Notifikationer

Markér alle som læst Log ud

djgreg Nybegynder

26. december 2007 - 10:05 Der er 59 kommentarer og
2 løsninger

Hijack this

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 09:59, on 2007-12-26
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)
Boot mode: Normal

Running processes:
D:\WINDOWS\System32\smss.exe
D:\WINDOWS\system32\csrss.exe
D:\WINDOWS\system32\winlogon.exe
D:\WINDOWS\system32\services.exe
D:\WINDOWS\system32\lsass.exe
D:\WINDOWS\system32\svchost.exe
D:\WINDOWS\System32\svchost.exe
D:\WINDOWS\System32\svchost.exe
D:\WINDOWS\System32\svchost.exe
D:\Programmer\Lavasoft\Ad-Aware 2007\aawservice.exe
D:\WINDOWS\system32\spoolsv.exe
D:\Programmer\Antiy Labs\Alive\ALiveCenter.exe
D:\Programmer\Grisoft\AVG Anti-Spyware 7.5\guard.exe
D:\Programmer\Fælles filer\Microsoft Shared\VS7DEBUG\MDM.EXE
D:\WINDOWS\System32\svchost.exe
D:\WINDOWS\System32\nvsvc32.exe
D:\WINDOWS\System32\svchost.exe
D:\Programmer\Trend Micro\PC-cillin 2002\Tmntsrv.exe
D:\WINDOWS\System32\wdfmgr.exe
D:\WINDOWS\System32\MsPMSPSv.exe
D:\Programmer\Canon\CAL\CALMAIN.exe
D:\Programmer\Trend Micro\PC-cillin 2002\PCCPFW.exe
D:\WINDOWS\Explorer.EXE
D:\Programmer\iTunes\iTunesHelper.exe
D:\Programmer\QuickTime\qttask.exe
D:\Programmer\Microsoft Security Adviser\mssadv.exe
D:\WINDOWS\System32\newmaxxsv234.exe
D:\Programmer\MSN Messenger\msnmsgr.exe
D:\Programmer\iPod\bin\iPodService.exe
D:\WINDOWS\System32\dllgh8jkd1q2.exe
D:\WINDOWS\System32\dllgh8jkd1q5.exe
D:\WINDOWS\System32\vedxga1me4t1.exe
D:\WINDOWS\System32\vedxg4am1et2.exe
D:\WINDOWS\System32\vedxg3am1et3.exe
D:\WINDOWS\System32\wbem\wmiprvse.exe
D:\WINDOWS\taskmon.exe
D:\WINDOWS\System32\shift.exe.exe
D:\DOCUME~1\ANDR~1\LOKALE~1\Temp\15.tmp
D:\WINDOWS\System32\alt.exe.exe
D:\DOCUME~1\ANDR~1\LOKALE~1\Temp\11.tmp.exe
D:\WINDOWS\17PHolmes27.exe
D:\WINDOWS\System32\cmd.exe
D:\Documents and Settings\André\Skrivebord\Ny mappe\HiJackThis.exe
D:\Programmer\Internet Explorer\IEXPLORE.EXE

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.dr.dk/sporten
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://85.255.113.67/privacyWarning.php
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Hyperlinks
F2 - REG:system.ini: UserInit=D:\WINDOWS\system32\userinit.exe,D:\WINDOWS\System32\ntos.exe,
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - D:\Programmer\Java\jre1.5.0_10\bin\ssv.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - d:\programmer\google\googletoolbar1.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - D:\WINDOWS\System32\msdxm.ocx
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - d:\programmer\google\googletoolbar1.dll
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE D:\WINDOWS\System32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE D:\WINDOWS\System32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [iTunesHelper] "D:\Programmer\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [QuickTime Task] "D:\Programmer\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [BearFlix] "D:\Programmer\BearFlix\BearFlix.exe" /pause
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKLM\..\Run: [msctrl.exe] D:\Programmer\Microsoft Security Adviser\msctrl.exe
O4 - HKLM\..\Run: [msavsc.exe] D:\Programmer\Microsoft Security Adviser\msavsc.exe
O4 - HKLM\..\Run: [msscan.exe] D:\Programmer\Microsoft Security Adviser\msscan.exe
O4 - HKLM\..\Run: [msiemon.exe] D:\Programmer\Microsoft Security Adviser\msiemon.exe
O4 - HKLM\..\Run: [msfw.exe] D:\Programmer\Microsoft Security Adviser\msfw.exe
O4 - HKLM\..\Run: [Microsoft security adviser] D:\Programmer\Microsoft Security Adviser\mssadv.exe
O4 - HKLM\..\Run: [System] D:\WINDOWS\System32\kernelwind32.exe
O4 - HKLM\..\Run: [SystemSv12] D:\WINDOWS\System32\newmaxxsv234.exe
O4 - HKLM\..\Run: [PromoReg] D:\WINDOWS\System32\alt.exe.exe
O4 - HKLM\..\Run: [taskmon] D:\WINDOWS\taskmon.exe
O4 - HKLM\..\Run: [runner1] D:\WINDOWS\mrofinu27.exe 61A847B5BBF72810358B2B27128065E9C084320161C4661227A755E9C2933154389A
O4 - HKLM\..\Run: [runtime.exe] D:\WINDOWS\System32\runtime.exe
O4 - HKCU\..\Run: [msctrl.exe] D:\Programmer\Microsoft Security Adviser\msctrl.exe
O4 - HKCU\..\Run: [msavsc.exe] D:\Programmer\Microsoft Security Adviser\msavsc.exe
O4 - HKCU\..\Run: [msscan.exe] D:\Programmer\Microsoft Security Adviser\msscan.exe
O4 - HKCU\..\Run: [msiemon.exe] D:\Programmer\Microsoft Security Adviser\msiemon.exe
O4 - HKCU\..\Run: [msfw.exe] D:\Programmer\Microsoft Security Adviser\msfw.exe
O4 - HKCU\..\Run: [msnmsgr] "D:\Programmer\MSN Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [Microsoft security adviser] D:\Programmer\Microsoft Security Adviser\mssadv.exe
O4 - HKCU\..\Run: [Windows update loader] C:\Windows\xpupdate.exe
O4 - HKCU\..\Run: [Service Pack 1] D:\WINDOWS\System32\vedxg6ame4.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] D:\WINDOWS\System32\CTFMON.EXE (User 'LOKAL TJENESTE')
O4 - HKUS\S-1-5-19\..\Run: [Ordbogen.com] D:\Programmer\CoolSystems\ordbogen.com\ordbogen.exe (User 'LOKAL TJENESTE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] D:\WINDOWS\System32\CTFMON.EXE (User 'NETVÆRKSTJENESTE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] D:\WINDOWS\System32\CTFMON.EXE (User '?')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] D:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
O4 - Startup: ClickOff.lnk = D:\Programmer\ClickOff\Clickoff.exe
O8 - Extra context menu item: Add to AMV Convert Tool... - D:\Programmer\MP3 Player Utilities 3.79\AMVConverter\grab.html
O8 - Extra context menu item: E&ksporter til Microsoft Excel - res://D:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: MediaManager tool grab multimedia file - D:\Programmer\MP3 Player Utilities 3.79\MediaManager\grab.html
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - D:\Programmer\Java\jre1.5.0_10\bin\npjpi150_10.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - D:\Programmer\Java\jre1.5.0_10\bin\npjpi150_10.dll
O9 - Extra button: Opret Foretrukken på mobil enhed - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - D:\Programmer\Microsoft ActiveSync\inetrepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - D:\Programmer\Microsoft ActiveSync\inetrepl.dll
O9 - Extra 'Tools' menuitem: Opret Foretrukken på mobil enhed... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - D:\Programmer\Microsoft ActiveSync\inetrepl.dll
O9 - Extra button: Opslag - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - D:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - D:\WINDOWS\System32\shdocvw.dll
O9 - Extra 'Tools' menuitem: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - D:\WINDOWS\System32\shdocvw.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - D:\Programmer\Messenger\MSMSGS.EXE
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - D:\Programmer\Messenger\MSMSGS.EXE
O10 - Unknown file in Winsock LSP: d:\windows\system32\nwprovau.dll
O12 - Plugin for .spop: D:\Programmer\Internet Explorer\Plugins\NPDocBox.dll
O16 - DPF: {029FDBA6-3547-11D7-AA4C-0050BF051A00} (Rawflow ICD Client) - http://downol.dr.dk/download/netradio/Rawflow.cab
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab31267.cab
O16 - DPF: {3D2CB570-D425-11D5-ABD0-00008369C46F} (CSMenu Class) - https://netbank.bgbank.dk/html/activex/BG/Menu.cab
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx2.hotmail.com/mail/w2/resources/MSNPUpld.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1133301966077
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab31267.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O16 - DPF: {D216644A-C6DB-49D9-BBCF-D38FE7991BF2} (Util Class) - https://udstedelse.certifikat.tdc.dk/csp/authenticode/tdccsp-0506.exe
O16 - DPF: {D8575CE3-3432-4540-88A9-85A1325D3375} (e-Safekey) - https://netbank.bgbank.dk/html/activex/e-Safekey/BG/e-Safekey.cab
O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab56986.cab
O20 - Winlogon Notify: !SASWinLogon - D:\Programmer\SUPERAntiSpyware\SASWINLO.dll
O20 - Winlogon Notify: botreg - D:\Documents and Settings\All Users\Dokumenter\Settings\bot.dll
O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft AB - D:\Programmer\Lavasoft\Ad-Aware 2007\aawservice.exe
O23 - Service: Gatewaytjeneste til programlaget (ALG) - Unknown owner - cmd.exe (file missing)
O23 - Service: Gatewaytjeneste til programlaget ALGuploadmgr (ALGuploadmgr) - Unknown owner - D:\WINDOWS\System32\a3dj.exe (file missing)
O23 - Service: Antiy live update (Alive Auto-Update Service) - Unknown owner - D:\Programmer\Antiy Labs\Alive\ALiveCenter.exe
O23 - Service: AVG Anti-Spyware Guard - Anti-Malware Development a.s. - D:\Programmer\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: Canon Camera Access Library 8 (CCALib8) - Canon Inc. - D:\Programmer\Canon\CAL\CALMAIN.exe
O23 - Service: Hændelseslog EventlogNla (EventlogNla) - Unknown owner - D:\WINDOWS\System32\advpackf.exe (file missing)
O23 - Service: Google Updater Service (gusvc) - Google - D:\Programmer\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - D:\Programmer\Fælles filer\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: COM-tjenesten IMAPI cd-skrivning ImapiServiceALG (ImapiServiceALG) - Unknown owner - D:\WINDOWS\System32\1031l.exe (file missing)
O23 - Service: iPod Service - Apple Computer, Inc. - D:\Programmer\iPod\bin\iPodService.exe
O23 - Service: Messenger MessengerSSDPSRV (MessengerSSDPSRV) - Unknown owner - D:\WINDOWS\System32\advapi32b.exe (file missing)
O23 - Service: NetMeeting - Deling af fjernskrivebord mnmsrvcUMWdf (mnmsrvcUMWdf) - Unknown owner - D:\WINDOWS\System32\1037d.exe
O23 - Service: Network DDE DSDM NetDDEdsdmMessengerSSDPSRV (NetDDEdsdmMessengerSSDPSRV) - Unknown owner - D:\WINDOWS\System32\activedsph.exe (file missing)
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - D:\WINDOWS\System32\nvsvc32.exe
O23 - Service: NVIDIA Display Driver Service NVSvcMSIServer (NVSvcMSIServer) - Unknown owner - D:\WINDOWS\System32\1031p.exe (file missing)
O23 - Service: Office Source Engine oseose (oseose) - Unknown owner - D:\WINDOWS\System32\147657854r.exe (file missing)
O23 - Service: PC-cillin PersonalFirewall (PCCPFW) - Trend Micro Inc. - D:\Programmer\Trend Micro\PC-cillin 2002\PCCPFW.exe
O23 - Service: Chipkort SCardSvrose (SCardSvrose) - Unknown owner - D:\WINDOWS\System32\activedsp.exe (file missing)
O23 - Service: Firewall til Internetforbindelse / Deling af Internetforbindelse SharedAccesswinmgmt (SharedAccesswinmgmt) - Unknown owner - D:\WINDOWS\System32\1033d.exe (file missing)
O23 - Service: Trend NT Realtime Service (Tmntsrv) - Trend Micro Inc. - D:\Programmer\Trend Micro\PC-cillin 2002\Tmntsrv.exe

--
End of file - 11746 bytes

Synes godt om

fromsej Praktikant

26. december 2007 - 10:29 #1

Netbank og fildeling, modig mand vil jeg sige.
Umiddelbart vil jeg sige www.helgec.dk/killdisk.html og forfra, denne gang med Servicepack 2 installeret inden den går på nettet.

Vi kan prøve om vi kan rense den, så skal du følge hele vejledningen i denne artikel:
http://www.eksperten.dk/artikler/1123

Synes godt om

Computer Hjælp (Gratis) Mester

26. december 2007 - 12:22 #2

SUK ...
... den er en kandidat til top 10 listen indenfor skrækeksempler ...

Også herfra -> Det er en OMMER...

Synes godt om

Jensen DK Novice

26. december 2007 - 14:14 #3

Utrogeligt at der stadig findes nogen der er så modig.

