easy-webprint\Resource.dll/RC_Print.html
IE: Føj til Anti-Banner - c:\programmer\kaspersky lab\kaspersky internet security 2010\ie_banner_deny.htm
IE: Google Sidewiki… - c:\programmer\google\google toolbar\component\GoogleToolbarDynamic_mui_en_89D8574934B26AC4.dll/cmsidewiki.html
IE: Overfør med Download &Express; - c:\programmer\download express\Add_Url.htm
IE: Save &frame; with MetaProducts Inquiry - c:\programmer\metaproducts inquiry\inquiry.dll/saveframe.htm
IE: Save ℑ with MetaProducts Inquiry - c:\programmer\metaproducts inquiry\inquiry.dll/saveimg.htm
IE: Save &page; with MetaProducts Inquiry - c:\programmer\metaproducts inquiry\inquiry.dll/savepage.htm
IE: Save &selection; with MetaProducts Inquiry - c:\programmer\metaproducts inquiry\inquiry.dll/savesel.htm
IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\programmer\messenger\msmsgs.exe
IE: {1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} - {85E0B171-04FA-11D1-B7DA-00A0C90348D6} - c:\programmer\kaspersky lab\kaspersky internet security 2009\SCIEPlgn.dll
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - c:\programmer\windows live\writer\WriterBrowserExtension.dll
IE: {4248FE82-7FCB-46AC-B270-339F08212110} - {4248FE82-7FCB-46AC-B270-339F08212110} - c:\programmer\kaspersky lab\kaspersky internet security 2010\klwtbbho.dll
IE: {49B46060-8AC4-11D7-9FD9-0080481ADA61} - {579F8165-8AAF-11D7-9FD9-0080481ADA61} - c:\programmer\metaproducts inquiry\inquiry.dll
IE: {55AD98FF-3CB9-4718-B28B-E18F932D7FAB} - {6766A865-215F-465A-B266-9CB9C7BA71FA} - c:\programmer\metaproducts inquiry\inquiry.dll
IE: {7FDB9AEE-D04A-440C-8D1D-52B807115C59} - {D1917456-D76D-48DF-9981-B3978EACCD8F} - c:\programmer\metaproducts inquiry\inquiry.dll
IE: {8F36E80B-AD7C-434E-AB92-DA3938EA01E5} - {3680299D-8B37-4F8A-9975-EDD867F10E94} - c:\programmer\metaproducts inquiry\inquiry.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~3\office11\REFIEBAR.DLL
IE: {B98EEB00-A0F2-11D7-9FD9-0080481ADA61} - {F1F3B320-A0F9-11D7-9FD9-0080481ADA61} - c:\programmer\metaproducts inquiry\inquiry.dll
IE: {CCF151D8-D089-449F-A5A4-D9909053F20F} - {CCF151D8-D089-449F-A5A4-D9909053F20F} - c:\programmer\kaspersky lab\kaspersky internet security 2010\klwtbbho.dll
DPF: DirectAnimation Java Classes
DPF: Microsoft XML Parser for Java
DPF: {029FDBA6-3547-11D7-AA4C-0050BF051A00} - hxxp://downol.dr.dk/download/netradio/Rawflow.cab
DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} - hxxp://www.apple.com/qtactivex/qtplugin.cab
DPF: {07D09E9E-C667-45DD-B035-217BC2A61A3B} - hxxps://www.portalbank.dk/package/sdc/external/activex/ActiveXSikkerhedssoftware-prod-1.30.cab
DPF: {0B79F48A-E8D6-11DB-9283-E25056D89593} - hxxp://support.f-secure.com/ols/fscax.cab
DPF: {0DB074F0-617E-4EE9-912C-2965CF2AA5A4} - hxxp://download.microsoft.com/download/7/0/7/707a44ad-52ad-49af-b7ef-e21b6b0656e4/VirtualEarth3D.cab
DPF: {11818680-FCF6-11D0-9808-0800092A4865} - hxxp://www.kps.dk/Codebase/FormCtl.cab
DPF: {1469FF24-47F6-11D2-8805-006008C537E3} - hxxp://www.kps.dk/codebase/ffmail.cab
DPF: {166B1BCA-3F9C-11CF-8075-444553540000} - hxxp://fpdownload.macromedia.com/pub/shockwave/cabs/director/sw.cab
DPF: {17492023-C23A-453E-A040-C7C580BBF700} - hxxp://download.microsoft.com/download/5/b/0/5b0d4654-aa20-495c-b89f-c1c34c691085/LegitCheckControl.cab
DPF: {233C1507-6A77-46A4-9443-F871F945D258} - hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab
DPF: {3D6DDD23-870A-4FC8-B3AF-5F67C935A9B7} - hxxps://udstedelse.certifikat.tdc.dk/csp/authenticode/PrimeInkCSP-1204.exe
DPF: {3E68E405-C6DE-49FF-83AE-41EE9F4C36CE} - hxxp://office.microsoft.com/officeupdate/content/opuc3.cab
DPF: {4B48D5DF-9021-45F7-A240-60304302A215} - hxxp://download.microsoft.com/download/b/d/b/bdb4e4ee-63b2-45ff-9d84-33205bf43143/WebCleaner.cab
DPF: {4F2A3649-7A9F-4950-9C31-409FAC6FC7C8} - hxxps://danid.dk/csp/authenticode/csp.exe
DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} - hxxp://v5.windowsupdate.microsoft.com/v5consumer/V5Controls/en/x86/client/wuweb_site.cab?1098966515421
DPF: {6CB5E471-C305-11D3-99A8-000086395495} - hxxp://toolbar.google.com/data/da/big/1.1.62-big/GoogleNav.cab
DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} - hxxp://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1122581987296
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab
DPF: {8EC18CE2-D7B4-11D2-88C8-006008A717FD} - hxxp://www.kortal.dk/ecwplugins/ncs.cab
DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} - hxxp://fpdownload.macromedia.com/get/flashplayer/current/polarbear/ultrashim.cab
DPF: {92EB6641-286A-11D2-A68E-00A0C996A6DD} - hxxp://www.kps.dk/codebase/jfsignature.cab
DPF: {9DF01F00-08E7-4DBE-9070-94841463B3FE} - hxxps://danid.dk/csp/authenticode/csp.exe
DPF: {B1E2B96C-12FE-45E2-BEF1-44A219113CDD} - hxxp://www.superadblocker.com/activex/sabspx.cab
DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} - hxxp://messenger.msn.com/download/MsnMessengerSetupDownloader.cab
DPF: {BE9B2B7C-6680-44E6-9F51-05384AD9C2FF} - hxxp://p1.mywayfinder.com/MapConnect.ocx
DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab
DPF: {CDDCFBB3-4D93-11D2-B1A9-00A0C9B742BE} - hxxp://www.kps.dk/codebase/scriptobject.cab
DPF: {D216644A-C6DB-49D9-BBCF-D38FE7991BF2} - hxxps://opdatering.tdc.dk/csp/authenticode/tdccsp-0506.exe
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload.macromedia.com/get/flashplayer/current/swflash.cab
DPF: {D3166EE4-3E00-46CA-8F62-8E01D2314A7F} - hxxp://www.cig.canon-europe.com/ph/da_DK/st/download/ddup/CNIMGUP_01_210102E.cab
DPF: {D8575CE3-3432-4540-88A9-85A1325D3375} - hxxps://netbank.bgbank.dk/html/activex/e-Safekey/BG/e-Safekey.cab
DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
DPF: {EF2FB80F-0975-408E-A871-B00CC863478A} - hxxp://www.kps.dk/codebase/fontinstaller.cab
Handler: cetihpz - {CF184AD3-CDCB-4168-A3F7-8E447D129300} - c:\programmer\hp\hpcoretech\comp\hpuiprot.dll
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - c:\progra~1\fllesf~1\skype\SKYPE4~1.DLL
Name-Space Handler: ftp\HIEClickCatcher - {E131C96E-4DDB-11D4-84B8-008048B33DEA} - c:\progra~1\downlo~1\mdpph.dll
Name-Space Handler: http\HIEClickCatcher - {E131C96E-4DDB-11D4-84B8-008048B33DEA} - c:\progra~1\downlo~1\mdpph.dll
Name-Space Handler: https\HIEClickCatcher - {E131C96E-4DDB-11D4-84B8-008048B33DEA} - c:\progra~1\downlo~1\mdpph.dll
Notify: klogon - c:\windows\system32\klogon.dll
AppInit_DLLs: PGPmapih.dll,c:\progra~1\kasper~1\kasper~1\kloehk.dll,c:\progra~1\kasper~1\kasper~2\mzvkbd3.dll,c:\progra~1\kasper~1\kasper~2\kloehk.dll
SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll
SEH: {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - No File
LSA: Notification Packages = scecli PGPpwfltDDS (Ver_10-03-17.01) - NTFSx86
Run by Søren at 11:49:16,25 on 03-07-2010
Internet Explorer: 8.0.6001.18702 BrowserJavaVersion: 1.6.0_20
Microsoft Windows XP Home Edition 5.1.2600.3.1252.45.1030.18.2047.1299 [GMT 2:00]

AV: Kaspersky Internet Security *On-access scanning enabled* (Updated)  {2C4D4BC6-0793-4956-A9F9-E252435469C0}
FW: Kaspersky Internet Security *enabled*  {2C4D4BC6-0793-4956-A9F9-E252435469C0}

============== Running Processes ===============

C:\WINDOWS\system32\svchost -k DcomLaunch
svchost.exe
C:\WINDOWS\System32\svchost.exe -k netsvcs
C:\WINDOWS\system32\svchost.exe -k WudfServiceGroup
svchost.exe
C:\WINDOWS\system32\brsvc01a.exe
C:\WINDOWS\system32\brss01a.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
svchost.exe
C:\Programmer\Adobe\Photoshop Elements 6.0\PhotoshopElementsFileAgent.exe
C:\Programmer\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe
C:\Programmer\Bonjour\mDNSResponder.exe
svchost.exe
C:\WINDOWS\System32\svchost.exe -k HTTPFilter
C:\Programmer\iolo\common\lib\ioloServiceManager.exe
C:\Programmer\Java\jre6\bin\jqs.exe
C:\Programmer\Fælles filer\LightScribe\LSSrvc.exe
C:\Programmer\CA\SharedComponents\CA_LIC\LogWatNT.exe
C:\Programmer\Fælles filer\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Programmer\Nero\Nero8\Nero BackItUp\NBService.exe
C:\WINDOWS\System32\svchost.exe -k HPZ12
C:\WINDOWS\system32\nvsvc32.exe
C:\Programmer\Sony Ericsson\Sony Ericsson PC Suite\SupServ.exe
C:\WINDOWS\system32\PGPserv.exe
C:\WINDOWS\system32\IoctlSvc.exe
C:\WINDOWS\System32\svchost.exe -k HPZ12
C:\WINDOWS\system32\PSIService.exe
C:\Programmer\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
C:\WINDOWS\system32\ssoftsrv.exe
C:\WINDOWS\System32\svchost.exe -k imgsvc
C:\Programmer\TomTom HOME 2\TomTomHOMEService.exe
C:\WINDOWS\system32\fxssvc.exe
C:\Programmer\Canon\CAL\CALMAIN.exe
C:\WINDOWS\zHotkey.exe
C:\WINDOWS\Dit.exe
C:\WINDOWS\system32\rundll32.exe
C:\WINDOWS\DitExp.exe
C:\WINDOWS\system32\taskswitch.exe
C:\Programmer\Brother\ControlCenter3\brccMCtl.exe
C:\Programmer\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe
C:\Programmer\Microsoft IntelliType Pro\itype.exe
C:\Programmer\Microsoft IntelliPoint\ipoint.exe
C:\Programmer\Brother\Brmfcmon\BrMfcWnd.exe
C:\Programmer\USB Server\Networking USB Server\Networking USB Server.exe
C:\Programmer\Microsoft IntelliPoint\dpupdchk.exe
C:\Programmer\Adobe\Photoshop Elements 6.0\apdproxy.exe
C:\Programmer\Hewlett-Packard\HP Software Update\HPWuSchd2.exe
C:\Programmer\Fælles filer\Java\Java Update\jusched.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Programmer\PC Connectivity Solution\ServiceLayer.exe
C:\Programmer\TomTom HOME 2\TomTomHOMERunner.exe
C:\Programmer\Sony Ericsson\Sony Ericsson PC Suite\SEPCSuite.exe
C:\Garmin\gStart.exe
C:\Programmer\Brother\Brmfcmon\BrMfimon.exe
C:\Programmer\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Programmer\Windows Media Player\WMPNSCFG.exe
C:\Programmer\PC Connectivity Solution\Transports\NclUSBSrv.exe
C:\Programmer\SEC\Natural Color Pro\NCProTray.exe
C:\Programmer\PC Connectivity Solution\Transports\NclRSSrv.exe
C:\Programmer\PC Connectivity Solution\Transports\NclMSBTSrv.exe
C:\WINDOWS\system32\taskmgr.exe
C:\Programmer\Mozilla Firefox\firefox.exe
C:\Programmer\Kaspersky Lab\Kaspersky Internet Security 2010\klwtblfs.exe
C:\Programmer\Fælles filer\Microsoft Shared\Source Engine\OSE.EXE
C:\Documents and Settings\Søren\Skrivebord\INTERNET DOWNLOAD\dds.scr

