Søg
Avatar billede inari Nybegynder
09. december 2007 - 20:47 Der er 6 kommentarer

Meget langsom computer!

Computeren er utrolig langsom. Har køt forskellige scannere:

Logfile of HijackThis v1.99.1
Scan saved at 20:13:59, on 09-12-2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
C:\Documents and Settings\peter\Desktop\sikkerhed\alternativ.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://da.intl.acer.yahoo.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://da.intl.acer.yahoo.com
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Norton Internet Security 2006 - {9ECB9560-04F9-4bbc-943D-298DDF1699E1} - C:\Program Files\Common Files\Symantec Shared\AdBlocking\NISShExt.dll
O2 - BHO: NAV Helper - {A8F38D8D-E480-4D52-B7A2-731BB6995FDD} - C:\Program Files\Norton Internet Security\Norton AntiVirus\NavShExt.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar3.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll
O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O3 - Toolbar: Norton Internet Security 2006 - {0B53EAC3-8D69-4b9e-9B19-A37C9A5676A7} - C:\Program Files\Common Files\Symantec Shared\AdBlocking\NISShExt.dll
O3 - Toolbar: Norton AntiVirus - {C4069E3A-68F1-403E-B40E-20066696354B} - C:\Program Files\Norton Internet Security\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: Acer eDataSecurity Management - {5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - C:\WINDOWS\system32\eDStoolbar.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar3.dll
O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O4 - HKLM\..\Run: [ehTray] C:\WINDOWS\ehome\ehtray.exe
O4 - HKLM\..\Run: [preload] C:\Windows\RUNXMLPL.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [AzMixerSel] C:\Program Files\Realtek\InstallShield\AzMixerSel.exe
O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe
O4 - HKLM\..\Run: [ntiMUI] C:\Program Files\NewTech Infosystems\NTI CD & DVD-Maker 7\ntiMUI.exe
O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
O4 - HKLM\..\Run: [MSPY2002] C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe /SYNC
O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [SkyTel] SkyTel.EXE
O4 - HKLM\..\Run: [LaunchAp] "C:\Program Files\Launch Manager\LaunchAp.exe"
O4 - HKLM\..\Run: [LManager] "C:\Program Files\Launch Manager\HotkeyApp.exe"
O4 - HKLM\..\Run: [CtrlVol] "C:\Program Files\Launch Manager\CtrlVol.exe"
O4 - HKLM\..\Run: [LMgrOSD] "C:\Program Files\Launch Manager\OSDCtrl.exe"
O4 - HKLM\..\Run: [Wbutton] "C:\Program Files\Launch Manager\Wbutton.exe"
O4 - HKLM\..\Run: [eLockMonitor] C:\Acer\Empowering Technology\eLock\Monitor\LaunchMonitor.exe
O4 - HKLM\..\Run: [eDataSecurity Loader] C:\Acer\Empowering Technology\eDataSecurity\eDSloader.exe 0
O4 - HKLM\..\Run: [ePower_DMC] C:\Acer\Empowering Technology\ePower\ePower_DMC.exe
O4 - HKLM\..\Run: [Boot] C:\Acer\Empowering Technology\ePower\Boot.exe
O4 - HKLM\..\Run: [Acer ePresentation HPD] C:\Acer\Empowering Technology\ePresentation\ePresentation.exe
O4 - HKLM\..\Run: [eRecoveryService] C:\Acer\Empowering Technology\eRecovery\eRAgent.exe
O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE
O4 - HKLM\..\Run: [LogitechCameraAssistant] C:\Program Files\Acer\OrbiCam\CameraAssistant.exe
O4 - HKLM\..\Run: [LogitechVideo[inspector]] C:\Program Files\Acer\OrbiCam\InstallHelper.exe /inspect
O4 - HKLM\..\Run: [LogitechCameraService(E)] C:\WINDOWS\system32\ElkCtrl.exe /automation
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe"
O4 - HKLM\..\Run: [Symantec PIF AlertEng] "C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe" /a /m "C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\AlertEng.dll"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [MSConfig] C:\WINDOWS\PCHealth\HelpCtr\Binaries\MSConfig.exe /auto
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Acer Empowering Technology.lnk = ?
O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm
O8 - Extra context menu item: Åbn på ny baggrundsfane - res://C:\Program Files\Windows Live Toolbar\Components\da-dk\msntabres.dll.mui/229?0e6c87f6dee244fd8538c1e3bf16f589
O8 - Extra context menu item: Åbn på ny forgrundsfane - res://C:\Program Files\Windows Live Toolbar\Components\da-dk\msntabres.dll.mui/230?0e6c87f6dee244fd8538c1e3bf16f589
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {00C1329F-D6C9-46A2-8C3F-23F50977F0A5} (SMUpdateAX Class) - http://www.liquidlab.se/smupdate/stallet/SetupInf.cab
O16 - DPF: {D8575CE3-3432-4540-88A9-85A1325D3375} (e-Safekey) - https://netbank.danskebank.dk/html/activex/e-Safekey/DB/e-Safekey.cab
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll
O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxdev.dll
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O23 - Service: Memory Check Service (AcerMemUsageCheckService) - Acer Inc. - C:\Acer\Empowering Technology\ePerformance\MemCheck.exe
O23 - Service: Automatic LiveUpdate Scheduler - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Internet Security Password Validation (ccISPwdSvc) - Symantec Corporation - C:\Program Files\Norton Internet Security\ccPwdSvc.exe
O23 - Service: Symantec Network Proxy (ccProxy) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccProxy.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
O23 - Service: COM Host (comHost) - Symantec Corporation - C:\Program Files\Norton Internet Security\comHost.exe
O23 - Service: eLock Service (eLockService) -  - C:\Acer\Empowering Technology\eLock\Service\eLockServ.exe
O23 - Service: Intel(R) PROSet/Wireless Event Log (EvtEng) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
O23 - Service: LiveUpdate Notice Service - Unknown owner - C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe" /m "C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PifEng.dll (file missing)
O23 - Service: Logitech Process Monitor (LVPrcSrv) - Logitech - c:\program files\common files\logitech\lvmvfm\LVPrcSrv.exe
O23 - Service: Norton AntiVirus Auto-Protect Service (navapsvc) - Symantec Corporation - C:\Program Files\Norton Internet Security\Norton AntiVirus\navapsvc.exe
O23 - Service: Norton Protection Center Service (NSCService) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\Security Console\NSCSRVCE.EXE
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Intel(R) PROSet/Wireless Registry Service (RegSrvc) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - Unknown owner - %ProgramFiles%\WinPcap\rpcapd.exe" -d -f "%ProgramFiles%\WinPcap\rpcapd.ini (file missing)
O23 - Service: Intel(R) PROSet/Wireless Service (S24EventMonitor) - Intel Corporation  - C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
O23 - Service: Symantec AVScan (SAVScan) - Symantec Corporation - C:\Program Files\Norton Internet Security\Norton AntiVirus\SAVScan.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
O23 - Service: Symantec SPBBCSvc (SPBBCSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
O23 - Service: Symantec Core LC - Unknown owner - C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe

