Notifikationer

Markér alle som læst Log ud

karstenjunior Nybegynder

12. august 2006 - 17:21 Der er 14 kommentarer og
1 løsning

virus på min pc

Jeg har fået nogle vira på min pc.
Jeg er blevet anbefalet at køre nogle antivirusprogrammer,
SAS, og dr. web.

Er der nogle, der vil checke mine logs

Dr.Web(R) Scanner for Windows v4.33.2 (4.33.2.06080)
Copyright (c) Igor Daniloff, 1992-2006
Log generated on: 2006-08-12, 09:42:55 [Karsten Mortensen]
Command-line: "C:\DOCUME~1\KARSTE~1\LOKALE~1\Temp\RarSFX3\cureit.exe" /lng /ini:cureit_XP.ini
Operating system:Windows XP Home Edition x86 (Build 2600), Service Pack 2
=============================================================================
Engine version: 4.33 (4.33.4.07270)
Engine API version: 2.01
[Virus base] C:\DOCUME~1\KARSTE~1\LOKALE~1\Temp\RarSFX3\crwtoday.cdb - 1017 virus records
[Virus base] C:\DOCUME~1\KARSTE~1\LOKALE~1\Temp\RarSFX3\crw43347.cdb - 707 virus records
[Virus base] C:\DOCUME~1\KARSTE~1\LOKALE~1\Temp\RarSFX3\crw43346.cdb - 1429 virus records
[Virus base] C:\DOCUME~1\KARSTE~1\LOKALE~1\Temp\RarSFX3\crw43345.cdb - 1358 virus records
[Virus base] C:\DOCUME~1\KARSTE~1\LOKALE~1\Temp\RarSFX3\crw43344.cdb - 694 virus records
[Virus base] C:\DOCUME~1\KARSTE~1\LOKALE~1\Temp\RarSFX3\crw43343.cdb - 1186 virus records
[Virus base] C:\DOCUME~1\KARSTE~1\LOKALE~1\Temp\RarSFX3\crw43342.cdb - 744 virus records
[Virus base] C:\DOCUME~1\KARSTE~1\LOKALE~1\Temp\RarSFX3\crw43341.cdb - 841 virus records
[Virus base] C:\DOCUME~1\KARSTE~1\LOKALE~1\Temp\RarSFX3\crw43340.cdb - 822 virus records
[Virus base] C:\DOCUME~1\KARSTE~1\LOKALE~1\Temp\RarSFX3\crw43339.cdb - 1071 virus records
[Virus base] C:\DOCUME~1\KARSTE~1\LOKALE~1\Temp\RarSFX3\crw43338.cdb - 989 virus records
[Virus base] C:\DOCUME~1\KARSTE~1\LOKALE~1\Temp\RarSFX3\crw43337.cdb - 855 virus records
[Virus base] C:\DOCUME~1\KARSTE~1\LOKALE~1\Temp\RarSFX3\crw43336.cdb - 1297 virus records
[Virus base] C:\DOCUME~1\KARSTE~1\LOKALE~1\Temp\RarSFX3\crw43335.cdb - 1195 virus records
[Virus base] C:\DOCUME~1\KARSTE~1\LOKALE~1\Temp\RarSFX3\crw43334.cdb - 900 virus records
[Virus base] C:\DOCUME~1\KARSTE~1\LOKALE~1\Temp\RarSFX3\crw43333.cdb - 1381 virus records
[Virus base] C:\DOCUME~1\KARSTE~1\LOKALE~1\Temp\RarSFX3\crw43332.cdb - 1340 virus records
[Virus base] C:\DOCUME~1\KARSTE~1\LOKALE~1\Temp\RarSFX3\crw43331.cdb - 2735 virus records
[Virus base] C:\DOCUME~1\KARSTE~1\LOKALE~1\Temp\RarSFX3\crw43330.cdb - 2078 virus records
[Virus base] C:\DOCUME~1\KARSTE~1\LOKALE~1\Temp\RarSFX3\crw43329.cdb - 2490 virus records
[Virus base] C:\DOCUME~1\KARSTE~1\LOKALE~1\Temp\RarSFX3\crw43328.cdb - 743 virus records
[Virus base] C:\DOCUME~1\KARSTE~1\LOKALE~1\Temp\RarSFX3\crw43327.cdb - 958 virus records
[Virus base] C:\DOCUME~1\KARSTE~1\LOKALE~1\Temp\RarSFX3\crw43326.cdb - 793 virus records
[Virus base] C:\DOCUME~1\KARSTE~1\LOKALE~1\Temp\RarSFX3\crw43325.cdb - 713 virus records
[Virus base] C:\DOCUME~1\KARSTE~1\LOKALE~1\Temp\RarSFX3\crw43324.cdb - 655 virus records
[Virus base] C:\DOCUME~1\KARSTE~1\LOKALE~1\Temp\RarSFX3\crw43323.cdb - 655 virus records
[Virus base] C:\DOCUME~1\KARSTE~1\LOKALE~1\Temp\RarSFX3\crw43322.cdb - 778 virus records
[Virus base] C:\DOCUME~1\KARSTE~1\LOKALE~1\Temp\RarSFX3\crw43321.cdb - 846 virus records
[Virus base] C:\DOCUME~1\KARSTE~1\LOKALE~1\Temp\RarSFX3\crw43320.cdb - 808 virus records
[Virus base] C:\DOCUME~1\KARSTE~1\LOKALE~1\Temp\RarSFX3\crw43319.cdb - 764 virus records
[Virus base] C:\DOCUME~1\KARSTE~1\LOKALE~1\Temp\RarSFX3\crw43318.cdb - 838 virus records
[Virus base] C:\DOCUME~1\KARSTE~1\LOKALE~1\Temp\RarSFX3\crw43317.cdb - 363 virus records
[Virus base] C:\DOCUME~1\KARSTE~1\LOKALE~1\Temp\RarSFX3\crw43316.cdb - 730 virus records
[Virus base] C:\DOCUME~1\KARSTE~1\LOKALE~1\Temp\RarSFX3\crw43315.cdb - 627 virus records
[Virus base] C:\DOCUME~1\KARSTE~1\LOKALE~1\Temp\RarSFX3\crw43314.cdb - 824 virus records
[Virus base] C:\DOCUME~1\KARSTE~1\LOKALE~1\Temp\RarSFX3\crw43313.cdb - 842 virus records
[Virus base] C:\DOCUME~1\KARSTE~1\LOKALE~1\Temp\RarSFX3\crw43312.cdb - 830 virus records
[Virus base] C:\DOCUME~1\KARSTE~1\LOKALE~1\Temp\RarSFX3\crw43311.cdb - 862 virus records
[Virus base] C:\DOCUME~1\KARSTE~1\LOKALE~1\Temp\RarSFX3\crw43310.cdb - 853 virus records
[Virus base] C:\DOCUME~1\KARSTE~1\LOKALE~1\Temp\RarSFX3\crw43309.cdb - 733 virus records
[Virus base] C:\DOCUME~1\KARSTE~1\LOKALE~1\Temp\RarSFX3\crw43308.cdb - 708 virus records
[Virus base] C:\DOCUME~1\KARSTE~1\LOKALE~1\Temp\RarSFX3\crw43307.cdb - 839 virus records
[Virus base] C:\DOCUME~1\KARSTE~1\LOKALE~1\Temp\RarSFX3\crw43306.cdb - 930 virus records
[Virus base] C:\DOCUME~1\KARSTE~1\LOKALE~1\Temp\RarSFX3\crw43305.cdb - 759 virus records
[Virus base] C:\DOCUME~1\KARSTE~1\LOKALE~1\Temp\RarSFX3\crw43304.cdb - 721 virus records
[Virus base] C:\DOCUME~1\KARSTE~1\LOKALE~1\Temp\RarSFX3\crw43303.cdb - 638 virus records
[Virus base] C:\DOCUME~1\KARSTE~1\LOKALE~1\Temp\RarSFX3\crw43302.cdb - 806 virus records
[Virus base] C:\DOCUME~1\KARSTE~1\LOKALE~1\Temp\RarSFX3\crw43301.cdb - 504 virus records
[Virus base] C:\DOCUME~1\KARSTE~1\LOKALE~1\Temp\RarSFX3\crw43300.cdb - 24 virus records
[Virus base] C:\DOCUME~1\KARSTE~1\LOKALE~1\Temp\RarSFX3\crwebase.cdb - 78674 virus records
[Virus base] C:\DOCUME~1\KARSTE~1\LOKALE~1\Temp\RarSFX3\cwrtoday.cdb - 211 virus records
[Virus base] C:\DOCUME~1\KARSTE~1\LOKALE~1\Temp\RarSFX3\cwr43301.cdb - 697 virus records
[Virus base] C:\DOCUME~1\KARSTE~1\LOKALE~1\Temp\RarSFX3\crwrisky.cdb - 1271 virus records
[Virus base] C:\DOCUME~1\KARSTE~1\LOKALE~1\Temp\RarSFX3\cwntoday.cdb - 722 virus records
[Virus base] C:\DOCUME~1\KARSTE~1\LOKALE~1\Temp\RarSFX3\cwn43303.cdb - 766 virus records
[Virus base] C:\DOCUME~1\KARSTE~1\LOKALE~1\Temp\RarSFX3\cwn43302.cdb - 850 virus records
[Virus base] C:\DOCUME~1\KARSTE~1\LOKALE~1\Temp\RarSFX3\cwn43301.cdb - 773 virus records
[Virus base] C:\DOCUME~1\KARSTE~1\LOKALE~1\Temp\RarSFX3\crwnasty.cdb - 4867 virus records
Total virus records: 135104
Key file: C:\DOCUME~1\KARSTE~1\LOKALE~1\Temp\RarSFX3\cureit.key
License key number: 0000000010
Registered to: Dr.Web CureIt Project
License key activates: 2005-03-05
License key expires: 2007-03-05

-----------------------------------------------------------------------------
Scan statistics
-----------------------------------------------------------------------------
Objects scanned: 0
Infected objects found: 0
Objects with modifications found: 0
Suspicious objects found: 0
Adware programs found: 0
Dialer programs found: 0
Joke programs found: 0
Riskware programs found: 0
Hacktool programs found: 0
Objects cured: 0
Objects deleted: 0
Objects renamed: 0
Objects moved: 0
Objects ignored: 0
Scan speed: 0 Kb/s
Scan time: 00:00:00
-----------------------------------------------------------------------------