Synes godt om

Jensen DK Novice

26. december 2007 - 14:17 #4

http://www.eksperten.dk/spm/803084
Se her han har prøvet det før, uden at blive klogere.

Synes godt om

djgreg Nybegynder

26. december 2007 - 15:16 #5

wow folk er søde. Jeg klarer den selv med fromsejs vejledning. Servicepacken er sat til, jeg troede den skulle downloades, men nu så jeg på microsofts hjemmeside at den bare skulle sættes til.

Synes godt om

Computer Hjælp (Gratis) Mester

26. december 2007 - 16:15 #6

Jamen det gælder vi os da til *S*
"...Servicepacken er sat til...den bare skulle sættes til..." - hvordan skal det forståes ?

Der er mindste ti (10) Uønskede elementer ifølge ovenstående log + dem som ikke umiddelbart viser sig med en HiJackThis Log ...
Men det har du vist fået at vide før ? Ref.: http://www.eksperten.dk/spm/803084 ...

Synes godt om

djgreg Nybegynder

26. december 2007 - 17:56 #7

Kan du ikke sige hvilke det er i stedet? Du er ikke til særlig megen hjælp, kun til hån. Konstant. Gider du ikke lade folk som gider hjælpe skrive til mig i stedet?

Synes godt om

Computer Hjælp (Gratis) Mester

26. december 2007 - 18:15 #8

http://www.eksperten.dk/artikler/1123

Synes godt om

fromsej Praktikant

27. december 2007 - 14:08 #9

Kommer der nogle logfiler?

Synes godt om

djgreg Nybegynder

27. december 2007 - 20:10 #10

Ja, har lige afinstalleret bearshare, så vidt jeg kan se. Sig hvis den stadig er der, og så har jeg endelig kørt scannerne helt igenne. Min computer blev ved med at genstarte, så var nødt til at starte og forfra igen og igen, og nu kørte jeg dem så i fejlsikret. Sætter det ind her snart

Synes godt om

djgreg Nybegynder

28. december 2007 - 09:59 #11

Årh, ret så irriterende dette. Jeg havde unde min første scanning af superantispyware ikke opdateret scanneren, og det gjorde jeg dermed. Så fandt den en masse som jeg så slettede. Derefter ville jeg lave nye logfiler med hjt, rootcheck osv., men de vil nu slet ikke åbne. Til gengæld er computeren blevet en del bedre efter scanningen med superantispyware

Synes godt om

fromsej Praktikant

28. december 2007 - 10:22 #12

Den vigtigste er Combofix.
Prøv om du kan få den til at køre, evt i fejlsikret.

Synes godt om

djgreg Nybegynder

28. december 2007 - 15:39 #13

Combofix vil ikke åbne. Heller ikke i fejlsikret. Nettet går også ned regelmæssigt. Og når jeg kører i normal tilstand genstarter den tit pludselig hvor der står "windows lukkes", og så lukker den alle programmerne. Jeg vedlægger lige den nyeste hjt-log efter diverse ting er kørt igennem.

Logfile of HijackThis v1.99.1
Scan saved at 15:39, on 2007-12-28
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
D:\WINDOWS\System32\smss.exe
D:\WINDOWS\system32\csrss.exe
D:\WINDOWS\system32\winlogon.exe
D:\WINDOWS\system32\services.exe
D:\WINDOWS\system32\savedump.exe
D:\WINDOWS\system32\lsass.exe
D:\WINDOWS\system32\svchost.exe
D:\WINDOWS\System32\svchost.exe
D:\WINDOWS\System32\svchost.exe
D:\WINDOWS\System32\svchost.exe
D:\WINDOWS\Explorer.EXE
D:\Programmer\Internet Explorer\IEXPLORE.EXE
D:\Programmer\Internet Explorer\IEXPLORE.EXE
D:\Programmer\Mozilla Firefox\firefox.exe
D:\André\André\Musik\alternativ.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Hyperlinks
F2 - REG:system.ini: UserInit=D:\WINDOWS\system32\userinit.exe,D:\WINDOWS\System32\ntos.exe,
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - D:\Programmer\Java\jre1.5.0_10\bin\ssv.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - d:\programmer\google\googletoolbar1.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - D:\WINDOWS\System32\msdxm.ocx
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - d:\programmer\google\googletoolbar1.dll
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE D:\WINDOWS\System32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE D:\WINDOWS\System32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [iTunesHelper] "D:\Programmer\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [QuickTime Task] "D:\Programmer\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKLM\..\Run: [taskmon] D:\WINDOWS\taskmon.exe
O4 - HKLM\..\Run: [Medichi] medichi.exe
O4 - HKLM\..\Run: [Medichi2] medichi2.exe
O4 - HKCU\..\Run: [msnmsgr] "D:\Programmer\MSN Messenger\msnmsgr.exe" /background
O4 - Startup: ClickOff.lnk = D:\Programmer\ClickOff\Clickoff.exe
O7 - HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\System, DisableRegedit=1
O7 - HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\System, DisableRegedit=1
O8 - Extra context menu item: Add to AMV Convert Tool... - D:\Programmer\MP3 Player Utilities 3.79\AMVConverter\grab.html
O8 - Extra context menu item: E&ksporter til Microsoft Excel - res://D:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: MediaManager tool grab multimedia file - D:\Programmer\MP3 Player Utilities 3.79\MediaManager\grab.html
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - D:\Programmer\Java\jre1.5.0_10\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - D:\Programmer\Java\jre1.5.0_10\bin\ssv.dll
O9 - Extra button: Opret Foretrukken på mobil enhed - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - D:\Programmer\Microsoft ActiveSync\inetrepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - D:\Programmer\Microsoft ActiveSync\inetrepl.dll
O9 - Extra 'Tools' menuitem: Opret Foretrukken på mobil enhed... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - D:\Programmer\Microsoft ActiveSync\inetrepl.dll
O9 - Extra button: Opslag - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - D:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - D:\WINDOWS\System32\shdocvw.dll
O9 - Extra 'Tools' menuitem: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - D:\WINDOWS\System32\shdocvw.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - D:\Programmer\Messenger\MSMSGS.EXE
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - D:\Programmer\Messenger\MSMSGS.EXE
O12 - Plugin for .spop: D:\Programmer\Internet Explorer\Plugins\NPDocBox.dll
O16 - DPF: {029FDBA6-3547-11D7-AA4C-0050BF051A00} (Rawflow ICD Client) - http://downol.dr.dk/download/netradio/Rawflow.cab
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab31267.cab
O16 - DPF: {3D2CB570-D425-11D5-ABD0-00008369C46F} (CSMenu Class) - https://netbank.bgbank.dk/html/activex/BG/Menu.cab
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx2.hotmail.com/mail/w2/resources/MSNPUpld.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1133301966077
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab31267.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O16 - DPF: {D216644A-C6DB-49D9-BBCF-D38FE7991BF2} (Util Class) - https://udstedelse.certifikat.tdc.dk/csp/authenticode/tdccsp-0506.exe
O16 - DPF: {D8575CE3-3432-4540-88A9-85A1325D3375} (e-Safekey) - https://netbank.bgbank.dk/html/activex/e-Safekey/BG/e-Safekey.cab
O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab56986.cab
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - D:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - D:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O20 - AppInit_DLLs: murka.dat
O20 - Winlogon Notify: !SASWinLogon - D:\Programmer\SUPERAntiSpyware\SASWINLO.dll
O20 - Winlogon Notify: botreg - D:\Documents and Settings\All Users\Dokumenter\Settings\bot.dll (file missing)
O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft AB - D:\Programmer\Lavasoft\Ad-Aware 2007\aawservice.exe
O23 - Service: Gatewaytjeneste til programlaget (ALG) - Unknown owner - cmd.exe (file missing)
O23 - Service: Gatewaytjeneste til programlaget ALGuploadmgr (ALGuploadmgr) - Unknown owner - D:\WINDOWS\System32\a3dj.exe (file missing)
O23 - Service: Antiy live update (Alive Auto-Update Service) - Unknown owner - D:\Programmer\Antiy Labs\Alive\ALiveCenter.exe
O23 - Service: AVG Anti-Spyware Guard - Anti-Malware Development a.s. - D:\Programmer\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: Canon Camera Access Library 8 (CCALib8) - Canon Inc. - D:\Programmer\Canon\CAL\CALMAIN.exe
O23 - Service: Hændelseslog EventlogNla (EventlogNla) - Unknown owner - D:\WINDOWS\System32\advpackf.exe (file missing)
O23 - Service: Google Updater Service (gusvc) - Google - D:\Programmer\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - D:\Programmer\Fælles filer\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: COM-tjenesten IMAPI cd-skrivning ImapiServiceALG (ImapiServiceALG) - Unknown owner - D:\WINDOWS\System32\1031l.exe (file missing)
O23 - Service: iPod Service - Apple Computer, Inc. - D:\Programmer\iPod\bin\iPodService.exe
O23 - Service: Messenger MessengerSSDPSRV (MessengerSSDPSRV) - Unknown owner - D:\WINDOWS\System32\advapi32b.exe (file missing)
O23 - Service: Network DDE DSDM NetDDEdsdmMessengerSSDPSRV (NetDDEdsdmMessengerSSDPSRV) - Unknown owner - D:\WINDOWS\System32\activedsph.exe (file missing)
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - D:\WINDOWS\System32\nvsvc32.exe
O23 - Service: NVIDIA Display Driver Service NVSvcMSIServer (NVSvcMSIServer) - Unknown owner - D:\WINDOWS\System32\1031p.exe (file missing)
O23 - Service: Office Source Engine oseose (oseose) - Unknown owner - D:\WINDOWS\System32\147657854r.exe (file missing)
O23 - Service: PC-cillin PersonalFirewall (PCCPFW) - Trend Micro Inc. - D:\Programmer\Trend Micro\PC-cillin 2002\PCCPFW.exe
O23 - Service: Chipkort SCardSvrose (SCardSvrose) - Unknown owner - D:\WINDOWS\System32\activedsp.exe (file missing)
O23 - Service: Firewall til Internetforbindelse / Deling af Internetforbindelse SharedAccesswinmgmt (SharedAccesswinmgmt) - Unknown owner - D:\WINDOWS\System32\1033d.exe (file missing)
O23 - Service: Trend NT Realtime Service (Tmntsrv) - Trend Micro Inc. - D:\Programmer\Trend Micro\PC-cillin 2002\Tmntsrv.exe

Synes godt om

fromsej Praktikant

28. december 2007 - 17:04 #14

Klik på Start->Kør skriv Services.msc og klik OK.
Find nedenstående >>Tjenester<< stop dem hvis de kører, højreklik på dem, klik på Egenskaber og vælg Starttype Deaktiveret.
Det skal du gøre enkeltvis.

>>
Gatewaytjeneste til programlaget ALGuploadmgr
Hændelseslog EventlogNla (EventlogNla)
COM-tjenesten IMAPI cd-skrivning ImapiServiceALG (ImapiServiceALG)
Messenger MessengerSSDPSRV (MessengerSSDPSRV)
Network DDE DSDM NetDDEdsdmMessengerSSDPSRV (NetDDEdsdmMessengerSSDPSRV)
NVIDIA Display Driver Service NVSvcMSIServer (NVSvcMSIServer)
Office Source Engine oseose (oseose)
Chipkort SCardSvrose (SCardSvrose)
Firewall til Internetforbindelse / Deling af Internetforbindelse SharedAccesswinmgmt (SharedAccesswinmgmt)
<<

-- Hent Avenger her:
http://swandog46.geekstogo.com/avenger.zip

-- Pak Avenger-programmet ud og dobbeltklik på avenger.exe

-- Sæt en prik i "Input Script Manually" og klik på Luppen - nu dukker der et lille vindue op, hvor du skal kopiere HELE indholdet mellem ~~~ linierne ind:

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Files to delete:
D:\WINDOWS\System32\ntos.exe
D:\WINDOWS\taskmon.exe
D:\WINDOWS\medichi.exe
D:\WINDOWS\medichi2.exe
D:\WINDOWS\murka.dat
"D:\Documents and Settings\All Users\Dokumenter\Settings\bot.dll"
D:\WINDOWS\System32\a3dj.exe
D:\WINDOWS\System32\advpackf.exe
D:\WINDOWS\System32\1031l.exe
D:\WINDOWS\System32\advapi32b.exe
D:\WINDOWS\System32\activedsph.exe
D:\WINDOWS\System32\1031p.exe
D:\WINDOWS\System32\147657854r.exe
D:\WINDOWS\System32\activedsp.exe
D:\WINDOWS\System32\1033d.exe
Folders to delete:
D:\Programmer\ClickOff
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

-- Klik på Trafiklyset i Avenger. Programmet vil opfordre dig til at genstarte computeren straks, hvilket du skal gøre. Programmet vil lukke din computer, slette filerne og starte computeren igen.

-- Efter genstarten vil der dukke et notepad-vindue op, med en log for Avengers handlinger. Den må du gerne lægge ind i dit næste svar.

-- Kør Hijackthis, vælg "Do a system scan only", sæt flueben ved linierne listet her, luk alle vinduer undtaget Hijackthis, klik på fix checked.