============== Pseudo HJT Report ===============

uStart Page = about:blank
uSearchMigratedDefaultURL = hxxp://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8
uInternet Settings,ProxyOverride = 127.0.0.1;localhost;*.local
uSearchURL,(Default) = hxxp://g.msn.dk/0SEDADK/SAOS01?FORM=TOOLBR
BHO: MetaProducts Inquiry Helper: {001165c1-a640-11d7-9fd9-0080481ada61} - c:\programmer\metaproducts inquiry\inquiry.dll
BHO: Adobe PDF Reader Link Helper: {06849e9f-c8d7-4d59-b87d-784b7d6be0b3} - c:\programmer\fælles filer\adobe\acrobat\activex\AcroIEHelper.dll
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\programmer\fælles filer\adobe\acrobat\activex\AcroIEHelperShim.dll
BHO: IEVkbdBHO Class: {59273ab4-e7d3-40f9-a1a8-6fa9cca1862c} - c:\programmer\kaspersky lab\kaspersky internet security 2010\ievkbd.dll
BHO: Search Helper: {6ebf7485-159f-4bff-a14f-b9e3aac4465b} - c:\programmer\microsoft\search enhancement pack\search helper\SEPsearchhelperie.dll
BHO: Hjælp til tilmelding til Windows Live: {9030d464-4c02-4abf-8ecc-5164760863c6} - c:\programmer\fælles filer\microsoft shared\windows live\WindowsLiveLogin.dll
BHO: Google Toolbar Helper: {aa58ed58-01dd-4d91-8333-cf10577473f7} - c:\programmer\google\google toolbar\GoogleToolbar_32.dll
BHO: Google Toolbar Notifier BHO: {af69de43-7d58-4638-b6fa-ce66b5ad205d} - c:\programmer\google\googletoolbarnotifier\5.5.5126.1836\swg.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\programmer\java\jre6\bin\jp2ssv.dll
BHO: Windows Live Toolbar Helper: {e15a8dc0-8516-42a1-81ea-dc94ec1acf10} - c:\programmer\windows live\toolbar\wltcore.dll
BHO: FilterBHO Class: {e33cf602-d945-461a-83f0-819f76a199f8} - c:\programmer\kaspersky lab\kaspersky internet security 2010\klwtbbho.dll
BHO: JQSIEStartDetectorImpl Class: {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - c:\programmer\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
TB: MetaProducts Inquiry Bar: {b8238b20-ff2c-11d7-9fd9-0080481ada61} - c:\programmer\metaproducts inquiry\inquiry.dll
TB: &Windows; Live Toolbar: {21fa44ef-376d-4d53-9b0f-8a89d3229068} - c:\programmer\windows live\toolbar\wltcore.dll
TB: FireShot: {6e6e744e-4d20-4ce3-9a7a-26dfffe22f68} - c:\programmer\fireshot for ie\fsaddin-0.83.dll
TB: Google Toolbar: {2318c2b1-4965-11d4-9b18-009027a5cd4f} - c:\programmer\google\google toolbar\GoogleToolbar_32.dll
TB: {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - No File
EB: {32683183-48a0-441b-a342-7c2a440a9478} - No File
EB: MetaProducts &Inquiry;: {579f8165-8aaf-11d7-9fd9-0080481ada61} - c:\programmer\metaproducts inquiry\inquiry.dll
uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe
uRun: [TomTomHOME.exe] “c:\programmer\tomtom home 2\TomTomHOMERunner.exe”
uRun: [Sony Ericsson PC Suite] “c:\programmer\sony ericsson\sony ericsson pc suite\SEPCSuite.exe” /systray /nologon
uRun: [gStart] c:\garmin\gStart.exe
uRun: [swg] “c:\programmer\google\googletoolbarnotifier\GoogleToolbarNotifier.exe”
uRun: [WMPNSCFG] c:\programmer\windows media player\WMPNSCFG.exe
mRun: [CHotkey] zHotkey.exe
mRun: [Dit] Dit.exe
mRun: [NvCplDaemon] “RUNDLL32.EXE” c:\windows\system32\NvCpl.dll,NvStartup
mRun: [ControlCenter2.0] c:\programmer\brother\controlcenter2\brctrcen.exe /autorun
mRun: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
mRun: [CoolSwitch] c:\windows\system32\taskswitch.exe
mRun: [nwiz] nwiz.exe /install
mRun: [avp] “c:\programmer\kaspersky lab\kaspersky internet security 2010\avp.exe”
mRun: [itype] “c:\programmer\microsoft intellitype pro\itype.exe”
mRun: [IntelliPoint] “c:\programmer\microsoft intellipoint\ipoint.exe”
mRun: [Adobe ARM] “c:\programmer\fælles filer\adobe\arm\1.0\AdobeARM.exe”
mRun: [HPUsageTracking] “c:\programmer\hewlett-packard\hp ut\bin\hppusg.exe” “c:\programmer\hewlett-packard\hp ut\”
mRun: [ToolBoxFX] “c:\programmer\hewlett-packard\toolboxfx\bin\HPTLBXFX.exe” /enum:on /alerts:on /notifications:on /fl:on /fr:on /appData:on /tmcp:on
mRun: [BrMfcWnd] c:\programmer\brother\brmfcmon\BrMfcWnd.exe /AUTORUN
mRun: [ControlCenter3] c:\programmer\brother\controlcenter3\brctrcen.exe /autorun
mRun: [Networking USB Server] c:\programmer\usb server\networking usb server\Networking USB Server.exe /h
mRun: [Adobe Photo Downloader] “c:\programmer\adobe\photoshop elements 6.0\apdproxy.exe”
mRun: [HP Software Update] c:\programmer\hewlett-packard\hp software update\HPWuSchd2.exe
mRun: [<NO NAME>]
mRun: [SunJavaUpdateSched] “c:\programmer\fælles filer\java\java update\jusched.exe”
dRun: [CTFMON.EXE] c:\windows\system32\CTFMON.EXE
StartupFolder: c:\docume~1\alluse~1\menuen~1\progra~1\start\ncprot~1.lnk - c:\programmer\sec\natural color pro\NCProTray.exe
IE: + Offline &Explorer;: Download the link - file://c:\programmer\offline explorer\Add_UrlO.htm
IE: + Offline E&xplorer;: Download the current page - file://c:\programmer\offline explorer\Add_AllO.htm
IE: E&ksporter; til Microsoft Excel - c:\progra~1\micros~3\office11\EXCEL.EXE/3000
IE: Easy-WebPrint Add To Print List - c:\programmer\canon\easy-webprint\Resource.dll/RC_AddToList.html
IE: Easy-WebPrint High Speed Print - c:\programmer\canon\easy-webprint\Resource.dll/RC_HSPrint.html
IE: Easy-WebPrint Preview - c:\programmer\canon\easy-webprint\Resource.dll/RC_Preview.html
IE: Easy-WebPrint Print - c:\programmer\canon\easy-webprint\Resource.dll/RC_Print.html
IE: Føj til Anti-Banner - c:\programmer\kaspersky lab\kaspersky internet security 2010\ie_banner_deny.htm
IE: Google Sidewiki… - c:\programmer\google\google toolbar\component\GoogleToolbarDynamic_mui_en_89D8574934B26AC4.dll/cmsidewiki.html
IE: Overfør med Download &Express; - c:\programmer\download express\Add_Url.htm
IE: Save &frame; with MetaProducts Inquiry - c:\programmer\metaproducts inquiry\inquiry.dll/saveframe.htm
IE: Save ℑ with MetaProducts Inquiry - c:\programmer\metaproducts inquiry\inquiry.dll/saveimg.htm
IE: Save &page; with MetaProducts Inquiry - c:\programmer\metaproducts inquiry\inquiry.dll/savepage.htm
IE: Save &selection; with MetaProducts Inquiry - c:\programmer\metaproducts inquiry\inquiry.dll/savesel.htm
IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\programmer\messenger\msmsgs.exe
IE: {1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} - {85E0B171-04FA-11D1-B7DA-00A0C90348D6} - c:\programmer\kaspersky lab\kaspersky internet security 2009\SCIEPlgn.dll
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - c:\programmer\windows live\writer\WriterBrowserExtension.dll
IE: {4248FE82-7FCB-46AC-B270-339F08212110} - {4248FE82-7FCB-46AC-B270-339F08212110} - c:\programmer\kaspersky lab\kaspersky internet security 2010\klwtbbho.dll
IE: {49B46060-8AC4-11D7-9FD9-0080481ADA61} - {579F8165-8AAF-11D7-9FD9-0080481ADA61} - c:\programmer\metaproducts inquiry\inquiry.dll
IE: {55AD98FF-3CB9-4718-B28B-E18F932D7FAB} - {6766A865-215F-465A-B266-9CB9C7BA71FA} - c:\programmer\metaproducts inquiry\inquiry.dll
IE: {7FDB9AEE-D04A-440C-8D1D-52B807115C59} - {D1917456-D76D-48DF-9981-B3978EACCD8F} - c:\programmer\metaproducts inquiry\inquiry.dll
IE: {8F36E80B-AD7C-434E-AB92-DA3938EA01E5} - {3680299D-8B37-4F8A-9975-EDD867F10E94} - c:\programmer\metaproducts inquiry\inquiry.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~3\office11\REFIEBAR.DLL
IE: {B98EEB00-A0F2-11D7-9FD9-0080481ADA61} - {F1F3B320-A0F9-11D7-9FD9-0080481ADA61} - c:\programmer\metaproducts inquiry\inquiry.dll
IE: {CCF151D8-D089-449F-A5A4-D9909053F20F} - {CCF151D8-D089-449F-A5A4-D9909053F20F} - c:\programmer\kaspersky lab\kaspersky internet security 2010\klwtbbho.dll
DPF: DirectAnimation Java Classes
DPF: Microsoft XML Parser for Java
DPF: {029FDBA6-3547-11D7-AA4C-0050BF051A00} - hxxp://downol.dr.dk/download/netradio/Rawflow.cab
DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} - hxxp://www.apple.com/qtactivex/qtplugin.cab
DPF: {07D09E9E-C667-45DD-B035-217BC2A61A3B} - hxxps://www.portalbank.dk/package/sdc/external/activex/ActiveXSikkerhedssoftware-prod-1.30.cab
DPF: {0B79F48A-E8D6-11DB-9283-E25056D89593} - hxxp://support.f-secure.com/ols/fscax.cab
DPF: {0DB074F0-617E-4EE9-912C-2965CF2AA5A4} - hxxp://download.microsoft.com/download/7/0/7/707a44ad-52ad-49af-b7ef-e21b6b0656e4/VirtualEarth3D.cab
DPF: {11818680-FCF6-11D0-9808-0800092A4865} - hxxp://www.kps.dk/Codebase/FormCtl.cab
DPF: {1469FF24-47F6-11D2-8805-006008C537E3} - hxxp://www.kps.dk/codebase/ffmail.cab
DPF: {166B1BCA-3F9C-11CF-8075-444553540000} - hxxp://fpdownload.macromedia.com/pub/shockwave/cabs/director/sw.cab
DPF: {17492023-C23A-453E-A040-C7C580BBF700} - hxxp://download.microsoft.com/download/5/b/0/5b0d4654-aa20-495c-b89f-c1c34c691085/LegitCheckControl.cab
DPF: {233C1507-6A77-46A4-9443-F871F945D258} - hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab
DPF: {3D6DDD23-870A-4FC8-B3AF-5F67C935A9B7} - hxxps://udstedelse.certifikat.tdc.dk/csp/authenticode/PrimeInkCSP-1204.exe
DPF: {3E68E405-C6DE-49FF-83AE-41EE9F4C36CE} - hxxp://office.microsoft.com/officeupdate/content/opuc3.cab
DPF: {4B48D5DF-9021-45F7-A240-60304302A215} - hxxp://download.microsoft.com/download/b/d/b/bdb4e4ee-63b2-45ff-9d84-33205bf43143/WebCleaner.cab
DPF: {4F2A3649-7A9F-4950-9C31-409FAC6FC7C8} - hxxps://danid.dk/csp/authenticode/csp.exe
DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} - hxxp://v5.windowsupdate.microsoft.com/v5consumer/V5Controls/en/x86/client/wuweb_site.cab?1098966515421
DPF: {6CB5E471-C305-11D3-99A8-000086395495} - hxxp://toolbar.google.com/data/da/big/1.1.62-big/GoogleNav.cab
DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} - hxxp://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1122581987296
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab
DPF: {8EC18CE2-D7B4-11D2-88C8-006008A717FD} - hxxp://www.kortal.dk/ecwplugins/ncs.cab
DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} - hxxp://fpdownload.macromedia.com/get/flashplayer/current/polarbear/ultrashim.cab
DPF: {92EB6641-286A-11D2-A68E-00A0C996A6DD} - hxxp://www.kps.dk/codebase/jfsignature.cab
DPF: {9DF01F00-08E7-4DBE-9070-94841463B3FE} - hxxps://danid.dk/csp/authenticode/csp.exe
DPF: {B1E2B96C-12FE-45E2-BEF1-44A219113CDD} - hxxp://www.superadblocker.com/activex/sabspx.cab
DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} - hxxp://messenger.msn.com/download/MsnMessengerSetupDownloader.cab
DPF: {BE9B2B7C-6680-44E6-9F51-05384AD9C2FF} - hxxp://p1.mywayfinder.com/MapConnect.ocx
DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab
DPF: {CDDCFBB3-4D93-11D2-B1A9-00A0C9B742BE} - hxxp://www.kps.dk/codebase/scriptobject.cab
DPF: {D216644A-C6DB-49D9-BBCF-D38FE7991BF2} - hxxps://opdatering.tdc.dk/csp/authenticode/tdccsp-0506.exe
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload.macromedia.com/get/flashplayer/current/swflash.cab
DPF: {D3166EE4-3E00-46CA-8F62-8E01D2314A7F} - hxxp://www.cig.canon-europe.com/ph/da_DK/st/download/ddup/CNIMGUP_01_210102E.cab
DPF: {D8575CE3-3432-4540-88A9-85A1325D3375} - hxxps://netbank.bgbank.dk/html/activex/e-Safekey/BG/e-Safekey.cab
DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
DPF: {EF2FB80F-0975-408E-A871-B00CC863478A} - hxxp://www.kps.dk/codebase/fontinstaller.cab
Handler: cetihpz - {CF184AD3-CDCB-4168-A3F7-8E447D129300} - c:\programmer\hp\hpcoretech\comp\hpuiprot.dll
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - c:\progra~1\fllesf~1\skype\SKYPE4~1.DLL
Name-Space Handler: ftp\HIEClickCatcher - {E131C96E-4DDB-11D4-84B8-008048B33DEA} - c:\progra~1\downlo~1\mdpph.dll
Name-Space Handler: http\HIEClickCatcher - {E131C96E-4DDB-11D4-84B8-008048B33DEA} - c:\progra~1\downlo~1\mdpph.dll
Name-Space Handler: https\HIEClickCatcher - {E131C96E-4DDB-11D4-84B8-008048B33DEA} - c:\progra~1\downlo~1\mdpph.dll
Notify: klogon - c:\windows\system32\klogon.dll
AppInit_DLLs: PGPmapih.dll,c:\progra~1\kasper~1\kasper~1\kloehk.dll,c:\progra~1\kasper~1\kasper~2\mzvkbd3.dll,c:\progra~1\kasper~1\kasper~2\kloehk.dll
SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll
SEH: {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - No File
LSA: Notification Packages = scecli PGPpwflt


================= FIREFOX ===================

FF - ProfilePath - c:\docume~1\sren~1\applic~1\mozilla\firefox\profiles\7nc1wn7r.default\
FF - prefs.js: browser.search.defaulturl - hxxp://www.google.com/search?lr=&ie=UTF-8&oe=UTF-8&q=
FF - prefs.js: browser.startup.homepage - hxxp://www.google.dk/ig?hl=da
FF - component: c:\documents and settings\søren\application data\mozilla\firefox\profiles\7nc1wn7r.default\extensions\{0b457caa-602d-484a-8fe7-c1d894a011ba}\platform\winnt_x86-msvc\components\SSSLauncher.dll
FF - component: c:\documents and settings\søren\application data\mozilla\firefox\profiles\7nc1wn7r.default\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}\components\frozen.dll
FF - component: c:\documents and settings\søren\application data\mozilla\firefox\profiles\7nc1wn7r.default\extensions\{d249fd00-4df9-11d9-9fdc-0080481ada61}\components\mpint.dll
FF - component: c:\programmer\mozilla firefox\extensions\linkfilter@kaspersky.ru\components\KavLinkFilter.dll
FF - plugin: c:\documents and settings\sã¸ren\application data\mozilla\plugins\npPxPlay.dll
FF - plugin: c:\programmer\canon\zoombrowser ex\program\NPCIG.dll
FF - plugin: c:\programmer\google\google earth\plugin\npgeplugin.dll
FF - plugin: c:\programmer\google\update\1.2.183.23\npGoogleOneClick8.dll
FF - plugin: c:\programmer\microsoft\office live\npOLW.dll
FF - plugin: c:\programmer\mozilla firefox\plugins\npdeployJava1.dll
FF - plugin: c:\programmer\mozilla firefox\plugins\npicaN.dll
FF - plugin: c:\programmer\mozilla firefox\plugins\npvirtools.dll
FF - plugin: c:\programmer\viewpoint\viewpoint media player\npViewpoint.dll
FF - plugin: c:\programmer\windows live\photo gallery\NPWLPG.dll
FF - plugin: c:\windows\system32\superadblocker.com\npsabffx.dll
FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\microsoft.net\framework\v3.5\windows presentation foundation\dotnetassistantextension\
FF - HiddenExtension: Java Console: No Registry Reference - c:\programmer\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}