[Scan path] C:\WINDOWS\System32\smss.exe
[Scan path] C:\WINDOWS\system32\csrss.exe
[Scan path] C:\WINDOWS\system32\winlogon.exe
[Scan path] C:\WINDOWS\system32\services.exe
[Scan path] C:\WINDOWS\system32\lsass.exe
[Scan path] C:\WINDOWS\system32\svchost.exe
[Scan path] C:\WINDOWS\Explorer.EXE
[Scan path] C:\drweb-cureit.exe
[Scan path] C:\DOCUME~1\KARSTE~1\LOKALE~1\Temp\RarSFX3\_start.exe
[Scan path] C:\DOCUME~1\KARSTE~1\LOKALE~1\Temp\RarSFX3\cureit.exe
[Scan path] C:\WINDOWS\SOUNDMAN.EXE
[Scan path] c:\progra~1\grisoft\avgfre~1\avgcc.exe
[Scan path] C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
[Scan path] C:\Programmer\Support.com\bin\tgcmd.exe
C:\Programmer\Support.com\bin\tgcmd.exe probably infected with DLOADER.Trojan

[Scan path] C:\WINDOWS\Logi_MwX.Exe
[Scan path] C:\Programmer\D-Tools\daemon.exe
[Scan path] C:\Programmer\Ahead\InCD\InCD.exe
[Scan path] C:\WINDOWS\system32\NeroCheck.exe
[Scan path] C:\Programmer\HP\HP Software Update\HPWuSchd2.exe
[Scan path] c:\windows\p_981116.exe
[Scan path] C:\Programmer\iTunes\iTunesHelper.exe
[Scan path] C:\Programmer\QuickTime\qttask.exe
[Scan path] c:\windows\system32\dumprep.exe
[Scan path] C:\Programmer\Java\jre1.5.0_06\bin\jusched.exe
[Scan path] C:\Programmer\AOL\Active Security Monitor\ASMonitor.exe
[Scan path] c:\programmer\canon\easy-printtoolbox\bjpsmain.exe
[Scan path] C:\WINDOWS\system32\ctfmon.exe
[Scan path] C:\Programmer\Messenger\msmsgs.exe
[Scan path] C:\Programmer\SUPERAntiSpyware\SUPERAntiSpyware.exe
[Scan path] c:\progra~1\grisoft\avgfre~1\avgw.exe
[Scan path] C:\Documents and Settings\Karsten Mortensen\Menuen Start\Programmer\Start\desktop.ini
[Scan path] C:\Programmer\Microsoft Office\Office\OSA9.EXE
[Scan path] C:\Programmer\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
[Scan path] C:\Programmer\HP\Digital Imaging\bin\hpqthb08.exe
[Scan path] C:\Programmer\HP\Digital Imaging\bin\hpqtra08.exe
[Scan path] C:\Programmer\Adobe\Acrobat 7.0\Reader\reader_sl.exe
[Scan path] C:\WINDOWS\system32\mmsys.cpl
[Scan path] C:\WINDOWS\system32\icmui.dll
[Scan path] C:\WINDOWS\system32\rshx32.dll
[Scan path] C:\WINDOWS\system32\docprop.dll
[Scan path] C:\WINDOWS\system32\ntshrui.dll
[Scan path] C:\WINDOWS\system32\themeui.dll
[Scan path] C:\WINDOWS\system32\deskadp.dll
[Scan path] C:\WINDOWS\system32\deskmon.dll
[Scan path] C:\WINDOWS\system32\dssec.dll
[Scan path] C:\WINDOWS\system32\SlayerXP.dll
[Scan path] C:\WINDOWS\system32\shscrap.dll
[Scan path] C:\WINDOWS\system32\diskcopy.dll
[Scan path] C:\WINDOWS\system32\ntlanui2.dll
[Scan path] C:\WINDOWS\system32\printui.dll
[Scan path] C:\WINDOWS\system32\dskquoui.dll
[Scan path] C:\WINDOWS\system32\syncui.dll
[Scan path] C:\WINDOWS\system32\hticons.dll
[Scan path] C:\WINDOWS\system32\fontext.dll
[Scan path] C:\WINDOWS\system32\deskperf.dll
[Scan path] C:\WINDOWS\system32\cryptext.dll
[Scan path] C:\WINDOWS\system32\NETSHELL.dll
[Scan path] C:\WINDOWS\system32\wiashext.dll
[Scan path] C:\WINDOWS\system32\remotepg.dll
[Scan path] C:\WINDOWS\system32\wshext.dll
[Scan path] C:\Programmer\Fælles filer\System\Ole DB\oledb32.dll
[Scan path] C:\WINDOWS\system32\mstask.dll
[Scan path] C:\WINDOWS\system32\shdocvw.dll
[Scan path] C:\WINDOWS\system32\wuaucpl.cpl
[Scan path] C:\WINDOWS\system32\twext.dll
[Scan path] C:\WINDOWS\system32\shmedia.dll
[Scan path] C:\WINDOWS\system32\browseui.dll
[Scan path] C:\WINDOWS\system32\sendmail.dll
[Scan path] C:\WINDOWS\system32\occache.dll
[Scan path] C:\WINDOWS\system32\webcheck.dll
[Scan path] C:\WINDOWS\system32\appwiz.cpl
[Scan path] C:\WINDOWS\system32\shimgvw.dll
[Scan path] C:\WINDOWS\system32\netplwiz.dll
[Scan path] C:\WINDOWS\system32\zipfldr.dll
[Scan path] C:\WINDOWS\system32\cdfview.dll
[Scan path] C:\WINDOWS\system32\extmgr.dll
[Scan path] C:\WINDOWS\system32\msieftp.dll
[Scan path] C:\WINDOWS\system32\docprop2.dll
[Scan path] C:\WINDOWS\system32\dsquery.dll
[Scan path] C:\WINDOWS\system32\dsuiext.dll
[Scan path] C:\WINDOWS\system32\mydocs.dll
[Scan path] C:\WINDOWS\System32\cscui.dll
[Scan path] C:\WINDOWS\msagent\agentpsh.dll
[Scan path] C:\WINDOWS\system32\dfsshlex.dll
[Scan path] C:\WINDOWS\system32\photowiz.dll
[Scan path] C:\WINDOWS\System32\mmcshext.dll
[Scan path] C:\WINDOWS\system32\cabview.dll
[Scan path] C:\Programmer\Outlook Express\wabfind.dll
[Scan path] C:\WINDOWS\system32\wmpshell.dll
[Scan path] C:\Programmer\Grisoft\AVG Free\avgse.dll
[Scan path] C:\WINDOWS\system32\Audiodev.dll
[Scan path] C:\PROGRA~1\MICROS~2\Office\OLKFSTUB.DLL
[Scan path] C:\WINDOWS\system32\mscoree.dll
[Scan path] C:\Programmer\Ahead\InCD\incdshx.dll
[Scan path] C:\Programmer\iTunes\iTunesMiniPlayer.dll
[Scan path] C:\Programmer\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
[Scan path] C:\Programmer\Java\jre1.5.0_06\bin\ssv.dll
[Scan path] C:\WINDOWS\system32\SHELL32.dll
[Scan path] C:\WINDOWS\system32\stobject.dll
[Scan path] C:\WINDOWS\system32\Ati2evxx.dll
[Scan path] C:\WINDOWS\system32\crypt32.dll
[Scan path] C:\WINDOWS\system32\cryptnet.dll
[Scan path] C:\WINDOWS\system32\cscdll.dll
[Scan path] C:\Programmer\SUPERAntiSpyware\SASWINLO.DLL
[Scan path] C:\WINDOWS\system32\wlnotify.dll
[Scan path] C:\WINDOWS\system32\sclgntfy.dll
[Scan path] C:\WINDOWS\system32\WgaLogon.dll
[Scan path] C:\WINDOWS\system32\DRIVERS\ACPI.sys
[Scan path] C:\WINDOWS\system32\drivers\aec.sys
[Scan path] C:\WINDOWS\System32\drivers\afd.sys
[Scan path] C:\WINDOWS\system32\drivers\ALCXSENS.SYS
[Scan path] C:\WINDOWS\system32\drivers\ALCXWDM.SYS
[Scan path] c:\windows\system32\svchost.exe
[Scan path] C:\WINDOWS\System32\alg.exe
[Scan path] C:\WINDOWS\system32\DRIVERS\amdk7.sys
[Scan path] C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\aspnet_state.exe
[Scan path] C:\WINDOWS\system32\DRIVERS\asyncmac.sys
[Scan path] C:\WINDOWS\system32\DRIVERS\atapi.sys
[Scan path] C:\WINDOWS\system32\Ati2evxx.exe
[Scan path] C:\WINDOWS\system32\DRIVERS\ati2mtag.sys
[Scan path] C:\WINDOWS\system32\DRIVERS\atmarpc.sys
[Scan path] C:\WINDOWS\system32\DRIVERS\audstub.sys
[Scan path] C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
[Scan path] C:\WINDOWS\System32\Drivers\avg7core.sys
[Scan path] C:\WINDOWS\System32\Drivers\avg7rsw.sys
[Scan path] C:\WINDOWS\System32\Drivers\avg7rsxp.sys
[Scan path] C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
[Scan path] C:\WINDOWS\System32\Drivers\avgtdi.sys
[Scan path] C:\WINDOWS\system32\DRIVERS\cdrom.sys
[Scan path] C:\WINDOWS\system32\cisvc.exe
[Scan path] C:\WINDOWS\system32\clipsrv.exe
[Scan path] c:\windows\system32\dllhost.exe
[Scan path] C:\WINDOWS\system32\DRIVERS\d347bus.sys
[Scan path] C:\WINDOWS\System32\Drivers\d347prt.sys
[Scan path] C:\WINDOWS\system32\DRIVERS\disk.sys
[Scan path] c:\windows\system32\dmadmin.exe
[Scan path] C:\WINDOWS\System32\drivers\dmboot.sys
[Scan path] C:\WINDOWS\System32\drivers\dmio.sys
[Scan path] C:\WINDOWS\System32\drivers\dmload.sys
[Scan path] C:\WINDOWS\system32\drivers\DMusic.sys
[Scan path] C:\WINDOWS\system32\drivers\drmkaud.sys
[Scan path] C:\WINDOWS\system32\DRIVERS\fdc.sys
[Scan path] C:\WINDOWS\system32\DRIVERS\flpydisk.sys
[Scan path] C:\WINDOWS\system32\DRIVERS\fltMgr.sys
[Scan path] C:\WINDOWS\system32\DRIVERS\ftdisk.sys
[Scan path] C:\WINDOWS\System32\Drivers\GEARAspiWDM.sys
[Scan path] C:\WINDOWS\system32\DRIVERS\msgpc.sys
[Scan path] C:\WINDOWS\System32\Drivers\HTTP.sys
[Scan path] C:\WINDOWS\system32\DRIVERS\i8042prt.sys
[Scan path] C:\Programmer\Fælles filer\InstallShield\Driver\11\Intel 32\IDriverT.exe
[Scan path] C:\WINDOWS\system32\DRIVERS\imapi.sys
[Scan path] C:\WINDOWS\system32\imapi.exe
[Scan path] C:\WINDOWS\System32\DRIVERS\InCDPass.sys
[Scan path] C:\Programmer\Ahead\InCD\InCDsrv.exe
[Scan path] C:\WINDOWS\system32\DRIVERS\Ip6Fw.sys
[Scan path] C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
[Scan path] C:\WINDOWS\system32\DRIVERS\ipinip.sys
[Scan path] C:\WINDOWS\system32\DRIVERS\ipnat.sys
[Scan path] C:\Programmer\iPod\bin\iPodService.exe
[Scan path] C:\WINDOWS\system32\DRIVERS\ipsec.sys
[Scan path] C:\WINDOWS\system32\DRIVERS\irenum.sys
[Scan path] C:\WINDOWS\system32\DRIVERS\isapnp.sys
[Scan path] C:\WINDOWS\system32\DRIVERS\kbdclass.sys
[Scan path] C:\WINDOWS\system32\drivers\kmixer.sys
[Scan path] C:\WINDOWS\system32\DRIVERS\L8042pr2.Sys
[Scan path] C:\WINDOWS\system32\DRIVERS\LHidFlt2.Sys
[Scan path] C:\WINDOWS\System32\Drivers\LHidUsb.Sys
[Scan path] C:\WINDOWS\system32\DRIVERS\LMouFlt2.Sys
[Scan path] C:\WINDOWS\system32\drivers\MTictwl.sys
[Scan path] C:\WINDOWS\system32\mnmsrvc.exe
[Scan path] C:\WINDOWS\system32\DRIVERS\mouclass.sys
[Scan path] C:\WINDOWS\system32\DRIVERS\mouhid.sys
[Scan path] C:\WINDOWS\system32\DRIVERS\mrxdav.sys
[Scan path] C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
[Scan path] C:\WINDOWS\system32\msdtc.exe
[Scan path] c:\windows\system32\msiexec.exe
[Scan path] C:\WINDOWS\system32\drivers\MSKSSRV.sys
[Scan path] C:\WINDOWS\system32\drivers\MSPCLOCK.sys
[Scan path] C:\WINDOWS\system32\drivers\MSPQM.sys
[Scan path] C:\WINDOWS\system32\DRIVERS\mssmbios.sys
[Scan path] C:\WINDOWS\system32\DRIVERS\ndistapi.sys
[Scan path] C:\WINDOWS\system32\DRIVERS\ndisuio.sys
[Scan path] C:\WINDOWS\system32\DRIVERS\ndiswan.sys
[Scan path] C:\WINDOWS\system32\DRIVERS\netbios.sys
[Scan path] C:\WINDOWS\system32\DRIVERS\netbt.sys
[Scan path] C:\WINDOWS\system32\netdde.exe
[Scan path] C:\WINDOWS\system32\DRIVERS\NTIDrvr.sys
[Scan path] C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
[Scan path] C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
[Scan path] C:\WINDOWS\system32\DRIVERS\parport.sys
[Scan path] C:\WINDOWS\system32\DRIVERS\pci.sys
[Scan path] C:\WINDOWS\system32\DRIVERS\raspptp.sys
[Scan path] C:\WINDOWS\system32\DRIVERS\psched.sys
[Scan path] C:\WINDOWS\system32\DRIVERS\ptilink.sys
[Scan path] C:\WINDOWS\System32\Drivers\PxHelp20.sys
[Scan path] C:\WINDOWS\system32\DRIVERS\rasacd.sys
[Scan path] C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
[Scan path] C:\WINDOWS\system32\DRIVERS\raspppoe.sys
[Scan path] C:\WINDOWS\system32\DRIVERS\raspti.sys
[Scan path] C:\WINDOWS\system32\DRIVERS\rdbss.sys
[Scan path] C:\WINDOWS\System32\DRIVERS\RDPCDD.sys
[Scan path] C:\WINDOWS\system32\sessmgr.exe
[Scan path] C:\WINDOWS\system32\DRIVERS\redbook.sys
[Scan path] C:\WINDOWS\system32\locator.exe
[Scan path] C:\WINDOWS\system32\rsvp.exe
[Scan path] C:\Programmer\SUPERAntiSpyware\SASDIFSV.SYS
[Scan path] C:\Programmer\SUPERAntiSpyware\SASENUM.SYS
[Scan path] C:\Programmer\SUPERAntiSpyware\SASKUTIL.sys
[Scan path] C:\WINDOWS\System32\SCardSvr.exe
[Scan path] C:\WINDOWS\system32\DRIVERS\secdrv.sys
[Scan path] C:\WINDOWS\system32\DRIVERS\serenum.sys
[Scan path] C:\WINDOWS\system32\DRIVERS\serial.sys
[Scan path] C:\WINDOWS\system32\DRIVERS\sisgrp.sys
[Scan path] C:\WINDOWS\system32\DRIVERS\SISAGPX.sys
[Scan path] C:\WINDOWS\system32\DRIVERS\siside.sys
[Scan path] C:\WINDOWS\system32\DRIVERS\srvkp.sys
[Scan path] C:\WINDOWS\system32\DRIVERS\sisnic.sys
[Scan path] C:\WINDOWS\system32\drivers\splitter.sys
[Scan path] C:\WINDOWS\system32\spoolsv.exe
[Scan path] C:\WINDOWS\system32\DRIVERS\sr.sys
[Scan path] C:\WINDOWS\system32\DRIVERS\srv.sys
[Scan path] C:\WINDOWS\system32\DRIVERS\swenum.sys
[Scan path] C:\WINDOWS\system32\drivers\swmidi.sys
[Scan path] C:\WINDOWS\system32\drivers\sysaudio.sys
[Scan path] C:\WINDOWS\system32\smlogsvc.exe
[Scan path] C:\WINDOWS\system32\DRIVERS\tcpip.sys
[Scan path] C:\WINDOWS\system32\DRIVERS\termdd.sys
[Scan path] C:\WINDOWS\system32\wdfmgr.exe
[Scan path] C:\WINDOWS\system32\DRIVERS\update.sys
[Scan path] C:\WINDOWS\System32\ups.exe
[Scan path] C:\WINDOWS\system32\DRIVERS\usbehci.sys
[Scan path] C:\WINDOWS\system32\DRIVERS\usbhub.sys
[Scan path] C:\WINDOWS\system32\DRIVERS\usbohci.sys
[Scan path] C:\WINDOWS\system32\DRIVERS\usbprint.sys
[Scan path] C:\WINDOWS\system32\DRIVERS\usbscan.sys
[Scan path] C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
[Scan path] C:\WINDOWS\System32\drivers\vga.sys
[Scan path] C:\WINDOWS\System32\vssvc.exe
[Scan path] C:\WINDOWS\system32\DRIVERS\wanarp.sys
[Scan path] C:\WINDOWS\system32\drivers\wdmaud.sys
[Scan path] C:\WINDOWS\system32\wbem\wmiapsrv.exe
[Scan path] C:\WINDOWS\system32\ntsd.exe
-----------------------------------------------------------------------------
Scan statistics
-----------------------------------------------------------------------------
Objects scanned: 246
Infected objects found: 0
Objects with modifications found: 0
Suspicious objects found: 1
Adware programs found: 0
Dialer programs found: 0
Joke programs found: 0
Riskware programs found: 0
Hacktool programs found: 0
Objects cured: 0
Objects deleted: 0
Objects renamed: 0
Objects moved: 0
Objects ignored: 0
Scan speed: 1643 Kb/s
Scan time: 00:00:35
-----------------------------------------------------------------------------

