Langsom på nettet

Følg denne vejledning:
http://www.malwarecheck.dk/forum/viewtopic.php?t=9

Så kan vi se om det er snavs der bloker..

Her er de :

Logfile of HijackThis v1.99.0
Scan saved at 11:20, on 2007-10-20
Platform: Unknown Windows (WinNT 6.00.1904)
MSIE: Internet Explorer v7.00 (7.00.6000.16546)

Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskeng.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\Acer\Empowering Technology\eDataSecurity\eDSloader.exe
C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Windows\ehome\ehtray.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Windows\ehome\ehmsas.exe
C:\Program Files\Internet Explorer\ieuser.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Users\Bc Transport\Gem\Hp\Smart Web Printing\hpswp_clipbook.exe
C:\Windows\system32\Macromed\Flash\FlashUtil9d.exe
C:\Windows\explorer.exe
C:\Users\Bc Transport\Gem\Spion\Hickjack\hijackthis.exe
C:\Windows\system32\DllHost.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.dk/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://da.intl.acer.yahoo.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://da.intl.acer.yahoo.com
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://uk.rd.yahoo.com/customize/ycomp/defaults/su/*http://uk.yahoo.com
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O1 - Hosts: ::1 localhost
O2 - BHO: HP Print Clips - {053F9267-DC04-4294-A72C-58F732D338C0} - C:\Users\Bc Transport\Gem\Hp\Smart Web Printing\hpswp_framework.dll
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {1E8A6170-7264-4D0F-BEAE-D42A53123C75} - C:\Program Files\Common Files\Symantec Shared\coShared\Browser\1.0\NppBho.dll
O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O2 - BHO: ShowBarObj Class - {83A2F9B1-01A2-4AA5-87D1-45B6B8505E96} - C:\Windows\system32\ActiveToolBand.dll
O3 - Toolbar: Show Norton Toolbar - {90222687-F593-4738-B738-FBEE9C7B26DF} - C:\Program Files\Common Files\Symantec Shared\coShared\Browser\1.0\UIBHO.dll
O3 - Toolbar: Acer eDataSecurity Management - {5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - C:\Windows\system32\eDStoolbar.dll
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [osCheck] "C:\Program Files\Norton Internet Security\osCheck.exe"
O4 - HKLM\..\Run: [eDataSecurity Loader] C:\Acer\Empowering Technology\eDataSecurity\eDSloader.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe"
O4 - HKLM\..\Run: [MSConfig] "C:\Windows\system32\msconfig.exe" /auto
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
O8 - Extra context menu item: Send image to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
O8 - Extra context menu item: Send page to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra button: HP Klipsamling - {58ECB495-38F0-49cb-A538-10282ABF65E7} - C:\Users\Bc Transport\Gem\Hp\Smart Web Printing\hpswp_extensions.dll
O9 - Extra button: HP Smart markering - {700259D7-1666-479a-93B1-3250410481E8} - C:\Users\Bc Transport\Gem\Hp\Smart Web Printing\hpswp_extensions.dll
O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O10 - Unknown file in Winsock LSP: c:\windows\system32\nlaapi.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\napinsp.dll
O11 - Options group: [INTERNATIONAL] International*
O13 - Gopher Prefix:
O15 - Trusted Zone: *.danskebank.dk
O16 - DPF: {D8575CE3-3432-4540-88A9-85A1325D3375} (e-Safekey) - https://netbank.danskebank.dk/html/activex/e-Safekey/DB/e-Safekey.cab
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O20 - AppInit_DLLs: eNetHook.dll
O23 - Service: Automatic LiveUpdate Scheduler - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
O23 - Service: Symantec Event Manager - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: Symantec Settings Manager - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: Symantec Lic NetConnect service - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: COM Host - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\VAScanner\comHost.exe
O23 - Service: eDSService.exe - HiTRSUT - C:\Acer\Empowering Technology\eDataSecurity\eDSService.exe
O23 - Service: @%SystemRoot%\ehome\ehstart.dll,-101 - Unknown - %windir%\system32\svchost.exe (file missing)
O23 - Service: eLock Service - Acer Inc. - C:\Acer\Empowering Technology\eLock\Service\eLockServ.exe
O23 - Service: eNet Service - Acer Inc. - C:\Acer\Empowering Technology\eNet\eNet Service.exe
O23 - Service: eRecovery Service - Acer Inc. - C:\Acer\Empowering Technology\eRecovery\eRecoveryService.exe
O23 - Service: eSettings Service - Unknown - C:\Acer\Empowering Technology\eSettings\Service\capuserv.exe
O23 - Service: Symantec IS Password Validation - Symantec Corporation - C:\Program Files\Norton Internet Security\isPwdSvc.exe
O23 - Service: LightScribeService Direct Disc Labeling Service - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
O23 - Service: LiveUpdate Notice Service Ex - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: LiveUpdate Notice Service - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe
O23 - Service: MobilityService - Unknown - C:\Acer\Mobility Center\MobilityService.exe
O23 - Service: NMIndexingService - Unknown - C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe (file missing)
O23 - Service: @%SystemRoot%\system32\qwave.dll,-1 - Unknown - %windir%\system32\svchost.exe (file missing)
O23 - Service: Cyberlink RichVideo Service(CRVS) - Unknown - C:\Program Files\CyberLink\Shared Files\RichVideo.exe
O23 - Service: @%SystemRoot%\system32\seclogon.dll,-7001 - Unknown - %windir%\system32\svchost.exe (file missing)
O23 - Service: Symantec Core LC - Unknown - C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
O23 - Service: Symantec AppCore Service - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\AppCore\AppSvc32.exe
O23 - Service: ePower Service - acer - C:\Acer\Empowering Technology\ePower\ePowerSvc.exe
O23 - Service: @%ProgramFiles%\Windows Media Player\wmpnetwk.exe,-101 - Unknown - %ProgramFiles%\Windows Media Player\wmpnetwk.exe (file missing)
O23 - Service: XAudioService - Conexant Systems, Inc. - C:\Windows\system32\DRIVERS\xaudio.exe