——FIREFOX POLICIES——
c:\programmer\mozilla firefox\greprefs\all.js - pref(“ui.use_native_colors”, true);
c:\programmer\mozilla firefox\greprefs\all.js - pref(“ui.use_native_popup_windows”, false);
c:\programmer\mozilla firefox\greprefs\all.js - pref(“browser.enable_click_image_resizing”, true);
c:\programmer\mozilla firefox\greprefs\all.js - pref(“accessibility.browsewithcaret_shortcut.enabled”, true);
c:\programmer\mozilla firefox\greprefs\all.js - pref(“javascript.options.mem.high_water_mark”, 32);
c:\programmer\mozilla firefox\greprefs\all.js - pref(“javascript.options.mem.gc_frequency”,  1600);
c:\programmer\mozilla firefox\greprefs\all.js - pref(“network.IDN.whitelist.lu”, true);
c:\programmer\mozilla firefox\greprefs\all.js - pref(“network.IDN.whitelist.nu”, true);
c:\programmer\mozilla firefox\greprefs\all.js - pref(“network.IDN.whitelist.nz”, true);
c:\programmer\mozilla firefox\greprefs\all.js - pref(“network.IDN.whitelist.xn—mgberp4a5d4ar”, true);
c:\programmer\mozilla firefox\greprefs\all.js - pref(“network.IDN.whitelist.xn—p1ai”, true);
c:\programmer\mozilla firefox\greprefs\all.js - pref(“network.IDN.whitelist.xn—mgbayh7gpa”, true);
c:\programmer\mozilla firefox\greprefs\all.js - pref(“network.IDN.whitelist.tel”, true);
c:\programmer\mozilla firefox\greprefs\all.js - pref(“network.auth.force-generic-ntlm”, false);
c:\programmer\mozilla firefox\greprefs\all.js - pref(“network.proxy.type”,            5);
c:\programmer\mozilla firefox\greprefs\all.js - pref(“dom.ipc.plugins.timeoutSecs”, 45);
c:\programmer\mozilla firefox\greprefs\all.js - pref(“svg.smil.enabled”, false);
c:\programmer\mozilla firefox\greprefs\all.js - pref(“ui.trackpoint_hack.enabled”, -1);
c:\programmer\mozilla firefox\greprefs\all.js - pref(“browser.formfill.debug”,        false);
c:\programmer\mozilla firefox\greprefs\all.js - pref(“browser.formfill.agedWeight”,    2);
c:\programmer\mozilla firefox\greprefs\all.js - pref(“browser.formfill.bucketSize”,    1);
c:\programmer\mozilla firefox\greprefs\all.js - pref(“browser.formfill.maxTimeGroupings”, 25);
c:\programmer\mozilla firefox\greprefs\all.js - pref(“browser.formfill.timeGroupingSize”, 604800);
c:\programmer\mozilla firefox\greprefs\all.js - pref(“browser.formfill.boundaryWeight”,  25);
c:\programmer\mozilla firefox\greprefs\all.js - pref(“browser.formfill.prefixWeight”,    5);
c:\programmer\mozilla firefox\greprefs\all.js - pref(“accelerometer.enabled”, true);
c:\programmer\mozilla firefox\greprefs\all.js - pref(“html5.enable”, false);
c:\programmer\mozilla firefox\greprefs\security-prefs.js - pref(“security.ssl.allow_unrestricted_renego_everywhere__temporarily_available_pref”, true);
c:\programmer\mozilla firefox\greprefs\security-prefs.js - pref(“security.ssl.renego_unrestricted_hosts”, “”);
c:\programmer\mozilla firefox\greprefs\security-prefs.js - pref(“security.ssl.treat_unsafe_negotiation_as_broken”, false);
c:\programmer\mozilla firefox\greprefs\security-prefs.js - pref(“security.ssl.require_safe_negotiation”,  false);
c:\programmer\mozilla firefox\greprefs\security-prefs.js - pref(“security.ssl3.rsa_seed_sha”, true);
c:\programmer\mozilla firefox\defaults\pref\firefox-branding.js - pref(“app.update.download.backgroundInterval”, 600);
c:\programmer\mozilla firefox\defaults\pref\firefox-branding.js - pref(“app.update.url.manual”, “http://www.firefox.com”);
c:\programmer\mozilla firefox\defaults\pref\firefox-branding.js - pref(“browser.search.param.yahoo-fr-ja”, “mozff”);
c:\programmer\mozilla firefox\defaults\pref\firefox-l10n.js - pref(“browser.fixup.alternate.suffix”, “.dk”);
c:\programmer\mozilla firefox\defaults\pref\firefox.js - pref(“extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.name”, “chrome://browser/locale/browser.properties”);
c:\programmer\mozilla firefox\defaults\pref\firefox.js - pref(“extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.description”, “chrome://browser/locale/browser.properties”);
c:\programmer\mozilla firefox\defaults\pref\firefox.js - pref(“xpinstall.whitelist.add”, “addons.mozilla.org”);
c:\programmer\mozilla firefox\defaults\pref\firefox.js - pref(“xpinstall.whitelist.add.36”, “getpersonas.com”);
c:\programmer\mozilla firefox\defaults\pref\firefox.js - pref(“lightweightThemes.update.enabled”, true);
c:\programmer\mozilla firefox\defaults\pref\firefox.js - pref(“browser.allTabs.previews”, false);
c:\programmer\mozilla firefox\defaults\pref\firefox.js - pref(“plugins.hide_infobar_for_outdated_plugin”, false);
c:\programmer\mozilla firefox\defaults\pref\firefox.js - pref(“plugins.update.notifyUser”, false);
c:\programmer\mozilla firefox\defaults\pref\firefox.js - pref(“toolbar.customization.usesheet”, false);
c:\programmer\mozilla firefox\defaults\pref\firefox.js - pref(“dom.ipc.plugins.enabled.nptest.dll”, true);
c:\programmer\mozilla firefox\defaults\pref\firefox.js - pref(“dom.ipc.plugins.enabled.npswf32.dll”, true);
c:\programmer\mozilla firefox\defaults\pref\firefox.js - pref(“dom.ipc.plugins.enabled.npctrl.dll”, true);
c:\programmer\mozilla firefox\defaults\pref\firefox.js - pref(“dom.ipc.plugins.enabled.npqtplugin.dll”, true);
c:\programmer\mozilla firefox\defaults\pref\firefox.js - pref(“dom.ipc.plugins.enabled”, false);
c:\programmer\mozilla firefox\defaults\pref\firefox.js - pref(“browser.taskbar.previews.enable”, false);
c:\programmer\mozilla firefox\defaults\pref\firefox.js - pref(“browser.taskbar.previews.max”, 20);
c:\programmer\mozilla firefox\defaults\pref\firefox.js - pref(“browser.taskbar.previews.cachetime”, 20);

============= SERVICES / DRIVERS ===============

R0 d346bus;d346bus;c:\windows\system32\drivers\d346bus.sys [2006-1-22 156800]
R0 d346prt;d346prt;c:\windows\system32\drivers\d346prt.sys [2006-1-22 5248]
R0 klbg;Kaspersky Lab Boot Guard Driver;c:\windows\system32\drivers\klbg.sys [2008-1-29 36880]
R0 pgpfs;PGP File Sharing;c:\windows\system32\drivers\PGPfsfd.sys [2006-9-27 96256]
R1 kl1;Kl1;c:\windows\system32\drivers\kl1.sys [2009-9-1 128016]
R1 KLIF;Kaspersky Lab Driver;c:\windows\system32\drivers\klif.sys [2009-1-2 315408]
R2 AVP;Kaspersky Internet Security;c:\programmer\kaspersky lab\kaspersky internet security 2010\avp.exe [2009-10-20 340456]
R2 fssfltr;FssFltr;c:\windows\system32\drivers\fssfltr_tdi.sys [2009-4-24 54752]
R2 ioloFileInfoList;iolo FileInfoList Service;c:\programmer\iolo\common\lib\ioloServiceManager.exe [2007-12-13 566120]
R2 ioloSystemService;iolo System Service;c:\programmer\iolo\common\lib\ioloServiceManager.exe [2007-12-13 566120]
R2 LogWatch;Event Log Watch;c:\programmer\ca\sharedcomponents\ca_lic\LogWatNT.exe [2002-9-20 53248]
R2 OMSI download service;Sony Ericsson OMSI download service;c:\programmer\sony ericsson\sony ericsson pc suite\SupServ.exe [2009-10-24 90112]
R2 ssoftnt4;ssoftnt4;c:\windows\system32\drivers\ssoftnt4.sys [2006-9-21 114944]
R2 TomTomHOMEService;TomTomHOMEService;c:\programmer\tomtom home 2\TomTomHOMEService.exe [2010-5-7 92008]
R3 EST_BusEnum;Network USB Device Bus;c:\windows\system32\drivers\GenBus.sys [2009-5-27 27008]
R3 EST_Server;Network USB Device;c:\windows\system32\drivers\GenHC.sys [2010-4-7 171776]
R3 KLFLTDEV;Kaspersky Lab KLFltDev;c:\windows\system32\drivers\klfltdev.sys [2008-3-13 26640]
R3 klim5;Kaspersky Anti-Virus NDIS Filter;c:\windows\system32\drivers\klim5.sys [2008-4-30 32272]
R3 klmouflt;Kaspersky Lab KLMOUFLT;c:\windows\system32\drivers\klmouflt.sys [2009-10-2 19472]
R3 PhTVTune;MEDION TV-TUNER 7134 MK2/3;c:\windows\system32\drivers\PhTVTune.sys [2004-5-28 24704]
R3 seehcri;Sony Ericsson seehcri Device Driver;c:\windows\system32\drivers\seehcri.sys [2009-10-24 27632]
S2 gupdate;Tjenesten Google Update (gupdate);c:\programmer\google\update\GoogleUpdate.exe [2010-2-5 135664]
S2 LBeepKE;LBeepKE;c:\windows\system32\drivers\lbeepke.sys—> c:\windows\system32\drivers\LBeepKE.sys [?]
S2 mdrcdb;MD Simple Burner DB Access Service;c:\programmer\sony\md simple burner\mdrcdb.exe [2006-6-2 122880]
S3 azvusb;Virtual USB Hub;c:\windows\system32\drivers\azvusb.sys [2010-6-18 44544]
S3 CA_LIC_CLNT;CA License Client; [x]
S3 CA_LIC_SRVR;CA License Server; [x]
S3 cpuz130;cpuz130;\??\c:\temp\cpuz130\cpuz_x32.sys—> c:\temp\cpuz130\cpuz_x32.sys [?]
S3 EverestDriver;Lavalys EVEREST Kernel Driver;\??\c:\programmer\lavalys\everest home edition\kerneld.wnt—> c:\programmer\lavalys\everest home edition\kerneld.wnt [?]
S3 fsssvc;Windows Live-tjenesten Family Safety;c:\programmer\windows live\family safety\fsssvc.exe [2009-8-5 704864]
S3 ggflt;SEMC USB Flash Driver Filter;c:\windows\system32\drivers\ggflt.sys [2008-12-17 13224]
S3 nmwcdnsu;Nokia USB Flashing Phone Parent;c:\windows\system32\drivers\nmwcdnsu.sys [2010-6-16 137344]
S3 nmwcdnsuc;Nokia USB Flashing Generic;c:\windows\system32\drivers\nmwcdnsuc.sys [2010-6-16 8320]
S3 OEMSTOR;PT Device;c:\windows\system32\drivers\OTest28k.sys [2006-4-21 19642]
S3 s0017bus;Sony Ericsson Device 0017 driver (WDM);c:\windows\system32\drivers\s0017bus.sys [2008-11-23 86824]
S3 s0017mdfl;Sony Ericsson Device 0017 USB WMC Modem Filter;c:\windows\system32\drivers\s0017mdfl.sys [2008-11-23 15016]
S3 s0017mdm;Sony Ericsson Device 0017 USB WMC Modem Driver;c:\windows\system32\drivers\s0017mdm.sys [2008-11-23 114600]
S3 s0017mgmt;Sony Ericsson Device 0017 USB WMC Device Management Drivers (WDM);c:\windows\system32\drivers\s0017mgmt.sys [2008-11-23 108328]
S3 s0017nd5;Sony Ericsson Device 0017 USB Ethernet Emulation SEMC0017 (NDIS);c:\windows\system32\drivers\s0017nd5.sys [2008-11-23 26024]
S3 s0017obex;Sony Ericsson Device 0017 USB WMC OBEX Interface;c:\windows\system32\drivers\s0017obex.sys [2008-11-23 104616]
S3 s0017unic;Sony Ericsson Device 0017 USB Ethernet Emulation SEMC0017 (WDM);c:\windows\system32\drivers\s0017unic.sys [2008-11-23 109736]
S3 s1018bus;Sony Ericsson Device 1018 driver (WDM);c:\windows\system32\drivers\s1018bus.sys [2009-10-24 86824]
S3 s1018mdfl;Sony Ericsson Device 1018 USB WMC Modem Filter;c:\windows\system32\drivers\s1018mdfl.sys [2009-10-24 15016]
S3 s1018mdm;Sony Ericsson Device 1018 USB WMC Modem Driver;c:\windows\system32\drivers\s1018mdm.sys [2009-10-24 114728]
S3 s1018mgmt;Sony Ericsson Device 1018 USB WMC Device Management Drivers (WDM);c:\windows\system32\drivers\s1018mgmt.sys [2009-10-24 106208]
S3 s1018nd5;Sony Ericsson Device 1018 USB Ethernet Emulation (NDIS);c:\windows\system32\drivers\s1018nd5.sys [2009-10-24 26024]
S3 s1018obex;Sony Ericsson Device 1018 USB WMC OBEX Interface;c:\windows\system32\drivers\s1018obex.sys [2009-10-24 104744]
S3 s1018unic;Sony Ericsson Device 1018 USB Ethernet Emulation (WDM);c:\windows\system32\drivers\s1018unic.sys [2009-10-24 109864]
S3 s3017bus;Sony Ericsson Device 3017 driver (WDM);c:\windows\system32\drivers\s3017bus.sys [2008-11-13 83880]
S3 s3017mdfl;Sony Ericsson Device 3017 USB WMC Modem Filter;c:\windows\system32\drivers\s3017mdfl.sys [2008-11-13 15016]
S3 s3017mdm;Sony Ericsson Device 3017 USB WMC Modem Driver;c:\windows\system32\drivers\s3017mdm.sys [2008-11-13 110632]
S3 s3017mgmt;Sony Ericsson Device 3017 USB WMC Device Management Drivers (WDM);c:\windows\system32\drivers\s3017mgmt.sys [2008-11-13 104616]
S3 s3017nd5;Sony Ericsson Device 3017 USB Ethernet Emulation SEMC3017 (NDIS);c:\windows\system32\drivers\s3017nd5.sys [2008-11-13 25512]
S3 s3017obex;Sony Ericsson Device 3017 USB WMC OBEX Interface;c:\windows\system32\drivers\s3017obex.sys [2008-11-13 100648]
S3 s3017unic;Sony Ericsson Device 3017 USB Ethernet Emulation SEMC3017 (WDM);c:\windows\system32\drivers\s3017unic.sys [2008-11-13 110120]
S3 wlags48d;Agere Wireless PCCard Service;c:\windows\system32\drivers\wlags48d.sys [2004-5-28 153088]

============== File Associations ===============

JSEFile=NOTEPAD.EXE %1
VBEFile=NOTEPAD.EXE %1
VBSFile=NOTEPAD.EXE %1

=============== Created Last 30 ================

2010-07-03 09:49:07   0   d——-w-  c:\temp\85.tmp
2010-07-03 09:22:04   0   d——-w-  c:\temp\WPDNSE
2010-07-02 21:53:04   411368   ——a-w-  c:\windows\system32\deployJava1.dll
2010-07-02 19:43:09   0   d——-w-  c:\temp\HpUpdate
2010-07-02 19:41:17   0   d——-w-  c:\docume~1\sren~1\applic~1\HpUpdate
2010-07-02 19:10:19   0   d——-w-  c:\temp\HPSUDOQU.OCI
2010-07-01 14:52:00   1088   ——a-w-  C:\EBJKeystore.store.backup
2010-06-29 05:11:24   0   d——-w-  c:\temp\VBE
2010-06-26 14:24:13   0   d——-w-  c:\docume~1\alluse~1\applic~1\ZoomBrowser
2010-06-18 13:27:35   44544   ——a-w-  c:\windows\system32\drivers\azvusb.sys
2010-06-18 13:26:17   0   d——-w-  c:\docume~1\alluse~1\applic~1\MD 86097 W-LAN USB Remote Hub
2010-06-16 16:51:40   0   —-ha-w-  c:\windows\system32\drivers\Msft_User_WpdMtpDr_01_00_00.Wdf
2010-06-16 16:51:29   0   —-ha-w-  c:\windows\system32\drivers\Msft_Kernel_ccdcmb_01009.Wdf
2010-06-16 16:51:27   0   —-ha-w-  c:\windows\system32\drivers\MsftWdf_Kernel_01009_Coinstaller_Critical.Wdf
2010-06-16 16:46:59   0   d——-w-  c:\docume~1\alluse~1\applic~1\Nokia
2010-06-16 16:37:44   18816   ——a-w-  c:\windows\system32\drivers\pccsmcfd.sys
2010-06-16 16:37:22   0   d——-w-  c:\programmer\PC Connectivity Solution
2010-06-16 16:36:03   8320   ——a-w-  c:\windows\system32\drivers\nmwcdnsuc.sys
2010-06-16 16:36:01   137344   ——a-w-  c:\windows\system32\drivers\nmwcdnsu.sys
2010-06-16 16:35:57   8192   ——a-w-  c:\windows\system32\drivers\usbser_lowerfltj.sys
2010-06-16 16:35:54   8192   ——a-w-  c:\windows\system32\drivers\usbser_lowerflt.sys
2010-06-16 16:35:53   22528   ——a-w-  c:\windows\system32\drivers\ccdcmbo.sys
2010-06-16 16:35:48   662016   ——a-w-  c:\windows\system32\nmwcdcocls.dll
2010-06-16 16:35:48   18176   ——a-w-  c:\windows\system32\drivers\ccdcmb.sys
2010-06-16 16:35:48   1461992   ——a-w-  c:\windows\system32\wdfcoinstaller01009.dll
2010-06-10 19:36:53   3354   ——a-w-  c:\windows\system32\wbem\Outlook_01cb08d44796c706.mof
2010-06-10 14:46:48   743424   -c——w-  c:\windows\system32\dllcache\iedvtool.dll

==================== Find3M ====================

2010-06-30 18:39:27   511178   ——a-w-  C:\odinback.ZIP
2010-06-23 23:48:01   85386   ——a-w-  c:\windows\system32\perfc006.dat
2010-06-23 23:48:01   461036   ——a-w-  c:\windows\system32\perfh006.dat
2010-06-17 23:01:44   6144   —sha-w-  c:\programmer\Thumbs.db
2010-05-06 10:34:44   916480   ——a-w-  c:\windows\system32\wininet.dll
2010-05-05 07:20:10   97549   ——a-w-  c:\windows\system32\drivers\klick.dat
2010-05-05 07:20:10   113933   ——a-w-  c:\windows\system32\drivers\klin.dat
2010-05-02 08:09:40   1851264   ——a-w-  c:\windows\system32\win32k.sys
2010-04-20 05:31:39   285696   ——a-w-  c:\windows\system32\atmfd.dll
2008-07-17 21:45:49   88   —sh—r-  c:\windows\system32\BABA6EB5B5.sys
2006-08-22 23:52:04   5   —sh—w-  c:\windows\system32\caad9_g.dll
2009-01-25 17:15:41   8   —sh—r-  c:\windows\system32\D4C44A8D89.sys
2009-01-25 17:17:41   3870   —sh—w-  c:\windows\system32\KGyGaAvL.sys
2008-05-08 21:36:41   32768   —sha-w-  c:\windows\system32\config\systemprofile\lokale indstillinger\oversigt\history.ie5\mshist012008050820080509\index.dat
2010-01-04 22:51:26   7386656   —sha-w-  c:\windows\system32\drivers\fidbox.dat
2010-01-04 22:51:26   1458208   —sha-w-  c:\windows\system32\drivers\fidbox2.dat

============= FINISH: 11:52:21,37 ===============

Antal indlæg: 105

UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT

DDS (Ver_10-03-17.01)

Microsoft Windows XP Home Edition
Boot Device: \Device\HarddiskVolume1
Install Date: 28-06-2005 19:07:56
System Uptime: 07-03-2010 11:19:45 (2832 hours ago)

Motherboard: MICRO-STAR INTERNATIONAL CO., LTD |  | MS-7010
Processor: AMD Athlon(tm) 64 Processor 3000+ | Socket 754 | 2004/201mhz

==== Disk Partitions =========================

C: is FIXED (NTFS) - 73 GiB total, 12,52 GiB free.
D: is FIXED (NTFS) - 72 GiB total, 30,676 GiB free.
E: is FIXED (FAT32) - 4 GiB total, 1,828 GiB free.
F: is CDROM ()
G: is CDROM ()
J: is Removable
K: is Removable
L: is Removable
M: is Removable
P: is FIXED (NTFS) - 112 GiB total, 87,118 GiB free.