[Scan path] C:\
-----------------------------------------------------------------------------
Scan statistics
-----------------------------------------------------------------------------
Objects scanned: 4
Infected objects found: 0
Objects with modifications found: 0
Suspicious objects found: 0
Adware programs found: 0
Dialer programs found: 0
Joke programs found: 0
Riskware programs found: 0
Hacktool programs found: 0
Objects cured: 0
Objects deleted: 0
Objects renamed: 0
Objects moved: 0
Objects ignored: 0
Scan speed: 2 Kb/s
Scan time: 00:00:00
-----------------------------------------------------------------------------

[Scan path] C:\
-----------------------------------------------------------------------------
Scan statistics
-----------------------------------------------------------------------------
Objects scanned: 4
Infected objects found: 0
Objects with modifications found: 0
Suspicious objects found: 0
Adware programs found: 0
Dialer programs found: 0
Joke programs found: 0
Riskware programs found: 0
Hacktool programs found: 0
Objects cured: 0
Objects deleted: 0
Objects renamed: 0
Objects moved: 0
Objects ignored: 0
Scan speed: 2 Kb/s
Scan time: 00:00:00
-----------------------------------------------------------------------------

[Scan path] C:\
[Scan path] E:\
[Scan path] I:\
-----------------------------------------------------------------------------
Scan statistics
-----------------------------------------------------------------------------
Objects scanned: 722
Infected objects found: 0
Objects with modifications found: 0
Suspicious objects found: 0
Adware programs found: 0
Dialer programs found: 0
Joke programs found: 0
Riskware programs found: 0
Hacktool programs found: 0
Objects cured: 0
Objects deleted: 0
Objects renamed: 0
Objects moved: 0
Objects ignored: 0
Scan speed: 20058 Kb/s
Scan time: 00:00:27
-----------------------------------------------------------------------------

C:\Programmer\Support.com\bin\tgcmd.exe - moved

[Scan path] C:\
-----------------------------------------------------------------------------
Scan statistics
-----------------------------------------------------------------------------
Objects scanned: 4
Infected objects found: 0
Objects with modifications found: 0
Suspicious objects found: 0
Adware programs found: 0
Dialer programs found: 0
Joke programs found: 0
Riskware programs found: 0
Hacktool programs found: 0
Objects cured: 0
Objects deleted: 0
Objects renamed: 0
Objects moved: 0
Objects ignored: 0
Scan speed: 2 Kb/s
Scan time: 00:00:00
-----------------------------------------------------------------------------

=============================================================================
Total session statistics
=============================================================================
Objects scanned: 980
Infected objects found: 0
Objects with modifications found: 0
Suspicious objects found: 1
Adware programs found: 0
Dialer programs found: 0
Joke programs found: 0
Riskware programs found: 0
Hacktool programs found: 0
Objects cured: 0
Objects deleted: 0
Objects renamed: 0
Objects moved: 1
Objects ignored: 0
Scan speed: 9663 Kb/s
Scan time: 00:01:02
=============================================================================