SUPERAntiSpyware Scan Log
http://www.superantispyware.com

Generated 12/09/2007 at 07:53 PM

Application Version : 3.7.1018

Core Rules Database Version : 3358
Trace Rules Database Version: 1357

Scan type      : Complete Scan
Total Scan Time : 01:17:01

Memory items scanned      : 161
Memory threats detected  : 0
Registry items scanned    : 5473
Registry threats detected : 0
File items scanned        : 38427
File threats detected    : 282

Adware.Tracking Cookie
    C:\Documents and Settings\peter\Cookies\peter@ads.estart[4].txt
    C:\Documents and Settings\peter\Cookies\peter@tracking.notabenestats[3].txt
    C:\Documents and Settings\peter\Cookies\peter@roiservice[1].txt
    C:\Documents and Settings\peter\Cookies\peter@ads.hojmark[2].txt
    C:\Documents and Settings\peter\Cookies\peter@mediavantage[1].txt
    C:\Documents and Settings\peter\Cookies\peter@komtrack[2].txt
    C:\Documents and Settings\peter\Cookies\peter@oddcast[2].txt
    C:\Documents and Settings\peter\Cookies\peter@ehg-legonewyorkinc.hitbox[3].txt
    C:\Documents and Settings\peter\Cookies\peter@e2.emediate[4].txt
    C:\Documents and Settings\peter\Cookies\peter@ad.adtoma[1].txt
    C:\Documents and Settings\peter\Cookies\peter@idtcalls[1].txt
    C:\Documents and Settings\peter\Cookies\peter@britembassy[1].txt
    C:\Documents and Settings\peter\Cookies\peter@hotbar[3].txt
    C:\Documents and Settings\peter\Cookies\peter@realmedia[2].txt
    C:\Documents and Settings\peter\Cookies\peter@bs.serving-sys[1].txt
    C:\Documents and Settings\peter\Cookies\peter@data4.perf.overture[3].txt
    C:\Documents and Settings\peter\Cookies\peter@adtech[1].txt
    C:\Documents and Settings\peter\Cookies\peter@clickski[1].txt
    C:\Documents and Settings\peter\Cookies\peter@statse.webtrendslive[1].txt
    C:\Documents and Settings\peter\Cookies\peter@track.adform[3].txt
    C:\Documents and Settings\peter\Cookies\peter@ads[2].txt
    C:\Documents and Settings\peter\Cookies\peter@ads.as4x.tmcs[1].txt
    C:\Documents and Settings\peter\Cookies\peter@link-stats[2].txt
    C:\Documents and Settings\peter\Cookies\peter@indextools[4].txt
    C:\Documents and Settings\peter\Cookies\peter@ehg-dig.hitbox[1].txt
    C:\Documents and Settings\peter\Cookies\peter@qnsr[1].txt
    C:\Documents and Settings\peter\Cookies\peter@overture[3].txt
    C:\Documents and Settings\peter\Cookies\peter@ehg-skistar.hitbox[1].txt
    C:\Documents and Settings\peter\Cookies\peter@indexstats[3].txt
    C:\Documents and Settings\peter\Cookies\peter@as-us.falkag[1].txt
    C:\Documents and Settings\peter\Cookies\peter@ads.pointroll[3].txt
    C:\Documents and Settings\peter\Cookies\peter@questionmarket[1].txt
    C:\Documents and Settings\peter\Cookies\peter@ehg-tiscover.hitbox[2].txt
    C:\Documents and Settings\peter\Cookies\peter@try.starware[1].txt
    C:\Documents and Settings\peter\Cookies\peter@ads.itv[1].txt
    C:\Documents and Settings\peter\Cookies\peter@hitbox[3].txt
    C:\Documents and Settings\peter\Cookies\peter@serving-sys[4].txt
    C:\Documents and Settings\peter\Cookies\peter@trafficmp[1].txt
    C:\Documents and Settings\peter\Cookies\peter@atdmt[2].txt
    C:\Documents and Settings\peter\Cookies\peter@vhost.oddcast[3].txt
    C:\Documents and Settings\peter\Cookies\peter@ads.skisport[3].txt
    C:\Documents and Settings\peter\Cookies\peter@tradedoubler[4].txt
    C:\Documents and Settings\peter\Cookies\peter@as1.falkag[2].txt
    C:\Documents and Settings\peter\Cookies\peter@ehg-nokiafin.hitbox[1].txt
    C:\Documents and Settings\peter\Cookies\peter@advertising[4].txt
    C:\Documents and Settings\peter\Cookies\peter@server.iad.liveperson[2].txt
    C:\Documents and Settings\peter\Cookies\peter@condor[2].txt
    C:\Documents and Settings\peter\Cookies\peter@adopt.euroclick[2].txt
    C:\Documents and Settings\peter\Cookies\peter@horoscopes[1].txt
    C:\Documents and Settings\peter\Cookies\peter@ebookers[1].txt
    C:\Documents and Settings\peter\Cookies\peter@tdstats[1].txt
    C:\Documents and Settings\peter\Cookies\peter@tacoda[1].txt
    C:\Documents and Settings\peter\Cookies\peter@www.clickski[2].txt
    C:\Documents and Settings\peter\Cookies\peter@76711721[1].txt
    C:\Documents and Settings\peter\Cookies\peter@adfair[4].txt
    C:\Documents and Settings\peter\Cookies\peter@ad.ofir[2].txt
    C:\Documents and Settings\peter\Cookies\peter@revenue[3].txt
    C:\Documents and Settings\peter\Cookies\peter@casalemedia[1].txt
    C:\Documents and Settings\peter\Cookies\peter@msnportal.112.2o7[1].txt
    C:\Documents and Settings\peter\Cookies\peter@web-stat[2].txt
    C:\Documents and Settings\peter\Cookies\peter@saxopolagroup.122.2o7[2].txt
    C:\Documents and Settings\peter\Cookies\peter@franceguide[1].txt
    C:\Documents and Settings\peter\Cookies\peter@emediate[1].txt
    C:\Documents and Settings\peter\Cookies\peter@stat.onestat[2].txt
    C:\Documents and Settings\peter\Cookies\peter@valueclick[1].txt
    C:\Documents and Settings\peter\Cookies\peter@9551721[2].txt