********************************* ROOTCHK-(21-09-07)-LOG, by ejvindh
2007-10-20 11:22:13.70

The rootkits that are detected by this tool were not found.

********************************* ROOTCHK-LOG-end


catchme 0.3.1160 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2007-10-20 11:22:14
Windows 6.0.6000
scanning hidden processes ...

scanning hidden services & system hive ...
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BTHPORT\Parameters\Keys\0016cff795c1]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\BTHPORT\Parameters\Keys\0016cff795c1]

scanning hidden registry entries ...

scanning hidden files ...

hidden processes: 0
hidden services: 0
hidden files: 0

Hej

Du har ikke hentet hijackthis fra mit link, for det er en gammel version du bruge..

Det er en ommer*S*

Ups,her er en ny :

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 12:08, on 2007-10-20
Platform: Windows Vista  (WinNT 6.00.1904)
MSIE: Internet Explorer v7.00 (7.00.6000.16546)
Boot mode: Normal

Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskeng.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\Acer\Empowering Technology\eDataSecurity\eDSloader.exe
C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Windows\ehome\ehtray.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Windows\ehome\ehmsas.exe
C:\Program Files\Internet Explorer\ieuser.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Users\Bc Transport\Gem\Hp\Smart Web Printing\hpswp_clipbook.exe
C:\Windows\system32\Macromed\Flash\FlashUtil9d.exe
C:\Program Files\HJTrenamed.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.dk/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://da.intl.acer.yahoo.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://da.intl.acer.yahoo.com
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://uk.rd.yahoo.com/customize/ycomp/defaults/su/*http://uk.yahoo.com
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O1 - Hosts: ::1 localhost
O2 - BHO: HP Print Clips - {053F9267-DC04-4294-A72C-58F732D338C0} - C:\Users\Bc Transport\Gem\Hp\Smart Web Printing\hpswp_framework.dll
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {1E8A6170-7264-4D0F-BEAE-D42A53123C75} - C:\Program Files\Common Files\Symantec Shared\coShared\Browser\1.0\NppBho.dll
O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O2 - BHO: ShowBarObj Class - {83A2F9B1-01A2-4AA5-87D1-45B6B8505E96} - C:\Windows\system32\ActiveToolBand.dll
O3 - Toolbar: Show Norton Toolbar - {90222687-F593-4738-B738-FBEE9C7B26DF} - C:\Program Files\Common Files\Symantec Shared\coShared\Browser\1.0\UIBHO.dll
O3 - Toolbar: Acer eDataSecurity Management - {5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - C:\Windows\system32\eDStoolbar.dll
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [osCheck] "C:\Program Files\Norton Internet Security\osCheck.exe"
O4 - HKLM\..\Run: [eDataSecurity Loader] C:\Acer\Empowering Technology\eDataSecurity\eDSloader.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe"
O4 - HKLM\..\Run: [MSConfig] "C:\Windows\system32\msconfig.exe" /auto
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOKAL TJENESTE')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOKAL TJENESTE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETVÆRKSTJENESTE')
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
O8 - Extra context menu item: Send image to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
O8 - Extra context menu item: Send page to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra button: HP Klipsamling - {58ECB495-38F0-49cb-A538-10282ABF65E7} - C:\Users\Bc Transport\Gem\Hp\Smart Web Printing\hpswp_extensions.dll
O9 - Extra button: HP Smart markering - {700259D7-1666-479a-93B1-3250410481E8} - C:\Users\Bc Transport\Gem\Hp\Smart Web Printing\hpswp_extensions.dll
O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O13 - Gopher Prefix:
O15 - Trusted Zone: *.danskebank.dk
O16 - DPF: {D8575CE3-3432-4540-88A9-85A1325D3375} (e-Safekey) - https://netbank.danskebank.dk/html/activex/e-Safekey/DB/e-Safekey.cab
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O20 - AppInit_DLLs: eNetHook.dll
O23 - Service: Automatic LiveUpdate Scheduler - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: COM Host (comHost) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\VAScanner\comHost.exe
O23 - Service: eDSService.exe (eDataSecurity Service) - HiTRSUT - C:\Acer\Empowering Technology\eDataSecurity\eDSService.exe
O23 - Service: eLock Service (eLockService) - Acer Inc. - C:\Acer\Empowering Technology\eLock\Service\eLockServ.exe
O23 - Service: eNet Service - Acer Inc. - C:\Acer\Empowering Technology\eNet\eNet Service.exe
O23 - Service: eRecovery Service (eRecoveryService) - Acer Inc. - C:\Acer\Empowering Technology\eRecovery\eRecoveryService.exe
O23 - Service: eSettings Service (eSettingsService) - Unknown owner - C:\Acer\Empowering Technology\eSettings\Service\capuserv.exe
O23 - Service: Symantec IS Password Validation (ISPwdSvc) - Symantec Corporation - C:\Program Files\Norton Internet Security\isPwdSvc.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
O23 - Service: LiveUpdate Notice Service Ex (LiveUpdate Notice Ex) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: LiveUpdate Notice Service - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe
O23 - Service: MobilityService - Unknown owner - C:\Acer\Mobility Center\MobilityService.exe
O23 - Service: NMIndexingService - Unknown owner - C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe (file missing)
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exe
O23 - Service: Symantec Core LC - Unknown owner - C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
O23 - Service: Symantec AppCore Service (SymAppCore) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\AppCore\AppSvc32.exe
O23 - Service: ePower Service (WMIService) - acer - C:\Acer\Empowering Technology\ePower\ePowerSvc.exe
O23 - Service: XAudioService - Conexant Systems, Inc. - C:\Windows\system32\DRIVERS\xaudio.exe