=============================================================================
Dr.Web(R) Scanner for Windows v4.33.2 (4.33.2.06080)
Copyright (c) Igor Daniloff, 1992-2006
Log generated on: 2006-08-12, 10:08:55 [Karsten Mortensen]
Command-line: "C:\DOCUME~1\KARSTE~1\LOKALE~1\Temp\RarSFX3\cureit.exe" /lng /ini:cureit_XP.ini
Operating system:Windows XP Home Edition x86 (Build 2600), Service Pack 2
=============================================================================
Engine version: 4.33 (4.33.4.07270)
Engine API version: 2.01
[Virus base] C:\DOCUME~1\KARSTE~1\LOKALE~1\Temp\RarSFX3\crwtoday.cdb - 1017 virus records
[Virus base] C:\DOCUME~1\KARSTE~1\LOKALE~1\Temp\RarSFX3\crw43347.cdb - 707 virus records
[Virus base] C:\DOCUME~1\KARSTE~1\LOKALE~1\Temp\RarSFX3\crw43346.cdb - 1429 virus records
[Virus base] C:\DOCUME~1\KARSTE~1\LOKALE~1\Temp\RarSFX3\crw43345.cdb - 1358 virus records
[Virus base] C:\DOCUME~1\KARSTE~1\LOKALE~1\Temp\RarSFX3\crw43344.cdb - 694 virus records
[Virus base] C:\DOCUME~1\KARSTE~1\LOKALE~1\Temp\RarSFX3\crw43343.cdb - 1186 virus records
[Virus base] C:\DOCUME~1\KARSTE~1\LOKALE~1\Temp\RarSFX3\crw43342.cdb - 744 virus records
[Virus base] C:\DOCUME~1\KARSTE~1\LOKALE~1\Temp\RarSFX3\crw43341.cdb - 841 virus records
[Virus base] C:\DOCUME~1\KARSTE~1\LOKALE~1\Temp\RarSFX3\crw43340.cdb - 822 virus records
[Virus base] C:\DOCUME~1\KARSTE~1\LOKALE~1\Temp\RarSFX3\crw43339.cdb - 1071 virus records
[Virus base] C:\DOCUME~1\KARSTE~1\LOKALE~1\Temp\RarSFX3\crw43338.cdb - 989 virus records
[Virus base] C:\DOCUME~1\KARSTE~1\LOKALE~1\Temp\RarSFX3\crw43337.cdb - 855 virus records
[Virus base] C:\DOCUME~1\KARSTE~1\LOKALE~1\Temp\RarSFX3\crw43336.cdb - 1297 virus records
[Virus base] C:\DOCUME~1\KARSTE~1\LOKALE~1\Temp\RarSFX3\crw43335.cdb - 1195 virus records
[Virus base] C:\DOCUME~1\KARSTE~1\LOKALE~1\Temp\RarSFX3\crw43334.cdb - 900 virus records
[Virus base] C:\DOCUME~1\KARSTE~1\LOKALE~1\Temp\RarSFX3\crw43333.cdb - 1381 virus records
[Virus base] C:\DOCUME~1\KARSTE~1\LOKALE~1\Temp\RarSFX3\crw43332.cdb - 1340 virus records
[Virus base] C:\DOCUME~1\KARSTE~1\LOKALE~1\Temp\RarSFX3\crw43331.cdb - 2735 virus records
[Virus base] C:\DOCUME~1\KARSTE~1\LOKALE~1\Temp\RarSFX3\crw43330.cdb - 2078 virus records
[Virus base] C:\DOCUME~1\KARSTE~1\LOKALE~1\Temp\RarSFX3\crw43329.cdb - 2490 virus records
[Virus base] C:\DOCUME~1\KARSTE~1\LOKALE~1\Temp\RarSFX3\crw43328.cdb - 743 virus records
[Virus base] C:\DOCUME~1\KARSTE~1\LOKALE~1\Temp\RarSFX3\crw43327.cdb - 958 virus records
[Virus base] C:\DOCUME~1\KARSTE~1\LOKALE~1\Temp\RarSFX3\crw43326.cdb - 793 virus records
[Virus base] C:\DOCUME~1\KARSTE~1\LOKALE~1\Temp\RarSFX3\crw43325.cdb - 713 virus records
[Virus base] C:\DOCUME~1\KARSTE~1\LOKALE~1\Temp\RarSFX3\crw43324.cdb - 655 virus records
[Virus base] C:\DOCUME~1\KARSTE~1\LOKALE~1\Temp\RarSFX3\crw43323.cdb - 655 virus records
[Virus base] C:\DOCUME~1\KARSTE~1\LOKALE~1\Temp\RarSFX3\crw43322.cdb - 778 virus records
[Virus base] C:\DOCUME~1\KARSTE~1\LOKALE~1\Temp\RarSFX3\crw43321.cdb - 846 virus records
[Virus base] C:\DOCUME~1\KARSTE~1\LOKALE~1\Temp\RarSFX3\crw43320.cdb - 808 virus records
[Virus base] C:\DOCUME~1\KARSTE~1\LOKALE~1\Temp\RarSFX3\crw43319.cdb - 764 virus records
[Virus base] C:\DOCUME~1\KARSTE~1\LOKALE~1\Temp\RarSFX3\crw43318.cdb - 838 virus records
[Virus base] C:\DOCUME~1\KARSTE~1\LOKALE~1\Temp\RarSFX3\crw43317.cdb - 363 virus records
[Virus base] C:\DOCUME~1\KARSTE~1\LOKALE~1\Temp\RarSFX3\crw43316.cdb - 730 virus records
[Virus base] C:\DOCUME~1\KARSTE~1\LOKALE~1\Temp\RarSFX3\crw43315.cdb - 627 virus records
[Virus base] C:\DOCUME~1\KARSTE~1\LOKALE~1\Temp\RarSFX3\crw43314.cdb - 824 virus records
[Virus base] C:\DOCUME~1\KARSTE~1\LOKALE~1\Temp\RarSFX3\crw43313.cdb - 842 virus records
[Virus base] C:\DOCUME~1\KARSTE~1\LOKALE~1\Temp\RarSFX3\crw43312.cdb - 830 virus records
[Virus base] C:\DOCUME~1\KARSTE~1\LOKALE~1\Temp\RarSFX3\crw43311.cdb - 862 virus records
[Virus base] C:\DOCUME~1\KARSTE~1\LOKALE~1\Temp\RarSFX3\crw43310.cdb - 853 virus records
[Virus base] C:\DOCUME~1\KARSTE~1\LOKALE~1\Temp\RarSFX3\crw43309.cdb - 733 virus records
[Virus base] C:\DOCUME~1\KARSTE~1\LOKALE~1\Temp\RarSFX3\crw43308.cdb - 708 virus records
[Virus base] C:\DOCUME~1\KARSTE~1\LOKALE~1\Temp\RarSFX3\crw43307.cdb - 839 virus records
[Virus base] C:\DOCUME~1\KARSTE~1\LOKALE~1\Temp\RarSFX3\crw43306.cdb - 930 virus records
[Virus base] C:\DOCUME~1\KARSTE~1\LOKALE~1\Temp\RarSFX3\crw43305.cdb - 759 virus records
[Virus base] C:\DOCUME~1\KARSTE~1\LOKALE~1\Temp\RarSFX3\crw43304.cdb - 721 virus records
[Virus base] C:\DOCUME~1\KARSTE~1\LOKALE~1\Temp\RarSFX3\crw43303.cdb - 638 virus records
[Virus base] C:\DOCUME~1\KARSTE~1\LOKALE~1\Temp\RarSFX3\crw43302.cdb - 806 virus records
[Virus base] C:\DOCUME~1\KARSTE~1\LOKALE~1\Temp\RarSFX3\crw43301.cdb - 504 virus records
[Virus base] C:\DOCUME~1\KARSTE~1\LOKALE~1\Temp\RarSFX3\crw43300.cdb - 24 virus records
[Virus base] C:\DOCUME~1\KARSTE~1\LOKALE~1\Temp\RarSFX3\crwebase.cdb - 78674 virus records
[Virus base] C:\DOCUME~1\KARSTE~1\LOKALE~1\Temp\RarSFX3\cwrtoday.cdb - 211 virus records
[Virus base] C:\DOCUME~1\KARSTE~1\LOKALE~1\Temp\RarSFX3\cwr43301.cdb - 697 virus records
[Virus base] C:\DOCUME~1\KARSTE~1\LOKALE~1\Temp\RarSFX3\crwrisky.cdb - 1271 virus records
[Virus base] C:\DOCUME~1\KARSTE~1\LOKALE~1\Temp\RarSFX3\cwntoday.cdb - 722 virus records
[Virus base] C:\DOCUME~1\KARSTE~1\LOKALE~1\Temp\RarSFX3\cwn43303.cdb - 766 virus records
[Virus base] C:\DOCUME~1\KARSTE~1\LOKALE~1\Temp\RarSFX3\cwn43302.cdb - 850 virus records
[Virus base] C:\DOCUME~1\KARSTE~1\LOKALE~1\Temp\RarSFX3\cwn43301.cdb - 773 virus records
[Virus base] C:\DOCUME~1\KARSTE~1\LOKALE~1\Temp\RarSFX3\crwnasty.cdb - 4867 virus records
Total virus records: 135104
Key file: C:\DOCUME~1\KARSTE~1\LOKALE~1\Temp\RarSFX3\cureit.key
License key number: 0000000010
Registered to: Dr.Web CureIt Project
License key activates: 2005-03-05
License key expires: 2007-03-05

-----------------------------------------------------------------------------
Scan statistics
-----------------------------------------------------------------------------
Objects scanned: 0
Infected objects found: 0
Objects with modifications found: 0
Suspicious objects found: 0
Adware programs found: 0
Dialer programs found: 0
Joke programs found: 0
Riskware programs found: 0
Hacktool programs found: 0
Objects cured: 0
Objects deleted: 0
Objects renamed: 0
Objects moved: 0
Objects ignored: 0
Scan speed: 0 Kb/s
Scan time: 00:00:00
-----------------------------------------------------------------------------