    C:\Documents and Settings\peter\Cookies\peter@adrevolver[4].txt
    C:\Documents and Settings\peter\Cookies\peter@bannere.fyens[1].txt
    C:\Documents and Settings\peter\Cookies\peter@ad1.emediate[1].txt
    C:\Documents and Settings\peter\Cookies\peter@xiti[1].txt
    C:\Documents and Settings\peter\Cookies\peter@2o7[3].txt
    C:\Documents and Settings\peter\Cookies\peter@wrigley.122.2o7[1].txt
    C:\Documents and Settings\peter\Cookies\peter@clickskicom.dynamicweb[1].txt
    C:\Documents and Settings\peter\Cookies\peter@ads.rejsestart[2].txt
    C:\Documents and Settings\peter\Cookies\peter@adserver.banneradministration[2].txt
    C:\Documents and Settings\peter\Cookies\peter@mediaplex[1].txt
    C:\Documents and Settings\peter\Cookies\peter@cgi-bin[2].txt
    C:\Documents and Settings\peter\Cookies\peter@adbrite[1].txt
    C:\Documents and Settings\peter\Cookies\peter@adrevolver[5].txt
    C:\Documents and Settings\peter\Cookies\peter@doubleclick[1].txt
    C:\Documents and Settings\peter\Cookies\peter@fastclick[4].txt
    C:\Documents and Settings\peter\Cookies\peter@r72[2].txt
    C:\Documents and Settings\peter\Cookies\peter@linksynergy[1].txt
    C:\Documents and Settings\peter\Cookies\peter@azjmp[2].txt
    C:\Documents and Settings\peter\Cookies\peter@specificclick[3].txt
    C:\Documents and Settings\peter\Cookies\peter@popularscreensavers[1].txt
    C:\Documents and Settings\peter\Cookies\peter@a[1].txt
    C:\Documents and Settings\peter\Cookies\peter@ehg-bskyb.hitbox[2].txt
    C:\Documents and Settings\peter\Cookies\peter@3.adbrite[2].txt
    C:\Documents and Settings\peter\Cookies\peter@tribalfusion[4].txt
    C:\Documents and Settings\peter\Cookies\peter@media.hotels[1].txt
    C:\Documents and Settings\peter\Cookies\peter@bonnier.banneradministration[1].txt
    C:\Documents and Settings\peter\Cookies\peter@edsa.122.2o7[1].txt
    C:\Documents and Settings\peter\Cookies\peter@ad.zanox[1].txt
    C:\Documents and Settings\peter\Cookies\peter@powellsbooks.122.2o7[1].txt
    C:\Documents and Settings\peter\Cookies\peter@ads.realtechnetwork[1].txt
    C:\Documents and Settings\peter\Cookies\peter@1068050097[1].txt
    C:\Documents and Settings\peter\Cookies\peter@sales.liveperson[2].txt
    C:\Documents and Settings\peter\Cookies\peter@zedo[2].txt
    C:\Documents and Settings\peter\Cookies\peter@stat.dealtime[1].txt
    C:\Documents and Settings\peter\Cookies\peter@1069789924[1].txt
    C:\Documents and Settings\peter\Cookies\peter@mdlfr[1].txt
    C:\Documents and Settings\peter\Cookies\peter@tracking.veille-referencement[1].txt
    C:\Documents and Settings\peter\Cookies\peter@cgi-bin[3].txt
    C:\Documents and Settings\peter\Cookies\peter@ads.revsci[2].txt
    C:\Documents and Settings\peter\Cookies\peter@cgi-bin[1].txt
    C:\Documents and Settings\peter\Cookies\peter@click.tdc-online[2].txt
    C:\Documents and Settings\peter\Cookies\peter@netmediagroup[1].txt
    C:\Documents and Settings\peter\Cookies\peter@transmedia[1].txt
    C:\Documents and Settings\peter\Cookies\peter@h.starware[1].txt
    C:\Documents and Settings\peter\Cookies\peter@dealtime[1].txt
    C:\Documents and Settings\peter\Cookies\peter@superstats[1].txt
    C:\Documents and Settings\peter\Cookies\peter@server.cpmstar[3].txt
    C:\Documents and Settings\peter\Cookies\peter@advertising.parship[2].txt
    C:\Documents and Settings\peter\Cookies\peter@eas4.emediate[1].txt
    C:\Documents and Settings\peter\Cookies\peter@mediamac.comon[1].txt
    C:\Documents and Settings\peter\Cookies\peter@atwola[2].txt
    C:\Documents and Settings\peter\Cookies\peter@ncom.banneradministration[1].txt
    C:\Documents and Settings\peter\Cookies\peter@adserver.spele[1].txt
    C:\Documents and Settings\peter\Cookies\peter@stats1.reliablestats[2].txt
    C:\Documents and Settings\peter\Cookies\peter@ad.yieldmanager[3].txt
    C:\Documents and Settings\peter\Cookies\peter@eas.apm.emediate[3].txt
    C:\Documents and Settings\peter\Cookies\peter@mtg.banneradministration[1].txt
    C:\Documents and Settings\peter\Cookies\peter@statcounter[4].txt
    C:\Documents and Settings\peter\Cookies\peter@ehg-lifetimeentertainment.hitbox[2].txt
    C:\Documents and Settings\peter\Cookies\peter@toplist[1].txt
    C:\Documents and Settings\peter\Cookies\peter@ehg-randomhouse.hitbox[1].txt
    C:\Documents and Settings\peter\Cookies\peter@48940962[2].txt
    C:\Documents and Settings\peter\Cookies\peter@perf.overture[1].txt
    C:\Documents and Settings\peter\Cookies\peter@45483392[1].txt
    C:\Documents and Settings\peter\Cookies\peter@banner.fynskemedier[2].txt
    C:\Documents and Settings\peter\Cookies\peter@den[1].txt
    C:\Documents and Settings\peter\Cookies\peter@cgi-bin[5].txt
    C:\Documents and Settings\peter\Cookies\peter@smileycentral[2].txt
    C:\Documents and Settings\peter\Cookies\peter@1059787306[1].txt
    C:\Documents and Settings\peter\Cookies\peter@jobzonen.112.2o7[1].txt
    C:\Documents and Settings\peter\Cookies\peter@1057684688[1].txt
    C:\Documents and Settings\peter\Cookies\peter@ads.gamesbannernet[3].txt