--
End of file - 8441 bytes

Lad ccleaner lave en oprydning : www.arlet.dk/ccleaner.htm

Kør trin 1 her http://www.malwarecheck.dk/forum/viewtopic.php?t=11 og læg loggen ind

derudover skal du hente:
Combofix fra et af disse links, og gem den på dit skrivebord:
http://download.bleepingcomputer.com/sUBs/combofix.exe
http://www.techsupportforum.com/sectools/sUBs/ComboFix.exe

-- Kør så combofix.exe, som du hentede tidligere, og følg anvisningerne.
Du bør ikke klikke på vinduet imens værktøjet kører, idet det kan få din computer til at fryse.
Når combofix er færdig, og efter det har genstartet, skulle der gerne åbnes en logfil: combofix.txt
Indholdet af denne fil må du gerne lægge herind.

BEMÆRK at Combofix af nogle virusscannere bliver detekteret som inficeret. Dette har dog intet på sig.

Her er den ene :

ComboFix 07-10-17.8@ - Bc Transport 2007-10-20 13:46:21.2 - NTFSx86
Microsoft© Windows VistaT Home Premium  6.0.6000.0.1252.1.1030.18.1116 [GMT 2:00]
Running from: C:\Users\Bc Transport\Desktop\Ny mappe\ComboFix.exe
.

(((((((((((((((((((((((((((((((((((((((  Other Deletions  )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
---- Previous Run -------
.
C:\Windows\system32\AutoRun.inf

.
(((((((((((((((((((((((((  Files Created from 2007-09-20 to 2007-10-20  )))))))))))))))))))))))))))))))
.