F2 - REG:system.ini: UserInit=D:\WINDOWS\system32\userinit.exe,D:\WINDOWS\System32\ntos.exe,
O4 - HKLM\..\Run: [taskmon] D:\WINDOWS\taskmon.exe
O4 - HKLM\..\Run: [Medichi] medichi.exe
O4 - HKLM\..\Run: [Medichi2] medichi2.exe
O4 - Startup: ClickOff.lnk = D:\Programmer\ClickOff\Clickoff.exe
O7 - HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\System, DisableRegedit=1
O7 - HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\System, DisableRegedit=1
O20 - AppInit_DLLs: murka.dat
O20 - Winlogon Notify: botreg - D:\Documents and Settings\All Users\Dokumenter\Settings\bot.dll (file missing)

Genstart computeren, og lav en ny log med Hijackthis, som du lægger herind sammen med loggen fra Avenger.
Se om Combofix vil nu, hvis ikke så prøv fra fejlsikret, det er vores bedste chance.

Synes godt om

djgreg Nybegynder

28. december 2007 - 21:33 #15

Okay, altså. Da jeg havde kørt avenger trykkede jeg på X'et, og troede den automatisk ville spåørge mig om jeg ville gemme, men det gjorde den ikke. Derfor kørte jeg den igen og gemte den log. Jeg ved ikk om det hjælper, og HJT loggen er der også. De 2 07'er kunne jeg ikke finde.

Logfile of The Avenger version 1, by Swandog46
Running from registry key:
\Registry\Machine\System\CurrentControlSet\Services\ykpumuaf

*******************

Script file located at: \??\D:\WINDOWS\System32\havvakou.txt
Script file opened successfully.

Script file read successfully

Backups directory opened successfully at D:\Avenger

*******************

Beginning to process script file:

File D:\WINDOWS\System32\ntos.exe not found!
Deletion of file D:\WINDOWS\System32\ntos.exe failed!

Could not process line:
D:\WINDOWS\System32\ntos.exe
Status: 0xc0000034

File D:\WINDOWS\taskmon.exe not found!
Deletion of file D:\WINDOWS\taskmon.exe failed!

Could not process line:
D:\WINDOWS\taskmon.exe
Status: 0xc0000034

File D:\WINDOWS\medichi.exe deleted successfully.
File D:\WINDOWS\medichi2.exe deleted successfully.
File D:\WINDOWS\murka.dat deleted successfully.

File D:\Documents and Settings\All Users\Dokumenter\Settings\bot.dll not found!
Deletion of file D:\Documents and Settings\All Users\Dokumenter\Settings\bot.dll failed!

Could not process line:
D:\Documents and Settings\All Users\Dokumenter\Settings\bot.dll
Status: 0xc0000034

File D:\WINDOWS\System32\a3dj.exe not found!
Deletion of file D:\WINDOWS\System32\a3dj.exe failed!

Could not process line:
D:\WINDOWS\System32\a3dj.exe
Status: 0xc0000034

File D:\WINDOWS\System32\advpackf.exe not found!
Deletion of file D:\WINDOWS\System32\advpackf.exe failed!

Could not process line:
D:\WINDOWS\System32\advpackf.exe
Status: 0xc0000034

File D:\WINDOWS\System32\1031l.exe not found!
Deletion of file D:\WINDOWS\System32\1031l.exe failed!

Could not process line:
D:\WINDOWS\System32\1031l.exe
Status: 0xc0000034

File D:\WINDOWS\System32\advapi32b.exe not found!
Deletion of file D:\WINDOWS\System32\advapi32b.exe failed!

Could not process line:
D:\WINDOWS\System32\advapi32b.exe
Status: 0xc0000034

File D:\WINDOWS\System32\activedsph.exe not found!
Deletion of file D:\WINDOWS\System32\activedsph.exe failed!

Could not process line:
D:\WINDOWS\System32\activedsph.exe
Status: 0xc0000034

File D:\WINDOWS\System32\1031p.exe not found!
Deletion of file D:\WINDOWS\System32\1031p.exe failed!

Could not process line:
D:\WINDOWS\System32\1031p.exe
Status: 0xc0000034

File D:\WINDOWS\System32\147657854r.exe not found!
Deletion of file D:\WINDOWS\System32\147657854r.exe failed!

Could not process line:
D:\WINDOWS\System32\147657854r.exe
Status: 0xc0000034

File D:\WINDOWS\System32\activedsp.exe not found!
Deletion of file D:\WINDOWS\System32\activedsp.exe failed!

Could not process line:
D:\WINDOWS\System32\activedsp.exe
Status: 0xc0000034

File D:\WINDOWS\System32\1033d.exe not found!
Deletion of file D:\WINDOWS\System32\1033d.exe failed!

Could not process line:
D:\WINDOWS\System32\1033d.exe
Status: 0xc0000034

Folder D:\Programmer\ClickOff not found!
Deletion of folder D:\Programmer\ClickOff failed!

Could not process line:
D:\Programmer\ClickOff
Status: 0xc0000034

Completed script processing.

*******************

Finished! Terminate.

---------------------------------

Logfile of HijackThis v1.99.1
Scan saved at 21:33, on 2007-12-28
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
D:\WINDOWS\System32\smss.exe
D:\WINDOWS\system32\winlogon.exe
D:\WINDOWS\system32\services.exe
D:\WINDOWS\system32\lsass.exe
D:\WINDOWS\system32\svchost.exe
D:\WINDOWS\System32\svchost.exe
D:\WINDOWS\system32\spoolsv.exe
D:\WINDOWS\Explorer.EXE
D:\Programmer\Antiy Labs\Alive\ALiveCenter.exe
D:\Programmer\iTunes\iTunesHelper.exe
D:\Programmer\QuickTime\qttask.exe
D:\WINDOWS\medichi.exe
D:\WINDOWS\medichi2.exe
D:\WINDOWS\medichi2.exe
D:\Programmer\MSN Messenger\msnmsgr.exe
D:\Programmer\Fælles filer\Microsoft Shared\VS7DEBUG\MDM.EXE
D:\WINDOWS\System32\svchost.exe
D:\WINDOWS\System32\nvsvc32.exe
D:\WINDOWS\System32\svchost.exe
D:\Programmer\Trend Micro\PC-cillin 2002\Tmntsrv.exe
D:\WINDOWS\System32\MsPMSPSv.exe
D:\Programmer\Canon\CAL\CALMAIN.exe
D:\Programmer\Trend Micro\PC-cillin 2002\PCCPFW.exe
D:\Programmer\Mozilla Firefox\firefox.exe
D:\Programmer\iPod\bin\iPodService.exe
D:\Programmer\MSN Messenger\usnsvc.exe
D:\WINDOWS\System32\wuauclt.exe
D:\Programmer\Internet Explorer\IEXPLORE.EXE
D:\Programmer\Internet Explorer\IEXPLORE.EXE
D:\André\André\Musik\alternativ.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Hyperlinks
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - D:\Programmer\Java\jre1.5.0_10\bin\ssv.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - d:\programmer\google\googletoolbar1.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - D:\WINDOWS\System32\msdxm.ocx
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - d:\programmer\google\googletoolbar1.dll
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE D:\WINDOWS\System32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE D:\WINDOWS\System32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [iTunesHelper] "D:\Programmer\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [QuickTime Task] "D:\Programmer\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKLM\..\Run: [kcbtaxcf] D:\mgbdrlta.bat
O4 - HKLM\..\Run: [ysvcvcji] D:\yvyalyqf.bat
O4 - HKCU\..\Run: [msnmsgr] "D:\Programmer\MSN Messenger\msnmsgr.exe" /background
O7 - HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\System, DisableRegedit=1
O7 - HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\System, DisableRegedit=1
O8 - Extra context menu item: Add to AMV Convert Tool... - D:\Programmer\MP3 Player Utilities 3.79\AMVConverter\grab.html
O8 - Extra context menu item: E&ksporter til Microsoft Excel - res://D:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: MediaManager tool grab multimedia file - D:\Programmer\MP3 Player Utilities 3.79\MediaManager\grab.html
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - D:\Programmer\Java\jre1.5.0_10\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - D:\Programmer\Java\jre1.5.0_10\bin\ssv.dll
O9 - Extra button: Opret Foretrukken på mobil enhed - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - D:\Programmer\Microsoft ActiveSync\inetrepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - D:\Programmer\Microsoft ActiveSync\inetrepl.dll
O9 - Extra 'Tools' menuitem: Opret Foretrukken på mobil enhed... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - D:\Programmer\Microsoft ActiveSync\inetrepl.dll
O9 - Extra button: Opslag - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - D:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - D:\WINDOWS\System32\shdocvw.dll
O9 - Extra 'Tools' menuitem: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - D:\WINDOWS\System32\shdocvw.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - D:\Programmer\Messenger\MSMSGS.EXE
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - D:\Programmer\Messenger\MSMSGS.EXE
O12 - Plugin for .spop: D:\Programmer\Internet Explorer\Plugins\NPDocBox.dll
O16 - DPF: {029FDBA6-3547-11D7-AA4C-0050BF051A00} (Rawflow ICD Client) - http://downol.dr.dk/download/netradio/Rawflow.cab
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab31267.cab
O16 - DPF: {3D2CB570-D425-11D5-ABD0-00008369C46F} (CSMenu Class) - https://netbank.bgbank.dk/html/activex/BG/Menu.cab
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx2.hotmail.com/mail/w2/resources/MSNPUpld.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1133301966077
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab31267.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O16 - DPF: {D216644A-C6DB-49D9-BBCF-D38FE7991BF2} (Util Class) - https://udstedelse.certifikat.tdc.dk/csp/authenticode/tdccsp-0506.exe
O16 - DPF: {D8575CE3-3432-4540-88A9-85A1325D3375} (e-Safekey) - https://netbank.bgbank.dk/html/activex/e-Safekey/BG/e-Safekey.cab
O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab56986.cab
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - D:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - D:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O20 - AppInit_DLLs: murka.dat
O20 - Winlogon Notify: !SASWinLogon - D:\Programmer\SUPERAntiSpyware\SASWINLO.dll
O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft AB - D:\Programmer\Lavasoft\Ad-Aware 2007\aawservice.exe
O23 - Service: Gatewaytjeneste til programlaget (ALG) - Unknown owner - cmd.exe (file missing)
O23 - Service: Antiy live update (Alive Auto-Update Service) - Unknown owner - D:\Programmer\Antiy Labs\Alive\ALiveCenter.exe
O23 - Service: AVG Anti-Spyware Guard - Anti-Malware Development a.s. - D:\Programmer\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: Canon Camera Access Library 8 (CCALib8) - Canon Inc. - D:\Programmer\Canon\CAL\CALMAIN.exe
O23 - Service: Google Updater Service (gusvc) - Google - D:\Programmer\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - D:\Programmer\Fælles filer\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Computer, Inc. - D:\Programmer\iPod\bin\iPodService.exe
O23 - Service: NetMeeting - Deling af fjernskrivebord mnmsrvcUMWdf (mnmsrvcUMWdf) - Unknown owner - D:\WINDOWS\System32\1037d.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - D:\WINDOWS\System32\nvsvc32.exe
O23 - Service: PC-cillin PersonalFirewall (PCCPFW) - Trend Micro Inc. - D:\Programmer\Trend Micro\PC-cillin 2002\PCCPFW.exe
O23 - Service: Trend NT Realtime Service (Tmntsrv) - Trend Micro Inc. - D:\Programmer\Trend Micro\PC-cillin 2002\Tmntsrv.exe

Synes godt om

djgreg Nybegynder

28. december 2007 - 21:34 #16

Hov, jeg var blind et øjeblik. Nu fandt jeg de de 0 7'ere. Her er en ny log til HJT

Logfile of HijackThis v1.99.1
Scan saved at 21:34, on 2007-12-28
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
D:\WINDOWS\System32\smss.exe
D:\WINDOWS\system32\winlogon.exe
D:\WINDOWS\system32\services.exe
D:\WINDOWS\system32\lsass.exe
D:\WINDOWS\system32\svchost.exe
D:\WINDOWS\System32\svchost.exe
D:\WINDOWS\system32\spoolsv.exe
D:\WINDOWS\Explorer.EXE
D:\Programmer\Antiy Labs\Alive\ALiveCenter.exe
D:\Programmer\iTunes\iTunesHelper.exe
D:\Programmer\QuickTime\qttask.exe
D:\WINDOWS\medichi.exe
D:\WINDOWS\medichi2.exe
D:\WINDOWS\medichi2.exe
D:\Programmer\MSN Messenger\msnmsgr.exe
D:\Programmer\Fælles filer\Microsoft Shared\VS7DEBUG\MDM.EXE
D:\WINDOWS\System32\svchost.exe
D:\WINDOWS\System32\nvsvc32.exe
D:\WINDOWS\System32\svchost.exe
D:\Programmer\Trend Micro\PC-cillin 2002\Tmntsrv.exe
D:\WINDOWS\System32\MsPMSPSv.exe
D:\Programmer\Canon\CAL\CALMAIN.exe
D:\Programmer\Trend Micro\PC-cillin 2002\PCCPFW.exe
D:\Programmer\Mozilla Firefox\firefox.exe
D:\Programmer\iPod\bin\iPodService.exe
D:\Programmer\MSN Messenger\usnsvc.exe
D:\WINDOWS\System32\wuauclt.exe
D:\Programmer\Internet Explorer\IEXPLORE.EXE
D:\Programmer\Internet Explorer\IEXPLORE.EXE
D:\André\André\Musik\alternativ.exe
D:\WINDOWS\system32\NOTEPAD.EXE