[Scan path] C:\WINDOWS\system32\smss.exe
[Scan path] C:\WINDOWS\system32\csrss.exe
[Scan path] C:\WINDOWS\system32\winlogon.exe
[Scan path] C:\WINDOWS\system32\services.exe
[Scan path] C:\WINDOWS\system32\lsass.exe
[Scan path] C:\WINDOWS\system32\svchost.exe
[Scan path] C:\WINDOWS\Explorer.EXE
[Scan path] C:\drweb-cureit.exe
[Scan path] C:\DOCUME~1\KARSTE~1\LOKALE~1\Temp\RarSFX3\_start.exe
[Scan path] C:\DOCUME~1\KARSTE~1\LOKALE~1\Temp\RarSFX3\cureit.exe
[Scan path] C:\WINDOWS\SOUNDMAN.EXE
[Scan path] c:\progra~1\grisoft\avgfre~1\avgcc.exe
[Scan path] C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
[Scan path] C:\WINDOWS\Logi_MwX.Exe
[Scan path] C:\Programmer\D-Tools\daemon.exe
[Scan path] C:\Programmer\Ahead\InCD\InCD.exe
[Scan path] C:\WINDOWS\system32\NeroCheck.exe
[Scan path] C:\Programmer\HP\HP Software Update\HPWuSchd2.exe
[Scan path] c:\windows\p_981116.exe
[Scan path] C:\Programmer\iTunes\iTunesHelper.exe
[Scan path] C:\Programmer\QuickTime\qttask.exe
[Scan path] c:\windows\system32\dumprep.exe
[Scan path] C:\Programmer\Java\jre1.5.0_06\bin\jusched.exe
[Scan path] C:\Programmer\AOL\Active Security Monitor\ASMonitor.exe
[Scan path] c:\programmer\canon\easy-printtoolbox\bjpsmain.exe
[Scan path] C:\WINDOWS\system32\ctfmon.exe
[Scan path] C:\Programmer\Messenger\msmsgs.exe
[Scan path] C:\Programmer\SUPERAntiSpyware\SUPERAntiSpyware.exe
[Scan path] c:\progra~1\grisoft\avgfre~1\avgw.exe
[Scan path] C:\Documents and Settings\Karsten Mortensen\Menuen Start\Programmer\Start\desktop.ini
[Scan path] C:\Programmer\Microsoft Office\Office\OSA9.EXE
[Scan path] C:\Programmer\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
[Scan path] C:\Programmer\HP\Digital Imaging\bin\hpqthb08.exe
[Scan path] C:\Programmer\HP\Digital Imaging\bin\hpqtra08.exe
[Scan path] C:\Programmer\Adobe\Acrobat 7.0\Reader\reader_sl.exe
[Scan path] C:\WINDOWS\system32\mmsys.cpl
[Scan path] C:\WINDOWS\system32\icmui.dll
[Scan path] C:\WINDOWS\system32\rshx32.dll
[Scan path] C:\WINDOWS\system32\docprop.dll
[Scan path] C:\WINDOWS\system32\ntshrui.dll
[Scan path] C:\WINDOWS\system32\themeui.dll
[Scan path] C:\WINDOWS\system32\deskadp.dll
[Scan path] C:\WINDOWS\system32\deskmon.dll
[Scan path] C:\WINDOWS\system32\dssec.dll
[Scan path] C:\WINDOWS\system32\SlayerXP.dll
[Scan path] C:\WINDOWS\system32\shscrap.dll
[Scan path] C:\WINDOWS\system32\diskcopy.dll
[Scan path] C:\WINDOWS\system32\ntlanui2.dll
[Scan path] C:\WINDOWS\system32\printui.dll
[Scan path] C:\WINDOWS\system32\dskquoui.dll
[Scan path] C:\WINDOWS\system32\syncui.dll
[Scan path] C:\WINDOWS\system32\hticons.dll
[Scan path] C:\WINDOWS\system32\fontext.dll
[Scan path] C:\WINDOWS\system32\deskperf.dll
[Scan path] C:\WINDOWS\system32\cryptext.dll
[Scan path] C:\WINDOWS\system32\NETSHELL.dll
[Scan path] C:\WINDOWS\system32\wiashext.dll
[Scan path] C:\WINDOWS\system32\remotepg.dll
[Scan path] C:\WINDOWS\system32\wshext.dll
[Scan path] C:\Programmer\Fælles filer\System\Ole DB\oledb32.dll
[Scan path] C:\WINDOWS\system32\mstask.dll
[Scan path] C:\WINDOWS\system32\shdocvw.dll
[Scan path] C:\WINDOWS\system32\wuaucpl.cpl
[Scan path] C:\WINDOWS\system32\twext.dll
[Scan path] C:\WINDOWS\system32\shmedia.dll
[Scan path] C:\WINDOWS\system32\browseui.dll
[Scan path] C:\WINDOWS\system32\sendmail.dll
[Scan path] C:\WINDOWS\system32\occache.dll
[Scan path] C:\WINDOWS\system32\webcheck.dll
[Scan path] C:\WINDOWS\system32\appwiz.cpl
[Scan path] C:\WINDOWS\system32\shimgvw.dll
[Scan path] C:\WINDOWS\system32\netplwiz.dll
[Scan path] C:\WINDOWS\system32\zipfldr.dll
[Scan path] C:\WINDOWS\system32\cdfview.dll
[Scan path] C:\WINDOWS\system32\extmgr.dll
[Scan path] C:\WINDOWS\system32\msieftp.dll
[Scan path] C:\WINDOWS\system32\docprop2.dll
[Scan path] C:\WINDOWS\system32\dsquery.dll
[Scan path] C:\WINDOWS\system32\dsuiext.dll
[Scan path] C:\WINDOWS\system32\mydocs.dll
[Scan path] C:\WINDOWS\System32\cscui.dll
[Scan path] C:\WINDOWS\msagent\agentpsh.dll
[Scan path] C:\WINDOWS\system32\dfsshlex.dll
[Scan path] C:\WINDOWS\system32\photowiz.dll
[Scan path] C:\WINDOWS\System32\mmcshext.dll
[Scan path] C:\WINDOWS\system32\cabview.dll
[Scan path] C:\Programmer\Outlook Express\wabfind.dll
[Scan path] C:\WINDOWS\system32\wmpshell.dll
[Scan path] C:\Programmer\Grisoft\AVG Free\avgse.dll
[Scan path] C:\WINDOWS\system32\Audiodev.dll
[Scan path] C:\PROGRA~1\MICROS~2\Office\OLKFSTUB.DLL
[Scan path] C:\WINDOWS\system32\mscoree.dll
[Scan path] C:\Programmer\Ahead\InCD\incdshx.dll
[Scan path] C:\Programmer\iTunes\iTunesMiniPlayer.dll
[Scan path] C:\Programmer\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
[Scan path] C:\Programmer\Java\jre1.5.0_06\bin\ssv.dll
[Scan path] C:\WINDOWS\system32\SHELL32.dll
[Scan path] C:\WINDOWS\system32\stobject.dll
[Scan path] C:\WINDOWS\system32\Ati2evxx.dll
[Scan path] C:\WINDOWS\system32\crypt32.dll
[Scan path] C:\WINDOWS\system32\cryptnet.dll
[Scan path] C:\WINDOWS\system32\cscdll.dll
[Scan path] C:\Programmer\SUPERAntiSpyware\SASWINLO.DLL
[Scan path] C:\WINDOWS\system32\wlnotify.dll
[Scan path] C:\WINDOWS\system32\sclgntfy.dll
[Scan path] C:\WINDOWS\system32\WgaLogon.dll
[Scan path] C:\WINDOWS\system32\DRIVERS\ACPI.sys
[Scan path] C:\WINDOWS\system32\drivers\aec.sys
[Scan path] C:\WINDOWS\System32\drivers\afd.sys
[Scan path] C:\WINDOWS\system32\drivers\ALCXSENS.SYS
[Scan path] C:\WINDOWS\system32\drivers\ALCXWDM.SYS
[Scan path] c:\windows\system32\svchost.exe
[Scan path] C:\WINDOWS\System32\alg.exe
[Scan path] C:\WINDOWS\system32\DRIVERS\amdk7.sys
[Scan path] C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\aspnet_state.exe
[Scan path] C:\WINDOWS\system32\DRIVERS\asyncmac.sys
[Scan path] C:\WINDOWS\system32\DRIVERS\atapi.sys
[Scan path] C:\WINDOWS\system32\Ati2evxx.exe
[Scan path] C:\WINDOWS\system32\DRIVERS\ati2mtag.sys
[Scan path] C:\WINDOWS\system32\DRIVERS\atmarpc.sys
[Scan path] C:\WINDOWS\system32\DRIVERS\audstub.sys
[Scan path] C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
[Scan path] C:\WINDOWS\System32\Drivers\avg7core.sys
[Scan path] C:\WINDOWS\System32\Drivers\avg7rsw.sys
[Scan path] C:\WINDOWS\System32\Drivers\avg7rsxp.sys
[Scan path] C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
[Scan path] C:\WINDOWS\System32\Drivers\avgtdi.sys
[Scan path] C:\WINDOWS\system32\DRIVERS\cdrom.sys
[Scan path] C:\WINDOWS\system32\cisvc.exe
[Scan path] C:\WINDOWS\system32\clipsrv.exe
[Scan path] c:\windows\system32\dllhost.exe
[Scan path] C:\WINDOWS\system32\DRIVERS\d347bus.sys
[Scan path] C:\WINDOWS\System32\Drivers\d347prt.sys
[Scan path] C:\WINDOWS\system32\DRIVERS\disk.sys
[Scan path] c:\windows\system32\dmadmin.exe
[Scan path] C:\WINDOWS\System32\drivers\dmboot.sys
[Scan path] C:\WINDOWS\System32\drivers\dmio.sys
[Scan path] C:\WINDOWS\System32\drivers\dmload.sys
[Scan path] C:\WINDOWS\system32\drivers\DMusic.sys
[Scan path] C:\WINDOWS\system32\drivers\drmkaud.sys
[Scan path] C:\WINDOWS\system32\DRIVERS\fdc.sys
[Scan path] C:\WINDOWS\system32\DRIVERS\flpydisk.sys
[Scan path] C:\WINDOWS\system32\DRIVERS\fltMgr.sys
[Scan path] C:\WINDOWS\system32\DRIVERS\ftdisk.sys
[Scan path] C:\WINDOWS\System32\Drivers\GEARAspiWDM.sys
[Scan path] C:\WINDOWS\system32\DRIVERS\msgpc.sys
[Scan path] C:\WINDOWS\System32\Drivers\HTTP.sys
[Scan path] C:\WINDOWS\system32\DRIVERS\i8042prt.sys
[Scan path] C:\Programmer\Fælles filer\InstallShield\Driver\11\Intel 32\IDriverT.exe
[Scan path] C:\WINDOWS\system32\DRIVERS\imapi.sys
[Scan path] C:\WINDOWS\system32\imapi.exe
[Scan path] C:\WINDOWS\System32\DRIVERS\InCDPass.sys
[Scan path] C:\Programmer\Ahead\InCD\InCDsrv.exe
[Scan path] C:\WINDOWS\system32\DRIVERS\Ip6Fw.sys
[Scan path] C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
[Scan path] C:\WINDOWS\system32\DRIVERS\ipinip.sys
[Scan path] C:\WINDOWS\system32\DRIVERS\ipnat.sys
[Scan path] C:\Programmer\iPod\bin\iPodService.exe
[Scan path] C:\WINDOWS\system32\DRIVERS\ipsec.sys
[Scan path] C:\WINDOWS\system32\DRIVERS\irenum.sys
[Scan path] C:\WINDOWS\system32\DRIVERS\isapnp.sys
[Scan path] C:\WINDOWS\system32\DRIVERS\kbdclass.sys
[Scan path] C:\WINDOWS\system32\drivers\kmixer.sys
[Scan path] C:\WINDOWS\system32\DRIVERS\L8042pr2.Sys
[Scan path] C:\WINDOWS\system32\DRIVERS\LHidFlt2.Sys
[Scan path] C:\WINDOWS\System32\Drivers\LHidUsb.Sys
[Scan path] C:\WINDOWS\system32\DRIVERS\LMouFlt2.Sys
[Scan path] C:\WINDOWS\system32\drivers\MTictwl.sys
[Scan path] C:\WINDOWS\system32\mnmsrvc.exe
[Scan path] C:\WINDOWS\system32\DRIVERS\mouclass.sys
[Scan path] C:\WINDOWS\system32\DRIVERS\mouhid.sys
[Scan path] C:\WINDOWS\system32\DRIVERS\mrxdav.sys
[Scan path] C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
[Scan path] C:\WINDOWS\system32\msdtc.exe
[Scan path] c:\windows\system32\msiexec.exe
[Scan path] C:\WINDOWS\system32\drivers\MSKSSRV.sys
[Scan path] C:\WINDOWS\system32\drivers\MSPCLOCK.sys
[Scan path] C:\WINDOWS\system32\drivers\MSPQM.sys
[Scan path] C:\WINDOWS\system32\DRIVERS\mssmbios.sys
[Scan path] C:\WINDOWS\system32\DRIVERS\ndistapi.sys
[Scan path] C:\WINDOWS\system32\DRIVERS\ndisuio.sys
[Scan path] C:\WINDOWS\system32\DRIVERS\ndiswan.sys
[Scan path] C:\WINDOWS\system32\DRIVERS\netbios.sys
[Scan path] C:\WINDOWS\system32\DRIVERS\netbt.sys
[Scan path] C:\WINDOWS\system32\netdde.exe
[Scan path] C:\WINDOWS\system32\DRIVERS\NTIDrvr.sys
[Scan path] C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
[Scan path] C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
[Scan path] C:\WINDOWS\system32\DRIVERS\parport.sys
[Scan path] C:\WINDOWS\system32\DRIVERS\pci.sys
[Scan path] C:\WINDOWS\system32\DRIVERS\raspptp.sys
[Scan path] C:\WINDOWS\system32\DRIVERS\psched.sys
[Scan path] C:\WINDOWS\system32\DRIVERS\ptilink.sys
[Scan path] C:\WINDOWS\System32\Drivers\PxHelp20.sys
[Scan path] C:\WINDOWS\system32\DRIVERS\rasacd.sys
[Scan path] C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
[Scan path] C:\WINDOWS\system32\DRIVERS\raspppoe.sys
[Scan path] C:\WINDOWS\system32\DRIVERS\raspti.sys
[Scan path] C:\WINDOWS\system32\DRIVERS\rdbss.sys
[Scan path] C:\WINDOWS\System32\DRIVERS\RDPCDD.sys
[Scan path] C:\WINDOWS\system32\sessmgr.exe
[Scan path] C:\WINDOWS\system32\DRIVERS\redbook.sys
[Scan path] C:\WINDOWS\system32\locator.exe
[Scan path] C:\WINDOWS\system32\rsvp.exe
[Scan path] C:\Programmer\SUPERAntiSpyware\SASDIFSV.SYS
[Scan path] C:\Programmer\SUPERAntiSpyware\SASENUM.SYS
[Scan path] C:\Programmer\SUPERAntiSpyware\SASKUTIL.sys
[Scan path] C:\WINDOWS\System32\SCardSvr.exe
[Scan path] C:\WINDOWS\system32\DRIVERS\secdrv.sys
[Scan path] C:\WINDOWS\system32\DRIVERS\serenum.sys
[Scan path] C:\WINDOWS\system32\DRIVERS\serial.sys
[Scan path] C:\WINDOWS\system32\DRIVERS\sisgrp.sys
[Scan path] C:\WINDOWS\system32\DRIVERS\SISAGPX.sys
[Scan path] C:\WINDOWS\system32\DRIVERS\siside.sys
[Scan path] C:\WINDOWS\system32\DRIVERS\srvkp.sys
[Scan path] C:\WINDOWS\system32\DRIVERS\sisnic.sys
[Scan path] C:\WINDOWS\system32\drivers\splitter.sys
[Scan path] C:\WINDOWS\system32\spoolsv.exe
[Scan path] C:\WINDOWS\system32\DRIVERS\sr.sys
[Scan path] C:\WINDOWS\system32\DRIVERS\srv.sys
[Scan path] C:\WINDOWS\system32\DRIVERS\swenum.sys
[Scan path] C:\WINDOWS\system32\drivers\swmidi.sys
[Scan path] C:\WINDOWS\system32\drivers\sysaudio.sys
[Scan path] C:\WINDOWS\system32\smlogsvc.exe
[Scan path] C:\WINDOWS\system32\DRIVERS\tcpip.sys
[Scan path] C:\WINDOWS\system32\DRIVERS\termdd.sys
[Scan path] C:\WINDOWS\system32\wdfmgr.exe
[Scan path] C:\WINDOWS\system32\DRIVERS\update.sys
[Scan path] C:\WINDOWS\System32\ups.exe
[Scan path] C:\WINDOWS\system32\DRIVERS\usbehci.sys
[Scan path] C:\WINDOWS\system32\DRIVERS\usbhub.sys
[Scan path] C:\WINDOWS\system32\DRIVERS\usbohci.sys
[Scan path] C:\WINDOWS\system32\DRIVERS\usbprint.sys
[Scan path] C:\WINDOWS\system32\DRIVERS\usbscan.sys
[Scan path] C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
[Scan path] C:\WINDOWS\System32\drivers\vga.sys
[Scan path] C:\WINDOWS\System32\vssvc.exe
[Scan path] C:\WINDOWS\system32\DRIVERS\wanarp.sys
[Scan path] C:\WINDOWS\system32\drivers\wdmaud.sys
[Scan path] C:\WINDOWS\system32\wbem\wmiapsrv.exe
[Scan path] C:\WINDOWS\system32\ntsd.exe
-----------------------------------------------------------------------------
Scan statistics
-----------------------------------------------------------------------------
Objects scanned: 245
Infected objects found: 0
Objects with modifications found: 0
Suspicious objects found: 0
Adware programs found: 0
Dialer programs found: 0
Joke programs found: 0
Riskware programs found: 0
Hacktool programs found: 0
Objects cured: 0
Objects deleted: 0
Objects renamed: 0
Objects moved: 0
Objects ignored: 0
Scan speed: 4642 Kb/s
Scan time: 00:00:12
-----------------------------------------------------------------------------