2007-10-20 12:03    401,720    --a------    C:\Program Files\HJTrenamed.exe
2007-10-19 13:25    <DIR>    d--------    C:\Users\Bc Transport\AppData\Roaming\Skype
2007-10-19 13:24    <DIR>    d--------    C:\Program Files\Skype
2007-10-19 13:24    <DIR>    d--------    C:\Program Files\Common Files\Skype
2007-10-15 18:54    <DIR>    d--------    C:\Windows\pss
2007-10-14 11:29    51,200    --a------    C:\Windows\NirCmd.exe
2007-10-14 10:26    <DIR>    d--------    C:\Users\All Users\Grisoft
2007-10-14 10:26    <DIR>    d--------    C:\ProgramData\Grisoft
2007-10-13 13:57    <DIR>    d--------    C:\Users\Bc Transport\AppData\Roaming\Spybot - Search & Destroy
2007-10-10 16:27    8,147,968    --a------    C:\Windows\System32\wmploc.DLL
2007-10-10 16:27    356,864    --a------    C:\Windows\System32\MediaMetadataHandler.dll
2007-10-10 16:27    7,680    --a------    C:\Windows\System32\spwmp.dll
2007-10-10 16:27    4,096    --a------    C:\Windows\System32\dxmasf.dll
2007-10-10 14:01    788,992    --a------    C:\Windows\System32\rpcrt4.dll
2007-10-10 14:01    737,792    --a------    C:\Windows\System32\inetcomm.dll
2007-10-10 14:01    84,480    --a------    C:\Windows\System32\INETRES.dll
2007-10-10 13:05    <DIR>    d--------    C:\Users\Bc Transport\AppData\Roaming\HP
2007-10-10 12:39    113,984    --a------    C:\Windows\hpqins13.dat
2007-10-10 12:29    <DIR>    d--------    C:\Users\All Users\WEBREG
2007-10-10 12:29    <DIR>    d--------    C:\ProgramData\WEBREG
2007-10-10 12:18    113,373    --a------    C:\Windows\hpqins11.dat
2007-10-10 11:59    <DIR>    d--------    C:\Users\All Users\HPSSUPPLY
2007-10-10 11:59    <DIR>    d--------    C:\ProgramData\HPSSUPPLY
2007-10-10 11:58    <DIR>    d--------    C:\Users\Bc Transport\AppData\Roaming\HPAppData
2007-10-10 11:48    <DIR>    d--------    C:\Users\All Users\HP Product Assistant
2007-10-10 11:48    <DIR>    d--------    C:\ProgramData\HP Product Assistant
2007-10-10 11:46    <DIR>    d--------    C:\Program Files\Common Files\HP
2007-10-10 11:44    <DIR>    d--------    C:\Program Files\Common Files\Hewlett-Packard
2007-10-10 11:37    <DIR>    d--------    C:\Program Files\HP
2007-10-10 11:26    <DIR>    d--------    C:\Users\All Users\Hewlett-Packard
2007-10-10 11:26    <DIR>    d--------    C:\ProgramData\Hewlett-Packard
2007-10-10 11:18    157,896    --a------    C:\Windows\hpoins14.dat
2007-10-10 11:18    2,000    ---------    C:\Windows\hpomdl14.dat
2007-10-10 11:02    267,864    --a------    C:\Windows\System32\hpzids01.dll
2007-10-10 11:01    117,760    --a------    C:\Windows\System32\hpzll5ha.dll
2007-10-10 10:56    675,840    --a------    C:\Windows\System32\hpowiax3.dll
2007-10-10 10:56    569,344    --a------    C:\Windows\System32\hpotscl3.dll
2007-10-10 10:56    364,544    --a------    C:\Windows\System32\hppldcoi.dll
2007-10-10 10:56    309,760    --a------    C:\Windows\System32\difxapi.dll
2007-10-10 10:56    303,104    --a------    C:\Windows\System32\hpovst10.dll
2007-10-10 10:46    <DIR>    d--------    C:\Users\All Users\HP
2007-10-10 10:46    <DIR>    d--------    C:\ProgramData\HP
2007-10-08 20:08    <DIR>    d--------    C:\Users\Bc Transport\AppData\Roaming\Lavasoft