    C:\Documents and Settings\peter\Cookies\peter@cz4.clickzs[3].txt
    C:\Documents and Settings\peter\Cookies\peter@1063212608[1].txt
    C:\Documents and Settings\peter\Cookies\peter@1067259290[1].txt
    C:\Documents and Settings\peter\Cookies\peter@rocku.adbureau[1].txt
    C:\Documents and Settings\peter\Cookies\peter@ads.arto[2].txt
    C:\Documents and Settings\peter\Cookies\peter@adfarm1.adition[1].txt
    C:\Documents and Settings\peter\Cookies\peter@eboks.112.2o7[1].txt
    C:\Documents and Settings\peter\Cookies\peter@1066449470[1].txt
    C:\Documents and Settings\peter\Cookies\peter@microsoftwga.112.2o7[1].txt
    C:\Documents and Settings\peter\Cookies\peter@pulz.banneradministration[1].txt
    C:\Documents and Settings\peter\Cookies\peter@media.adrevolver[1].txt
    C:\Documents and Settings\peter\Cookies\peter@ehg-accenture.hitbox[1].txt
    C:\Documents and Settings\peter\Cookies\peter@ilead.itrack[1].txt
    C:\Documents and Settings\peter\Cookies\peter@1063891971[1].txt
    C:\Documents and Settings\peter\Cookies\peter@politiken.112.2o7[1].txt
    C:\Documents and Settings\peter\Cookies\peter@1070614286[1].txt
    C:\Documents and Settings\peter\Cookies\peter@fco[1].txt
    C:\Documents and Settings\peter\Cookies\peter@ads.adbrite[2].txt
    C:\Documents and Settings\peter\Cookies\peter@videoegg.adbureau[2].txt
    C:\Documents and Settings\peter\Cookies\peter@1070802378[1].txt
    C:\Documents and Settings\peter\Cookies\peter@stat.novasol[1].txt
    C:\Documents and Settings\peter\Cookies\peter@ads.habbogroup[2].txt
    C:\Documents and Settings\peter\Cookies\peter@1069646404[1].txt
    C:\Documents and Settings\peter\Cookies\peter@tipsbladet.banneradministration[2].txt
    C:\Documents and Settings\peter\Cookies\peter@ads.habbohotel[2].txt
    C:\Documents and Settings\peter\Cookies\peter@1068752956[1].txt
    C:\Documents and Settings\peter\Cookies\peter@bizrate[1].txt
    C:\Documents and Settings\peter\Cookies\peter@track.webgains[1].txt
    C:\Documents and Settings\peter\Cookies\peter@outrider.112.2o7[1].txt
    C:\Documents and Settings\peter\Cookies\peter@work[2].txt
    C:\Documents and Settings\peter\Cookies\peter@revsci[2].txt
    C:\Documents and Settings\peter\Cookies\peter@screensavers[2].txt
    C:\Documents and Settings\peter\Cookies\peter@banner.gratis-ting[3].txt
    C:\Documents and Settings\peter\Cookies\peter@ad.roiworld[1].txt
    C:\Documents and Settings\peter\Cookies\peter@nike.112.2o7[1].txt
    C:\Documents and Settings\peter\Cookies\peter@1072357160[1].txt
    C:\Documents and Settings\peter\Cookies\peter@counter.hitslink[1].txt
    C:\Documents and Settings\peter\Cookies\peter@ads.stardoll[1].txt
    C:\Documents and Settings\peter\Cookies\peter@1072718419[1].txt
    C:\Documents and Settings\peter\Cookies\peter@1071331674[1].txt
    C:\Documents and Settings\peter\Cookies\peter@1070527576[1].txt
    C:\Documents and Settings\peter\Cookies\peter@adservicemedia[2].txt
    C:\Documents and Settings\peter\Cookies\peter@22659619[2].txt
    C:\Documents and Settings\peter\Cookies\peter@7372395[1].txt
    C:\Documents and Settings\peter\Cookies\peter@playnetwork.112.2o7[1].txt
    C:\Documents and Settings\peter\Cookies\peter@bluestreak[1].txt
    C:\Documents and Settings\peter\Cookies\peter@cgi-bin[8].txt
    C:\Documents and Settings\peter\Cookies\peter@imeem.112.2o7[1].txt
    C:\Documents and Settings\peter\Cookies\peter@ukvisas[1].txt
    C:\Documents and Settings\peter\Cookies\peter@1059176333[1].txt
    C:\Documents and Settings\peter\Cookies\peter@ad.bannerconnect[2].txt
    C:\Documents and Settings\peter\Cookies\peter@yadro[1].txt
    C:\Documents and Settings\peter\Cookies\peter@trinitymirror.112.2o7[1].txt
    C:\Documents and Settings\peter\Cookies\peter@postclicktracking[1].txt
    C:\Documents and Settings\peter\Cookies\peter@philips.112.2o7[1].txt
    C:\Documents and Settings\peter\Cookies\peter@ehg-holidaybreak.hitbox[2].txt
    C:\Documents and Settings\peter\Cookies\peter@watagame.banneradministration[3].txt
    C:\Documents and Settings\peter\Cookies\peter@cgi-bin[7].txt
    C:\Documents and Settings\peter\Cookies\peter@ads.freeonlinegames[1].txt
    C:\Documents and Settings\peter\Cookies\peter@ad-indicator[2].txt
    C:\Documents and Settings\peter\Cookies\peter@adserver[2].txt
    C:\Documents and Settings\peter\Cookies\peter@adserver[1].txt
    C:\Documents and Settings\peter\Cookies\peter@1066630892[1].txt
    C:\Documents and Settings\peter\Cookies\peter@21526[1].txt
    C:\Documents and Settings\peter\Cookies\peter@ads.freeway[1].txt
    C:\Documents and Settings\peter\Cookies\peter@2o7[2].txt
    C:\Documents and Settings\peter\Cookies\peter@serving-sys[2].txt
    C:\Documents and Settings\peter\Cookies\peter@advertising[2].txt
    C:\Documents and Settings\peter\Cookies\peter@ads.pointroll[2].txt
    C:\Documents and Settings\peter\Cookies\peter@ads.rejsestart[1].txt
    C:\Documents and Settings\peter\Cookies\peter@fastclick[2].txt
    C:\Documents and Settings\peter\Cookies\peter@revenue[1].txt