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Hyperlinks
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - D:\Programmer\Java\jre1.5.0_10\bin\ssv.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - d:\programmer\google\googletoolbar1.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - D:\WINDOWS\System32\msdxm.ocx
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - d:\programmer\google\googletoolbar1.dll
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE D:\WINDOWS\System32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE D:\WINDOWS\System32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [iTunesHelper] "D:\Programmer\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [QuickTime Task] "D:\Programmer\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKLM\..\Run: [kcbtaxcf] D:\mgbdrlta.bat
O4 - HKLM\..\Run: [ysvcvcji] D:\yvyalyqf.bat
O4 - HKCU\..\Run: [msnmsgr] "D:\Programmer\MSN Messenger\msnmsgr.exe" /background
O8 - Extra context menu item: Add to AMV Convert Tool... - D:\Programmer\MP3 Player Utilities 3.79\AMVConverter\grab.html
O8 - Extra context menu item: E&ksporter til Microsoft Excel - res://D:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: MediaManager tool grab multimedia file - D:\Programmer\MP3 Player Utilities 3.79\MediaManager\grab.html
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - D:\Programmer\Java\jre1.5.0_10\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - D:\Programmer\Java\jre1.5.0_10\bin\ssv.dll
O9 - Extra button: Opret Foretrukken på mobil enhed - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - D:\Programmer\Microsoft ActiveSync\inetrepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - D:\Programmer\Microsoft ActiveSync\inetrepl.dll
O9 - Extra 'Tools' menuitem: Opret Foretrukken på mobil enhed... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - D:\Programmer\Microsoft ActiveSync\inetrepl.dll
O9 - Extra button: Opslag - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - D:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - D:\WINDOWS\System32\shdocvw.dll
O9 - Extra 'Tools' menuitem: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - D:\WINDOWS\System32\shdocvw.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - D:\Programmer\Messenger\MSMSGS.EXE
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - D:\Programmer\Messenger\MSMSGS.EXE
O12 - Plugin for .spop: D:\Programmer\Internet Explorer\Plugins\NPDocBox.dll
O16 - DPF: {029FDBA6-3547-11D7-AA4C-0050BF051A00} (Rawflow ICD Client) - http://downol.dr.dk/download/netradio/Rawflow.cab
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab31267.cab
O16 - DPF: {3D2CB570-D425-11D5-ABD0-00008369C46F} (CSMenu Class) - https://netbank.bgbank.dk/html/activex/BG/Menu.cab
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx2.hotmail.com/mail/w2/resources/MSNPUpld.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1133301966077
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab31267.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O16 - DPF: {D216644A-C6DB-49D9-BBCF-D38FE7991BF2} (Util Class) - https://udstedelse.certifikat.tdc.dk/csp/authenticode/tdccsp-0506.exe
O16 - DPF: {D8575CE3-3432-4540-88A9-85A1325D3375} (e-Safekey) - https://netbank.bgbank.dk/html/activex/e-Safekey/BG/e-Safekey.cab
O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab56986.cab
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - D:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - D:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O20 - AppInit_DLLs: murka.dat
O20 - Winlogon Notify: !SASWinLogon - D:\Programmer\SUPERAntiSpyware\SASWINLO.dll
O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft AB - D:\Programmer\Lavasoft\Ad-Aware 2007\aawservice.exe
O23 - Service: Gatewaytjeneste til programlaget (ALG) - Unknown owner - cmd.exe (file missing)
O23 - Service: Antiy live update (Alive Auto-Update Service) - Unknown owner - D:\Programmer\Antiy Labs\Alive\ALiveCenter.exe
O23 - Service: AVG Anti-Spyware Guard - Anti-Malware Development a.s. - D:\Programmer\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: Canon Camera Access Library 8 (CCALib8) - Canon Inc. - D:\Programmer\Canon\CAL\CALMAIN.exe
O23 - Service: Google Updater Service (gusvc) - Google - D:\Programmer\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - D:\Programmer\Fælles filer\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Computer, Inc. - D:\Programmer\iPod\bin\iPodService.exe
O23 - Service: NetMeeting - Deling af fjernskrivebord mnmsrvcUMWdf (mnmsrvcUMWdf) - Unknown owner - D:\WINDOWS\System32\1037d.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - D:\WINDOWS\System32\nvsvc32.exe
O23 - Service: PC-cillin PersonalFirewall (PCCPFW) - Trend Micro Inc. - D:\Programmer\Trend Micro\PC-cillin 2002\PCCPFW.exe
O23 - Service: Trend NT Realtime Service (Tmntsrv) - Trend Micro Inc. - D:\Programmer\Trend Micro\PC-cillin 2002\Tmntsrv.exe

Synes godt om

djgreg Nybegynder

28. december 2007 - 22:10 #17

I øvrigt får jeg regelmæssigt denne meddelelse:

-----------

Windows Security Alert

Warning! Potential Spyware Operation!
Your computer is making unauthorized copies of your system and Internet files. Run full scan now to prevent any unauthorized access to your files! Clich here to download Spyware Remover.

-----------

Jeg har selvfølgelig ikke klikket der.
Internettet har i øvrigt virker fint siden jeg fjernede tingene i HJT

Synes godt om

fromsej Praktikant

28. december 2007 - 22:16 #18

Der kommer bare mere skidt frem.
Prøvede du Combofix, evt. i fejlsikret?

Download http://siri.urz.free.fr/Fix/SmitfraudFix.exe (by S!Ri)
Eller her:
http://72.232.135.12/siri/SmitfraudFix.exe
Til roden af C:drevet

Genstart i fejlsikret tilstand, hvis du ikke ved hvordan så kig her:
http://www.ctrlaltdel.dk/forum/forum_posts.asp?TID=23&PN=1

Dobbeltklik på C:\Smitfraud exe. Vælg option #2 - Clean.
Det vil også checke om systemfilen wininet.dll er inficeret. Hvis den er det, vil du blive bedt om tilladelse til at erstatte den med en anden. Her skal du vælge "Yes", ved at taste "y".

Programmet bliver muligvis nødt til at genstarte undervejs. Herefter vil der dukke en liste med resultaterne af rensningen op . den kan findes her - C:\rapport.txt.
Kopiér denne liste ind i tråden sammen med en ny hijackthis log, prøv Combofix en gang til.

+++++++++++++++++++++++++++++++++++
process.exe er af nogen antivirus programmer betegnet "RiskTool".
Det er ikke en infektion, derimod et program til at stoppe system processer.

Synes godt om

djgreg Nybegynder

29. december 2007 - 18:06 #19

Jeg fik combo til at køre ved at køre den direkte fra downloadningskilden. Så nu har jeg alle logs'ne. Computeren føles rigtig god nu. Her kommer logs'ne.

ComboFix 07-12-21.4 - André 2007-12-29 17:15:08.4 - NTFSx86
Microsoft Windows XP Professional 5.1.2600.1.1252.1.1030.18.186 [GMT 1:00]
Running from: D:\Documents and Settings\André\Lokale indstillinger\Temporary Internet Files\Content.IE5\5GKZXL05\ComboFix[1].exe
* Created a new restore point
.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.

D:\_install.exe
D:\Documents and Settings\Andr‚\Application Data\Install.dat
D:\Documents and Settings\André\Application Data\install.dat
D:\Documents and Settings\André\Dokumenter\FNTS~1
D:\Documents and Settings\André\Dokumenter\FNTS~1\F?nts\
D:\Programmer\Fælles filer\PagingSYS.dll
D:\Programmer\inetget2
D:\Programmer\Microsoft Security Adviser
D:\Programmer\Temporary
D:\Programmer\WinAble
D:\WINDOWS\system32\3_exception.nls
D:\WINDOWS\system32\954125041.dll
D:\WINDOWS\system32\config\49897778.Evt
D:\WINDOWS\system32\drivers\secdrv.sys
D:\WINDOWS\system32\drivers\smtpdrv.sys
D:\WINDOWS\system32\drivers\STWB56.sys
D:\WINDOWS\system32\drivers\symavc32.sys
D:\WINDOWS\system32\kernelw.sys
D:\WINDOWS\system32\kernelwind32.exe
D:\WINDOWS\system32\kr_done1
D:\WINDOWS\system32\PagingSYS.sys
D:\WINDOWS\system32\shift.exe.exe
D:\WINDOWS\system32\vx.tll
D:\WINDOWS\system32\wsnpoem
D:\WINDOWS\system32\xpdx.sys
.
---- Previous Run -------
.
D:\Documents and Settings\Andr‚\Application Data\Microsoft\25319.dat
D:\Documents and Settings\Andr‚\temp.tpk
D:\Programmer\Microsoft Security Adviser
D:\Programmer\s2f.exe
D:\WINDOWS\avp.exe
D:\WINDOWS\bayxxx.ini
D:\WINDOWS\bck7.dat
D:\WINDOWS\Casino.ico
D:\WINDOWS\Downloaded Program Files\UDC6K_0001_D19M0509NetInstaller.exe
D:\WINDOWS\Free Online Dating.ico
D:\WINDOWS\kklopo.ini
D:\WINDOWS\msavsc.dll
D:\WINDOWS\msctrl.dll
D:\WINDOWS\msfw.dll
D:\WINDOWS\msiemon.dll
D:\WINDOWS\mssadv.dll
D:\WINDOWS\msscan.dll
D:\WINDOWS\nwan.dat
D:\WINDOWS\opolkk.dll
D:\WINDOWS\spoolzv.exe
D:\WINDOWS\Spyware Remover.ico
D:\WINDOWS\system32\3_exception.nls
D:\WINDOWS\system32\7295978141.dll
D:\WINDOWS\system32\away.exe.exe
D:\WINDOWS\system32\config\49883500.Evt
D:\WINDOWS\system32\dllh8jkd1q1.exe
D:\WINDOWS\system32\dllh8jkd1q2.exe
D:\WINDOWS\system32\dllh8jkd1q5.exe
D:\WINDOWS\system32\dllh8jkd1q6.exe
D:\WINDOWS\system32\dllh8jkd1q7.exe
D:\WINDOWS\system32\dllh8jkd1q8.exe
D:\WINDOWS\system32\drivers\Jwc47.sys
D:\WINDOWS\system32\drivers\symavc32.sys
D:\WINDOWS\system32\KB_963493.exe~
D:\WINDOWS\system32\KB18561603.exe
D:\WINDOWS\system32\KB21542167.exe
D:\WINDOWS\system32\KB66507128.exe
D:\WINDOWS\system32\KB93427757.exe
D:\WINDOWS\system32\KB93736873.exe
D:\WINDOWS\system32\kernelwind32.exe
D:\WINDOWS\system32\kr_done1
D:\WINDOWS\system32\ldpackage.dll
D:\WINDOWS\system32\m1ax1d1213216143v.exe
D:\WINDOWS\system32\max1d11643v.exe
D:\WINDOWS\system32\model.dat
D:\WINDOWS\system32\mstaskmgr.exe
D:\WINDOWS\system32\newmaxxsv234.exe
D:\WINDOWS\system32\noskrnl.sys
D:\WINDOWS\system32\RunOnce2.t__
D:\WINDOWS\system32\silc_dll.dll
D:\WINDOWS\system32\spoolsvv.exe
D:\WINDOWS\system32\spoolzv.sys
D:\WINDOWS\system32\spywarewarning.mht
D:\WINDOWS\system32\svcp.csv
D:\WINDOWS\system32\vedxg3am1et3.exe
D:\WINDOWS\system32\vedxg4am1et2.exe
D:\WINDOWS\system32\vedxg6ame4.exe
D:\WINDOWS\system32\vedxga1me4t1.exe
D:\WINDOWS\system32\vedxga3me2.exe
D:\WINDOWS\system32\vedxga4m1et4.exe
D:\WINDOWS\system32\vedxga4me1.exe
D:\WINDOWS\system32\vedxga5me3.exe
D:\WINDOWS\system32\vedxga8me6.exe
D:\WINDOWS\system32\vx.tll
D:\WINDOWS\system32\windbg___
D:\WINDOWS\system32\winsub.xml
D:\WINDOWS\system32\wmvds32.dll
D:\WINDOWS\system32\wsnpoem
D:\WINDOWS\system32\wsnpoem\audio.dll
D:\WINDOWS\system32\wsnpoem\video.dll
D:\WINDOWS\system32\xpdx.sys
D:\WINDOWS\system32runonce2.t__
D:\WINDOWS\system32runonce2.tm_
D:\WINDOWS\temp\107683925.exe
D:\WINDOWS\temp\1274712429.exe
D:\WINDOWS\temp\1357678677.exe
D:\WINDOWS\temp\1402909559.exe
D:\WINDOWS\temp\1419038757.exe
D:\WINDOWS\temp\1545735495.exe
D:\WINDOWS\temp\1593674485.exe
D:\WINDOWS\temp\1613416791.exe
D:\WINDOWS\temp\1614348887.exe
D:\WINDOWS\temp\1913324498.exe
D:\WINDOWS\temp\1997087655.exe
D:\WINDOWS\temp\203284647.exe
D:\WINDOWS\temp\2106097431.exe
D:\WINDOWS\temp\2209975931.exe
D:\WINDOWS\temp\2343220533.exe
D:\WINDOWS\temp\2472797357.exe
D:\WINDOWS\temp\2544509815.exe
D:\WINDOWS\temp\2592363159.exe
D:\WINDOWS\temp\2991035003.exe
D:\WINDOWS\temp\3255036051.exe
D:\WINDOWS\temp\330652653.exe
D:\WINDOWS\temp\3432585955.exe
D:\WINDOWS\temp\3472906107.exe
D:\WINDOWS\temp\3481073573.exe
D:\WINDOWS\temp\3860734021.exe
D:\WINDOWS\temp\4146485563.exe
D:\WINDOWS\temp\447634647.exe
D:\WINDOWS\temp\465744461.exe
D:\WINDOWS\temp\520205651.exe
D:\WINDOWS\temp\888171909.exe
D:\WINDOWS\temp\909547453.exe
D:\WINDOWS\temp\90995666.exe
D:\WINDOWS\xxxyab.dll

.
((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))

.
-------\LEGACY_ASC3550P
-------\LEGACY_DRIVER
-------\LEGACY_FCI
-------\LEGACY_KDI33
-------\LEGACY_NTIO256
-------\LEGACY_POOF
-------\LEGACY_RUNTIME
-------\Driver
-------\FCI
-------\kprof
-------\ntio256
-------\poof
-------\SysLibrary

-------\LEGACY_ASC3550F
-------\LEGACY_ASC3550P
-------\asc3550f
-------\asc3550p
-------\Kdi33
-------\SysLibrary

-------\LEGACY_PAGINGSYS
-------\asc3550f

-------\LEGACY_ASC3550P
-------\LEGACY_DRIVER
-------\LEGACY_NDISWON
-------\LEGACY_PAGINGSYS
-------\LEGACY_RUNTIME
-------\LEGACY_SMTPDRV
-------\LEGACY_STWB56
-------\asc3550f
-------\asc3550p
-------\NdisWon
-------\smtpdrv

((((((((((((((((((((((((( Files Created from 2007-11-28 to 2007-12-29 )))))))))))))))))))))))))))))))
.