[Scan path] C:\
C:\WINDOWS\system32\config\system.LOG - read error
C:\WINDOWS\system32\config\software.LOG - read error
C:\WINDOWS\system32\config\default.LOG - read error
C:\WINDOWS\system32\config\SAM.LOG - read error
C:\WINDOWS\system32\config\SECURITY.LOG - read error
C:\WINDOWS\system32\config\DEFAULT - read error
C:\WINDOWS\system32\config\SECURITY - read error
C:\WINDOWS\system32\config\SOFTWARE - read error
C:\WINDOWS\system32\config\SYSTEM - read error
C:\WINDOWS\system32\config\SAM - read error
C:\Documents and Settings\NetworkService\NTUSER~1.LOG - read error
C:\Documents and Settings\NetworkService\NTUSER.DAT - read error
C:\Documents and Settings\NetworkService\Lokale indstillinger\Application Data\Microsoft\Windows\USRCLA~1.LOG - read error
C:\Documents and Settings\NetworkService\Lokale indstillinger\Application Data\Microsoft\Windows\USRCLASS.DAT - read error
C:\Documents and Settings\Karsten Mortensen\NTUSER~1.LOG - read error
C:\Documents and Settings\Karsten Mortensen\ntuser.dat - read error
>C:\Documents and Settings\Karsten Mortensen\Lokale indstillinger\Temp\uninstall.exe is riskware program Program.SaferScan - renamed
>C:\Documents and Settings\Karsten Mortensen\Lokale indstillinger\Temporary Internet Files\Content.IE5\C56JKP2F\444444[1].htm\Script.0 infected with Exploit.MhtRedir
>C:\Documents and Settings\Karsten Mortensen\Lokale indstillinger\Temporary Internet Files\Content.IE5\C56JKP2F\444444[1].htm\JavaScript.1 infected with VBS.Psyme.194
>C:\Documents and Settings\Karsten Mortensen\Lokale indstillinger\Temporary Internet Files\Content.IE5\C56JKP2F\444444[1].htm\JavaScript.2 infected with VBS.Psyme.193
>C:\Documents and Settings\Karsten Mortensen\Lokale indstillinger\Temporary Internet Files\Content.IE5\C56JKP2F\444444[1].htm\JavaScript.3 infected with VBS.Psyme.195
C:\Documents and Settings\Karsten Mortensen\Lokale indstillinger\Temporary Internet Files\Content.IE5\C56JKP2F\444444[1].htm - archive contains infected objects - moved
C:\Documents and Settings\Karsten Mortensen\Lokale indstillinger\Temporary Internet Files\Content.IE5\3YZL51ZR\ErrorSafeFreeInstall_dk[1].exe infected with Trojan.DownLoader.10963 - deleted
C:\Documents and Settings\Karsten Mortensen\Lokale indstillinger\Application Data\Microsoft\Windows\USRCLASS.DAT - read error
C:\Documents and Settings\Karsten Mortensen\Lokale indstillinger\Application Data\Microsoft\Windows\USRCLA~1.LOG - read error
C:\Programmer\TDC\TDCNetSupport\scripts\Helper.wsf infected with modification of JS.First - moved
C:\System Volume Information\_restore{F1C67F73-8AD7-4C89-89E8-D3139F12739E}\RP438\A0073284.dll is adware program Adware.Zango - renamed
>C:\System Volume Information\_restore{F1C67F73-8AD7-4C89-89E8-D3139F12739E}\RP438\A0073292.exe is adware program Adware.Zango - renamed
>C:\System Volume Information\_restore{F1C67F73-8AD7-4C89-89E8-D3139F12739E}\RP438\A0073293.dll is adware program Adware.Zango - renamed
>C:\System Volume Information\_restore{F1C67F73-8AD7-4C89-89E8-D3139F12739E}\RP438\A0073322.exe is adware program Adware.Zango - renamed
C:\System Volume Information\_restore{F1C67F73-8AD7-4C89-89E8-D3139F12739E}\RP458\A0085823.dll is adware program Adware.Zango - renamed
>C:\System Volume Information\_restore{F1C67F73-8AD7-4C89-89E8-D3139F12739E}\RP458\A0085885.exe is adware program Adware.Zango - renamed
>C:\System Volume Information\_restore{F1C67F73-8AD7-4C89-89E8-D3139F12739E}\RP458\A0085886.dll is adware program Adware.Zango - renamed