    C:\Documents and Settings\peter\Cookies\peter@ads.skisport[2].txt
    C:\Documents and Settings\peter\Cookies\peter@oddcast[1].txt
    C:\Documents and Settings\peter\Cookies\peter@server.iad.liveperson[1].txt
    C:\Documents and Settings\peter\Cookies\peter@valueclick[2].txt
    C:\Documents and Settings\peter\Cookies\peter@tracking.notabenestats[1].txt
    C:\Documents and Settings\peter\Cookies\peter@vhost.oddcast[2].txt
    C:\Documents and Settings\peter\Cookies\peter@e2.emediate[1].txt
    C:\Documents and Settings\peter\Cookies\peter@ads.estart[2].txt
    C:\Documents and Settings\peter\Cookies\peter@as1.falkag[1].txt
    C:\Documents and Settings\peter\Cookies\peter@indextools[2].txt
    C:\Documents and Settings\peter\Cookies\peter@data4.perf.overture[2].txt
    C:\Documents and Settings\peter\Cookies\peter@overture[2].txt
    C:\Documents and Settings\peter\Cookies\peter@atwola[1].txt
    C:\Documents and Settings\peter\Cookies\peter@revsci[1].txt
    C:\Documents and Settings\peter\Cookies\peter@tribalfusion[1].txt
    C:\Documents and Settings\peter\Cookies\peter@ehg-legonewyorkinc.hitbox[2].txt
    C:\Documents and Settings\peter\Cookies\peter@emediate[2].txt
    C:\Documents and Settings\peter\Cookies\peter@tradedoubler[2].txt
    C:\Documents and Settings\peter\Cookies\peter@ads.stardoll[2].txt
    C:\Documents and Settings\peter\Cookies\peter@ehg-nokiafin.hitbox[2].txt
    C:\Documents and Settings\peter\Cookies\peter@m1.webstats4u[2].txt
    C:\Documents and Settings\peter\Cookies\peter@indexstats[2].txt
    C:\Documents and Settings\peter\Cookies\peter@adbrite[2].txt
    C:\Documents and Settings\peter\Cookies\peter@ehg-dig.hitbox[2].txt
    C:\Documents and Settings\peter\Cookies\peter@ad1.emediate[2].txt
    C:\Documents and Settings\peter\Cookies\peter@adrevolver[1].txt
    C:\Documents and Settings\peter\Cookies\peter@server.cpmstar[2].txt
    C:\Documents and Settings\peter\Cookies\peter@ad.yieldmanager[1].txt
    C:\Documents and Settings\peter\Cookies\peter@statcounter[1].txt
    C:\Documents and Settings\peter\Cookies\peter@adfair[2].txt
    C:\Documents and Settings\peter\Cookies\peter@adrevolver[3].txt
    C:\Documents and Settings\peter\Cookies\peter@statse.webtrendslive[2].txt
    C:\Documents and Settings\peter\Cookies\peter@adserver.banneradministration[1].txt
    C:\Documents and Settings\peter\Cookies\peter@bs.serving-sys[2].txt
    C:\Documents and Settings\peter\Cookies\peter@hotbar[2].txt
    C:\Documents and Settings\peter\Cookies\peter@casalemedia[2].txt
    C:\Documents and Settings\peter\Cookies\peter@ads.arto[1].txt
    C:\Documents and Settings\peter\Cookies\peter@ad.zanox[2].txt
    C:\Documents and Settings\peter\Cookies\peter@track.adform[2].txt
    C:\Documents and Settings\peter\Cookies\peter@hitbox[1].txt
    C:\Documents and Settings\peter\Cookies\peter@track.adform[1].txt
    C:\Documents and Settings\peter\Cookies\peter@ads.adbrite[1].txt
    C:\Documents and Settings\peter\Cookies\peter@server.iad.liveperson[3].txt
    C:\Documents and Settings\peter\Cookies\peter@azjmp[1].txt
    C:\Documents and Settings\peter\Cookies\peter@specificclick[2].txt
    C:\Documents and Settings\peter\Cookies\peter@indextools[1].txt
    C:\Documents and Settings\peter\Cookies\peter@ads.skisport[1].txt
    C:\Documents and Settings\peter\Cookies\peter@zedo[1].txt
    C:\Documents and Settings\peter\Cookies\peter@tradedoubler[3].txt
    C:\Documents and Settings\peter\Cookies\peter@serving-sys[3].txt
    C:\Documents and Settings\peter\Cookies\peter@e2.emediate[3].txt
    C:\Documents and Settings\peter\Cookies\peter@ads.estart[1].txt
    C:\Documents and Settings\peter\Cookies\peter@ad1.emediate[3].txt
    C:\Documents and Settings\peter\Cookies\peter@stats[1].txt
    C:\Documents and Settings\peter\Cookies\peter@ads.gamesbannernet[2].txt
    C:\Documents and Settings\peter\Cookies\peter@ads.ak.facebook[1].txt
    C:\Documents and Settings\peter\Cookies\peter@track.adform[4].txt
    C:\Documents and Settings\peter\Cookies\peter@eas.apm.emediate[1].txt
    C:\Documents and Settings\peter\Cookies\peter@advertising[3].txt
    C:\Documents and Settings\peter\Cookies\peter@adbrite[3].txt
    C:\Documents and Settings\peter\Cookies\peter@statcounter[3].txt
    C:\Documents and Settings\peter\Cookies\peter@tribalfusion[3].txt
    C:\Documents and Settings\peter\Cookies\peter@ad.zanox[3].txt
    C:\Documents and Settings\peter\Cookies\peter@rocku.adbureau[2].txt
    C:\Documents and Settings\peter\Cookies\peter@revsci[3].txt
    C:\Documents and Settings\peter\Cookies\peter@watagame.banneradministration[1].txt
    C:\Documents and Settings\peter\Cookies\peter@cz4.clickzs[2].txt
    C:\Documents and Settings\peter\Cookies\peter@fastclick[3].txt
    C:\Documents and Settings\peter\Cookies\peter@adfair[3].txt
    C:\Documents and Settings\peter\Cookies\peter@banner.gratis-ting[2].txt
    C:\Documents and Settings\peter\Cookies\peter@ad.yieldmanager[2].txt
    C:\Documents and Settings\peter\Cookies\peter@metatraffic[1].txt