==== Disabled Device Manager Items =============

Class GUID: {4D36E96C-E325-11CE-BFC1-08002BE10318}
Description: Creative AudioPCI (ES1371,ES1373) (WDM)
Device ID: PCI\VEN_1274&DEV;_5880&SUBSYS;_20001274&REV;_02\3&13C0B0C5;&0&28;
Manufacturer: Creative Technology Ltd.
Name: Creative AudioPCI (ES1371,ES1373) (WDM)
PNP Device ID: PCI\VEN_1274&DEV;_5880&SUBSYS;_20001274&REV;_02\3&13C0B0C5;&0&28;
Service: es1371

Class GUID: {EEC5AD98-8080-425F-922A-DABF3DE3F69A}
Description: Nokia X3-00
Device ID: ROOT\WPD\0000
Manufacturer: Nokia
Name: Nokia X3-00
PNP Device ID: ROOT\WPD\0000
Service: WUDFRd

==== System Restore Points ===================

RP307: 12-06-2010 22:53:22 - Systemkontrolpunkt
RP308: 16-06-2010 18:51:19 - Installed Windows XP Wdf01009.
RP309: 18-06-2010 15:27:33 - Installeret MD 86097 W-LAN USB Remote Hub
RP310: 20-06-2010 22:59:58 - Systemkontrolpunkt
RP311: 24-06-2010 01:05:38 - Installed Adobe Photoshop Elements 6.0.
RP312: 24-06-2010 01:42:09 - Software Distribution Service 3.0
RP313: 25-06-2010 18:11:08 - Systemkontrolpunkt
RP314: 30-06-2010 02:14:09 - Systemkontrolpunkt
RP315: 30-06-2010 06:21:05 - Removed HPSSupply
RP316: 30-06-2010 06:21:57 - Fjernet MD 86097 W-LAN USB Remote Hub
RP317: 30-06-2010 06:26:44 - Removed Ulead COOL 360
RP318: 30-06-2010 06:32:14 - Removed ShareSwitch
RP319: 30-06-2010 06:33:09 - Fjernede Safari
RP320: 02-07-2010 21:41:39 - Removed HP Update
RP321: 02-07-2010 21:47:28 - Installed 32 Bit HP CIO Components Installer
RP322: 02-07-2010 23:51:49 - Installed Java(TM) 6 Update 20

==== Installed Programs ======================


32 Bit HP CIO Components Installer
Adobe Acrobat - Reader 6.0.2 Update
Adobe Acrobat 6.0.1 Standard
Adobe Acrobat and Reader 6.0.3 Update
Adobe Acrobat and Reader 6.0.4 Update
Adobe Acrobat and Reader 6.0.5 Update
Adobe Acrobat and Reader 6.0.6 Update
Adobe AIR
Adobe Atmosphere Player for Acrobat and Adobe Reader
Adobe Flash Player 10 ActiveX
Adobe Flash Player 10 Plugin
Adobe Media Player
Adobe PageMaker 6.5
Adobe Photoshop Elements 6.0
Adobe Reader 9.3.3 - Dansk
Adobe Reader Chinese Traditional Fonts
Adobe Shockwave Player 11.5
Adobe SVG Viewer 3.0
Alt-Tab Task Switcher Powertoy for Windows XP
Apple Application Support
Apple Software Update
Audacity 1.2.6
Bagudkompatibilitet i Windows Rights Management-klient SP2
Bonjour
Brother BRAdmin Professional 2.81
Brother Driver Deployment Wizard
Brother HL-5280DW
Brother MFL-Pro Suite
Brother MFL-Pro Suite MFC-6490CW
Bulk Rename Utility 2, 3, 5, 0
C-Media 3D Audio
C-Media WDM Audio Driver
CA Licensing
Canon Camera Access Library
Canon Camera Support Core Library
Canon CanoScan Toolbox 4.6
Canon G.726 WMP-Decoder
CANON iMAGE GATEWAY Task for ZoomBrowser EX
Canon Internet Library for ZoomBrowser EX
Canon MOV Decoder
Canon MOV Encoder
Canon MovieEdit Task for ZoomBrowser EX
Canon PIXMA iP4000
Canon RAW Codec
Canon RAW Image Task for ZoomBrowser EX
Canon Utilities CameraWindow
Canon Utilities CameraWindow DC
Canon Utilities CameraWindow DC_DV 5 for ZoomBrowser EX
Canon Utilities CameraWindow DC_DV 6 for ZoomBrowser EX
Canon Utilities Digital Photo Professional 3.7
Canon Utilities Easy-PhotoPrint
Canon Utilities Easy-PrintToolBox
Canon Utilities EOS Utility
Canon Utilities MyCamera
Canon Utilities MyCamera DC
Canon Utilities Original Data Security Tools
Canon Utilities PhotoStitch
Canon Utilities Picture Style Editor
Canon Utilities RemoteCapture DC
Canon Utilities RemoteCapture Task for ZoomBrowser EX
Canon Utilities WFT-E1/E2/E3/E4/E5 Utility
Canon Utilities ZoomBrowser EX
Canon ZoomBrowser EX Memory Card Utility
CCleaner
CD-LabelPrint
CDex extraction audio
ChessBase Light 2007
Citrix Presentation Server Client - Web Only
Citrix XenApp Web Plugin
ClearType Tuning Control Panel Applet
CmdHere Powertoy For Windows XP
Compatibility Pack for the 2007 Office system
ConvertHelper 2.2
Creatix V.9X DSP Data Fax Modem
Cryptainer PE
Defraggler
DesignPro 5
Destinator Console Installation
Digital Signatur
DigitImg
Disc2Phone
DVD Shrink 3.2
DYMO Label Software
Easy-WebPrint
Feed Detector (Windows Live Toolbar)
FireShot for Internet Explorer
Forté Agent
Fremhævelsesvisning (Windows Live Toolbar)
Fritz 5.32
Futuremark SystemInfo
Garmin Training Center
Garmin USB Drivers
Garmin WebUpdater
GdiplusUpgrade
Google Chrome
Google Earth
Google Toolbar for Internet Explorer
Google Update Helper
HighMAT-udvidelse til Guiden Cd-skrivning til Microsoft Windows XP
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)
Hotfix for Windows Media Format 11 SDK (KB929399)
Hotfix for Windows XP (KB915800-v4)
Hotfix for Windows XP (KB954550-v5)
Hotfix for Windows XP (KB976002-v5)
Hotfix til Windows Internet Explorer 7 (KB947864)
Hotfix til Windows Media Player 11 (KB939683)
Hotfix til Windows XP (KB942288-v3)
Hotfix til Windows XP (KB952287)
Hotfix til Windows XP (KB961118)
Hotfix til Windows XP (KB970653-v3)
Hotfix til Windows XP (KB976098-v2)
Hotfix til Windows XP (KB979306)
Hotfix til Windows XP (KB981793)
HP Color LaserJet CP1510 Series 4.0
HP Customer Participation Program 9.0
HP Software Update
HP Update
hppFonts
hppManualsCP1510
hppPQVideoCP1510
hppTLBXFXCP1510
hppusgCP1510
hpzTLBXFX
IconLover
Image Resizer Powertoy for Windows XP
Image Web Server IE Plugins 1,7,1,43
Internet Library
iolo technologies’ System Mechanic 7
Java Auto Updater
Java(TM) 6 Update 20
Junk Mail filter update
Kaspersky Internet Security 2010
LightScribe 1.4.136.1
Magnifier Powertoy for Windows XP
Manual CanoScan 4200F
MarketResearch
MD Simple Burner 2.0.05
Media Go
Medion Flash XL
MetaFrame Presentation Server Web Client for Win32
MetaProducts Download Express
MetaProducts Inquiry
MetaProducts Inquiry Standard Edition 1.8 SR3
MetaProducts MetaProducts Offline Explorer
MetaProducts Offline Explorer
Microsoft .NET Framework 1.1
Microsoft .NET Framework 1.1 Danish Language Pack
Microsoft .NET Framework 1.1 Security Update (KB979906)
Microsoft .NET Framework 2.0 Service Pack 2
Microsoft .NET Framework 2.0 Service Pack 2 Language Pack - DAN
Microsoft .NET Framework 3.0 Service Pack 2
Microsoft .NET Framework 3.0 Service Pack 2 Language Pack - DAN
Microsoft .NET Framework 3.5 Language Pack SP1 - dan
Microsoft .NET Framework 3.5 SP1
Microsoft Application Error Reporting
Microsoft Choice Guard
Microsoft Compression Client Pack 1.0 for Windows XP
Microsoft IntelliPoint 6.3
Microsoft IntelliType Pro 6.3
Microsoft Internationalized Domain Names Mitigation APIs
Microsoft Kernel-Mode Driver Framework Feature Pack 1.5
Microsoft Kernel-Mode Driver Framework Feature Pack 1.7
Microsoft Kernel-Mode Driver Framework Feature Pack 1.9
Microsoft National Language Support Downlevel APIs
Microsoft Office 2003 Primary Interop Assemblies
Microsoft Office 2003 Resource Kit
Microsoft Office Access 2003
Microsoft Office FrontPage 2003
Microsoft Office Live Add-in 1.3
Microsoft Office Standard Edition 2003
Microsoft Photo Info
Microsoft Producer for Microsoft Office PowerPoint 2003
Microsoft Search Enhancement Pack
Microsoft Silverlight
Microsoft SQL Server 2005 Compact Edition [ENU]
Microsoft Sync Framework Runtime Native v1.0 (x86)
Microsoft Sync Framework Services Native v1.0 (x86)
Microsoft User-Mode Driver Framework Feature Pack 1.7
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
Microsoft Visual Studio 2005 Tools for Office Runtime
Microsoft Windows Journal Viewer
Microsoft Windows XP Video Decoder Checkup Utility
Microsoft XML Parser
MovieEdit Task
Mozilla Firefox (3.6.6)
MSVC80_x86
MSVC80_x86_v2
MSVC90_x86
MSVCRT
MSXML 4.0 SP2 (KB927978)
MSXML 4.0 SP2 (KB936181)
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
Multimedia Keyboard Driver
Musicmatch® Jukebox
Natural Color Pro
Nero 8
neroxml
Networking USB Server
Nokia Connectivity Cable Driver
Nokia PC Suite
Nokia Software Updater
Nokia_Multimedia_Common_Components_2_5
NVIDIA Drivers
OGA Notifier 1.7.0105.35.0
OmniPage Pro 12.0
Opdatering til Windows Internet Explorer 7 (KB976749)
Opdatering til Windows Internet Explorer 8 (KB976662)
Opdatering til Windows Internet Explorer 8 (KB978506)
Opdatering til Windows Internet Explorer 8 (KB980182)
Opdatering til Windows XP (KB951072-v2)
Opdatering til Windows XP (KB951978)
Opdatering til Windows XP (KB955759)
Opdatering til Windows XP (KB955839)
Opdatering til Windows XP (KB961503)
Opdatering til Windows XP (KB967715)
Opdatering til Windows XP (KB968389)
Opdatering til Windows XP (KB971737)
Opdatering til Windows XP (KB973687)
Opdatering til Windows XP (KB973815)
OpenMG Limited Patch 4.7-07-14-05-01
OpenMG Secure Module 4.4.00
OpenMG Secure Module 4.5.01
OpenMG Secure Module 4.7.00
Overførselsværktøj til Windows Live
PaperPort Image Printer
PC’en
PC Connectivity Solution
PC Inspector File Recovery
PC Inspector smart recovery
PC Suite for Sony Ericsson
PGP Desktop
Photodex Presenter
Photosmart 140,240,7200,7600,7700,7900 Series
PL-2303 USB-to-Serial
PlayStation(R)Network Downloader
PlayStation(R)Store
Pop op-blokering (Windows Live Toolbar)
PrintParade Studio
Product_SF_Min_QFolder
PS140
PSShortcuts
PSUsage
QFolder
QuickTime
RAW Image Task 1.1
RAW Thumbnail Viewer
RegScrubXP 3.25
RemoteCapture Task 1.0.3
ScanSoft PaperPort 11
ScanSoft RealSpeak
Security Update for CAPICOM (KB931906)
Security Update for Step By Step Interactive Training (KB898458)
Security Update for Step By Step Interactive Training (KB923723)
Segoe UI
Shockwave
Sikkerhedskopiering af private mapper i Microsoft Outlook
Sikkerhedskopiering til Windows
Sikkerhedsopdatering for Windows Media Player 9 Series (KB969878)
Sikkerhedsopdatering til Windows Internet Explorer 7 (KB928090)
Sikkerhedsopdatering til Windows Internet Explorer 7 (KB929969)
Sikkerhedsopdatering til Windows Internet Explorer 7 (KB931768)
Sikkerhedsopdatering til Windows Internet Explorer 7 (KB933566)
Sikkerhedsopdatering til Windows Internet Explorer 7 (KB937143)
Sikkerhedsopdatering til Windows Internet Explorer 7 (KB938127)
Sikkerhedsopdatering til Windows Internet Explorer 7 (KB939653)
Sikkerhedsopdatering til Windows Internet Explorer 7 (KB942615)
Sikkerhedsopdatering til Windows Internet Explorer 7 (KB944533)
Sikkerhedsopdatering til Windows Internet Explorer 7 (KB950759)
Sikkerhedsopdatering til Windows Internet Explorer 7 (KB953838)
Sikkerhedsopdatering til Windows Internet Explorer 7 (KB956390)
Sikkerhedsopdatering til Windows Internet Explorer 7 (KB958215)
Sikkerhedsopdatering til Windows Internet Explorer 7 (KB960714)
Sikkerhedsopdatering til Windows Internet Explorer 7 (KB961260)
Sikkerhedsopdatering til Windows Internet Explorer 7 (KB963027)
Sikkerhedsopdatering til Windows Internet Explorer 7 (KB969897)
Sikkerhedsopdatering til Windows Internet Explorer 7 (KB972260)
Sikkerhedsopdatering til Windows Internet Explorer 7 (KB974455)
Sikkerhedsopdatering til Windows Internet Explorer 7 (KB976325)
Sikkerhedsopdatering til Windows Internet Explorer 7 (KB978207)
Sikkerhedsopdatering til Windows Internet Explorer 8 (KB971961)
Sikkerhedsopdatering til Windows Internet Explorer 8 (KB976325)
Sikkerhedsopdatering til Windows Internet Explorer 8 (KB978207)
Sikkerhedsopdatering til Windows Internet Explorer 8 (KB981332)
Sikkerhedsopdatering til Windows Internet Explorer 8 (KB982381)
Sikkerhedsopdatering til Windows Media Encoder (KB954156)
Sikkerhedsopdatering til Windows Media Encoder (KB979332)
Sikkerhedsopdatering til Windows Media Player (KB911564)
Sikkerhedsopdatering til Windows Media Player (KB952069)
Sikkerhedsopdatering til Windows Media Player (KB954155)
Sikkerhedsopdatering til Windows Media Player (KB968816)
Sikkerhedsopdatering til Windows Media Player (KB973540)
Sikkerhedsopdatering til Windows Media Player (KB978695)
Sikkerhedsopdatering til Windows Media Player 10 (KB911565)
Sikkerhedsopdatering til Windows Media Player 10 (KB917734)
Sikkerhedsopdatering til Windows Media Player 11 (KB936782)
Sikkerhedsopdatering til Windows Media Player 11 (KB954154)
Sikkerhedsopdatering til Windows Media Player 6.4 (KB925398)
Sikkerhedsopdatering til Windows XP (KB923561)
Sikkerhedsopdatering til Windows XP (KB938464)
Sikkerhedsopdatering til Windows XP (KB941569)
Sikkerhedsopdatering til Windows XP (KB946648)
Sikkerhedsopdatering til Windows XP (KB950760)
Sikkerhedsopdatering til Windows XP (KB950762)
Sikkerhedsopdatering til Windows XP (KB950974)
Sikkerhedsopdatering til Windows XP (KB951066)
Sikkerhedsopdatering til Windows XP (KB951376-v2)
Sikkerhedsopdatering til Windows XP (KB951376)
Sikkerhedsopdatering til Windows XP (KB951698)
Sikkerhedsopdatering til Windows XP (KB951748)
Sikkerhedsopdatering til Windows XP (KB952004)
Sikkerhedsopdatering til Windows XP (KB952954)
Sikkerhedsopdatering til Windows XP (KB953839)
Sikkerhedsopdatering til Windows XP (KB954211)
Sikkerhedsopdatering til Windows XP (KB954459)
Sikkerhedsopdatering til Windows XP (KB954600)
Sikkerhedsopdatering til Windows XP (KB955069)
Sikkerhedsopdatering til Windows XP (KB956391)
Sikkerhedsopdatering til Windows XP (KB956572)
Sikkerhedsopdatering til Windows XP (KB956744)
Sikkerhedsopdatering til Windows XP (KB956802)
Sikkerhedsopdatering til Windows XP (KB956803)
Sikkerhedsopdatering til Windows XP (KB956841)
Sikkerhedsopdatering til Windows XP (KB956844)
Sikkerhedsopdatering til Windows XP (KB957095)
Sikkerhedsopdatering til Windows XP (KB957097)
Sikkerhedsopdatering til Windows XP (KB958644)
Sikkerhedsopdatering til Windows XP (KB958687)
Sikkerhedsopdatering til Windows XP (KB958690)
Sikkerhedsopdatering til Windows XP (KB958869)
Sikkerhedsopdatering til Windows XP (KB959426)
Sikkerhedsopdatering til Windows XP (KB960225)
Sikkerhedsopdatering til Windows XP (KB960715)
Sikkerhedsopdatering til Windows XP (KB960803)
Sikkerhedsopdatering til Windows XP (KB960859)
Sikkerhedsopdatering til Windows XP (KB961371)
Sikkerhedsopdatering til Windows XP (KB961373)
Sikkerhedsopdatering til Windows XP (KB961501)
Sikkerhedsopdatering til Windows XP (KB968537)
Sikkerhedsopdatering til Windows XP (KB969059)
Sikkerhedsopdatering til Windows XP (KB969898)
Sikkerhedsopdatering til Windows XP (KB969947)
Sikkerhedsopdatering til Windows XP (KB970238)
Sikkerhedsopdatering til Windows XP (KB970430)
Sikkerhedsopdatering til Windows XP (KB971468)
Sikkerhedsopdatering til Windows XP (KB971486)
Sikkerhedsopdatering til Windows XP (KB971557)
Sikkerhedsopdatering til Windows XP (KB971633)
Sikkerhedsopdatering til Windows XP (KB971657)
Sikkerhedsopdatering til Windows XP (KB971961)
Sikkerhedsopdatering til Windows XP (KB972270)
Sikkerhedsopdatering til Windows XP (KB973346)
Sikkerhedsopdatering til Windows XP (KB973354)
Sikkerhedsopdatering til Windows XP (KB973507)
Sikkerhedsopdatering til Windows XP (KB973525)
Sikkerhedsopdatering til Windows XP (KB973869)
Sikkerhedsopdatering til Windows XP (KB973904)
Sikkerhedsopdatering til Windows XP (KB974112)
Sikkerhedsopdatering til Windows XP (KB974318)
Sikkerhedsopdatering til Windows XP (KB974392)
Sikkerhedsopdatering til Windows XP (KB974571)
Sikkerhedsopdatering til Windows XP (KB975025)
Sikkerhedsopdatering til Windows XP (KB975467)
Sikkerhedsopdatering til Windows XP (KB975560)
Sikkerhedsopdatering til Windows XP (KB975561)
Sikkerhedsopdatering til Windows XP (KB975562)
Sikkerhedsopdatering til Windows XP (KB975713)
Sikkerhedsopdatering til Windows XP (KB977165)
Sikkerhedsopdatering til Windows XP (KB977816)
Sikkerhedsopdatering til Windows XP (KB977914)
Sikkerhedsopdatering til Windows XP (KB978037)
Sikkerhedsopdatering til Windows XP (KB978251)
Sikkerhedsopdatering til Windows XP (KB978262)
Sikkerhedsopdatering til Windows XP (KB978338)
Sikkerhedsopdatering til Windows XP (KB978542)
Sikkerhedsopdatering til Windows XP (KB978601)
Sikkerhedsopdatering til Windows XP (KB978706)
Sikkerhedsopdatering til Windows XP (KB979309)
Sikkerhedsopdatering til Windows XP (KB979482)
Sikkerhedsopdatering til Windows XP (KB979559)
Sikkerhedsopdatering til Windows XP (KB979683)
Sikkerhedsopdatering til Windows XP (KB980195)
Sikkerhedsopdatering til Windows XP (KB980218)
Sikkerhedsopdatering til Windows XP (KB980232)
SonicStage 4.3
Sony Ericsson PC Suite 6.009.00
Sony Ericsson Symbian 9 Drivers
Sound Blaster AUDIOPCI128
Speccy
Spelling Dictionaries Support For Adobe Reader 9
Sprogpakke til Microsoft .NET Framework 3.5 SP1 - dansk
Stone’s KeyKeeper 1.1
Stone’s KopiKontrol 2.1
Stone’s MovieManager 3.3.1
Stone’s WebWriter 4.0.9
SWF Opener
Tilmeldingsassistent til Windows Live
TomTom HOME 2.7.4.1962
TomTom HOME Visual Studio Merge Modules
Tweak UI
Ulead Photo Explorer 8.6
Ulead PhotoImpact 11
Update for Microsoft .NET Framework 3.5 SP1 (KB963707)
Update Service
VCRedistSetup
Vigtig opdatering til Windows Media Player 11 (KB959772)
Virtools 3D Life Player
Virtual Desktop Manager Powertoy for Windows XP
Visual Studio 2005 Tools for Office Second Edition Runtime
Watchtower Library 2001 - Dansk
Watchtower Library 2005 - English Edition
WebFldrs XP
WebReg
Windows-driverpakke - Nokia Modem (06/01/2009 7.01.0.4)
Windows-driverpakke - Nokia Modem (10/05/2009 4.2)
Windows-driverpakke - Nokia pccsmcfd (08/22/2008 7.0.0.0)
Windows Driver Package - Garmin (grmnusb) GARMIN Devices (06/03/2009 2.3.0.0)
Windows Genuine Advantage v1.3.0254.0
Windows Genuine Advantage Validation Tool (KB892130)
Windows Imaging Component
Windows Internet Explorer 7
Windows Internet Explorer 8
Windows Live Communications Platform
Windows Live Essentials
Windows Live Family Safety
Windows Live Mail
Windows Live Messenger
Windows Live Outlook Toolbar (Windows Live Toolbar)
Windows Live Photo Gallery
Windows Live Sync
Windows Live Toolbar
Windows Live Writer
Windows Media Encoder 9 Series
Windows Media Format 11 runtime
Windows Media Player 11
Windows Media Player Firefox Plugin
Windows Movie Maker 2.0
Windows Rights Management-klient med Service Pack 2
Windows XP Hotfix - KB834707
Windows XP Service Pack 3
WinRAR arkivering
X10 Hardware(TM)
XML Paper Specification Shared Components Language Pack 1.0