.
((((((((((((((((((((((((((((((((((((((((  Find3M Report  ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2007-10-20 10:08    8,442    ----a-w    C:\Program Files\hijackthis.log
2007-10-19 11:25    ---------    d-----w    C:\ProgramData\Skype
2007-10-18 10:12    ---------    d-----w    C:\Program Files\Java
2007-10-15 08:29    13,354    ----a-w    C:\Users\Bc Transport\AppData\Roaming\nvModes.dat
2007-10-10 15:22    ---------    d--h--w    C:\Program Files\InstallShield Installation Information
2007-10-10 15:09    ---------    d-----w    C:\Program Files\Windows Mail
2007-10-10 12:03    56,320    ----a-w    C:\Windows\System32\iesetup.dll
2007-10-10 12:03    52,736    ----a-w    C:\Windows\AppPatch\iebrshim.dll
2007-10-10 12:03    26,624    ----a-w    C:\Windows\System32\ieUnatt.exe
2007-10-08 21:23    ---------    d-----w    C:\Program Files\Yahoo!
2007-10-08 21:15    805    ----a-w    C:\Windows\system32\drivers\SYMEVENT.INF
2007-10-08 21:15    123,952    ----a-w    C:\Windows\system32\drivers\SYMEVENT.SYS
2007-10-08 21:15    10,740    ----a-w    C:\Windows\system32\drivers\SYMEVENT.CAT
2007-10-08 21:15    ---------    d-----w    C:\Program Files\Symantec
2007-10-08 21:13    ---------    d-----w    C:\Program Files\hp deskjet 3420 series
2007-10-08 21:13    ---------    d-----w    C:\Program Files\Hewlett-Packard
2007-10-03 07:00    ---------    d-----w    C:\Program Files\Norton Internet Security
2007-09-26 12:29    ---------    d-----w    C:\ProgramData\Symantec
2007-09-18 12:44    10,662    ----a-w    C:\Windows\system32\drivers\srtspx.cat
2007-09-18 12:44    10,662    ----a-w    C:\Windows\system32\drivers\srtspl.cat
2007-09-18 12:44    10,658    ----a-w    C:\Windows\system32\drivers\srtsp.cat
2007-09-18 12:44    1,430    ----a-w    C:\Windows\system32\drivers\srtspl.inf
2007-09-18 12:44    1,421    ----a-w    C:\Windows\system32\drivers\srtspx.inf
2007-09-18 12:44    1,415    ----a-w    C:\Windows\system32\drivers\srtsp.inf
2007-09-18 12:43    43,696    ----a-w    C:\Windows\system32\drivers\srtspx.sys
2007-09-18 12:43    317,616    ----a-w    C:\Windows\system32\drivers\srtspl.sys
2007-09-18 12:43    278,576    ----a-w    C:\Windows\system32\drivers\srtsp.sys
2007-09-09 08:43    ---------    d-----w    C:\Program Files\Nero
2007-09-09 08:36    ---------    d-----w    C:\Program Files\Common Files\Ahead
2007-09-09 08:25    ---------    d-----w    C:\Users\Bc Transport\AppData\Roaming\Acoustica
2007-09-09 08:25    ---------    d-----w    C:\Program Files\Common Files\LightScribe
2007-08-29 17:40    174    --sha-w    C:\Program Files\desktop.ini
2007-08-29 14:10    ---------    d-----w    C:\Program Files\Windows Calendar
2007-08-29 14:06    8,192    ----a-w    C:\Windows\System32\riched32.dll
2007-08-29 14:06    77,824    ----a-w    C:\Windows\System32\rascfg.dll
2007-08-29 14:06    70,144    ----a-w    C:\Windows\system32\drivers\pacer.sys
2007-08-29 14:06    61,952    ----a-w    C:\Windows\system32\drivers\wanarp.sys
2007-08-29 14:06    52,736    ----a-w    C:\Windows\System32\rasdiag.dll
2007-08-29 14:06    48,640    ----a-w    C:\Windows\system32\drivers\ndproxy.sys
2007-08-29 14:06    384,000    ----a-w    C:\Windows\System32\netcfgx.dll
2007-08-29 14:06    33,280    ----a-w    C:\Windows\System32\traffic.dll
2007-08-29 14:06    32,768    ----a-w    C:\Windows\System32\rasmxs.dll
2007-08-29 14:06    286,208    ----a-w    C:\Windows\System32\ipnathlp.dll
2007-08-29 14:06    22,016    ----a-w    C:\Windows\System32\rasser.dll
2007-08-29 14:06    20,480    ----a-w    C:\Windows\system32\drivers\ndistapi.sys
2007-08-29 14:06    15,360    ----a-w    C:\Windows\System32\pacerprf.dll
2007-08-29 14:06    13,824    ----a-w    C:\Windows\System32\wshqos.dll
2007-08-29 14:06    13,824    ----a-w    C:\Windows\System32\icsunattend.exe
2007-08-29 14:05    694,784    ----a-w    C:\Windows\System32\localspl.dll
2007-08-29 14:05    619,008    ----a-w    C:\Windows\system32\drivers\dxgkrnl.sys
2007-08-29 14:05    36,864    ----a-w    C:\Windows\System32\cdd.dll
2007-08-29 14:05    134,656    ----a-w    C:\Windows\System32\dps.dll
2007-08-29 14:04    88,576    ----a-w    C:\Windows\System32\avifil32.dll
2007-08-29 14:04    82,944    ----a-w    C:\Windows\System32\mciavi32.dll
2007-08-29 14:04    8,138,240    ----a-w    C:\Windows\System32\ssBranded.scr
2007-08-29 14:04    750,080    ----a-w    C:\Windows\System32\qmgr.dll
2007-08-29 14:04    712,192    ----a-w    C:\Windows\System32\WindowsCodecs.dll
2007-08-29 14:04    704,000    ----a-w    C:\Windows\System32\PhotoScreensaver.scr
2007-08-29 14:04    69,632    ----a-w    C:\Windows\System32\sendmail.dll
2007-08-29 14:04    65,024    ----a-w    C:\Windows\System32\avicap32.dll
2007-08-29 14:04    61,440    ----a-w    C:\Windows\System32\ntprint.exe
2007-08-29 14:04    31,232    ----a-w    C:\Windows\System32\msvidc32.dll
2007-08-29 14:04    3,504,824    ----a-w    C:\Windows\System32\ntkrnlpa.exe
2007-08-29 14:04    3,470,008    ----a-w    C:\Windows\System32\ntoskrnl.exe
2007-08-29 14:04    269,824    ----a-w    C:\Windows\System32\schannel.dll
2007-08-29 14:04    220,160    ----a-w    C:\Windows\System32\ntprint.dll
2007-08-29 14:04    123,904    ----a-w    C:\Windows\System32\msvfw32.dll
2007-08-29 14:04    120,320    ----a-w    C:\Windows\System32\dhcpcsvc6.dll
2007-08-29 14:04    12,800    ----a-w    C:\Windows\System32\msrle32.dll
2007-08-29 14:04    10,240    ----a-w    C:\Windows\System32\dhcpcmonitor.dll
2007-08-29 14:04    1,984,512    ----a-w    C:\Windows\System32\authui.dll
2007-08-24 20:24    1,191,936    ----a-w    C:\Windows\System32\msxml3.dll
2007-08-24 20:22    1,335,296    ----a-w    C:\Windows\System32\msxml6.dll
2007-08-24 16:08    1,275,392    ----a-w    C:\Windows\System32\msxml4.dll
2007-08-24 14:04    80,896    ----a-w    C:\Windows\System32\wudriver.dll
2007-08-24 14:04    549,720    ----a-w    C:\Windows\System32\wuapi.dll
2007-08-24 14:04    53,080    ----a-w    C:\Windows\System32\wuauclt.exe
2007-08-24 14:04    43,352    ----a-w    C:\Windows\System32\wups2.dll
2007-08-24 14:04    33,624    ----a-w    C:\Windows\System32\wups.dll
2007-08-24 14:04    1,712,984    ----a-w    C:\Windows\System32\wuaueng.dll
2007-08-24 14:04    1,524,224    ----a-w    C:\Windows\System32\wucltux.dll
2007-08-24 14:03    31,232    ----a-w    C:\Windows\System32\wuapp.exe
2007-08-24 14:03    163,000    ----a-w    C:\Windows\System32\wuwebv.dll
2007-07-18 16:40:03    16,384    --sha-w    C:\Windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
2007-07-18 16:40:03    32,768    --sha-w    C:\Windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
2007-07-18 16:40:03    16,384    --sha-w    C:\Windows\ServiceProfiles\LocalService\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
.