********************************* ROOTCHK-(5-12-07)-LOG, by ejvindh
09-12-2007 17:27:36,00

Driver npf (visible) is present. Run COMBOFIX by sUBs.

********************************* ROOTCHK-LOG-end


catchme 0.3.1319 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2007-12-09 17:27:38
Windows 5.1.2600 Service Pack 2
scanning hidden processes ...

scanning hidden services ...

scanning hidden autostart entries ...

scanning hidden files ...

hidden processes: 0
hidden services: 0
hidden files: 0

ComboFix 07-12-09.1 - peter 2007-12-09 17:30:33.1 - FAT32x86
Microsoft Windows XP Professional  5.1.2600.2.1252.45.1033.18.529 [GMT 1:00]
Running from: C:\Documents and Settings\peter\Desktop\sikkerhed\ComboFix.exe
* Created a new restore point
.

(((((((((((((((((((((((((((((((((((((((  Other Deletions  )))))))))))))))))))))))))))))))))))))))))))))))))
.

C:\WINDOWS\system32\drivers\npf.sys
C:\WINDOWS\system32\packet.dll
C:\WINDOWS\system32\pthreadVC.dll
C:\WINDOWS\system32\WanPacket.dll
C:\WINDOWS\system32\wpcap.dll

.
(((((((((((((((((((((((((((((((((((((((  Drivers/Services  )))))))))))))))))))))))))))))))))))))))))))))))))

.
-------\LEGACY_NPF
-------\NPF


(((((((((((((((((((((((((  Files Created from 2007-11-09 to 2007-12-09  )))))))))))))))))))))))))))))))
.

2007-12-09 17:24 . 2007-12-09 17:24    <DIR>    d--------    C:\Documents and Settings\All Users\Application Data\SUPERAntiSpyware.com
2007-12-09 17:23 . 2007-12-09 17:23    <DIR>    d--------    C:\Program Files\SUPERAntiSpyware
2007-12-09 17:23 . 2007-12-09 17:23    <DIR>    d--------    C:\Program Files\Common Files\Wise Installation Wizard
2007-12-09 17:23 . 2007-12-09 17:23    <DIR>    d--------    C:\Documents and Settings\peter\Application Data\SUPERAntiSpyware.com
2007-12-09 17:20 . 2007-12-09 17:20    <DIR>    d--------    C:\Program Files\CCleaner
2007-11-18 22:42 . 2007-11-29 22:55    54,156    --ah-----    C:\WINDOWS\QTFont.qfn
2007-11-18 22:42 . 2007-11-18 22:42    1,409    --a------    C:\WINDOWS\QTFont.for
2007-11-18 22:40 . 2007-11-18 22:40    <DIR>    d--------    C:\Program Files\Apple Software Update
2007-11-18 22:40 . 2007-11-18 22:40    <DIR>    d--------    C:\Documents and Settings\All Users\Application Data\Apple Computer
2007-11-18 22:40 . 2007-11-18 22:40    <DIR>    d--------    C:\Documents and Settings\All Users\Application Data\Apple
2007-11-18 22:37 . 2007-11-18 22:37    <DIR>    d--------    C:\Program Files\QuickTime

.
((((((((((((((((((((((((((((((((((((((((  Find3M Report  ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2007-10-26 03:34    8,460,288    ----a-w    C:\WINDOWS\system32\dllcache\shell32.dll
2007-09-27 17:52    60,800    ----a-w    C:\WINDOWS\system32\S32EVNT1.DLL
.