==== End Of File ===========================

Antal indlæg: 105

Mellem min trådstart og ovenstående til log-filer har jeg gjort følgende:

Kørt JavaRa til at fjerne gamle Java-versioner, der var enkelte.
Fjernet programmet WinDVD Recorder
Kørt CCleaner som beskrevet.

Administrator
Avatar
Antal indlæg: 36422

Ok. Men du har nogen mistænkelige filer, så send lige en combolog herind ->


Hent Combofix, og gem den på dit skrivebord, som alg.exe:
ComboFix


Luk alle andre vinduer ned.

Kør så combofix.exe, og følg anvisningerne.

Du må ikke klikke på vinduet imens værktøjet kører, idet det kan få din computer til at fryse.

Når Combofix er færdig, og efter det (muligvis) har genstartet, skulle der gerne åbnes en logfil: combofix.txt som ligger her C: Combofix txt

Indholdet af denne fil må du gerne lægge herind

Da de er forholdsvis lange, kan du blive nødt til at sende dem i flere indlæg.

Signatur

Download IKKE Programmer fra Disse  suspekte sider

Antal indlæg: 105

Hej igen,

Jeg ved ikke om eller hvordan det har betydning, men jeg måtte opgive at hente combofix fra denne pc, og gøre det fra en anden.

Under scanning kom en meddelelse om muligt roodkit og pc genstartede.

Efter genstart og mens eller efter nedenstående logfil blev skrevet kom der en Windows fejlmeddelelse om, at programmet “PEV.cfxxe” var blevet lukket pga en fejl.

Efter genstart er problemet det samme. CPU kører fortsat 100% stort set hele tiden og det er samme treprogrammer der tilsyneladende bruger ressourcerne:

service.exe
apdproxy.exe
avp.exe

———————

ComboFix 10-07-01.02 - Søren 03-07-2010 21:27:05.1.1 - x86
Microsoft Windows XP Home Edition 5.1.2600.3.1252.45.1030.18.2047.1564 [GMT 2:00]
Kører fra: c:\documents and settings\Søren\Skrivebord\ComboFix.exe
AV: Kaspersky Internet Security *On-access scanning disabled* (Updated) {2C4D4BC6-0793-4956-A9F9-E252435469C0}
FW: Kaspersky Internet Security *disabled* {2C4D4BC6-0793-4956-A9F9-E252435469C0}
.

(((((((((((((((((((((((((((((((((((((((  Andet, der er slettet   )))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\documents and settings\All Users\Application Data\hpe17.dll
C:\Thumbs.db
c:\windows\system32\encapi32.dll
c:\windows\system32\Thumbs.db

.
(((((((((((((((((((((((((((((  Filer skabt fra 2010-06-03 til 2010-07-03 )))))))))))))))))))))))))))))))))))
.

2010-07-03 19:50 . 2010-07-03 19:50   0   ——a-w-  c:\temp\4ndliv6p.dll
2010-07-03 19:50 . 2010-07-03 19:50   0   ——a-w-  c:\temp\c1pmedmz.dll
2010-07-03 19:46 . 2010-07-03 19:46   ————  d——-w-  c:\temp\WPDNSE
2010-07-03 19:45 . 2010-07-03 19:45   53248   ——a-w-  c:\temp\catchme.dll
2010-07-03 09:54 . 2010-07-03 09:54   ————  d——-w-  c:\temp\hsperfdata_Søren
2010-07-03 09:49 . 2010-07-03 19:39   ————  d——-w-  c:\temp\85.tmp
2010-07-02 21:53 . 2010-04-12 15:29   411368   ——a-w-  c:\windows\system32\deployJava1.dll
2010-07-02 19:43 . 2010-07-02 22:47   ————  d——-w-  c:\temp\HpUpdate
2010-07-02 19:10 . 2010-07-03 19:39   ————  d——-w-  c:\temp\HPSUDOQU.OCI
2010-06-29 05:11 . 2010-07-03 19:39   ————  d——-w-  c:\temp\VBE
2010-06-26 14:24 . 2010-06-26 14:24   ————  d——-w-  c:\documents and settings\All Users\Application Data\ZoomBrowser
2010-06-18 13:27 . 2009-08-13 17:27   44544   ——a-w-  c:\windows\system32\drivers\azvusb.sys
2010-06-18 13:26 . 2010-06-18 13:26   ————  d——-w-  c:\documents and settings\All Users\Application Data\MD 86097 W-LAN USB Remote Hub
2010-06-16 16:46 . 2010-06-16 16:46   ————  d——-w-  c:\documents and settings\All Users\Application Data\Nokia
2010-06-16 16:37 . 2008-08-26 08:26   18816   ——a-w-  c:\windows\system32\drivers\pccsmcfd.sys
2010-06-16 16:37 . 2010-06-16 16:37   ————  d——-w-  c:\programmer\PC Connectivity Solution
2010-06-16 16:36 . 2010-02-26 12:21   8320   ——a-w-  c:\windows\system32\drivers\nmwcdnsuc.sys
2010-06-16 16:36 . 2010-02-26 12:21   137344   ——a-w-  c:\windows\system32\drivers\nmwcdnsu.sys
2010-06-16 16:35 . 2010-02-26 12:32   8192   ——a-w-  c:\windows\system32\drivers\usbser_lowerfltj.sys
2010-06-16 16:35 . 2010-02-26 12:32   8192   ——a-w-  c:\windows\system32\drivers\usbser_lowerflt.sys
2010-06-16 16:35 . 2010-02-26 12:32   22528   ——a-w-  c:\windows\system32\drivers\ccdcmbo.sys
2010-06-16 16:35 . 2010-02-26 12:32   662016   ——a-w-  c:\windows\system32\nmwcdcocls.dll
2010-06-16 16:35 . 2010-02-26 12:32   18176   ——a-w-  c:\windows\system32\drivers\ccdcmb.sys
2010-06-16 16:35 . 2010-02-26 12:19   1461992   ——a-w-  c:\windows\system32\wdfcoinstaller01009.dll
2010-06-13 20:35 . 2010-06-13 20:35   ————  d——-w-  c:\temp\nro.log
2010-06-10 14:46 . 2010-05-06 10:34   743424   -c——w-  c:\windows\system32\dllcache\iedvtool.dll