(((((((((((((((((((((((((((((  snapshot@2007-10-14_11.36.50,20  )))))))))))))))))))))))))))))))))))))))))
.
- 2007-10-14 09:25:06    67,584    --s-a-w    C:\Windows\bootstat.dat
+ 2007-10-20 11:36:35    67,584    --s-a-w    C:\Windows\bootstat.dat
- 2007-10-14 09:27:41    262,144    --sha-w    C:\Windows\ServiceProfiles\LocalService\NTUSER.DAT
+ 2007-10-20 11:39:06    262,144    --sha-w    C:\Windows\ServiceProfiles\LocalService\NTUSER.DAT
+ 2007-10-20 11:39:06    262,144    ---ha-w    C:\Windows\ServiceProfiles\LocalService\ntuser.dat.LOG1
- 2007-10-14 09:27:48    262,144    --sha-w    C:\Windows\ServiceProfiles\NetworkService\NTUSER.DAT
+ 2007-10-20 11:39:00    262,144    --sha-w    C:\Windows\ServiceProfiles\NetworkService\NTUSER.DAT
+ 2007-10-20 11:39:00    262,144    ---ha-w    C:\Windows\ServiceProfiles\NetworkService\ntuser.dat.LOG1
- 2007-10-14 08:29:44    16,384    --sha-w    C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
+ 2007-10-20 11:42:32    16,384    --sha-w    C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
- 2007-10-14 08:29:44    32,768    --sha-w    C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
+ 2007-10-20 11:42:32    32,768    --sha-w    C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
- 2007-10-14 08:29:44    16,384    --sha-w    C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
+ 2007-10-20 11:42:32    16,384    --sha-w    C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
- 2007-10-14 09:31:50    262,144    ----a-w    C:\Windows\System32\config\systemprofile\ntuser.dat
+ 2007-10-20 11:46:06    262,144    ----a-w    C:\Windows\System32\config\systemprofile\ntuser.dat
- 2007-05-09 17:42:22    135,168    ----a-w    C:\Windows\System32\java.exe
+ 2007-09-24 20:30:28    135,168    ----a-w    C:\Windows\System32\java.exe
- 2007-05-09 17:42:22    135,168    ----a-w    C:\Windows\System32\javaw.exe
+ 2007-09-24 20:30:30    135,168    ----a-w    C:\Windows\System32\javaw.exe
- 2007-05-09 17:42:22    139,264    ----a-w    C:\Windows\System32\javaws.exe
+ 2007-09-24 21:31:42    139,264    ----a-w    C:\Windows\System32\javaws.exe
+ 2007-06-11 20:04:36    190,696    ----a-r    C:\Windows\System32\Macromed\Flash\FlashUtil9d.exe
+ 2007-10-19 09:35:10    48,749    ----a-w    C:\Windows\System32\Macromed\Flash\uninstall_activeX.exe
- 2007-10-14 09:31:58    84,876    ----a-w    C:\Windows\System32\perfc006.dat
+ 2007-10-20 11:41:32    84,876    ----a-w    C:\Windows\System32\perfc006.dat
- 2007-10-14 09:31:58    107,614    ----a-w    C:\Windows\System32\perfc009.dat
+ 2007-10-20 11:41:32    107,614    ----a-w    C:\Windows\System32\perfc009.dat
- 2007-10-14 09:31:58    493,914    ----a-w    C:\Windows\System32\perfh006.dat
+ 2007-10-20 11:41:32    493,914    ----a-w    C:\Windows\System32\perfh006.dat
- 2007-10-14 09:31:59    618,470    ----a-w    C:\Windows\System32\perfh009.dat
+ 2007-10-20 11:41:32    618,470    ----a-w    C:\Windows\System32\perfh009.dat
- 2007-10-05 08:07:31    279,552    ----a-w    C:\Windows\System32\swreg.exe
+ 2007-04-02 12:21:27    139,776    ----a-w    C:\Windows\System32\swreg.exe
- 2007-10-14 09:33:26    8,234    ----a-w    C:\Windows\System32\WDI\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\S-1-5-21-671560006-3277342790-4209314387-1000_UserData.bin
+ 2007-10-20 11:42:41    8,464    ----a-w    C:\Windows\System32\WDI\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\S-1-5-21-671560006-3277342790-4209314387-1000_UserData.bin
- 2007-10-14 09:32:11    84,478    ----a-w    C:\Windows\System32\WDI\BootPerformanceDiagnostics_SystemData.bin
+ 2007-10-20 11:41:46    85,076    ----a-w    C:\Windows\System32\WDI\BootPerformanceDiagnostics_SystemData.bin
- 2007-10-14 09:28:13    51,494    ----a-w    C:\Windows\System32\WDI\ShutdownPerformanceDiagnostics_SystemData.bin
+ 2007-10-20 11:39:23    53,226    ----a-w    C:\Windows\System32\WDI\ShutdownPerformanceDiagnostics_SystemData.bin
.
-- Snapshot reset to current date --
.
(((((((((((((((((((((((((((((((((((((  Reg Loading Points  ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{053F9267-DC04-4294-A72C-58F732D338C0}]
2007-03-02 16:52    177768    -ra------    C:\Users\Bc Transport\Gem\Hp\Smart Web Printing\hpswp_framework.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Windows Defender"="C:\Program Files\Windows Defender\MSASCui.exe" [2007-05-06 09:46]
"SynTPEnh"="C:\Program Files\Synaptics\SynTP\SynTPEnh.exe" [2006-10-23 21:00]
"ccApp"="C:\Program Files\Common Files\Symantec Shared\ccApp.exe" [2007-01-09 22:59]
"osCheck"="C:\Program Files\Norton Internet Security\osCheck.exe" [2006-11-21 22:42]
"Acer Tour"="" []
"eDataSecurity Loader"="C:\Acer\Empowering Technology\eDataSecurity\eDSloader.exe" [2007-01-02 18:58]
"eRecoveryService"="" []
"SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe" [2007-09-25 01:11]
"MSConfig"="C:\Windows\system32\msconfig.exe" [2006-11-02 11:45]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="C:\Program Files\Windows Sidebar\sidebar.exe" [2006-11-02 14:35]
"ehTray.exe"="C:\Windows\ehome\ehTray.exe" [2006-11-02 14:35]
"Acer Tour Reminder"="" []
"WMPNSCFG"="C:\Program Files\Windows Media Player\WMPNSCFG.exe" [2006-11-02 14:36]