-----------------------------------------------------------------------------
Scan statistics
-----------------------------------------------------------------------------
Objects scanned: 264568
Infected objects found: 5
Objects with modifications found: 1
Suspicious objects found: 0
Adware programs found: 7
Dialer programs found: 0
Joke programs found: 0
Riskware programs found: 1
Hacktool programs found: 0
Objects cured: 0
Objects deleted: 1
Objects renamed: 8
Objects moved: 2
Objects ignored: 0
Scan speed: 507 Kb/s
Scan time: 02:15:00
-----------------------------------------------------------------------------

=============================================================================
Total session statistics
=============================================================================
Objects scanned: 264813
Infected objects found: 5
Objects with modifications found: 1
Suspicious objects found: 0
Adware programs found: 7
Dialer programs found: 0
Joke programs found: 0
Riskware programs found: 1
Hacktool programs found: 0
Objects cured: 0
Objects deleted: 1
Objects renamed: 8
Objects moved: 2
Objects ignored: 0
Scan speed: 514 Kb/s
Scan time: 02:15:12
=============================================================================
SUPERAntiSpyware Scan Log
Generated 08/12/2006 at 12:41 PM

Core Rules Database Version : 3049
Trace Rules Database Version: 1098

Memory threats detected : 0
Registry threats detected : 6
File threats detected : 36

Spyware.ShopAtHomeSelect
[gah95on6] C:\WINDOWS\system32\gah95on6.exe
C:\WINDOWS\system32\gah95on6.exe

Adware.Tracking Cookie
C:\Documents and Settings\Karsten Mortensen\Cookies\karsten mortensen@clicktorrent[2].txt
C:\Documents and Settings\Karsten Mortensen\Cookies\karsten mortensen@888[1].txt
C:\Documents and Settings\Karsten Mortensen\Cookies\karsten mortensen@e2.emediate[1].txt
C:\Documents and Settings\Karsten Mortensen\Cookies\karsten mortensen@track.adform[2].txt
C:\Documents and Settings\Karsten Mortensen\Cookies\karsten mortensen@ad2.adecn[1].txt
C:\Documents and Settings\Karsten Mortensen\Cookies\karsten mortensen@1066681172[1].txt
C:\Documents and Settings\Karsten Mortensen\Cookies\karsten mortensen@cgi-bin[2].txt
C:\Documents and Settings\Karsten Mortensen\Cookies\karsten mortensen@indexstats[1].txt
C:\Documents and Settings\Karsten Mortensen\Cookies\karsten mortensen@adecn[1].txt
C:\Documents and Settings\Karsten Mortensen\Cookies\karsten mortensen@ads.mininova[1].txt
C:\Documents and Settings\Karsten Mortensen\Cookies\karsten mortensen@toplist.coverfox[1].txt
C:\Documents and Settings\Karsten Mortensen\Cookies\karsten mortensen@clicksor[2].txt
C:\Documents and Settings\Karsten Mortensen\Cookies\karsten mortensen@xiti[1].txt
C:\Documents and Settings\Karsten Mortensen\Cookies\karsten mortensen@ad1.hardware[1].txt
C:\Documents and Settings\Karsten Mortensen\Cookies\karsten mortensen@cassava[1].txt
C:\Documents and Settings\Karsten Mortensen\Cookies\karsten mortensen@tracking.notabenestats[1].txt
C:\Documents and Settings\Karsten Mortensen\Cookies\karsten mortensen@1071427968[2].txt
C:\Documents and Settings\Karsten Mortensen\Cookies\karsten mortensen@ad.yieldmanager[1].txt
C:\Documents and Settings\Karsten Mortensen\Cookies\karsten mortensen@ad.ofir[1].txt
C:\Documents and Settings\Karsten Mortensen\Cookies\karsten mortensen@mediaplex[1].txt
C:\Documents and Settings\Karsten Mortensen\Cookies\karsten mortensen@stat.postdanmark[1].txt
C:\Documents and Settings\Karsten Mortensen\Cookies\karsten mortensen@ad.zanox[2].txt
C:\Documents and Settings\Karsten Mortensen\Cookies\karsten mortensen@1071183736[1].txt
C:\Documents and Settings\Karsten Mortensen\Cookies\karsten mortensen@partypoker[2].txt
C:\Documents and Settings\Karsten Mortensen\Cookies\karsten mortensen@adtech[2].txt
C:\Documents and Settings\Karsten Mortensen\Cookies\karsten mortensen@adopt.hbmediapro[2].txt
C:\Documents and Settings\Karsten Mortensen\Cookies\karsten mortensen@indextools[1].txt
C:\Documents and Settings\Karsten Mortensen\Cookies\karsten mortensen@globalstat[2].txt
C:\Documents and Settings\Karsten Mortensen\Cookies\karsten mortensen@stats1.reliablestats[2].txt
C:\Documents and Settings\Karsten Mortensen\Cookies\karsten mortensen@smileycentral[1].txt
C:\Documents and Settings\Karsten Mortensen\Lokale indstillinger\Temp\Cookies\karsten mortensen@track.adform[1].txt
C:\Documents and Settings\Karsten Mortensen\Lokale indstillinger\Temp\Cookies\karsten mortensen@ad.yieldmanager[2].txt
C:\Documents and Settings\Karsten Mortensen\Lokale indstillinger\Temp\Cookies\karsten mortensen@revsci[2].txt
C:\Documents and Settings\Karsten Mortensen\Lokale indstillinger\Temp\Cookies\karsten mortensen@ads.mininova[1].txt

Adware.180solutions/ZangoSearch
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/WINDOWS/Downloaded Program Files/SAIX.dll
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/WINDOWS/Downloaded Program Files/SAIX.dll#.Owner
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/WINDOWS/Downloaded Program Files/SAIX.dll#{DECEAAA2-370A-49BB-9362-68C3A58DDC62}
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs#C:\WINDOWS\Downloaded Program Files\SAIX.dll [ ]

Trojan.Media-Codec
HKLM\Software\Microsoft\Windows\CurrentVersion\App Paths\vcodec.exe

Trojan.Unknown Origin
C:\WINDOWS\system32\ot.ico
SUPERAntiSpyware Scan Log
Generated 08/12/2006 at 01:19 PM

Core Rules Database Version : 3049
Trace Rules Database Version: 1098

Memory threats detected : 0
Registry threats detected : 0
File threats detected : 12

Unclassified.Unknown Origin
C:\System Volume Information\_restore{F1C67F73-8AD7-4C89-89E8-D3139F12739E}\RP432\A0072980.exe
C:\System Volume Information\_restore{F1C67F73-8AD7-4C89-89E8-D3139F12739E}\RP433\A0073045.EXE
C:\System Volume Information\_restore{F1C67F73-8AD7-4C89-89E8-D3139F12739E}\RP440\A0073456.EXE
C:\System Volume Information\_restore{F1C67F73-8AD7-4C89-89E8-D3139F12739E}\RP440\A0073465.exe
C:\System Volume Information\_restore{F1C67F73-8AD7-4C89-89E8-D3139F12739E}\RP442\A0076669.EXE
C:\System Volume Information\_restore{F1C67F73-8AD7-4C89-89E8-D3139F12739E}\RP442\A0076678.exe
C:\System Volume Information\_restore{F1C67F73-8AD7-4C89-89E8-D3139F12739E}\RP443\A0080259.exe
C:\System Volume Information\_restore{F1C67F73-8AD7-4C89-89E8-D3139F12739E}\RP443\A0080268.EXE
C:\System Volume Information\_restore{F1C67F73-8AD7-4C89-89E8-D3139F12739E}\RP444\A0082495.EXE
C:\System Volume Information\_restore{F1C67F73-8AD7-4C89-89E8-D3139F12739E}\RP444\A0082504.exe
C:\System Volume Information\_restore{F1C67F73-8AD7-4C89-89E8-D3139F12739E}\RP444\A0082900.EXE
C:\System Volume Information\_restore{F1C67F73-8AD7-4C89-89E8-D3139F12739E}\RP444\A0082906.exe
Logfile of HijackThis v1.99.1
Scan saved at 13:45:03, on 12-08-2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Programmer\Ahead\InCD\InCDsrv.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
C:\Programmer\Support.com\bin\tgcmd.exe
C:\Programmer\D-Tools\daemon.exe
C:\Programmer\Logitech\MouseWare\system\em_exec.exe
C:\Programmer\Ahead\InCD\InCD.exe
C:\Programmer\HP\HP Software Update\HPWuSchd2.exe
C:\Programmer\iTunes\iTunesHelper.exe
C:\Programmer\iPod\bin\iPodService.exe
C:\Programmer\QuickTime\qttask.exe
C:\Programmer\Java\jre1.5.0_06\bin\jusched.exe
C:\Programmer\AOL\Active Security Monitor\ASMonitor.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Programmer\Messenger\msmsgs.exe
C:\Programmer\SUPERAntiSpyware\SUPERAntiSpyware.exe
C:\Programmer\HP\Digital Imaging\bin\hpqtra08.exe
C:\Programmer\Internet Explorer\iexplore.exe
C:\hijackthis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.dk/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://GLOBAL.ACER.COM/
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.dk/
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Hyperlinks
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programmer\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programmer\Java\jre1.5.0_06\bin\ssv.dll
O3 - Toolbar: Easy-WebPrint - {327C2873-E90D-4c37-AA9D-10AC9BABA46C} - C:\Programmer\Canon\Easy-WebPrint\Toolband.dll
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe /STARTUP
O4 - HKLM\..\Run: [AVG7_EMC] C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
O4 - HKLM\..\Run: [DriveSelector] C:\Documents and Settings\Karsten Mortensen\Dokumenter\xcopy\Xpress\DriveSelect.exe
O4 - HKLM\..\Run: [hcenter] "C:\Programmer\Support.com\bin\tgcmd.exe" /server /startmonitor
O4 - HKLM\..\Run: [Logitech Utility] Logi_MwX.Exe
O4 - HKLM\..\Run: [mmtask] c:\Program Files\MusicMatch\MusicMatch Jukebox\mmtask.exe
O4 - HKLM\..\Run: [gah95on6] C:\WINDOWS\system32\gah95on6.exe
O4 - HKLM\..\Run: [DAEMON Tools-1033] "C:\Programmer\D-Tools\daemon.exe" -lang 1033
O4 - HKLM\..\Run: [InCD] C:\Programmer\Ahead\InCD\InCD.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [HP Software Update] C:\Programmer\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [DXM6Patch_981116] C:\WINDOWS\p_981116.exe /Q:A
O4 - HKLM\..\Run: [iTunesHelper] "C:\Programmer\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Programmer\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Programmer\Java\jre1.5.0_06\bin\jusched.exe
O4 - HKLM\..\Run: [ASM] "C:\Programmer\AOL\Active Security Monitor\ASMonitor.exe"
O4 - HKLM\..\Run: [Easy-PrintToolBox] C:\Programmer\Canon\Easy-PrintToolBox\BJPSMAIN.EXE /logon
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Programmer\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [SUPERAntiSpyware] C:\Programmer\SUPERAntiSpyware\SUPERAntiSpyware.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Programmer\Microsoft Office\Office\OSA9.EXE
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Programmer\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
O4 - Global Startup: HP Image Zone Hurtig start.lnk = C:\Programmer\HP\Digital Imaging\bin\hpqthb08.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Programmer\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Programmer\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O8 - Extra context menu item: Easy-WebPrint Add To Print List - res://C:\Programmer\Canon\Easy-WebPrint\Resource.dll/RC_AddToList.html
O8 - Extra context menu item: Easy-WebPrint High Speed Print - res://C:\Programmer\Canon\Easy-WebPrint\Resource.dll/RC_HSPrint.html
O8 - Extra context menu item: Easy-WebPrint Preview - res://C:\Programmer\Canon\Easy-WebPrint\Resource.dll/RC_Preview.html
O8 - Extra context menu item: Easy-WebPrint Print - res://C:\Programmer\Canon\Easy-WebPrint\Resource.dll/RC_Print.html
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programmer\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programmer\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programmer\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programmer\Messenger\msmsgs.exe
O14 - IERESET.INF: START_PAGE_URL=http://GLOBAL.ACER.COM/
O16 - DPF: {01111C00-3E00-11D2-8470-0060089874ED} (Support.com ActionRunner Class) - http://netsupport2.tdconline.dk/sdccommon/download/tgctlar.cab
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1129195194968
O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - http://a840.g.akamai.net/7/840/537/2005111401/housecall.trendmicro.com/housecall/xscan53.cab
O16 - DPF: {C81B5180-AFD1-41A3-97E1-99E8D254DB98} (CSS Web Installer Class) - http://scanner.virus112.com/cabs/cssweb.cab
O16 - DPF: {D216644A-C6DB-49D9-BBCF-D38FE7991BF2} (Util Class) - https://udstedelse.certifikat.tdc.dk/csp/authenticode/tdccsp-0506.exe
O16 - DPF: {D8575CE3-3432-4540-88A9-85A1325D3375} (e-Safekey) - https://netbank.danskebank.dk/html/activex/e-Safekey/DB/e-Safekey.cab
O20 - Winlogon Notify: SASWinLogon - C:\Programmer\SUPERAntiSpyware\SASWINLO.DLL
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O23 - Service: Ati HotKey Poller - Unknown owner - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Programmer\Fælles filer\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: InCD Helper (InCDsrv) - Nero AG - C:\Programmer\Ahead\InCD\InCDsrv.exe
O23 - Service: iPodService - Apple Computer, Inc. - C:\Programmer\iPod\bin\iPodService.exe
O23 - Service: WMC (Windows Media Connect) (WmcCds) - Unknown owner - c:\programmer\windows media connect\mswmccds.exe (file missing)
O23 - Service: Hjælpeprogram til WMC (Windows Media Connect) (WmcCdsLs) - Unknown owner - C:\Programmer\Windows Media Connect\mswmcls.exe (file missing)