(((((((((((((((((((((((((((((((((((((  Reg Loading Points  ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-10 04:00]
"swg"="C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2007-08-11 11:22]
"SUPERAntiSpyware"="C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe" [2007-04-23 15:46]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ehTray"="C:\WINDOWS\ehome\ehtray.exe" [2005-08-05 13:56]
"preload"="C:\Windows\RUNXMLPL.exe" [2005-05-19 17:09]
"SynTPEnh"="C:\Program Files\Synaptics\SynTP\SynTPEnh.exe" [2005-12-16 16:32]
"AzMixerSel"="C:\Program Files\Realtek\InstallShield\AzMixerSel.exe" [2005-06-11 20:51]
"AGRSMMSG"="AGRSMMSG.exe" [2005-12-12 14:50 C:\WINDOWS\AGRSMMSG.exe]
"ntiMUI"="C:\Program Files\NewTech Infosystems\NTI CD & DVD-Maker 7\ntiMUI.exe" [2005-05-11 17:15]
"IMJPMIG8.1"="C:\WINDOWS\IME\imjp8_1\IMJPMIG.exe" [2004-08-10 04:00]
"MSPY2002"="C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe" [2004-08-10 04:00]
"PHIME2002ASync"="C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.exe" [2004-08-10 04:00]
"PHIME2002A"="C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.exe" [2004-08-10 04:00]
"ccApp"="C:\Program Files\Common Files\Symantec Shared\ccApp.exe" [2007-01-22 22:19]
"NvCplDaemon"="RUNDLL32.exe" [2004-08-10 04:00 C:\WINDOWS\system32\rundll32.exe]
"NvMediaCenter"="RUNDLL32.exe" [2004-08-10 04:00 C:\WINDOWS\system32\rundll32.exe]
"RTHDCPL"="RTHDCPL.EXE" [2006-07-21 17:56 C:\WINDOWS\RTHDCPL.exe]
"SkyTel"="SkyTel.EXE" [2006-05-16 19:04 C:\WINDOWS\SkyTel.exe]
"LaunchAp"="C:\Program Files\Launch Manager\LaunchAp.exe" [2005-07-25 13:36]
"LManager"="C:\Program Files\Launch Manager\HotkeyApp.exe" [2006-04-19 15:08]
"CtrlVol"="C:\Program Files\Launch Manager\CtrlVol.exe" [2003-09-16 14:28]
"LMgrOSD"="C:\Program Files\Launch Manager\OSDCtrl.exe" [2005-07-25 10:45]
"Wbutton"="C:\Program Files\Launch Manager\Wbutton.exe" [2006-04-20 09:23]
"eLockMonitor"="C:\Acer\Empowering Technology\eLock\Monitor\LaunchMonitor.exe" []
"eDataSecurity Loader"="C:\Acer\Empowering Technology\eDataSecurity\eDSloader.exe" [2006-03-17 15:00]
"ePower_DMC"="C:\Acer\Empowering Technology\ePower\ePower_DMC.exe" [2006-03-30 18:47]
"Boot"="C:\Acer\Empowering Technology\ePower\Boot.exe" [2006-03-15 22:12]
"Acer ePresentation HPD"="C:\Acer\Empowering Technology\ePresentation\ePresentation.exe" [2006-03-31 16:39]
"eRecoveryService"="C:\Acer\Empowering Technology\eRecovery\eRAgent.exe" [2006-06-01 14:40]
"LVCOMSX"="C:\WINDOWS\system32\LVCOMSX.EXE" [2006-06-23 10:39]
"LogitechCameraAssistant"="C:\Program Files\Acer\OrbiCam\CameraAssistant.exe" [2006-06-26 15:47]
"LogitechVideo[inspector]"="C:\Program Files\Acer\OrbiCam\InstallHelper.exe" [2006-06-26 15:55]
"LogitechCameraService(E)"="C:\WINDOWS\system32\ElkCtrl.exe" [2004-11-01 18:22]
"SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe" [2007-07-12 04:00]
"Symantec PIF AlertEng"="C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe" [2007-03-12 18:30]
"QuickTime Task"="C:\Program Files\QuickTime\qttask.exe" [2007-11-18 22:37]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\system32\CTFMON.EXE" [2004-08-10 04:00]

C:\Documents and Settings\All Users\Start Menu\Programs\Startup\
Adobe Reader Speed Launch.lnk - C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe [2004-12-14 04:44:06]
Acer Empowering Technology.lnk - C:\Acer\Empowering Technology\Acer.Empowering.Framework.Launcher.exe [2006-11-26 05:16:42]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"InstallVisualStyle"= C:\WINDOWS\Resources\Themes\Royale\Royale.msstyles
"InstallTheme"= C:\WINDOWS\Resources\Themes\Royale.theme

[hkey_local_machine\software\microsoft\windows\currentversion\explorer\shellexecutehooks]
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= C:\Program Files\SUPERAntiSpyware\SASSEH.DLL [2006-12-20 13:55 77824]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\!SASWinLogon]
C:\Program Files\SUPERAntiSpyware\SASWINLO.dll 2007-04-19 13:41 294912 C:\Program Files\SUPERAntiSpyware\SASWINLO.dll

R0 UBHelper;UBHelper;C:\WINDOWS\system32\drivers\UBHelper.sys
R0 viaagp;VIA AGP Bus Filter;C:\WINDOWS\system32\DRIVERS\viaagp.sys
R1 Hotkey;Hotkey;C:\WINDOWS\system32\drivers\Hotkey.sys
R2 EpmPsd;Acer EPM Power Scheme Driver;\??\C:\WINDOWS\system32\drivers\epm-psd.sys
R2 EpmShd;Acer EPM System Hardware Driver;\??\C:\WINDOWS\system32\drivers\epm-shd.sys
R2 int15;int15;\??\C:\WINDOWS\system32\drivers\int15.sys
R2 tvicport;tvicport;\??\C:\WINDOWS\system32\drivers\tvicport.sys
R3 lv321av;Logitech USB PC Camera (VC0321);C:\WINDOWS\system32\DRIVERS\lv321av.sys
R3 LVPrcMon;Logitech LVPrcMon Driver;\??\C:\WINDOWS\system32\drivers\LVPrcMon.sys
R3 psdfilter;psdfilter;\??\C:\WINDOWS\system32\Drivers\psdfilter.sys
R3 psdvdisk;psdvdisk;\??\C:\WINDOWS\system32\Drivers\psdvdisk.sys
S1 Wbutton;Wbutton;C:\WINDOWS\system32\drivers\Wbutton.sys