.
((((((((((((((((((((((((((((((((((((((((  Find3M Rapport   ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-07-03 19:47 . 2009-01-02 00:30   ————  d——-w-  c:\documents and settings\All Users\Application Data\Kaspersky Lab
2010-07-02 22:04 . 2005-06-28 22:52   ————  d——-w-  c:\programmer\InterVideo
2010-07-02 21:54 . 2007-03-06 22:07   ————  d——-w-  c:\programmer\Fælles filer\Java
2010-07-02 21:52 . 2007-03-06 22:07   ————  d——-w-  c:\programmer\Java
2010-07-02 21:22 . 2005-06-29 15:15   ————  d——-w-  c:\programmer\Fælles filer\InterVideo
2010-07-02 19:41 . 2006-04-30 20:13   ————  d——-w-  c:\programmer\Hewlett-Packard
2010-07-02 19:41 . 2006-04-30 20:16   ————  d——-w-  c:\programmer\HP
2010-06-30 22:43 . 2006-06-04 08:55   ————  d——-w-  c:\programmer\RegScrubXP
2010-06-30 18:39 . 2008-06-20 07:53   511178   ——a-w-  C:\odinback.ZIP
2010-06-30 04:30 . 2003-09-18 10:59   ————  d—h—w-  c:\programmer\InstallShield Installation Information
2010-06-28 21:24 . 2006-01-01 20:29   ————  d——-w-  c:\programmer\CCleaner
2010-06-26 14:29 . 2005-07-02 23:01   ————  d——-w-  c:\programmer\Canon
2010-06-23 23:48 . 2003-09-18 08:28   85386   ——a-w-  c:\windows\system32\perfc006.dat
2010-06-23 23:48 . 2003-09-18 08:28   461036   ——a-w-  c:\windows\system32\perfh006.dat
2010-06-23 23:19 . 2003-09-18 10:52   ————  d——-w-  c:\programmer\Fælles filer\Adobe
2010-06-23 21:55 . 2010-06-23 21:55   501936   ——a-w-  c:\documents and settings\All Users\Application Data\Google\Google Toolbar\Update\gtb90.tmp.exe
2010-06-17 23:01 . 2005-09-10 11:33   6144   —sha-w-  c:\programmer\Thumbs.db
2010-06-16 16:51 . 2010-06-16 16:51   0   —-ha-w-  c:\windows\system32\drivers\Msft_User_WpdMtpDr_01_00_00.Wdf
2010-06-16 16:51 . 2010-06-16 16:51   0   —-ha-w-  c:\windows\system32\drivers\Msft_Kernel_ccdcmb_01009.Wdf
2010-06-16 16:51 . 2010-06-16 16:51   0   —-ha-w-  c:\windows\system32\drivers\MsftWdf_Kernel_01009_Coinstaller_Critical.Wdf
2010-06-16 16:34 . 2010-04-30 19:33   ————  d——-w-  c:\programmer\Nokia
2010-06-16 16:33 . 2010-04-30 19:36   ————  d——-w-  c:\programmer\Fælles filer\Nokia
2010-06-16 16:32 . 2010-06-16 16:32   36864   ——a-w-  c:\documents and settings\All Users\Application Data\Installations\{09C468CA-2940-466A-AAE8-DCC0C6E9323C}\Installer\CommonCustomActions\Sleep.exe
2010-06-16 16:32 . 2010-06-16 16:32   3351812   ——a-w-  c:\documents and settings\All Users\Application Data\Installations\{09C468CA-2940-466A-AAE8-DCC0C6E9323C}\Installer\CommonCustomActions\msxml6Exec.exe
2010-06-16 16:32 . 2010-06-16 16:32   3203453   ——a-w-  c:\documents and settings\All Users\Application Data\Installations\{09C468CA-2940-466A-AAE8-DCC0C6E9323C}\Installer\CommonCustomActions\vcredistExec.exe
2010-06-16 16:32 . 2010-04-30 20:14   ————  d——-w-  c:\documents and settings\All Users\Application Data\Installations
2010-06-16 16:31 . 2010-06-16 16:32   35638216   ——a-w-  c:\documents and settings\All Users\Application Data\Installations\{09C468CA-2940-466A-AAE8-DCC0C6E9323C}\NokiaSoftwareUpdaterSetup_da.exe
2010-06-15 15:01 . 2010-06-15 15:01   133648   ——a-w-  c:\documents and settings\All Users\Application Data\Kaspersky Lab\AVP9\Data\Updater\Temporary Files\rollback\patch\AutoPatches\kav9exec\9.0.0.736\mmpprtc.dll
2010-06-15 15:01 . 2010-06-15 15:01   133720   ——a-w-  c:\documents and settings\All Users\Application Data\Kaspersky Lab\AVP9\Data\Updater\Temporary Files\temporaryFolder\AutoPatches\kav9exec\9.0.0.736\mmpprtc.dll
2010-06-04 23:16 . 2008-01-22 19:42   ————  d——-w-  c:\programmer\Microsoft Silverlight
2010-05-26 20:47 . 2010-03-08 20:58   ————  d——-w-  c:\programmer\FireShot for IE
2010-05-16 20:58 . 2005-06-29 15:08   ————  d——-w-  c:\programmer\Google
2010-05-06 23:47 . 2010-05-06 23:47   ————  d——-w-  c:\programmer\Fælles filer\PCSuite
2010-05-06 23:45 . 2010-05-06 23:45   95232   ——a-w-  c:\documents and settings\All Users\Application Data\Installations\{19DC9559-9C20-4A46-A67D-7ECBA52A2788}\Installer\CommonCustomActions\pcswpcsi.exe
2010-05-06 23:45 . 2010-05-06 23:45   8192   ——a-w-  c:\documents and settings\All Users\Application Data\Installations\{19DC9559-9C20-4A46-A67D-7ECBA52A2788}\Installer\CommonCustomActions\UninstCCD.exe
2010-05-06 23:45 . 2010-05-06 23:45   61440   ——a-w-  c:\documents and settings\All Users\Application Data\Installations\{19DC9559-9C20-4A46-A67D-7ECBA52A2788}\Installer\CommonCustomActions\UninstPCSFEMsi.exe
2010-05-06 23:45 . 2010-05-06 23:45   10240   ——a-w-  c:\documents and settings\All Users\Application Data\Installations\{19DC9559-9C20-4A46-A67D-7ECBA52A2788}\Installer\CommonCustomActions\UninstPCS.exe
2010-05-06 22:59 . 2010-05-06 22:59   12212040   ——a-w-  c:\documents and settings\All Users\Application Data\OviInstallerCache\{DEE1E2E5-B553-4F88-9DE7-23CBEA5D739C}\Installer\CommonCustomActions\WMFDist11-WindowsXP-X86-ENU.exe
2010-05-06 22:59 . 2010-05-06 22:59   13930312   ——a-w-  c:\documents and settings\All Users\Application Data\OviInstallerCache\{DEE1E2E5-B553-4F88-9DE7-23CBEA5D739C}\Installer\CommonCustomActions\WMFDist11-WindowsXP-X64-ENU.exe
2010-05-06 22:59 . 2010-05-06 22:59   77824   ——a-w-  c:\documents and settings\All Users\Application Data\OviInstallerCache\{DEE1E2E5-B553-4F88-9DE7-23CBEA5D739C}\Installer\CommonCustomActions\Run_XML6_SP1.exe
2010-05-06 22:59 . 2010-05-06 22:59   61440   ——a-w-  c:\documents and settings\All Users\Application Data\OviInstallerCache\{DEE1E2E5-B553-4F88-9DE7-23CBEA5D739C}\Installer\CommonCustomActions\WMF11Runx86.exe
2010-05-06 22:59 . 2010-05-06 22:59   58880   ——a-w-  c:\documents and settings\All Users\Application Data\OviInstallerCache\{DEE1E2E5-B553-4F88-9DE7-23CBEA5D739C}\Installer\CommonCustomActions\WMF11Runx64.exe
2010-05-06 22:59 . 2010-05-06 22:59   50000   ——a-w-  c:\documents and settings\All Users\Application Data\OviInstallerCache\{DEE1E2E5-B553-4F88-9DE7-23CBEA5D739C}\Installer\CommonCustomActions\pcswpc.exe
2010-05-06 22:58 . 2010-05-06 22:58   ————  d——-w-  c:\documents and settings\All Users\Application Data\OviInstallerCache
2010-05-06 10:34 . 2004-02-06 16:07   916480   ——a-w-  c:\windows\system32\wininet.dll
2010-05-05 07:20 . 2009-01-02 00:31   97549   ——a-w-  c:\windows\system32\drivers\klick.dat
2010-05-05 07:20 . 2009-01-02 00:31   113933   ——a-w-  c:\windows\system32\drivers\klin.dat
2010-05-05 07:05 . 2010-05-05 07:05   ————  d——-w-  c:\documents and settings\All Users\Application Data\BVRP Software
2010-05-02 08:09 . 2003-09-18 08:28   1851264   ——a-w-  c:\windows\system32\win32k.sys
2010-04-30 20:56 . 2010-05-06 22:58   98366952   ——a-w-  c:\documents and settings\All Users\Application Data\OviInstallerCache\{DEE1E2E5-B553-4F88-9DE7-23CBEA5D739C}\Nokia_Ovi_Suite_webinstaller_ALL.exe
2010-04-30 20:15 . 2010-04-30 20:15   95232   ——a-w-  c:\documents and settings\All Users\Application Data\Installations\{3D39E775-DDDA-4327-B747-0BDC5F191331}\Installer\CommonCustomActions\pcswpcsi.exe
2010-04-30 20:15 . 2010-04-30 20:15   8192   ——a-w-  c:\documents and settings\All Users\Application Data\Installations\{3D39E775-DDDA-4327-B747-0BDC5F191331}\Installer\CommonCustomActions\UninstCCD.exe
2010-04-30 20:15 . 2010-04-30 20:15   61440   ——a-w-  c:\documents and settings\All Users\Application Data\Installations\{3D39E775-DDDA-4327-B747-0BDC5F191331}\Installer\CommonCustomActions\UninstPCSFEMsi.exe
2010-04-30 20:15 . 2010-04-30 20:15   10240   ——a-w-  c:\documents and settings\All Users\Application Data\Installations\{3D39E775-DDDA-4327-B747-0BDC5F191331}\Installer\CommonCustomActions\UninstPCS.exe
2010-04-30 20:11 . 2010-05-06 23:45   34510000   ——a-w-  c:\documents and settings\All Users\Application Data\Installations\{19DC9559-9C20-4A46-A67D-7ECBA52A2788}\Nokia_PC_Suite_dan_web.exe
2010-04-20 05:31 . 2003-09-18 08:27   285696   ——a-w-  c:\windows\system32\atmfd.dll
2010-04-08 23:22 . 2010-04-06 20:33   50   ——a-w-  c:\windows\system32\bridf08a.dat
2010-04-08 23:01 . 2007-03-23 01:21   0   ——a-w-  c:\windows\brdfxspd.dat
2010-04-06 20:34 . 2007-03-23 01:22   65   ——a-w-  c:\windows\system32\BD7820N.dat
2004-05-19 18:43 . 2007-08-31 19:11   278528   ———w-  c:\programmer\internet explorer\plugins\PanoViewer.dll
2004-05-19 18:43 . 2007-08-31 19:11   143360   ———w-  c:\programmer\internet explorer\plugins\UPjpeg.dll
2008-08-16 16:42 . 2008-08-16 16:42   13112   ———w-  c:\programmer\mozilla firefox\plugins\cgpcfg.dll
2008-08-16 16:42 . 2008-08-16 16:42   70456   ———w-  c:\programmer\mozilla firefox\plugins\CgpCore.dll
2008-08-16 16:42 . 2008-08-16 16:42   91448   ———w-  c:\programmer\mozilla firefox\plugins\confmgr.dll
2008-08-16 16:42 . 2008-08-16 16:42   20800   ———w-  c:\programmer\mozilla firefox\plugins\ctxlogging.dll
2008-08-16 16:43 . 2008-08-16 16:43   206136   ———w-  c:\programmer\mozilla firefox\plugins\ctxmui.dll
2008-08-16 16:42 . 2008-08-16 16:42   31032   ———w-  c:\programmer\mozilla firefox\plugins\icafile.dll
2008-08-16 16:42 . 2008-08-16 16:42   40248   ———w-  c:\programmer\mozilla firefox\plugins\icalogon.dll
2007-11-09 14:10 . 2007-11-09 14:10   34384   ———w-  c:\programmer\mozilla firefox\plugins\logging.dll
2008-05-21 07:41 . 2008-05-21 07:41   479232   ———w-  c:\programmer\mozilla firefox\plugins\msvcm80.dll
2008-05-21 07:41 . 2008-05-21 07:41   548864   ———w-  c:\programmer\mozilla firefox\plugins\msvcp80.dll
2008-05-21 07:41 . 2008-05-21 07:41   626688   ———w-  c:\programmer\mozilla firefox\plugins\msvcr80.dll
2008-06-05 12:58 . 2008-06-05 12:58   648504   ———w-  c:\programmer\mozilla firefox\plugins\sslsdk_b.dll
2008-08-16 16:42 . 2008-08-16 16:42   23864   ———w-  c:\programmer\mozilla firefox\plugins\TcpPServ.dll
2008-07-17 21:45 . 2008-07-05 19:10   88   —sh—r-  c:\windows\system32\BABA6EB5B5.sys
2006-08-22 23:52 . 2006-08-22 23:52   5   —sh—w-  c:\windows\system32\caad9_g.dll
2009-01-25 17:15 . 2009-01-25 17:15   8   —sh—r-  c:\windows\system32\D4C44A8D89.sys
2009-01-25 17:17 . 2008-07-05 19:02   3870   —sh—w-  c:\windows\system32\KGyGaAvL.sys
2010-01-04 22:51 . 2009-01-02 00:30   7386656   —sha-w-  c:\windows\system32\drivers\fidbox.dat
2010-01-04 22:51 . 2009-01-02 00:30   1458208   —sha-w-  c:\windows\system32\drivers\fidbox2.dat
.

———- Sigcheck———-

[7] 2008-04-13 . 9F3A2F5AA6875C72BF062C712CFA2674 . 96512 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\atapi.sys
[7] 2008-04-13 . 9F3A2F5AA6875C72BF062C712CFA2674 . 96512 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\atapi.sys
[-] 2008-04-13 16:40 . !HASH: COULD NOT OPEN FILE !!!!! . 96512 . . [———] . . c:\windows\system32\drivers\atapi.sys
[7] 2004-08-03 . CDFE4411A69C224BD1D11B2DA92DAC51 . 95360 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\atapi.sys
.
(((((((((((((((((((((((((((((((((((  Start steder i reg.basen   ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Bemærk* tomme linier & lovlige standard linier vises ikke
REGEDIT4

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\IconOverlayHandlerAccessible]
@=”{3DBF5F01-3287-46EB-82CF-45AA5C241162}”
[HKEY_CLASSES_ROOT\CLSID\{3DBF5F01-3287-46EB-82CF-45AA5C241162}]
2006-09-27 06:23   593920   ———w-  c:\windows\system32\PGPfsshl.dll

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
“TomTomHOME.exe”=“c:\programmer\TomTom HOME 2\TomTomHOMERunner.exe” [2010-05-07 247144]
“Sony Ericsson PC Suite”=“c:\programmer\Sony Ericsson\Sony Ericsson PC Suite\SEPCSuite.exe” [2009-09-24 434176]
“gStart”=“c:\garmin\gStart.exe” [2008-08-13 1891416]
“swg”=“c:\programmer\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe” [2007-04-29 68856]
“WMPNSCFG”=“c:\programmer\Windows Media Player\WMPNSCFG.exe” [2006-11-15 204288]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
“CHotkey”=“zHotkey.exe” [2004-05-17 543232]
“Dit”=“Dit.exe” [2002-08-28 73728]
“NvCplDaemon”=“c:\windows\system32\NvCpl.dll” [2004-10-29 4620288]
“ControlCenter2.0”=“c:\programmer\Brother\ControlCenter2\brctrcen.exe” [2007-12-21 86016]
“BluetoothAuthenticationAgent”=“bthprops.cpl” [2008-04-14 110592]
“CoolSwitch”=“c:\windows\system32\taskswitch.exe” [2002-03-19 45632]
“nwiz”=“nwiz.exe” [2004-10-29 921600]
“avp”=“c:\programmer\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe” [2009-10-20 340456]
“itype”=“c:\programmer\Microsoft IntelliType Pro\itype.exe” [2009-01-07 1496968]
“IntelliPoint”=“c:\programmer\Microsoft IntelliPoint\ipoint.exe” [2009-01-07 1468296]
“Adobe ARM”=“c:\programmer\Fælles filer\Adobe\ARM\1.0\AdobeARM.exe” [2010-06-09 976832]
“HPUsageTracking”=“c:\programmer\Hewlett-Packard\HP UT\bin\hppusg.exe” [2007-05-08 36864]
“ToolBoxFX”=“c:\programmer\Hewlett-Packard\ToolBoxFX\bin\HPTLBXFX.exe” [2009-02-26 53248]
“BrMfcWnd”=“c:\programmer\Brother\Brmfcmon\BrMfcWnd.exe” [2008-02-19 1089536]
“ControlCenter3”=“c:\programmer\Brother\ControlCenter3\brctrcen.exe” [2007-12-21 86016]
“Networking USB Server”=“c:\programmer\USB Server\Networking USB Server\Networking USB Server.exe” [2009-06-25 2461696]
“Adobe Photo Downloader”=“c:\programmer\Adobe\Photoshop Elements 6.0\apdproxy.exe” [2007-09-10 67488]
“HP Software Update”=“c:\programmer\Hewlett-Packard\HP Software Update\HPWuSchd2.exe” [2010-06-09 49208]
“SunJavaUpdateSched”=“c:\programmer\Fælles filer\Java\Java Update\jusched.exe” [2010-02-18 248040]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
“CTFMON.EXE”=“c:\windows\System32\CTFMON.EXE” [2008-04-14 15360]

c:\documents and settings\All Users\Menuen Start\Programmer\Start\
NCProTray.lnk - c:\programmer\SEC\Natural Color Pro\NCProTray.exe [2009-8-29 49263]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute   REG_MULTI_SZ     autocheck autochk /r \??\o:\0autocheck autochk *\0SsiEfr.e\0SsiEfr.e\0SsiEfr.e\0SsiEfr.e\0autocheck smrgdf c:\documents and settings\Søren\Application Data\iolo\

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Notification Packages   REG_MULTI_SZ     scecli PGPpwflt

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@=“Driver”

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menuen Start^Programmer^Start^Acrobat Assistant.lnk]
path=c:\documents and settings\All Users\Menuen Start\Programmer\Start\Acrobat Assistant.lnk
backup=c:\windows\pss\Acrobat Assistant.lnkCommon Startup

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menuen Start^Programmer^Start^ShareSwitch.lnk]
path=c:\documents and settings\All Users\Menuen Start\Programmer\Start\ShareSwitch.lnk
backup=c:\windows\pss\ShareSwitch.lnkCommon Startup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NokiaMServer]
c:\programmer\Fælles filer\Nokia\MPlatform\NokiaMServer [X]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Photo Downloader]
2007-09-10 22:43   67488   ——a-w-  c:\programmer\Adobe\Photoshop Elements 6.0\apdproxy.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
2010-06-20 02:04   35760   ——a-w-  c:\programmer\Adobe\Reader 9.0\Reader\reader_sl.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CreativeMixer]
1999-11-18 05:01   20480   ———w-  c:\programmer\Creative\Audio2K\Program\Ctmix32.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Easy-PrintToolBox]
2004-01-14 01:10   409600   ———w-  c:\programmer\Canon\Easy-PrintToolBox\BJPSMAIN.EXE

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HP Software Update]
2010-06-09 18:55   49208   ——a-w-  c:\programmer\Hewlett-Packard\HP Software Update\hpwuschd2.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\mRouterConfig]
2006-03-02 10:54   290816   ———w-  c:\programmer\Intuwave\Shared\mRouterRuntime\mRouterConfig.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NBKeyScan]
2008-12-02 14:29   2221352   ——a-w-  c:\programmer\Nero\Nero8\Nero BackItUp\NBKeyScan.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck]
2008-11-06 07:25   570664   ——a-w-  c:\programmer\Fælles filer\Nero\Lib\NeroCheck.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PC Suite Tray]
2009-11-11 08:57   1451520   ——a-w-  c:\programmer\Nokia\Nokia PC Suite 7\PCSuite.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
2010-03-17 19:53   421888   ——a-w-  c:\programmer\QuickTime\QTTask.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SMSystemAnalyzer]
2008-05-06 15:36   764776   ———w-  c:\programmer\iolo\System Mechanic 7\SMSystemAnalyzer.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SsAAD.exe]
2007-02-05 09:11   476728   ———w-  c:\progra~1\Sony\SONICS~1\SSAAD.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\swg]
2007-04-29 22:39   68856   ———w-  c:\programmer\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TkBellExe]
2007-09-03 00:13   185632   ———w-  c:\programmer\Fælles filer\Real\Update_OB\realsched.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]
“Creative Service for CDROM Access”=2 (0x2)
“AcrSch2Svc”=2 (0x2)