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\
Microsoft Office.lnk - C:\Program Files\Microsoft Office\Office\OSA9.EXE [1999-02-17 20:05:56]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"appinit_dlls"=eNetHook.dll

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Adobe Reader Speed Launch.lnk]
path=C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Adobe Reader Speed Launch.lnk
backup=C:\Windows\pss\Adobe Reader Speed Launch.lnk.CommonStartup
backupExtension=.CommonStartup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^BTTray.lnk]
path=C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\BTTray.lnk
backup=C:\Windows\pss\BTTray.lnk.CommonStartup
backupExtension=.CommonStartup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Empowering Technology Launcher.lnk]
path=C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Empowering Technology Launcher.lnk
backup=C:\Windows\pss\Empowering Technology Launcher.lnk.CommonStartup
backupExtension=.CommonStartup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^HP Digital Imaging Monitor.lnk]
path=C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk
backup=C:\Windows\pss\HP Digital Imaging Monitor.lnk.CommonStartup
backupExtension=.CommonStartup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^WinZip Quick Pick.lnk]
path=C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\WinZip Quick Pick.lnk
backup=C:\Windows\pss\WinZip Quick Pick.lnk.CommonStartup
backupExtension=.CommonStartup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\!AVG Anti-Spyware]
"C:\Users\Bc Transport\Desktop\Ny mappe (2)\AVG Anti-Spyware 7.5\avgas.exe" /minimized

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Acer Tour Reminder]
C:\Acer\AcerTour\Reminder.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HP Software Update]
C:\Users\Bc Transport\Gem\Hp\HP Software Update\HPWuSchd2.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ISUSPM Startup]
"C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe" -startup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LManager]
C:\PROGRA~1\LAUNCH~1\LManager.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvCplDaemon]
RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvMediaCenter]
RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvSvc]
RUNDLL32.EXE C:\Windows\system32\nvsvc.dll,nvsvcStart

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RtHDVCpl]
RtHDVCpl.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Sony Ericsson PC Suite]
"C:\Program Files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe" /startoptions

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Symantec PIF AlertEng]
"C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe" /a /m "C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\AlertEng.dll"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WarReg_PopUp]
C:\Acer\WR_PopUp\WarReg_PopUp.exe