2007-12-29 17:22 . 2007-12-29 17:22 0 --a------ D:\WINDOWS\system32\0_exception.nls
2007-12-27 20:01 . 2007-12-27 20:01 142,848 --a------ D:\WINDOWS\system32\drivers\Amlk65.sys
2007-12-27 20:01 . 2007-12-27 20:01 16,384 --a------ D:\WINDOWS\system32\users32.dat
2007-12-27 11:20 . 2007-12-27 11:20 142,848 --a------ D:\WINDOWS\system32\drivers\Dwq67.sys
2007-12-27 11:19 . 2007-12-28 21:22 9,216 --a------ D:\WINDOWS\medichi2.exe
2007-12-27 11:19 . 2007-12-29 17:20 6,144 --a------ D:\WINDOWS\murka.dat
2007-12-27 11:19 . 2007-12-28 21:22 4,608 --a------ D:\WINDOWS\medichi.exe
2007-12-27 11:16 . 2007-12-27 11:16 142,848 --a------ D:\WINDOWS\system32\drivers\Snub48.sys
2007-12-26 18:16 . 2007-12-26 18:16 142,848 --a------ D:\WINDOWS\system32\drivers\Ojc29.sys
2007-12-26 18:12 . 2007-12-29 09:05 21,760 --a------ D:\WINDOWS\Lor03.sys
2007-12-26 14:58 . 2007-12-26 14:58 <DIR> d-------- D:\Programmer\CCleaner
2007-12-26 14:33 . 2007-12-26 14:33 142,848 --a------ D:\WINDOWS\system32\drivers\Njes50.sys
2007-12-26 14:26 . 2007-12-26 14:26 142,848 --a------ D:\WINDOWS\system32\drivers\Fifw62.sys
2007-12-26 11:17 . 2007-12-27 15:27 16 --a------ D:\WINDOWS\system32\dllgh8jkd1q8.exe
2007-12-26 11:16 . 2007-12-26 11:16 142,848 --a------ D:\WINDOWS\system32\drivers\Hbk36.sys
2007-12-26 10:07 . 2007-12-26 10:07 142,848 --a------ D:\WINDOWS\system32\drivers\Blyh73.sys
2007-12-26 10:04 . 2007-12-28 21:01 13,760 --a------ D:\WINDOWS\system32\taskmon.sys
2007-12-26 09:58 . 2007-12-26 09:58 21,760 --a------ D:\WINDOWS\system32\drivers\Lor03.sys
2007-12-26 09:57 . 2007-12-26 09:57 142,848 --a------ D:\WINDOWS\system32\drivers\Qvn50.sys
2007-12-26 09:57 . 2007-12-26 09:57 129,664 --a------ D:\WINDOWS\system32\init_7a0e-6aff.sys
2007-12-26 09:57 . 2007-12-27 11:21 23,806 --a------ D:\WINDOWS\system32\init_sys.config
2007-12-25 19:17 . 2007-12-27 20:02 177 --a------ D:\WINDOWS\system32\winupdate.dat
2007-12-25 18:34 . 2007-12-26 17:32 517,120 --a--c--- D:\WINDOWS\system32\dllcache\winlogon.exe
2007-12-25 18:32 . 2007-12-25 18:32 53,248 --a------ D:\WINDOWS\system32\mstscex.dll
2007-12-25 18:32 . 2007-12-26 10:07 39,936 --a------ D:\WINDOWS\mrofinu27.exe.tmp
2007-12-25 18:32 . 2007-12-25 18:32 35,702 --a------ D:\WINDOWS\system32\dllgh8jkd1q2.exe
2007-12-25 18:32 . 2007-12-25 18:32 18,294 --a------ D:\WINDOWS\system32\dllgh8jkd1q7.exe
2007-12-25 18:32 . 2007-12-25 18:32 17,782 --a------ D:\WINDOWS\system32\dllgh8jkd1q6.exe
2007-12-25 18:32 . 2007-12-25 18:32 16,758 --a------ D:\WINDOWS\system32\dllgh8jkd1q5.exe
2007-12-25 18:32 . 2007-12-25 18:32 11,638 --a------ D:\WINDOWS\system32\dllgh8jkd1q1.exe
2007-12-25 17:49 . 2007-12-27 15:28 54,156 --ah----- D:\WINDOWS\QTFont.qfn
2007-12-25 17:49 . 2007-12-25 17:49 1,409 --a------ D:\WINDOWS\QTFont.for
2007-12-25 10:15 . 2007-12-25 10:20 29,184 --a------ D:\WINDOWS\system32\slx.exe???????????????????5
2007-12-25 10:15 . 2007-12-25 10:20 29,184 --a------ D:\WINDOWS\system32\slx.exe???????????????????4
2007-12-25 10:11 . 2007-12-25 10:20 29,184 --a------ D:\WINDOWS\system32\slx.exe???????????????????3
2007-12-25 10:11 . 2007-12-25 10:20 29,184 --a------ D:\WINDOWS\system32\slx.exe???????????????????2
2007-12-08 14:56 . 2002-12-12 00:14 1,798,144 --a------ D:\WINDOWS\system32\qedit.dll
2007-12-08 14:56 . 2002-12-12 00:14 1,798,144 --a--c--- D:\WINDOWS\system32\dllcache\qedit.dll

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2007-12-28 09:50 --------- d-----w D:\Programmer\SUPERAntiSpyware
2007-12-27 19:02 37,888 ----a-w D:\WINDOWS\system32\drivers\beep.sys
2007-12-27 11:17 --------- d-----w D:\Programmer\BearShare
2007-12-27 10:19 --------- d-----w D:\Programmer\QuickTime
2007-12-27 10:19 --------- d-----w D:\Programmer\MSN Messenger
2007-12-27 10:19 --------- d-----w D:\Programmer\iTunes
2007-12-08 14:02 --------- d-----w D:\Programmer\EA SPORTS
2007-11-01 21:27 --------- d-----w D:\Documents and Settings\All Users\Application Data\SUPERAntiSpyware.com
2007-11-01 21:25 --------- d-----w D:\Programmer\Fælles filer\Wise Installation Wizard
2007-10-28 13:05 355,072 ----a-w D:\WINDOWS\system32\drivers\tcpip.sys
2007-10-28 07:28 12,800 ----a-w D:\WINDOWS\system32\svchost.exe
2007-10-27 16:12 109,231 ----a-w D:\WINDOWS\system32\_install.exe
2007-10-27 16:12 109,231 ----a-w D:\WINDOWS\PCHEALTH\UploadLB\Binaries\_install.exe
2007-10-27 16:12 109,231 ----a-w D:\WINDOWS\PCHEALTH\HELPCTR\Binaries\_install.exe
2007-10-27 16:12 109,231 ----a-w D:\WINDOWS\inf\_install.exe
2007-10-27 16:12 109,231 ----a-w D:\WINDOWS\Help\Tours\mmTour\_install.exe
2007-10-27 16:12 109,231 ----a-w D:\WINDOWS\_install.exe
2007-10-27 16:12 109,231 ----a-w D:\Programmer\_install.exe
2004-07-29 20:38 93,386 -c--a-w D:\Programmer\filelist.txt
2003-10-08 01:00 614,456 -c--a-w D:\Programmer\00000001.016
2003-10-08 01:00 614,456 -c--a-w D:\Programmer\00000000.016
2003-10-08 01:00 41,472 -c--a-w D:\Programmer\DrvMgt.dll
2003-10-08 01:00 12,528 -c--a-w D:\Programmer\SECDRV.SYS
2003-10-08 01:00 1,228,856 -c--a-w D:\Programmer\00000001.256
2003-10-08 01:00 1,228,856 -c--a-w D:\Programmer\00000000.256
2003-10-07 19:03 14,775 -c--a-w D:\Programmer\config.dat
2003-10-03 02:59 23,558 -c--a-w D:\Programmer\fifapc.ico
2001-11-23 04:08 712,704 -c--a-w D:\WINDOWS\inf\OTHER\AUDIO3D.DLL
2007-05-15 11:35 31,552 --sh--r D:\WINDOWS\system32\1037d.exe
2007-07-03 21:16 56 --sh--r D:\WINDOWS\system32\F4AE630A3B.sys
2007-06-21 16:43 37 --sha-w D:\WINDOWS\system32\index.dat
2007-07-03 21:16 3,350 --sha-w D:\WINDOWS\system32\KGyGaAvL.sys
.
D:\WINDOWS\system32\drivers\tcpip.sys ... is infected !! (additional data below)
327,168 2001-10-09 12:00:00 D:\WINDOWS\$NtServicePackUninstall$\tcpip.sys
332,928 2002-08-28 23:58:12 D:\WINDOWS\ServicePackFiles\i386\tcpip.sys
355,072 2007-10-28 13:05:36 D:\WINDOWS\system32\drivers\tcpip.sys

-- Snapshot reset to current date --
.
((((((((((((((((((((((((((((((((((((((((((((( AWF ))))))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
----a-w 503,808 2003-09-07 18:41:26 D:\Programmer\Creative\Mouse Optical\bak\mouse_2k.exe
----a-w 0 2003-06-05 15:18:26 D:\Programmer\Creative\Mouse Optical\mouse_2k.exe

----a-w 109,231 2007-10-27 16:12:21 D:\Programmer\Creative\Mouse Optical\bak\_install.exe
----a-w 109,231 2007-10-27 16:12:21 D:\Programmer\Creative\Mouse Optical\_install.exe

------w 0 1601-01-01 00:00:00 D:\Programmer\Fµlles filer\Ahead\Lib\bak\

----a-w 256,576 2006-10-30 08:36:36 D:\Programmer\iTunes\bak\iTunesHelper.exe
----a-w 256,576 2007-12-27 10:16:32 D:\Programmer\iTunes\ituneshelper.exe

----a-w 109,231 2007-10-27 16:12:21 D:\Programmer\iTunes\bak\_install.exe
----a-w 109,231 2007-10-27 16:12:21 D:\Programmer\iTunes\_install.exe

----a-w 49,263 2006-11-09 14:07:30 D:\Programmer\Java\jre1.5.0_10\bin\bak\jusched.exe

----a-w 109,231 2007-10-27 16:12:21 D:\Programmer\Java\jre1.5.0_10\bin\bak\_install.exe
----a-w 109,231 2007-10-27 16:12:21 D:\Programmer\Java\jre1.5.0_10\bin\_install.exe

----a-w 401,491 2004-02-24 13:07:58 D:\Programmer\Microsoft ActiveSync\bak\WCESCOMM.EXE
----a-w 0 2003-06-05 15:18:29 D:\Programmer\Microsoft ActiveSync\WCESCOMM.EXE

----a-w 282,624 2006-10-25 17:58:18 D:\Programmer\QuickTime\bak\qttask.exe
----a-w 282,624 2007-12-27 10:16:32 D:\Programmer\QuickTime\qttask.exe

----a-w 109,231 2007-10-27 16:12:21 D:\Programmer\QuickTime\bak\_install.exe
----a-w 109,231 2007-10-27 16:12:21 D:\Programmer\QuickTime\_install.exe

----a-w 327,680 2002-07-18 15:12:50 D:\Programmer\Trend Micro\PC-cillin 2002\bak\PCCClient.exe

----a-w 258,048 2002-07-18 15:18:42 D:\Programmer\Trend Micro\PC-cillin 2002\bak\pccguide.exe

----a-w 307,266 2002-07-18 15:15:32 D:\Programmer\Trend Micro\PC-cillin 2002\bak\Pop3trap.exe