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\KasperskyAntiVirus]
“DisableMonitoring”=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
“c:\\WINDOWS\\system32\\fxsclnt.exe”=
“c:\\Programmer\\Microsoft Office\\OFFICE11\\FRONTPG.EXE”=
“c:\\Programmer\\Download Express\\dep.exe”=
“c:\\Programmer\\Messenger\\msmsgs.exe”=
“c:\\Programmer\\Hewlett-Packard\\HP Software Update\\HPWUCli.exe”=
“c:\\WINDOWS\\system32\\mmc.exe”=
“%windir%\\Network Diagnostic\\xpnetdiag.exe”=
“%windir%\\system32\\sessmgr.exe”=
“c:\\Programmer\\Intuwave\\Shared\\mRouterRuntime\\mRouterRuntime.exe”=
“c:\\Programmer\\Sony Ericsson\\Mobile4\\Sync Manager\\DXP SyncML.exe”=
“c:\\Programmer\\Windows Live\\Messenger\\msnmsgr.exe”=
“c:\\Programmer\\Windows Live\\Sync\\WindowsLiveSync.exe”=
“c:\\Programmer\\Sony Ericsson\\Update Service\\Update Service.exe”=
“c:\\WINDOWS\\system32\\dpvsetup.exe”=
“c:\\Programmer\\Fælles filer\\Nero\\Nero Web\\SetupX.exe”=
“c:\\Programmer\\Bonjour\\mDNSResponder.exe”=
“c:\\Programmer\\USB Server\\Networking USB Server\\Networking USB Server.exe”=
“c:\\Programmer\\Fælles filer\\Nokia\\Service Layer\\A\\nsl_host_process.exe”=
“c:\\Programmer\\Nokia\\Nokia Software Updater\\nsu_ui_client.exe”=

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
“54925:UDP”= 54925:UDP:BrotherNetwork Scanner

R0 d346bus;d346bus;c:\windows\system32\drivers\d346bus.sys [22-01-2006 12:01 156800]
R0 d346prt;d346prt;c:\windows\system32\drivers\d346prt.sys [22-01-2006 12:01 5248]
R0 klbg;Kaspersky Lab Boot Guard Driver;c:\windows\system32\drivers\klbg.sys [29-01-2008 18:29 36880]
R0 pgpfs;PGP File Sharing;c:\windows\system32\drivers\PGPfsfd.sys [27-09-2006 08:17 96256]
R2 ioloFileInfoList;iolo FileInfoList Service;c:\programmer\iolo\Common\Lib\ioloServiceManager.exe [13-12-2007 20:01 566120]
R2 ioloSystemService;iolo System Service;c:\programmer\iolo\Common\Lib\ioloServiceManager.exe [13-12-2007 20:01 566120]
R2 LogWatch;Event Log Watch;c:\programmer\CA\SharedComponents\CA_LIC\LogWatNT.exe [20-09-2002 19:29 53248]
R2 OMSI download service;Sony Ericsson OMSI download service;c:\programmer\Sony Ericsson\Sony Ericsson PC Suite\SupServ.exe [24-10-2009 16:59 90112]
R2 ssoftnt4;ssoftnt4;c:\windows\system32\drivers\ssoftnt4.sys [21-09-2006 01:43 114944]
R2 TomTomHOMEService;TomTomHOMEService;c:\programmer\TomTom HOME 2\TomTomHOMEService.exe [07-05-2010 14:36 92008]
R3 EST_BusEnum;Network USB Device Bus;c:\windows\system32\drivers\GenBus.sys [27-05-2009 14:19 27008]
R3 EST_Server;Network USB Device;c:\windows\system32\drivers\GenHC.sys [07-04-2010 23:08 171776]
R3 KLFLTDEV;Kaspersky Lab KLFltDev;c:\windows\system32\drivers\klfltdev.sys [13-03-2008 19:02 26640]
R3 klim5;Kaspersky Anti-Virus NDIS Filter;c:\windows\system32\drivers\klim5.sys [30-04-2008 17:06 32272]
R3 klmouflt;Kaspersky Lab KLMOUFLT;c:\windows\system32\drivers\klmouflt.sys [02-10-2009 19:39 19472]
R3 PhTVTune;MEDION TV-TUNER 7134 MK2/3;c:\windows\system32\drivers\PhTVTune.sys [28-05-2004 17:33 24704]
R3 seehcri;Sony Ericsson seehcri Device Driver;c:\windows\system32\drivers\seehcri.sys [24-10-2009 17:01 27632]
S2 gupdate;Tjenesten Google Update (gupdate);c:\programmer\Google\Update\GoogleUpdate.exe [05-02-2010 00:35 135664]
S2 LBeepKE;LBeepKE;c:\windows\system32\Drivers\LBeepKE.sys—> c:\windows\system32\Drivers\LBeepKE.sys [?]
S2 mdrcdb;MD Simple Burner DB Access Service;c:\programmer\Sony\MD Simple Burner\mdrcdb.exe [02-06-2006 18:51 122880]
S3 azvusb;Virtual USB Hub;c:\windows\system32\drivers\azvusb.sys [18-06-2010 15:27 44544]
S3 CA_LIC_CLNT;CA License Client; [x]
S3 CA_LIC_SRVR;CA License Server; [x]
S3 cpuz130;cpuz130;\??\c:\temp\cpuz130\cpuz_x32.sys—> c:\temp\cpuz130\cpuz_x32.sys [?]
S3 EverestDriver;Lavalys EVEREST Kernel Driver;\??\c:\programmer\Lavalys\EVEREST Home Edition\kerneld.wnt—> c:\programmer\Lavalys\EVEREST Home Edition\kerneld.wnt [?]
S3 ggflt;SEMC USB Flash Driver Filter;c:\windows\system32\drivers\ggflt.sys [17-12-2008 21:25 13224]
S3 nmwcdnsu;Nokia USB Flashing Phone Parent;c:\windows\system32\drivers\nmwcdnsu.sys [16-06-2010 18:36 137344]
S3 nmwcdnsuc;Nokia USB Flashing Generic;c:\windows\system32\drivers\nmwcdnsuc.sys [16-06-2010 18:36 8320]
S3 OEMSTOR;PT Device;c:\windows\system32\drivers\OTest28k.sys [21-04-2006 15:08 19642]
S3 s0017bus;Sony Ericsson Device 0017 driver (WDM);c:\windows\system32\drivers\s0017bus.sys [23-11-2008 18:06 86824]
S3 s0017mdfl;Sony Ericsson Device 0017 USB WMC Modem Filter;c:\windows\system32\drivers\s0017mdfl.sys [23-11-2008 18:06 15016]
S3 s0017mdm;Sony Ericsson Device 0017 USB WMC Modem Driver;c:\windows\system32\drivers\s0017mdm.sys [23-11-2008 18:06 114600]
S3 s0017mgmt;Sony Ericsson Device 0017 USB WMC Device Management Drivers (WDM);c:\windows\system32\drivers\s0017mgmt.sys [23-11-2008 18:07 108328]
S3 s0017nd5;Sony Ericsson Device 0017 USB Ethernet Emulation SEMC0017 (NDIS);c:\windows\system32\drivers\s0017nd5.sys [23-11-2008 18:06 26024]
S3 s0017obex;Sony Ericsson Device 0017 USB WMC OBEX Interface;c:\windows\system32\drivers\s0017obex.sys [23-11-2008 18:07 104616]
S3 s0017unic;Sony Ericsson Device 0017 USB Ethernet Emulation SEMC0017 (WDM);c:\windows\system32\drivers\s0017unic.sys [23-11-2008 18:07 109736]
S3 s1018bus;Sony Ericsson Device 1018 driver (WDM);c:\windows\system32\drivers\s1018bus.sys [24-10-2009 17:00 86824]
S3 s1018mdfl;Sony Ericsson Device 1018 USB WMC Modem Filter;c:\windows\system32\drivers\s1018mdfl.sys [24-10-2009 17:00 15016]
S3 s1018mdm;Sony Ericsson Device 1018 USB WMC Modem Driver;c:\windows\system32\drivers\s1018mdm.sys [24-10-2009 17:00 114728]
S3 s1018mgmt;Sony Ericsson Device 1018 USB WMC Device Management Drivers (WDM);c:\windows\system32\drivers\s1018mgmt.sys [24-10-2009 17:00 106208]
S3 s1018nd5;Sony Ericsson Device 1018 USB Ethernet Emulation (NDIS);c:\windows\system32\drivers\s1018nd5.sys [24-10-2009 17:00 26024]
S3 s1018obex;Sony Ericsson Device 1018 USB WMC OBEX Interface;c:\windows\system32\drivers\s1018obex.sys [24-10-2009 17:00 104744]
S3 s1018unic;Sony Ericsson Device 1018 USB Ethernet Emulation (WDM);c:\windows\system32\drivers\s1018unic.sys [24-10-2009 17:00 109864]
S3 s3017bus;Sony Ericsson Device 3017 driver (WDM);c:\windows\system32\drivers\s3017bus.sys [13-11-2008 13:37 83880]
S3 s3017mdfl;Sony Ericsson Device 3017 USB WMC Modem Filter;c:\windows\system32\drivers\s3017mdfl.sys [13-11-2008 13:38 15016]
S3 s3017mdm;Sony Ericsson Device 3017 USB WMC Modem Driver;c:\windows\system32\drivers\s3017mdm.sys [13-11-2008 13:38 110632]
S3 s3017mgmt;Sony Ericsson Device 3017 USB WMC Device Management Drivers (WDM);c:\windows\system32\drivers\s3017mgmt.sys [13-11-2008 13:38 104616]
S3 s3017nd5;Sony Ericsson Device 3017 USB Ethernet Emulation SEMC3017 (NDIS);c:\windows\system32\drivers\s3017nd5.sys [13-11-2008 13:38 25512]
S3 s3017obex;Sony Ericsson Device 3017 USB WMC OBEX Interface;c:\windows\system32\drivers\s3017obex.sys [13-11-2008 13:38 100648]
S3 s3017unic;Sony Ericsson Device 3017 USB Ethernet Emulation SEMC3017 (WDM);c:\windows\system32\drivers\s3017unic.sys [13-11-2008 13:38 110120]
S3 wlags48d;Agere Wireless PCCard Service;c:\windows\system32\drivers\wlags48d.sys [28-05-2004 18:17 153088]
S4 sptd;sptd;c:\windows\system32\drivers\sptd.sys [10-12-2006 20:26 639224]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
HPZ12   REG_MULTI_SZ     Pml Driver HPZ12 Net Driver HPZ12
.
Indhold af mappen ‘Planlagte Opgaver’

2009-12-13 c:\windows\Tasks\AppleSoftwareUpdate.job
- c:\programmer\Apple Software Update\SoftwareUpdate.exe [2008-07-30 11:34]

2010-07-03 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\programmer\Google\Update\GoogleUpdate.exe [2010-02-04 22:35]

2010-07-03 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\programmer\Google\Update\GoogleUpdate.exe [2010-02-04 22:35]

2010-07-03 c:\windows\Tasks\HP Usg Daily.job
- c:\programmer\Hewlett-Packard\{5372B9A6-6E51-4f90-9B40-E0A3B8475C4E}\pexpress\hphped05.exe [2004-04-01 14:52]

2010-01-09 c:\windows\Tasks\Microsoft_Hardware_Launch_IPoint_exe.job
- c:\programmer\Microsoft IntelliPoint\ipoint.exe [2009-01-07 19:46]

2010-01-09 c:\windows\Tasks\Microsoft_Hardware_Launch_IType_exe.job
- c:\programmer\Microsoft IntelliType Pro\itype.exe [2009-01-07 19:23]
.
.
———- Yderligere scanning———-
.
uStart Page = about:blank
uSearchMigratedDefaultURL = hxxp://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8
uInternet Settings,ProxyOverride = 127.0.0.1;localhost;*.local
uSearchURL,(Default) = hxxp://g.msn.dk/0SEDADK/SAOS01?FORM=TOOLBR
IE: + Offline &Explorer;: Download the link - file://c:\programmer\Offline Explorer\Add_UrlO.htm
IE: + Offline E&xplorer;: Download the current page - file://c:\programmer\Offline Explorer\Add_AllO.htm
IE: E&ksporter; til Microsoft Excel - c:\progra~1\MICROS~3\OFFICE11\EXCEL.EXE/3000
IE: Easy-WebPrint Add To Print List - c:\programmer\Canon\Easy-WebPrint\Resource.dll/RC_AddToList.html
IE: Easy-WebPrint High Speed Print - c:\programmer\Canon\Easy-WebPrint\Resource.dll/RC_HSPrint.html
IE: Easy-WebPrint Preview - c:\programmer\Canon\Easy-WebPrint\Resource.dll/RC_Preview.html
IE: Easy-WebPrint Print - c:\programmer\Canon\Easy-WebPrint\Resource.dll/RC_Print.html
IE: Føj til Anti-Banner - c:\programmer\Kaspersky Lab\Kaspersky Internet Security 2010\ie_banner_deny.htm
IE: Google Sidewiki… - c:\programmer\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_89D8574934B26AC4.dll/cmsidewiki.html
IE: Overfør med Download &Express; - c:\programmer\Download Express\Add_Url.htm
IE: Save &frame; with MetaProducts Inquiry - c:\programmer\MetaProducts Inquiry\inquiry.dll/saveframe.htm
IE: Save ℑ with MetaProducts Inquiry - c:\programmer\MetaProducts Inquiry\inquiry.dll/saveimg.htm
IE: Save &page; with MetaProducts Inquiry - c:\programmer\MetaProducts Inquiry\inquiry.dll/savepage.htm
IE: Save &selection; with MetaProducts Inquiry - c:\programmer\MetaProducts Inquiry\inquiry.dll/savesel.htm
IE: {{55AD98FF-3CB9-4718-B28B-E18F932D7FAB} - {6766A865-215F-465A-B266-9CB9C7BA71FA} - c:\programmer\MetaProducts Inquiry\inquiry.dll
IE: {{7FDB9AEE-D04A-440C-8D1D-52B807115C59} - {D1917456-D76D-48DF-9981-B3978EACCD8F} - c:\programmer\MetaProducts Inquiry\inquiry.dll
IE: {{8F36E80B-AD7C-434E-AB92-DA3938EA01E5} - {3680299D-8B37-4F8A-9975-EDD867F10E94} - c:\programmer\MetaProducts Inquiry\inquiry.dll
IE: {{B98EEB00-A0F2-11D7-9FD9-0080481ADA61} - {F1F3B320-A0F9-11D7-9FD9-0080481ADA61} - c:\programmer\MetaProducts Inquiry\inquiry.dll
Name-Space Handler: ftp\HIEClickCatcher - {E131C96E-4DDB-11D4-84B8-008048B33DEA} - c:\progra~1\DOWNLO~1\mdpph.dll
Name-Space Handler: http\HIEClickCatcher - {E131C96E-4DDB-11D4-84B8-008048B33DEA} - c:\progra~1\DOWNLO~1\mdpph.dll
Name-Space Handler: https\HIEClickCatcher - {E131C96E-4DDB-11D4-84B8-008048B33DEA} - c:\progra~1\DOWNLO~1\mdpph.dll
DPF: DirectAnimation Java Classes
DPF: Microsoft XML Parser for Java
DPF: {07D09E9E-C667-45DD-B035-217BC2A61A3B} - hxxps://www.portalbank.dk/package/sdc/external/activex/ActiveXSikkerhedssoftware-prod-1.30.cab
DPF: {1469FF24-47F6-11D2-8805-006008C537E3} - hxxp://www.kps.dk/codebase/ffmail.cab
DPF: {3D6DDD23-870A-4FC8-B3AF-5F67C935A9B7} - hxxps://udstedelse.certifikat.tdc.dk/csp/authenticode/PrimeInkCSP-1204.exe
DPF: {92EB6641-286A-11D2-A68E-00A0C996A6DD} - hxxp://www.kps.dk/codebase/jfsignature.cab
DPF: {9DF01F00-08E7-4DBE-9070-94841463B3FE} - hxxps://danid.dk/csp/authenticode/csp.exe
DPF: {BE9B2B7C-6680-44E6-9F51-05384AD9C2FF} - hxxp://p1.mywayfinder.com/MapConnect.ocx
DPF: {D216644A-C6DB-49D9-BBCF-D38FE7991BF2} - hxxps://opdatering.tdc.dk/csp/authenticode/tdccsp-0506.exe
DPF: {D3166EE4-3E00-46CA-8F62-8E01D2314A7F} - hxxp://www.cig.canon-europe.com/ph/da_DK/st/download/ddup/CNIMGUP_01_210102E.cab
DPF: {D8575CE3-3432-4540-88A9-85A1325D3375} - hxxps://netbank.bgbank.dk/html/activex/e-Safekey/BG/e-Safekey.cab
FF - ProfilePath - c:\documents and settings\Søren\Application Data\Mozilla\Firefox\Profiles\7nc1wn7r.default\
FF - prefs.js: browser.search.defaulturl - hxxp://www.google.com/search?lr=&ie=UTF-8&oe=UTF-8&q=
FF - prefs.js: browser.startup.homepage - hxxp://www.google.dk/ig?hl=da
FF - component: c:\documents and settings\Søren\Application Data\Mozilla\Firefox\Profiles\7nc1wn7r.default\extensions\{0b457cAA-602d-484a-8fe7-c1d894a011ba}\platform\WINNT_x86-msvc\components\SSSLauncher.dll
FF - component: c:\documents and settings\Søren\Application Data\Mozilla\Firefox\Profiles\7nc1wn7r.default\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}\components\frozen.dll
FF - component: c:\documents and settings\Søren\Application Data\Mozilla\Firefox\Profiles\7nc1wn7r.default\extensions\{D249FD00-4DF9-11D9-9FDC-0080481ADA61}\components\mpint.dll
FF - component: c:\programmer\Mozilla Firefox\extensions\linkfilter@kaspersky.ru\components\KavLinkFilter.dll
FF - plugin: c:\programmer\Canon\ZoomBrowser EX\Program\NPCIG.dll
FF - plugin: c:\programmer\Google\Google Earth\plugin\npgeplugin.dll
FF - plugin: c:\programmer\Google\Update\1.2.183.23\npGoogleOneClick8.dll
FF - plugin: c:\programmer\Microsoft\Office Live\npOLW.dll
FF - plugin: c:\programmer\Mozilla Firefox\plugins\np-mswmp.dll
FF - plugin: c:\programmer\Mozilla Firefox\plugins\npdeployJava1.dll
FF - plugin: c:\programmer\Mozilla Firefox\plugins\npicaN.dll
FF - plugin: c:\programmer\Mozilla Firefox\plugins\npvirtools.dll
FF - plugin: c:\programmer\Viewpoint\Viewpoint Media Player\npViewpoint.dll
FF - plugin: c:\programmer\Windows Live\Photo Gallery\NPWLPG.dll
FF - plugin: c:\windows\system32\SuperAdBlocker.com\npsabffx.dll
FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\