R0 nvstor32;nvstor32;C:\Windows\system32\DRIVERS\nvstor32.sys
R0 PSDFilter;PSDFilter;C:\Windows\system32\DRIVERS\psdfilter.sys
R0 PSDNServ;PSDNSERVER;C:\Windows\system32\drivers\PSDNServ.sys
R0 psdvdisk;psdvdisk;C:\Windows\system32\drivers\psdvdisk.sys
R0 UBHelper;UBHelper;C:\Windows\system32\drivers\UBHelper.sys
R1 IDSvix86;Symantec Intrusion Prevention Driver;\??\C:\PROGRA~2\Symantec\DEFINI~1\SymcData\idsdefs\20070801.001\IDSvix86.sys
R2 eDataSecurity Service;eDSService.exe;"C:\Acer\Empowering Technology\eDataSecurity\eDSService.exe"
R2 eNet Service;eNet Service;C:\Acer\Empowering Technology\eNet\eNet Service.exe
R2 eSettingsService;eSettings Service;C:\Acer\Empowering Technology\eSettings\Service\capuserv.exe
R2 int15;int15;\??\C:\Windows\system32\drivers\int15.sys
R2 MobilityService;MobilityService;C:\Acer\Mobility Center\MobilityService.exe -p
R2 WMIService;ePower Service;C:\Acer\Empowering Technology\ePower\ePowerSvc.exe
R2 XAudio;XAudio;C:\Windows\system32\DRIVERS\xaudio.sys
R3 Cam5607;Acer OrbiCam;C:\Windows\system32\Drivers\BisonC07.sys
R3 nvlddmkm;nvlddmkm;C:\Windows\system32\DRIVERS\nvlddmkm.sys
R3 nvsmu;nvsmu;C:\Windows\system32\DRIVERS\nvsmu.sys
R3 SYMNDISV;SYMNDISV;C:\Windows\system32\Drivers\SYMNDISV.SYS
S3 athr;Enhedsdriver til Atheros Extensible Trådløst netværk;C:\Windows\system32\DRIVERS\athr.sys
S3 BCM43XV;Driver til Broadcom Extensible 802.11-netværkskort;C:\Windows\system32\DRIVERS\bcmwl6.sys
S3 btwaudio;Bluetooth-audioenhed;C:\Windows\system32\drivers\btwaudio.sys
S3 btwavdt;Bluetooth AVDT Service;C:\Windows\system32\drivers\btwavdt.sys
S3 btwrchid;btwrchid;C:\Windows\system32\DRIVERS\btwrchid.sys
S3 DKbFltr;Dritek Keyboard Filter Driver;C:\Windows\system32\DRIVERS\DKbFltr.sys
S3 RTL8169;Realtek 8169 NT-driver;C:\Windows\system32\DRIVERS\Rtlh86.sys
S3 s116nd5;Sony Ericsson Device 116 USB Ethernet Emulation SEMC116 (NDIS);C:\Windows\system32\DRIVERS\s116nd5.sys
S3 s116unic;Sony Ericsson Device 116 USB Ethernet Emulation SEMC116 (WDM);C:\Windows\system32\DRIVERS\s116unic.sys
S3 SE2Ebus;Sony Ericsson Device 046 Driver driver (WDM);C:\Windows\system32\DRIVERS\SE2Ebus.sys
S3 SE2Emdfl;Sony Ericsson Device 046 USB WMC Modem Filter;C:\Windows\system32\DRIVERS\SE2Emdfl.sys
S3 SE2Emdm;Sony Ericsson Device 046 USB WMC Modem Driver;C:\Windows\system32\DRIVERS\SE2Emdm.sys
S3 SE2Emgmt;Sony Ericsson Device 046 USB WMC Device Management Drivers (WDM);C:\Windows\system32\DRIVERS\SE2Emgmt.sys
S3 SE2Eobex;Sony Ericsson Device 046 USB WMC OBEX Interface;C:\Windows\system32\DRIVERS\SE2Eobex.sys
S3 viaagp;VIA AGP Bus Filter;C:\Windows\system32\drivers\viaagp.sys

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
LocalSystemNetworkRestricted    hidserv UxSms WdiSystemHost Netman trkwks AudioEndpointBuilder WUDFSvc irmon sysmain IPBusEnum dot3svc PcaSvc EMDMgmt TabletInputService wlansvc WPDBusEnum
bthsvcs    BthServ
HPZ12    Pml Driver HPZ12 Net Driver HPZ12
hpdevmgmt    hpqcxs08 hpqddsvc

*Newly Created Service* - COMHOST
.
Contents of the 'Scheduled Tasks' folder
"2007-09-28 18:09:08 C:\Windows\Tasks\Norton Internet Security - Run Full System Scan - Bc Transport.job"
.
**************************************************************************

catchme 0.3.1169 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2007-10-20 13:54:30
Windows 6.0.6000  NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

**************************************************************************
.
Completion time: 2007-10-20 13:57:23
.
    --- E O F

Jeg har prøvet at køre den anden 2 gange,men den går i stå midt i det hele ?? (SuperAntiSpyware)

Hej.  Hvis ikke der er flere der kan hjælpe med dette spørgsmål,vil jeg lukke dette ned ??

Tak

Lukker ned