*Newly Created Service* - COMHOST
.
Contents of the 'Scheduled Tasks' folder
"2007-10-26 21:07:18 C:\WINDOWS\Tasks\Norton AntiVirus - Run Full System Scan - peter.job"
"2007-11-18 21:40:16 C:\WINDOWS\Tasks\AppleSoftwareUpdate.job"
- C:\Program Files\Apple Software Update\SoftwareUpdate.exe
"2007-12-09 14:56:02 C:\WINDOWS\Tasks\Søg efter opdateringer til Windows Live Toolbar.job"
.
**************************************************************************

catchme 0.3.1331 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2007-12-09 17:38:27
Windows 5.1.2600 Service Pack 2 FAT NTAPI

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\run]
"LogitechCameraAssistant"="C:\\Program Files\\Acer\\OrbiCam\\CameraAssistant.exe"
.
Completion time: 2007-12-09 17:42:02 - machine was rebooted
.
    --- E O F ---
Avatar billede Computer Hjælp (Gratis) Mester
09. december 2007 - 21:42 #1
Umiddelbart er loggen nu ren - ComboFix har også deleted nogle elementer...

Du har jo også den store Norton/Symantec pakke; rimelig kendt for at trække en den kræfter...

----------------

Jeg kan se at du - måske mere eller mindre mod din vilje - har installeret [Yahoo Toolbar] ?
Den er dog ikke 'farlig', men bare et irriterende program/toolbar som bare fylder op.
Hvis du vil slippe af med den kan du følge guiden herfra ->
http://support.microsoft.com/kb/303047

----------------

Registreringsdatabase oprydning kan anbefales ->
RegCleaner http://www.ccleaner.com/ + http://www.spywarefri.dk/manualer/ccleaner-manual.htm (Specielt punktet [Register]...)
Under installationen får du tilbudt [Yahoo Toolbar]. Du kan sige ja eller nej til den.
Avatar billede inari Nybegynder
09. december 2007 - 22:21 #2
Ok det var rart at vide.

Yahoo Toolbar er blevet fjernet igen og der er ligeledes blevet udført oprydning af registreringsdatabasen med CCleaner.
Avatar billede oskar Nybegynder
09. december 2007 - 23:35 #3
Andre ting der kan gøre en maskine langsom: Manglende plads på hd (under 15 %), mangledne defragmentering, problemfyldte sektorer ( kør chkdsk), fejl i pagefile, overfyldte temp-mapper, fejl i ram ( jeg fik 35% bedre ydelse ved at skifte ram på en ærbar i sidste uge)...
Avatar billede oskar Nybegynder
09. december 2007 - 23:42 #4
b, hovsa der manglede vist i b i sidste linje. :)
Avatar billede Jensen DK Novice
10. december 2007 - 06:56 #5
http://www.eksperten.dk/spm/805208
Hvad med at lukke dette spørgsmål det er ens med det nu stillede.
Avatar billede Jensen DK Novice
10. december 2007 - 06:59 #6
Du kan læse her om hvordan man lukker et spørgsmål: http://expfaq.dk/behandling_af_svar#behandling_af_svar
Avatar billede Ny bruger Nybegynder

Din løsning...

Tilladte BB-code-tags: [b]fed[/b] [i]kursiv[/i] [u]understreget[/u] Web- og emailadresser omdannes automatisk til links. Der sættes "nofollow" på alle links.

Loading billede Opret Preview
Kategori
Se alle it-kurser fra Computerworld Kurser
IT-kurser om Microsoft 365, sikkerhed, personlig vækst, udvikling, digital markedsføring, grafisk design, SAP og forretningsanalyse.
Se alle it-kurser

Flere spørgsmål fra Virus kategorien

Titel Indlæg Oprettet Seneste aktivitet
Vil skrifte antivirusprogram. Af ErikHg i Virus 22 26/11/202510:42 23/12/202514:29
Er gratis Bitdefender værd at installere ? Af Ikke-ekspert i Virus 8 31/08/202519:08 01/09/202514:18
Ukendte filer på min Pc Af jonpet i Virus 10 03/02/202514:20 04/02/202511:05
mulig ukendt virus Af jackie18 i Virus 3 18/01/202514:07 18/01/202516:39
virus popper op med jævne mellemrum Af Malm i Virus 13 18/01/202511:40 20/01/202517:53
Se alle spørgsmål i kategorien Opret spørgsmål

Log ind eller opret profil

Hov!

For at kunne deltage på Computerworld Eksperten skal du være logget ind.

Det er heldigvis nemt at oprette en bruger: Det tager to minutter og du kan vælge at bruge enten e-mail, Facebook eller Google som login.

Opret Log ind

Du kan også logge ind via nedenstående tjenester

Alle kategorier på Eksperten
IT-JOB

Styrelsen For It og Læring

Product Owner til samfundsvigtige it-løsninger

Netcompany A/S

IT Manager

Metroselskabet og Hovedstadens Letbane

Data Engineer at Metroselskabet

Patent- og Varemærkestyrelsen

Softwareudvikler

Jyske Bank

Udvikling af kreditrisikomodeller for erhvervskunder
Seneste spørgsmål Seneste aktivitet
27/1222:02 Låse brugt iPad op Af drstein i iOS, iPhone & iPad
27/1219:21 Hvor finder jeg en oversigt over mine spørgsmål Af KurtG i Hjælp og fejl
27/1211:31 TP-Link Wifi extender opsat som accesspoint giver 50% up- og download, Af Uvanga i Wifi
26/1213:05 Hvorfor bliver tiff-filer større ved konvertering til samme format Af KurtG i Billedbehandling
23/1221:36 Gøre Ikonerne lidt større i proceslinjen (Windows 10) Af Ikke-ekspert i Windows
White papers
Flere white papers »