Synes godt om

nva Praktikant

12. august 2006 - 17:40 #1

Du bør fixe denne med HiJackThis

O4 - HKLM\..\Run: [gah95on6] C:\WINDOWS\system32\gah95on6.exe

Udover den kan jeg ikke se andre problemer af betydning

Synes godt om

nva Praktikant

12. august 2006 - 17:41 #2

Hvis du kan finde exe-filen med en søgning (husk at søge i skjulte filer) så bør du slette den.

Synes godt om

forevernewbie Nybegynder

12. august 2006 - 18:59 #3

Det ser ud til at SuperAntiSpyware har ædt den fil, men ellers enig med NVA:

Spyware.ShopAtHomeSelect
[gah95on6] C:\WINDOWS\system32\gah95on6.exe
C:\WINDOWS\system32\gah95on6.exe

Synes godt om

karstenjunior Nybegynder

13. august 2006 - 11:20 #4

Jeg har efterfølgende kørt min avg, og den kommer med følgende meddelelse:
BlackBox.class virus identified Java/ByteVerify Doc. and settings/Karsten..
VerifyerBug.class do
Count.jar-1f4ead4 - 758f0 do
Beyond.class do

Så der er tilsyneladende stadig vira på min pc

Synes godt om

nva Praktikant

13. august 2006 - 11:51 #5

Du skal tømme java-cachen for at slippe af med Java/byteVerify

Synes godt om

nva Praktikant

13. august 2006 - 11:54 #6

Mener du kan gøre det via kontrolpanel - Java

Synes godt om

nva Praktikant

13. august 2006 - 11:55 #7

Se her http://www.eksperten.dk/spm/572742

Synes godt om

karstenjunior Nybegynder

14. august 2006 - 10:19 #8

Jeg har væreet inde på java kontrolpanel - det eneste ikon jeg har -. Der kan jeg ikke finde "plugins"

Synes godt om

nva Praktikant

14. august 2006 - 10:58 #9

Der er også mulighed for at slette alle temporære-filer når du går ind via det ikon. Slet alt temporært og prøv så at scanne med antivirus igen og se om det ikke er væk.

Synes godt om

forevernewbie Nybegynder

14. august 2006 - 14:21 #10

De skadelige filer er indkapslet i javacache, og kan ikke gøre skade derfra, men de skal da væk http://www.java.com/en/download/help/5000020300.xml

Synes godt om

karstenjunior Nybegynder

14. august 2006 - 16:38 #11

det hjalp nva
vh karsten

Synes godt om

nva Praktikant

15. august 2006 - 08:31 #12

Glæder mig - så lægger jeg lige et svar.

Synes godt om

nva Praktikant

18. august 2006 - 07:59 #13

Du har aldrig accepteret/lukket et eneste af dine spørgsmål????????????

Synes godt om

karstenjunior Nybegynder

18. august 2006 - 08:39 #14

jeg har flere gange forsøgt, men det slår ikke igennem

Synes godt om

nva Praktikant

18. august 2006 - 08:45 #15

Du kan kun gøre det hvis nogen har lagt et svar - ligger der kun kommentarer skal du bede om et svar eller lægge et selv hvis du ikke kunne bruge det input du fik fra folk. Problemet er at hvis du aldrig accepterer/lukker dine spørgsmål, bliver du betragtet som useriøs og får svært ved at få hjælp til sidst.

Synes godt om

Ny bruger Nybegynder

Din løsning...

Tilladte BB-code-tags: [b]fed[/b] [i]kursiv[/i] [u]understreget[/u] Web- og emailadresser omdannes automatisk til links. Der sættes "nofollow" på alle links.

Følg dette spørgsmål

Opret Preview

Se alle it-kurser fra Computerworld Kurser

IT-kurser om Microsoft 365, sikkerhed, personlig vækst, udvikling, digital markedsføring, grafisk design, SAP og forretningsanalyse.

Se alle it-kurser

Flere spørgsmål fra Virus kategorien

Titel	Indlæg	Oprettet	Seneste aktivitet
Vil skrifte antivirusprogram. Af ErikHg i Virus	22	26/11/202510:42	23/12/202514:29
Er gratis Bitdefender værd at installere ? Af Ikke-ekspert i Virus	8	31/08/202519:08	01/09/202514:18
Ukendte filer på min Pc Af jonpet i Virus	10	03/02/202514:20	04/02/202511:05
mulig ukendt virus Af jackie18 i Virus	3	18/01/202514:07	18/01/202516:39
virus popper op med jævne mellemrum Af Malm i Virus	13	18/01/202511:40	20/01/202517:53

Se alle spørgsmål i kategorien Opret spørgsmål

Log ind eller opret profil

Hov!

For at kunne deltage på Computerworld Eksperten skal du være logget ind.

Det er heldigvis nemt at oprette en bruger: Det tager to minutter og du kan vælge at bruge enten e-mail, Facebook eller Google som login.

Du kan også logge ind via nedenstående tjenester

Alle kategorier på Eksperten

Seneste artiklerRSS

10/04

Test: Denne mikro-pc er langt mere slagkraftig end den ser ud

10/04

SAS Institute rykker rundt i topledelsen: Her er selskabets nye danske landechef

10/04

Dansk AI-ekspert med ildevarslende spådom: "Vi er alle sammen på vej hen imod en stor sort mur, og vi aner ikke, hvad der findes på den anden side"

10/04

Nørgaard: Jeg er skuffet over Googles Gemini - og jeg har min egen forklaring på, hvorfor det er gået galt for Google

10/04

Først blev Teams smidt på porten – nu vil Frankrig også af med Windows

10/04

Nyt job til Danmarks bedste CISO: Får ansvaret for 64.000 ansatte

10/04

Flere hundredetusinder togrejsende ramt: Stjålne persondata sat til salg efter cyberangreb

10/04

Så meget får de danske it-konsulenter i løn: Næsten alle forventer mere i lønposen ved næsten lønforhandling

10/04

Her er 10 konkrete måder at måle på, om kunstig intelligens skaber værdi for dig

10/04

Microsoft sænker prisen på tre af sine cloud-løsninger med 20 procent

10/04

Kunstig intelligens i praksis – og uden hype

Vis flere artikler

IT-JOB

IT-Forsyningen I/S

It-specialist til serverteam

Politiets Efterretningstjeneste

Vi søger en AD-specialist, der vil arbejde i kernen af PET's IT-infrastruktur

Styrelsen for Danmarks Fængsler

Teknisk Product Owner og projektleder til stort digitaliseringsprojekt i Danmarks Fængsler

Unik System Design A/S

Strong Technical Project Manager with international experience

TV2

Informationssikkerhedskonsulent til TV 2 Security & Compliance

Vis flere jobs

Seneste spørgsmål Seneste aktivitet

I dag 08:32	Office pakke LTSC vs Retail? Af Don G i Office & Kontorpakker
I går 21:19	Lydindstilling Prosonic TV Af TageArent i Fjernsyn & projektorer
I går 15:37	Sort skærm Af mort1 i Windows
09/0412:32	iPadOS 26.4.1 kan ikke opdatere Af claes57 i Apps til iOS
08/0410:38	Indholdsfortegnelse ændrer sig, når jeg gemmer som PDF Af Jan K i Word

White papers

Undgå at printeren bliver svageste led i sikkerheden
Konica Minolta
Samarbejde mellem AI og mennesker styrker sikkerheden
Konica Minolta
Find den SOC-model, der virker i praksis
SecureDevice
Arctic Wolf Security Operations Report 2025: Indblik i moderne sikkerhedsdrift
Arctic Wolf

Flere white papers »