----a-w 109,231 2007-10-27 16:12:21 D:\Programmer\Trend Micro\PC-cillin 2002\bak\_install.exe
----a-w 109,231 2007-10-27 16:12:21 D:\Programmer\Trend Micro\PC-cillin 2002\_install.exe

----a-w 106,496 2002-07-12 10:15:12 D:\WINDOWS\bak\SiSUSBrg.exe

----a-w 109,231 2007-10-27 16:12:21 D:\WINDOWS\bak\_install.exe
----a-w 109,231 2007-10-27 16:12:21 D:\WINDOWS\_install.exe

.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"msnmsgr"="D:\Programmer\MSN Messenger\msnmsgr.exe" [2007-12-27 11:16]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NvCplDaemon"="RUNDLL32.exe" [2001-10-09 13:00 D:\WINDOWS\system32\rundll32.exe]
"nwiz"="nwiz.exe" [2005-08-02 15:35 D:\WINDOWS\system32\nwiz.exe]
"NvMediaCenter"="RUNDLL32.exe" [2001-10-09 13:00 D:\WINDOWS\system32\rundll32.exe]
"iTunesHelper"="D:\Programmer\iTunes\iTunesHelper.exe" [2007-12-27 11:16]
"QuickTime Task"="D:\Programmer\QuickTime\qttask.exe" [2007-12-27 11:16]
"kcbtaxcf"="D:\mgbdrlta.bat" []
"ysvcvcji"="D:\yvyalyqf.bat" []

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="D:\WINDOWS\System32\CTFMON.EXE" [2002-09-09 13:13]
"Ordbogen.com"="D:\Programmer\CoolSystems\ordbogen.com\ordbogen.exe" [2007-08-17 13:19]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"DisableRegistryTools"= 1 (0x1)
"DisableTaskMgr"= 1 (0x1)

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\system]
"DisableRegistryTools"= 1 (0x1)
"DisableTaskMgr"= 1 (0x1)

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer]
"NoControlPanel"= 1 (0x1)

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer]
"NoControlPanel"= 1 (0x1)
"NoWindowsUpdate"= 1 (0x1)

[hkey_local_machine\software\microsoft\windows\currentversion\explorer\shellexecutehooks]
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= D:\Programmer\SUPERAntiSpyware\SASSEH.DLL [2006-12-20 13:55 77824]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\!SASWinLogon]
D:\Programmer\SUPERAntiSpyware\SASWINLO.dll 2007-04-19 13:41 294912 D:\Programmer\SUPERAntiSpyware\SASWINLO.dll

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Authentication Packages REG_MULTI_SZ msv1_0 nwprovau

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Lor03.sys]
@="Driver"

R0 Lor03;Lor03;D:\WINDOWS\System32\Drivers\Lor03.sys [2007-12-26 09:58]
R2 PCC_PFW;PC-Cillin Personal Firewall;D:\WINDOWS\System32\Drivers\PCC_PFW.sys [2002-07-18 16:11]
S2 init_7a0e-6aff;init_7a0e-6aff;D:\WINDOWS\System32\init_7a0e-6aff.sys [2007-12-26 09:57]
S3 AntiyFirewall;AntiyFirewall;D:\WINDOWS\System32\drivers\AntiyFW.sys [2005-10-12 17:27]
S3 taskmon.sys;taskmon.sys;D:\WINDOWS\System32\taskmon.sys [2007-12-28 21:01]

.
Contents of the 'Scheduled Tasks' folder
"2007-12-19 13:13:07 D:\WINDOWS\Tasks\AppleSoftwareUpdate.job"
- D:\Programmer\Apple Software Update\SoftwareUpdate.exe
.
**************************************************************************

catchme 0.3.1333 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2007-12-29 17:23:04
Windows 5.1.2600 Service Pack 1 NTFS

scanning hidden processes ...

D:\WINDOWS\medichi.exe [2420] 0x81CFEBC8
D:\WINDOWS\medichi2.exe [2456] 0x81DBF9E8
scanning hidden autostart entries ...

scanning hidden files ...

D:\WINDOWS\system32\bldy.config 56390 bytes
D:\WINDOWS\system32\bldy332e-15e.sys 129664 bytes executable

scan completed successfully
hidden files: 2

**************************************************************************

[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\bldy332e-15e]
"ImagePath"="\??\D:\WINDOWS\System32\bldy332e-15e.sys"
.
Completion time: 2007-12-29 17:28:00 - machine was rebooted [Andr‚]

----------------------------------------------------

SmitFraudFix v2.274

Scan done at 17:50:20.42, 29-12-2007
Run from C:\SmitfraudFix\SmitfraudFix
OS: Microsoft Windows XP [version 5.1.2600] - Windows_NT
The filesystem type is NTFS
Fix run in safe mode

»»»»»»»»»»»»»»»»»»»»»»»» SharedTaskScheduler Before SmitFraudFix
!!!Attention, following keys are not inevitably infected!!!

SrchSTS.exe by S!Ri
Search SharedTaskScheduler's .dll

»»»»»»»»»»»»»»»»»»»»»»»» Killing process

»»»»»»»»»»»»»»»»»»»»»»»» hosts

127.0.0.1 localhost

»»»»»»»»»»»»»»»»»»»»»»»» Winsock2 Fix

S!Ri's WS2Fix: LSP not Found.

»»»»»»»»»»»»»»»»»»»»»»»» Generic Renos Fix

GenericRenosFix by S!Ri

»»»»»»»»»»»»»»»»»»»»»»»» Deleting infected files

»»»»»»»»»»»»»»»»»»»»»»»» IEDFix

IEDFix.exe by S!Ri

»»»»»»»»»»»»»»»»»»»»»»»» DNS

HKLM\SYSTEM\CCS\Services\Tcpip\..\{9721E5A9-F71E-4EC0-9716-2D6E45DB2400}: DhcpNameServer=193.162.153.164 194.239.134.83
HKLM\SYSTEM\CS1\Services\Tcpip\..\{9721E5A9-F71E-4EC0-9716-2D6E45DB2400}: DhcpNameServer=193.162.153.164 194.239.134.83
HKLM\SYSTEM\CS2\Services\Tcpip\..\{9721E5A9-F71E-4EC0-9716-2D6E45DB2400}: DhcpNameServer=193.162.153.164 194.239.134.83
HKLM\SYSTEM\CS3\Services\Tcpip\..\{9721E5A9-F71E-4EC0-9716-2D6E45DB2400}: DhcpNameServer=193.162.153.164 194.239.134.83
HKLM\SYSTEM\CCS\Services\Tcpip\Parameters: DhcpNameServer=193.162.153.164 194.239.134.83
HKLM\SYSTEM\CS1\Services\Tcpip\Parameters: DhcpNameServer=193.162.153.164 194.239.134.83
HKLM\SYSTEM\CS2\Services\Tcpip\Parameters: DhcpNameServer=193.162.153.164 194.239.134.83
HKLM\SYSTEM\CS3\Services\Tcpip\Parameters: DhcpNameServer=193.162.153.164 194.239.134.83

»»»»»»»»»»»»»»»»»»»»»»»» Deleting Temp Files

»»»»»»»»»»»»»»»»»»»»»»»» Winlogon.System
!!!Attention, following keys are not inevitably infected!!!

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon]
"System"=""

»»»»»»»»»»»»»»»»»»»»»»»» Registry Cleaning

Registry Cleaning done.

»»»»»»»»»»»»»»»»»»»»»»»» SharedTaskScheduler After SmitFraudFix
!!!Attention, following keys are not inevitably infected!!!

SrchSTS.exe by S!Ri
Search SharedTaskScheduler's .dll

»»»»»»»»»»»»»»»»»»»»»»»» End

-----------------------------------------------

Logfile of HijackThis v1.99.1
Scan saved at 18:06:47, on 29-12-2007
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
D:\WINDOWS\System32\smss.exe
D:\WINDOWS\system32\winlogon.exe
D:\WINDOWS\system32\services.exe
D:\WINDOWS\system32\lsass.exe
D:\WINDOWS\system32\svchost.exe
D:\WINDOWS\System32\svchost.exe
D:\WINDOWS\system32\spoolsv.exe
D:\Programmer\Antiy Labs\Alive\ALiveCenter.exe
D:\Programmer\Fælles filer\Microsoft Shared\VS7DEBUG\MDM.EXE
D:\WINDOWS\System32\nvsvc32.exe
D:\WINDOWS\System32\svchost.exe
D:\WINDOWS\System32\svchost.exe
D:\Programmer\Trend Micro\PC-cillin 2002\Tmntsrv.exe
D:\WINDOWS\System32\MsPMSPSv.exe
D:\Programmer\Trend Micro\PC-cillin 2002\PCCPFW.exe
D:\Programmer\Canon\CAL\CALMAIN.exe
D:\Programmer\Internet Explorer\IEXPLORE.EXE
D:\WINDOWS\Explorer.EXE
D:\Programmer\iTunes\iTunesHelper.exe
D:\Programmer\QuickTime\qttask.exe
D:\Programmer\MSN Messenger\msnmsgr.exe
D:\Programmer\iPod\bin\iPodService.exe
D:\Programmer\MSN Messenger\usnsvc.exe
D:\Programmer\Internet Explorer\IEXPLORE.EXE
D:\WINDOWS\system32\NOTEPAD.EXE
D:\André\André\Musik\alternativ.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.dr.dk/sporten
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Hyperlinks
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - D:\Programmer\Java\jre1.5.0_10\bin\ssv.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - d:\programmer\google\googletoolbar1.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - D:\WINDOWS\System32\msdxm.ocx
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - d:\programmer\google\googletoolbar1.dll
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE D:\WINDOWS\System32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE D:\WINDOWS\System32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [iTunesHelper] "D:\Programmer\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [QuickTime Task] "D:\Programmer\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [kcbtaxcf] D:\mgbdrlta.bat
O4 - HKLM\..\Run: [ysvcvcji] D:\yvyalyqf.bat
O4 - HKCU\..\Run: [msnmsgr] "D:\Programmer\MSN Messenger\msnmsgr.exe" /background
O7 - HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\System, DisableRegedit=1
O7 - HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\System, DisableRegedit=1
O8 - Extra context menu item: Add to AMV Convert Tool... - D:\Programmer\MP3 Player Utilities 3.79\AMVConverter\grab.html
O8 - Extra context menu item: E&ksporter til Microsoft Excel - res://D:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: MediaManager tool grab multimedia file - D:\Programmer\MP3 Player Utilities 3.79\MediaManager\grab.html
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - D:\Programmer\Java\jre1.5.0_10\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - D:\Programmer\Java\jre1.5.0_10\bin\ssv.dll
O9 - Extra button: Opret Foretrukken på mobil enhed - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - D:\Programmer\Microsoft ActiveSync\inetrepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - D:\Programmer\Microsoft ActiveSync\inetrepl.dll
O9 - Extra 'Tools' menuitem: Opret Foretrukken på mobil enhed... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - D:\Programmer\Microsoft ActiveSync\inetrepl.dll
O9 - Extra button: Opslag - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - D:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - D:\WINDOWS\System32\shdocvw.dll
O9 - Extra 'Tools' menuitem: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - D:\WINDOWS\System32\shdocvw.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - D:\Programmer\Messenger\MSMSGS.EXE
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - D:\Programmer\Messenger\MSMSGS.EXE
O12 - Plugin for .spop: D:\Programmer\Internet Explorer\Plugins\NPDocBox.dll
O16 - DPF: {029FDBA6-3547-11D7-AA4C-0050BF051A00} (Rawflow ICD Client) - http://downol.dr.dk/download/netradio/Rawflow.cab
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab31267.cab
O16 - DPF: {3D2CB570-D425-11D5-ABD0-00008369C46F} (CSMenu Class) - https://netbank.bgbank.dk/html/activex/BG/Menu.cab
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx2.hotmail.com/mail/w2/resources/MSNPUpld.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1133301966077
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab31267.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O16 - DPF: {D216644A-C6DB-49D9-BBCF-D38FE7991BF2} (Util Class) - https://udstedelse.certifikat.tdc.dk/csp/authenticode/tdccsp-0506.exe
O16 - DPF: {D8575CE3-3432-4540-88A9-85A1325D3375} (e-Safekey) - https://netbank.bgbank.dk/html/activex/e-Safekey/BG/e-Safekey.cab
O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab56986.cab
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - D:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - D:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O20 - AppInit_DLLs: murka.dat
O20 - Winlogon Notify: !SASWinLogon - D:\Programmer\SUPERAntiSpyware\SASWINLO.dll
O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft AB - D:\Programmer\Lavasoft\Ad-Aware 2007\aawservice.exe
O23 - Service: Gatewaytjeneste til programlaget (ALG) - Unknown owner - cmd.exe (file missing)
O23 - Service: Antiy live update (Alive Auto-Update Service) - Unknown owner - D:\Programmer\Antiy Labs\Alive\ALiveCenter.exe
O23 - Service: AVG Anti-Spyware Guard - Anti-Malware Development a.s. - D:\Programmer\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: Canon Camera Access Library 8 (CCALib8) - Canon Inc. - D:\Programmer\Canon\CAL\CALMAIN.exe
O23 - Service: Google Updater Service (gusvc) - Google - D:\Programmer\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - D:\Programmer\Fælles filer\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Computer, Inc. - D:\Programmer\iPod\bin\iPodService.exe
O23 - Service: NetMeeting - Deling af fjernskrivebord mnmsrvcUMWdf (mnmsrvcUMWdf) - Unknown owner - D:\WINDOWS\System32\1037d.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - D:\WINDOWS\System32\nvsvc32.exe
O23 - Service: PC-cillin PersonalFirewall (PCCPFW) - Trend Micro Inc. - D:\Programmer\Trend Micro\PC-cillin 2002\PCCPFW.exe
O23 - Service: Trend NT Realtime Service (Tmntsrv) - Trend Micro Inc. - D:\Programmer\Trend Micro\PC-cillin 2002\Tmntsrv.exe

Synes godt om

fromsej Praktikant

29. december 2007 - 18:44 #20

Hold da kæft, jeg har aldrig set noget lignende.
Lad os se om vi kan få pelset resten.
Det kommer til at tage lidt tid, inden jeg har fået alt det gennemgået.