——FIREFOX POLITIKKER——
c:\programmer\Mozilla Firefox\greprefs\all.js - pref(“ui.use_native_colors”, true);
c:\programmer\Mozilla Firefox\greprefs\all.js - pref(“network.IDN.whitelist.lu”, true);
c:\programmer\Mozilla Firefox\greprefs\all.js - pref(“network.IDN.whitelist.nu”, true);
c:\programmer\Mozilla Firefox\greprefs\all.js - pref(“network.IDN.whitelist.nz”, true);
c:\programmer\Mozilla Firefox\greprefs\all.js - pref(“network.IDN.whitelist.xn—mgberp4a5d4ar”, true);
c:\programmer\Mozilla Firefox\greprefs\all.js - pref(“network.IDN.whitelist.xn—p1ai”, true);
c:\programmer\Mozilla Firefox\greprefs\all.js - pref(“network.IDN.whitelist.xn—mgbayh7gpa”, true);
c:\programmer\Mozilla Firefox\greprefs\all.js - pref(“network.IDN.whitelist.tel”, true);
c:\programmer\Mozilla Firefox\greprefs\all.js - pref(“network.auth.force-generic-ntlm”, false);
c:\programmer\Mozilla Firefox\greprefs\all.js - pref(“network.proxy.type”,            5);
c:\programmer\Mozilla Firefox\greprefs\all.js - pref(“dom.ipc.plugins.timeoutSecs”, 45);
c:\programmer\Mozilla Firefox\greprefs\all.js - pref(“svg.smil.enabled”, false);
c:\programmer\Mozilla Firefox\greprefs\all.js - pref(“accelerometer.enabled”, true);
c:\programmer\Mozilla Firefox\greprefs\security-prefs.js - pref(“security.ssl.allow_unrestricted_renego_everywhere__temporarily_available_pref”, true);
c:\programmer\Mozilla Firefox\greprefs\security-prefs.js - pref(“security.ssl.renego_unrestricted_hosts”, “”);
c:\programmer\Mozilla Firefox\greprefs\security-prefs.js - pref(“security.ssl.treat_unsafe_negotiation_as_broken”, false);
c:\programmer\Mozilla Firefox\greprefs\security-prefs.js - pref(“security.ssl.require_safe_negotiation”,  false);
c:\programmer\Mozilla Firefox\defaults\pref\firefox-l10n.js - pref(“browser.fixup.alternate.suffix”, “.dk”);
c:\programmer\Mozilla Firefox\defaults\pref\firefox.js - pref(“extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.name”, “chrome://browser/locale/browser.properties”);
c:\programmer\Mozilla Firefox\defaults\pref\firefox.js - pref(“extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.description”, “chrome://browser/locale/browser.properties”);
c:\programmer\Mozilla Firefox\defaults\pref\firefox.js - pref(“plugins.update.notifyUser”, false);
c:\programmer\Mozilla Firefox\defaults\pref\firefox.js - pref(“dom.ipc.plugins.enabled.nptest.dll”, true);
c:\programmer\Mozilla Firefox\defaults\pref\firefox.js - pref(“dom.ipc.plugins.enabled.npswf32.dll”, true);
c:\programmer\Mozilla Firefox\defaults\pref\firefox.js - pref(“dom.ipc.plugins.enabled.npctrl.dll”, true);
c:\programmer\Mozilla Firefox\defaults\pref\firefox.js - pref(“dom.ipc.plugins.enabled.npqtplugin.dll”, true);
c:\programmer\Mozilla Firefox\defaults\pref\firefox.js - pref(“dom.ipc.plugins.enabled”, false);
.
.
———- Fil Associationer———-
.
JSEFile=NOTEPAD.EXE %1
.
- - - - TOMME GENVEJE FJERNET - - - -

ShellExecuteHooks-{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - (no file)
SafeBoot-svcWRSSSDK
MSConfigStartUp-Acronis Scheduler2 Service - c:\programmer\Fælles filer\Acronis\Schedule2\schedhlp.exe
MSConfigStartUp-HPPQVideo - c:\programmer\Hewlett-Packard\ScheduledLaunch\HP Color LaserJet CP1510 Series\bin\hppschlnch.exe -r SOFTWARE\Hewlett-Packard\ScheduledLaunch\CLJ_CP1510_Series -f PQOptimizerVideo.xml
MSConfigStartUp-Remote USB Hub - c:\programmer\Medion\MD 86097 W-LAN USB Remote Hub\RemoteUSBHub.exe
MSConfigStartUp-SSBkgdUpdate - c:\programmer\Fælles filer\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe

**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2010-07-03 21:45
Windows 5.1.2600 Service Pack 3 NTFS

scanner skjulte processer ... 

scanner skjulte autostarter ...

scanner skjulte filer ... 

scanning gennemført med succes
skjulte filer: 0

**************************************************************************

Stealth MBR rootkit/Mebroot/Sinowal detector 0.3.7 by Gmer, http://www.gmer.net

device: opened successfully
user: MBR read successfully
called modules: ntkrnlpa.exe CLASSPNP.SYS disk.sys iomdisk.sys hal.dll ACPI.sys >>UNKNOWN [0x8A81D2A0]<<
kernel: MBR read successfully
detected MBR rootkit hooks:
\Driver\Disk -> CLASSPNP.SYS @ 0xba11cf28
\Driver\ACPI -> ACPI.sys @ 0xb9f58cb8
\Driver\atapi -> 0x8a81d2a0
IoDeviceObjectType -> DeleteProcedure -> ntkrnlpa.exe @ 0x80579014
ParseProcedure -> ntkrnlpa.exe @ 0x80577c76
\Device\Harddisk0\DR0 -> DeleteProcedure -> ntkrnlpa.exe @ 0x80579014
ParseProcedure -> ntkrnlpa.exe @ 0x80577c76
NDIS: Bluetooth Device (Personal Area Network) #14 -> SendCompleteHandler -> NDIS.sys @ 0xb9d9fbb0
PacketIndicateHandler -> NDIS.sys @ 0xb9d8ea0d
SendHandler -> NDIS.sys @ 0xb9da2b40
Warning: possible MBR rootkit infection !
user & kernel MBR OK

**************************************************************************

[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\EverestDriver]
“ImagePath”=”\??\c:\programmer\Lavalys\EVEREST Home Edition\kerneld.wnt”

[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Iomega Activity Disk2]
“ImagePath”=”\”\”“
.
——————————- LÅSTE REGISTRERINGS NØGLER——————————-

[HKEY_USERS\S-1-5-21-2783190167-330807921-3758866332-1007\Software\Microsoft\SystemCertificates\AddressBook*]
@Allowed: (Read) (RestrictedCode)
@Allowed: (Read) (RestrictedCode)
.
——————————- DLLs startet under kørende Processer——————————-

- - - - - - - > ‘winlogon.exe’(924)
c:\windows\system32\PGPpwflt.dll
c:\windows\system32\PGPwd.dll
c:\windows\system32\PGPsdk.dll
c:\windows\system32\pgpsdkm.dll

- - - - - - - > ‘explorer.exe’(2708)
c:\windows\system32\PGPfsshl.dll
c:\windows\system32\PGPcl.dll
c:\windows\system32\PGPsdk.dll
c:\windows\system32\PGPsdkNL.dll
c:\windows\system32\PGPwd.dll
c:\windows\system32\pgpsdkm.dll
c:\windows\system32\PGPsdkUI.dll
c:\progra~1\WINDOW~2\wmpband.dll
c:\windows\system32\LQCUI2.dll
c:\windows\system32\msi.dll
c:\windows\system32\webcheck.dll
c:\windows\system32\WPDShServiceObj.dll
c:\programmer\Nokia\Nokia PC Suite 7\PhoneBrowser.dll
c:\programmer\Nokia\Nokia PC Suite 7\NGSCM.DLL
c:\programmer\Nokia\Nokia PC Suite 7\Lang\PhoneBrowser_dan.nlr
c:\programmer\Nokia\Nokia PC Suite 7\Resource\PhoneBrowser_Nokia.ngr
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
.
————————————Andre kørende processer————————————
.
c:\windows\system32\brss01a.exe
c:\programmer\Adobe\Photoshop Elements 6.0\PhotoshopElementsFileAgent.exe
c:\programmer\Bonjour\mDNSResponder.exe
c:\progra~1\Iomega\System32\AppServices.exe
c:\programmer\Java\jre6\bin\jqs.exe
c:\programmer\Fælles filer\LightScribe\LSSrvc.exe
c:\programmer\Fælles filer\Microsoft Shared\VS7DEBUG\MDM.EXE
c:\programmer\Nero\Nero8\Nero BackItUp\NBService.exe
c:\windows\system32\nvsvc32.exe
c:\windows\system32\PGPserv.exe
c:\windows\system32\IoctlSvc.exe
c:\windows\system32\PSIService.exe
c:\programmer\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
c:\windows\system32\ssoftsrv.exe
c:\windows\system32\fxssvc.exe
c:\programmer\Canon\CAL\CALMAIN.exe
c:\windows\zHotkey.exe
c:\windows\Dit.exe
c:\windows\DitExp.exe
c:\windows\system32\rundll32.exe
c:\programmer\Brother\ControlCenter3\brccMCtl.exe
c:\programmer\Microsoft IntelliPoint\dpupdchk.exe
c:\programmer\Brother\Brmfcmon\BrMfimon.exe
c:\programmer\PC Connectivity Solution\ServiceLayer.exe
c:\programmer\PC Connectivity Solution\Transports\NclUSBSrv.exe
c:\programmer\PC Connectivity Solution\Transports\NclRSSrv.exe
c:\programmer\PC Connectivity Solution\Transports\NclMSBTSrv.exe
c:\windows\system32\dwwin.exe
.
**************************************************************************
.
Gennemført tid: 2010-07-03 22:00:56 - maskinen blev genstartet
ComboFix-quarantined-files.txt 2010-07-03 20:00

Pre-Kørsel: 13.222.789.120 byte ledig
Post-Kørsel: 13.423.611.904 byte ledig

- - End Of File - - 1170B1D07BB63D5AA5B722506B980EE9

Administrator
Avatar
Antal indlæg: 36422

Åben Notesblok og kopier følgende (tekst med fed skrift) inklusive linket ind - og gem tekst-filen som CFScript samme sted som du har ComboFix:


…………………………………………………………………….

http://www.spywarefri.dk/forum/viewthread/78096/
Killall::
Snapshot::
Collect::
c:\windows\system32\D4C44A8D89.sys
c:\windows\system32\BABA6EB5B5.sys
c:\windows\system32\caad9_g.dll
Folder::
c:\temp
Fcopy::
c:\windows\ServicePackFiles\i386\atapi.sys | c:\windows\system32\drivers\atapi.sys
Filelook::
c:\windows\system32\PGPfsshl.dll
Driver:
CA_LIC_CLNT
CA_LIC_SRVR
cpuz130
Registry::
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Photo Downloader]
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NokiaMServer]

………………………………………………………………………..


Tag så fat i den nye fil med musen, og før den hen over Combofix-filen, hvorefter du “giver slip” med musen. Som vist her ->

http://www.fromsej.saknet.dk/billeder/swfcombo.gif


Så skulle Combofix gerne give sig til at arbejde. Muligvis vil den kræve en genstart, hvilket du skal tillade. Du bør ikke klikke på vinduet imens værktøjet kører, idet det kan få din computer til at fryse.

Når ComboFix er færdig med sin scanning/rensning åbnes en ComboFix log sammen med en lille meddelelses-boks. Rensningen du lige har gennemført har indsamlet nogle filer til videre analyse. Klik nu på OK i meddelelses-boksen for at uploade de indsamlede filer til videre analyse (du skal have forbindelse til internettet for at kunne uploade filerne).


Læg den nye ComboFix log herind. Den kan findes her - C:\combofix Txt

Signatur

Download IKKE Programmer fra Disse  suspekte sider

Antal indlæg: 105

Hej igen,

Et eller andet er gået skævt, eller ikke gået helt som planlagt. Jeg er blevet opmærksom på, at jeg ikke fik kopieret linkadressen med da jeg lavede filen til CompoFix og efter to genstart var der hverken log.fil eller skærmbox som ved første kørsel.

Jeg har vedhæftet et skærmbillede af c-roden, og i stedet for den omtalte combofix-log er der nu en mappe der hedder combofix med samme icon som mappen “Denne computer”. Og denne mappe gentager sig selv, tilsyneladende i det uendelige.

Det skal også nævnes at jeg umiddelbart efter genstart ikke kunne komme på flere af de internetsider jeg har i menu, men efter en ny genstart kunne jeg komme ind på disse, inkl. spywarefri.dk.

I denne omgang efter genstart har pc’en kørt ca 5 min med lavt cpu-forbrug, men nu er de samme tre filer oppe igen med 100% forbrug og belaster pc’en.

Håber I kan gennemskue hvad det er jeg har gjort galt og kan få mig tilbage på ret køl igen. wink

Vedhæftede billeder
C-rod-combofix.jpg
Klik miniature for at se billede i fuld størrelse
Administrator
Avatar
Antal indlæg: 36422

Prøv lige at afinstaller combofix med tilhørende mapper, for at se om det retter op på tingene ->


Start - kør, skriv/kopier: combofix /uninstall


Når den er færdig med det, så genstart computeren, og fortæl om mapperne ser normale ud nu ?

Signatur

Download IKKE Programmer fra Disse  suspekte sider

Antal indlæg: 105

Så er jeg på banen igen.

Afinstallation af ComboFix gik hurtigt og smertefri. Alt ser umiddelbart ud som før. Den ene ændring jeg hæfter mig ved er, at ledig plads på C-drev er forøget fra 12,3GB til 14,2GB

mvh

Administrator
Avatar
Antal indlæg: 36422

ledig plads på C-drev er forøget fra 12,3GB til 14,2GB

 

Det er da ikke så dårligt     grin

 

Hvordan kører tingene ellers ?

Signatur

Download IKKE Programmer fra Disse  suspekte sider

Antal indlæg: 105

Når jeg starter PC er problemet uforandret - men, hvis jeg efter opstart åbner åbner Windows jobliste og afbryder programmer Apdproxy.exe vender windows og cpu-forbruget næsten tilbage til normalt - dog virker det som om PC’en virker lidt langsom ved opstart/indlæsning af programmer, men det kan meget vel være min subjektive oplevelse.

Så noget kunne tyde på, at der er et problem med Apdproxy.exe eller at der sker noget når det kører, hvad det så end kan være.

Administrator
Avatar
Antal indlæg: 55713

Prøv at deaktivere Apdproxy.exe i MsConfig:
http://spywareinfo.dk/index.htm#/tip-og-tricks/msconfig.htm

Signatur

qui potest, obligatur

Nierne bomaye - You’ll never walk alone

Kaffen er drukket
Kassen er lukket
Støtten gør mere nytte
Hos de små og forknytte
Børns vilkår
Hospitalsklovne

Antal indlæg: 105

Umiddelbart lader det til at virke nu - der kommer stadig nogle periodiske 100%‘s belastninger af cpu’en men intet at sammenligne med tidligere.

Administrator
Avatar
Antal indlæg: 36422

Umiddelbart lader det til at virke nu - der kommer stadig nogle periodiske 100%‘s belastninger af cpu’en men intet at sammenligne med tidligere.

 

Lyder godt     grin


Du har også temmelig meget til at starte op, så jeg vil foreslå at du deaktiverer alt (undtagen sikkerhedsprogrammerne) fra msconfig.


Genstarter, og hvis du efterfølgende får nogen fejl, aktiverer du bare det/de programmer igen.

Signatur

Download IKKE Programmer fra Disse  suspekte sider