Synes godt om

djgreg Nybegynder

29. december 2007 - 19:09 #21

Ja, den var rigtig god i 10 min., og så gik den lidt tilbage det den dårlige stil igen.

Synes godt om

fromsej Praktikant

29. december 2007 - 19:20 #22

-- Hent Avenger her:
http://swandog46.geekstogo.com/avenger.zip

-- Pak Avenger-programmet ud og dobbeltklik på avenger.exe

-- Sæt en prik i "Input Script Manually" og klik på Luppen - nu dukker der et lille vindue op, hvor du skal kopiere HELE indholdet mellem ~~~~~~ ind:

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Files to delete:
D:\WINDOWS\system32\0_exception.nls
D:\WINDOWS\system32\drivers\Amlk65.sys
D:\WINDOWS\system32\users32.dat
D:\WINDOWS\system32\drivers\Dwq67.sys
D:\WINDOWS\medichi2.exe
D:\WINDOWS\murka.dat
D:\WINDOWS\medichi.exe
D:\WINDOWS\system32\drivers\Snub48.sys
D:\WINDOWS\system32\drivers\Ojc29.sys
D:\WINDOWS\Lor03.sys
D:\WINDOWS\system32\drivers\Njes50.sys
D:\WINDOWS\system32\drivers\Fifw62.sys
D:\WINDOWS\system32\dllgh8jkd1q8.exe
D:\WINDOWS\system32\drivers\Hbk36.sys
D:\WINDOWS\system32\drivers\Blyh73.sys
D:\WINDOWS\system32\taskmon.sys
D:\WINDOWS\system32\drivers\Lor03.sys
D:\WINDOWS\system32\drivers\Qvn50.sys
D:\WINDOWS\system32\init_7a0e-6aff.sys
D:\WINDOWS\system32\init_sys.config
D:\WINDOWS\system32\winupdate.dat
D:\WINDOWS\system32\mstscex.dll
D:\WINDOWS\mrofinu27.exe.tmp
D:\WINDOWS\system32\dllgh8jkd1q2.exe
D:\WINDOWS\system32\dllgh8jkd1q7.exe
D:\WINDOWS\system32\dllgh8jkd1q6.exe
D:\WINDOWS\system32\dllgh8jkd1q5.exe
D:\WINDOWS\system32\dllgh8jkd1q1.exe
D:\WINDOWS\QTFont.qfn
D:\WINDOWS\QTFont.for
D:\WINDOWS\system32\slx.exe???????????????????5
D:\WINDOWS\system32\slx.exe???????????????????4
D:\WINDOWS\system32\slx.exe???????????????????3
D:\WINDOWS\system32\slx.exe???????????????????2
D:\WINDOWS\system32\_install.exe
D:\WINDOWS\PCHEALTH\UploadLB\Binaries\_install.exe
D:\WINDOWS\PCHEALTH\HELPCTR\Binaries\_install.exe
D:\WINDOWS\inf\_install.exe
D:\WINDOWS\Help\Tours\mmTour\_install.exe
D:\WINDOWS\_install.exe
D:\Programmer\_install.exe
D:\Programmer\00000001.016
D:\Programmer\00000000.016
D:\Programmer\00000001.256
D:\Programmer\00000000.256
D:\WINDOWS\system32\1037d.exe
D:\WINDOWS\system32\drivers\tcpip.sys
"D:\Programmer\Creative\Mouse Optical\bak\_install.exe"
"D:\Programmer\Creative\Mouse Optical\_install.exe"
D:\Programmer\iTunes\bak\_install.exe
D:\Programmer\iTunes\_install.exe
D:\Programmer\QuickTime\bak\_install.exe
D:\Programmer\QuickTime\_install.exe
"D:\Programmer\Trend Micro\PC-cillin 2002\bak\_install.exe"
"D:\Programmer\Trend Micro\PC-cillin 2002\_install.exe"
D:\WINDOWS\bak\_install.exe
D:\WINDOWS\_install.exe
D:\mgbdrlta.bat
D:\yvyalyqf.bat

Folders to delete:
D:\Programmer\BearShare

drivers to unload:
Amlk65
Dwq67
Snub48
Ojc29
Lor03
Njes50
Fifw62
Hbk36
Blyh73
taskmon
Qvn50.sys
init_7a0e-6aff

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

-- Klik på Trafiklyset i Avenger. Programmet vil opfordre dig til at genstarte computeren straks, hvilket du skal gøre. Programmet vil lukke din computer, slette filerne og starte computeren igen.

-- Efter genstarten vil der dukke et notepad-vindue op, med en log for Avengers handlinger. Den må du gerne lægge ind i dit næste svar.

VIGTIGT!!!!!!
Åbn Stifinder, klik på Funktioner=>Mappeindstillinger=>Vis.
Fjern flueben ved "Skjul beskyttede operativsystemfiler".
Fjern flueben ved "Skjul filtypenavne for kendte filtyper".
Sæt prik i "Vis skjulte filer og mapper".
Find så denne fil:
D:\WINDOWS\$NtServicePackUninstall$\tcpip.sys
Kopier den ind i denne mappe:
D:\WINDOWS\system32\drivers\

-- Kør Hijackthis, vælg "Do a system scan only", sæt flueben ved linierne listet her, luk alle vinduer undtaget Hijackthis, klik på fix checked.

O4 - HKLM\..\Run: [kcbtaxcf] D:\mgbdrlta.bat
O4 - HKLM\..\Run: [ysvcvcji] D:\yvyalyqf.bat
O7 - HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\System, DisableRegedit=1
O7 - HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\System, DisableRegedit=1
O20 - AppInit_DLLs: murka.dat

Genstart computeren, og lav en ny log med Hijackthis, som du lægger herind sammen med loggen fra Avenger.

Se om Combofix vil køre rigtigt når alt det l.rt er slettet.

Synes godt om

fromsej Praktikant

29. december 2007 - 19:21 #23

Bid mærke i VIGTIGT i mit forrige indlæg, ellers kommer du ikke på nettet efterfølgende.

Synes godt om

djgreg Nybegynder

29. december 2007 - 20:15 #24

Okay, det kunne min computer bestemt ikke lide. Jeg sidder nu og skriver fra min brors computer. Jeg nåede til at computeren skulle genstarte fra avenger.

Når jeg nu logger på, så dukker der 3 vinduer op.

Nr. 1:

Navn: Registreringseditor

Tekst: Administratoren har fjernet muligheden for at redigere registreringsdatabasen.

Muligheder: OK/X. Uanset hvor man klikker genstarter computeren.

Nr. 2:

Det er sådan et sort vindue der også bliver brugt i combofix.

Navn: cmd.exe

Tekst:

Microsoft Windows XP [Version 5.1.2600]
(C) Copyright 1985-2001 Microsoft Corp.

D:\Documents and settings\André>

I dette vindue kan man åbenbart selv skrive noget og udføre nogle kommandoer, jeg har dog ikke turde gøre noget.

Nr. 3

Det er også et sort vindue lignende det i combofix.

Navn: D:\windows\system32\cmd.exe

Tekst:

Der er 7 linjers tekst.
Alle linjer starter med: D:\Documents and settings\André

I dette vindue kan man ikke selv skrive noget.

----

Hvis man går ud af begge de sorte vinduer genstarter computeren også. Det ser sort ud...

Synes godt om

fromsej Praktikant

29. december 2007 - 20:30 #25

Det frygtede jeg lidt ville ske.
Med alt det møg der er på maskinen var det næsten dødfødt fra starten.
Prøv om du kan starte op i fejlsikret.
Hvis du kan så start Hijackthis op og fix disse to linier:
O7 - HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\System, DisableRegedit=1
O7 - HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\System, DisableRegedit=1
Genstart, se om den så vil fuldføre.

Synes godt om

djgreg Nybegynder

29. december 2007 - 22:40 #26

Nej, der sker præcist det samme i fejlsikret tilstand. :s

Synes godt om

djgreg Nybegynder

29. december 2007 - 22:41 #27

Og idet at jeg skrev det åbnede jeg den i normal tilstand og kom faktisk ind på computeren. Prøver at fortsætte med hvad du sagde

Synes godt om

djgreg Nybegynder

29. december 2007 - 23:26 #28

Avenger og Combofix gav ingen log, selvom jeg fik dem kørt. Jeg har lavet en ny en til hijackthis. De 2 07'ere og 20'eren lader til at komme tilbage. Der kommer også et skilt op om back-up når man vil fjerne dem.

Skal jeg prøve at køre Avenger igen?

Her er HJT, har lige fjernet 07'erne og 20 igen.

Logfile of HijackThis v1.99.1
Scan saved at 23:25, on 2007-12-29
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
D:\WINDOWS\System32\smss.exe
D:\WINDOWS\system32\winlogon.exe
D:\WINDOWS\system32\services.exe
D:\WINDOWS\system32\lsass.exe
D:\WINDOWS\system32\svchost.exe
D:\WINDOWS\System32\svchost.exe
D:\WINDOWS\system32\spoolsv.exe
D:\Programmer\Antiy Labs\Alive\ALiveCenter.exe
D:\Programmer\Fælles filer\Microsoft Shared\VS7DEBUG\MDM.EXE
D:\WINDOWS\System32\svchost.exe
D:\WINDOWS\System32\nvsvc32.exe
D:\WINDOWS\Explorer.EXE
D:\WINDOWS\System32\svchost.exe
D:\Programmer\Trend Micro\PC-cillin 2002\Tmntsrv.exe
D:\WINDOWS\System32\MsPMSPSv.exe
D:\Programmer\Canon\CAL\CALMAIN.exe
D:\Programmer\iTunes\iTunesHelper.exe
D:\Programmer\QuickTime\qttask.exe
D:\Programmer\MSN Messenger\msnmsgr.exe
D:\Programmer\Trend Micro\PC-cillin 2002\PCCPFW.exe
D:\Programmer\iPod\bin\iPodService.exe
D:\WINDOWS\System32\wuauclt.exe
D:\Programmer\Internet Explorer\IEXPLORE.EXE
D:\Programmer\Internet Explorer\IEXPLORE.EXE
D:\André\André\Musik\alternativ.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Hyperlinks
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - D:\Programmer\Java\jre1.5.0_10\bin\ssv.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - d:\programmer\google\googletoolbar1.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - D:\WINDOWS\System32\msdxm.ocx
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - d:\programmer\google\googletoolbar1.dll
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE D:\WINDOWS\System32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE D:\WINDOWS\System32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [iTunesHelper] "D:\Programmer\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [QuickTime Task] "D:\Programmer\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [bnmplugs] D:\laagkenx.bat
O4 - HKCU\..\Run: [msnmsgr] "D:\Programmer\MSN Messenger\msnmsgr.exe" /background
O8 - Extra context menu item: Add to AMV Convert Tool... - D:\Programmer\MP3 Player Utilities 3.79\AMVConverter\grab.html
O8 - Extra context menu item: E&ksporter til Microsoft Excel - res://D:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: MediaManager tool grab multimedia file - D:\Programmer\MP3 Player Utilities 3.79\MediaManager\grab.html
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - D:\Programmer\Java\jre1.5.0_10\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - D:\Programmer\Java\jre1.5.0_10\bin\ssv.dll
O9 - Extra button: Opret Foretrukken på mobil enhed - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - D:\Programmer\Microsoft ActiveSync\inetrepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - D:\Programmer\Microsoft ActiveSync\inetrepl.dll
O9 - Extra 'Tools' menuitem: Opret Foretrukken på mobil enhed... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - D:\Programmer\Microsoft ActiveSync\inetrepl.dll
O9 - Extra button: Opslag - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - D:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - D:\WINDOWS\System32\shdocvw.dll
O9 - Extra 'Tools' menuitem: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - D:\WINDOWS\System32\shdocvw.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - D:\Programmer\Messenger\MSMSGS.EXE
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - D:\Programmer\Messenger\MSMSGS.EXE
O12 - Plugin for .spop: D:\Programmer\Internet Explorer\Plugins\NPDocBox.dll
O16 - DPF: {029FDBA6-3547-11D7-AA4C-0050BF051A00} (Rawflow ICD Client) - http://downol.dr.dk/download/netradio/Rawflow.cab
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab31267.cab
O16 - DPF: {3D2CB570-D425-11D5-ABD0-00008369C46F} (CSMenu Class) - https://netbank.bgbank.dk/html/activex/BG/Menu.cab
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx2.hotmail.com/mail/w2/resources/MSNPUpld.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1133301966077
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab31267.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O16 - DPF: {D216644A-C6DB-49D9-BBCF-D38FE7991BF2} (Util Class) - https://udstedelse.certifikat.tdc.dk/csp/authenticode/tdccsp-0506.exe
O16 - DPF: {D8575CE3-3432-4540-88A9-85A1325D3375} (e-Safekey) - https://netbank.bgbank.dk/html/activex/e-Safekey/BG/e-Safekey.cab
O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab56986.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{9721E5A9-F71E-4EC0-9716-2D6E45DB2400}: NameServer = 202.64.222.30
O17 - HKLM\System\CCS\Services\Tcpip\..\{B9F22EF0-C082-4806-BD72-87329AB09547}: NameServer = 202.64.222.30
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - D:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - D:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O20 - Winlogon Notify: !SASWinLogon - D:\Programmer\SUPERAntiSpyware\SASWINLO.dll
O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft AB - D:\Programmer\Lavasoft\Ad-Aware 2007\aawservice.exe
O23 - Service: Gatewaytjeneste til programlaget (ALG) - Unknown owner - cmd.exe (file missing)
O23 - Service: Antiy live update (Alive Auto-Update Service) - Unknown owner - D:\Programmer\Antiy Labs\Alive\ALiveCenter.exe
O23 - Service: AVG Anti-Spyware Guard - Anti-Malware Development a.s. - D:\Programmer\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: Canon Camera Access Library 8 (CCALib8) - Canon Inc. - D:\Programmer\Canon\CAL\CALMAIN.exe
O23 - Service: Google Updater Service (gusvc) - Google - D:\Programmer\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - D:\Programmer\Fælles filer\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Computer, Inc. - D:\Programmer\iPod\bin\iPodService.exe
O23 - Service: NetMeeting - Deling af fjernskrivebord mnmsrvcUMWdf (mnmsrvcUMWdf) - Unknown owner - D:\WINDOWS\System32\1037d.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - D:\WINDOWS\System32\nvsvc32.exe
O23 - Service: PC-cillin PersonalFirewall (PCCPFW) - Trend Micro Inc. - D:\Programmer\Trend Micro\PC-cillin 2002\PCCPFW.exe
O23 - Service: Trend NT Realtime Service (Tmntsrv) - Trend Micro Inc. - D:\Programmer\Trend Micro\PC-cillin 2002\Tmntsrv.exe

Synes godt om

fromsej Praktikant

30. december 2007 - 09:54 #29

Hent og kør dette lille program:
http://noahdfear.geekstogo.com/FindAWF.exe
Programmet laver en log, som du skal kopiere herind.

Synes godt om

djgreg Nybegynder

30. december 2007 - 22:35 #30

Hvilken af de 4 muligheder skal jeg vælge? Har prøvet alle 4, men tør ikke gå så langt, og kan heller ikke komme så langt i de fleste.

Synes godt om

fromsej Praktikant

30. december 2007 - 23:03 #31

Dobbeltklik på FindAWF.exe
Skriv 1. Så kører scanningen

Det vil tage lidt tid for at fuldføre scanningen.
Når scanningen er færdig åbner notesblok med en txt fil der hedder AWF.txt som bliver gemt på skrivebordet

Send AWF.txt loggen herind i dit næste svar

Synes godt om

djgreg Nybegynder

30. december 2007 - 23:21 #32

Når jeg kører den siger den bare "forkert kommando eller filnavn".

Synes godt om

fromsej Praktikant

31. december 2007 - 10:29 #33

Prøv lige at finde c:\windows\repair\autoexec.nt, kopier den over i C:\windows\system32, så burde det køre.

Hvis det ikke gør tricket, så er der kun formatering og nyinstallation tilbage, men det var også dødfødt fra starten.
Som jeg allerede skrev i mit første indlæg: 26/12-2007 10:29:51

Synes godt om

djgreg Nybegynder

31. december 2007 - 12:05 #34

Find AWF report by noahdfear ©2006
Version 1.40

bak folders found
~~~~~~~~~~~

Disken i drev C har ikke noget navn.
Diskens serienummer er 08CD-147E

Indhold af C:\PROGRA~1\MSNMES~1\BAK

0 fil(er) 0 byte
2 mappe(r) 7,103,045,632 byte ledig
Disken i drev D har ikke noget navn.
Diskens serienummer er CCC1-4508

Indhold af D:\WINDOWS\BAK

2007-10-27 17:12 109,231 _install.exe
2002-07-12 11:15 106,496 SiSUSBrg.exe
2 fil(er) 215,727 byte
2 mappe(r) 25,638,912,000 byte ledig
Disken i drev D har ikke noget navn.
Diskens serienummer er CCC1-4508

Indhold af D:\PROGRA~1\ITUNES\BAK

2007-10-27 17:12 109,231 _install.exe
2006-10-30 09:36 256,576 iTunesHelper.exe
2 fil(er) 365,807 byte
2 mappe(r) 25,638,907,904 byte ledig
Disken i drev D har ikke noget navn.
Diskens serienummer er CCC1-4508

Indhold af D:\PROGRA~1\MI3AA1~1\BAK

2004-02-24 14:07 401,491 WCESCOMM.EXE
1 fil(er) 401,491 byte
2 mappe(r) 25,638,907,904 byte ledig
Disken i drev D har ikke noget navn.
Diskens serienummer er CCC1-4508

Indhold af D:\PROGRA~1\QUICKT~1\BAK

2007-10-27 17:12 109,231 _install.exe
2006-10-25 18:58 282,624 qttask.exe
2 fil(er) 391,855 byte
2 mappe(r) 25,638,907,904 byte ledig
Disken i drev D har ikke noget navn.
Diskens serienummer er CCC1-4508

Indhold af D:\PROGRA~1\CREATIVE\MOUSEO~1\BAK

2007-10-27 17:12 109,231 _install.exe
2003-09-07 19:41 503,808 mouse_2k.exe
2 fil(er) 613,039 byte
2 mappe(r) 25,638,907,904 byte ledig
Disken i drev D har ikke noget navn.
Diskens serienummer er CCC1-4508

Indhold af D:\PROGRA~1\TRENDM~1\PC-CIL~1\BAK

2007-10-27 17:12 109,231 _install.exe
2002-07-18 16:12 327,680 PCCClient.exe
2002-07-18 16:18 258,048 pccguide.exe
2002-07-18 16:15 307,266 Pop3trap.exe
4 fil(er) 1,002,225 byte
2 mappe(r) 25,638,907,904 byte ledig
Disken i drev D har ikke noget navn.
Diskens serienummer er CCC1-4508

Indhold af D:\PROGRA~1\FLLESF~1\AHEAD\LIB\BAK

0 fil(er) 0 byte
2 mappe(r) 25,638,907,904 byte ledig
Disken i drev D har ikke noget navn.
Diskens serienummer er CCC1-4508

Indhold af D:\PROGRA~1\JAVA\JRE15~1.0_1\BIN\BAK

2007-10-27 17:12 109,231 _install.exe
2006-11-09 15:07 49,263 jusched.exe
2 fil(er) 158,494 byte
2 mappe(r) 25,638,907,904 byte ledig

Duplicate files of bak directory contents
~~~~~~~~~~~~~~~~~~~~~~~

106496 12 Jul 2002 "D:\WINDOWS\bak\SiSUSBrg.exe"
109231 27 Oct 2007 "C:\_install.exe"
109231 27 Oct 2007 "C:\desktopclean\_install.exe"
109231 27 Oct 2007 "C:\Downloads\_install.exe"
109231 27 Oct 2007 "C:\Kaspersky\_install.exe"
109231 27 Oct 2007 "C:\Mario Forever\_install.exe"
109231 27 Oct 2007 "C:\Program Files\_install.exe"
109231 27 Oct 2007 "C:\WINDOWS\_install.exe"
109231 27 Oct 2007 "C:\Documents and Settings\Greg\_install.exe"
109231 27 Oct 2007 "C:\ie-spyad\choice\_install.exe"
109231 27 Oct 2007 "C:\Program Files\AVI MPEG RM WMV Joiner\_install.exe"
109231 27 Oct 2007 "C:\Program Files\Blindskrift\_install.exe"
109231 27 Oct 2007 "C:\Program Files\BraveSentry\_install.exe"
109231 27 Oct 2007 "C:\Program Files\ClickOff\_install.exe"
109231 27 Oct 2007 "C:\Program Files\Dictionary\_install.exe"
109231 27 Oct 2007 "C:\Program Files\Easy Movie Splitter\_install.exe"
109231 27 Oct 2007 "C:\Program Files\GThing\_install.exe"
109231 27 Oct 2007 "C:\Program Files\Internet Explorer\_install.exe"
109231 27 Oct 2007 "C:\Program Files\Movie Maker\_install.exe"
109231 27 Oct 2007 "C:\Program Files\MSN Messenger\_install.exe"
109231 27 Oct 2007 "C:\Program Files\QuickTime\_install.exe"
109231 27 Oct 2007 "C:\Program Files\RegSupreme\_install.exe"
109231 27 Oct 2007 "C:\Program Files\Windows NT\_install.exe"
109231 27 Oct 2007 "C:\Program Files\Windows Media Player\_install.exe"
109231 27 Oct 2007 "C:\WINDOWS\$NtUninstallKB840374$\_install.exe"
109231 27 Oct 2007 "C:\WINDOWS\$NtUninstallKB828741$\_install.exe"
109231 27 Oct 2007 "C:\WINDOWS\$NtUninstallKB826939$\_install.exe"
109231 27 Oct 2007 "C:\WINDOWS\$NtUninstallKB841873$\_install.exe"
109231 27 Oct 2007 "C:\WINDOWS\Downloaded Program Files\_install.exe"
109231 27 Oct 2007 "C:\WINDOWS\msagent\_install.exe"
109231 27 Oct 2007 "C:\WINDOWS\mui\_install.exe"
109231 27 Oct 2007 "C:\WINDOWS\NV22042208.TMP\_install.exe"
109231 27 Oct 2007 "C:\WINDOWS\system\_install.exe"
109231 27 Oct 2007 "C:\WINDOWS\system32\_install.exe"
109231 27 Oct 2007 "C:\Documents and Settings\Greg\3DSetup\_install.exe"
109231 27 Oct 2007 "C:\NVIDIA\Win2KXP\78.01\_install.exe"
109231 27 Oct 2007 "C:\Program Files\3DO\Heroes3\_install.exe"
109231 27 Oct 2007 "C:\Program Files\Ashampoo\Ashampoo WinOptimizer 2004\_install.exe"
109231 27 Oct 2007 "C:\Program Files\Blindskrift\Agent Setup\_install.exe"
109231 27 Oct 2007 "C:\Program Files\CoolSystems\ordbogen.com\_install.exe"
109231 27 Oct 2007 "C:\Program Files\CyberLink\Common\_install.exe"
109231 27 Oct 2007 "C:\Program Files\CyberLink\PowerDVD\_install.exe"
109231 27 Oct 2007 "C:\Program Files\Davka Corp\DavkaViewer Platinum\_install.exe"
109231 27 Oct 2007 "C:\Program Files\DivX\DivX\_install.exe"
109231 27 Oct 2007 "C:\Program Files\EA SPORTS\NBA LIVE 2004\_install.exe"
109231 27 Oct 2007 "C:\Program Files\Eidos\CM 03-04\_install.exe"
109231 27 Oct 2007 "C:\Program Files\ewido\security suite\_install.exe"
109231 27 Oct 2007 "C:\Program Files\Google\Gmail Notifier\_install.exe"
109231 27 Oct 2007 "C:\Program Files\Google\Google Earth\_install.exe"
109231 27 Oct 2007 "C:\Program Files\Infogrames\RollerCoaster Tycoon 2\_install.exe"
109231 27 Oct 2007 "C:\Program Files\Internet Explorer\Connection Wizard\_install.exe"
109231 27 Oct 2007 "C:\Program Files\Logitech\ImageStudio\_install.exe"
109231 27 Oct 2007 "C:\Program Files\Logitech\IM Video Companion\_install.exe"
109231 27 Oct 2007 "C:\Program Files\mozilla.org\Mozilla\_install.exe"
109231 27 Oct 2007 "C:\Program Files\MSN\MSNCoreFiles\_install.exe"
109231 27 Oct 2007 "C:\Program Files\MSN\MSNCoreFiles.BAK.{FEC69D39-ADBA-4928-98F0-3571AA97ABDF}\_install.exe"
109231 27 Oct 2007 "C:\Program Files\MSN Gaming Zone\Windows\_install.exe"
109231 27 Oct 2007 "C:\Program Files\Real\RealPlayer\_install.exe"
109231 27 Oct 2007 "C:\Program Files\ToniArts\EasyCleaner\_install.exe"
109231 27 Oct 2007 "C:\Program Files\Trend Micro\PC-cillin 2002\_install.exe"
109231 27 Oct 2007 "C:\Program Files\Windows NT\Accessories\_install.exe"
109231 27 Oct 2007 "C:\Program Files\Windows NT\Pinball\_install.exe"
109231 27 Oct 2007 "C:\Program Files\Windows Media Player\Installer\_install.exe"
109231 27 Oct 2007 "C:\WINDOWS\$NtUninstallKB837001$\spuninst\_install.exe"
109231 27 Oct 2007 "C:\WINDOWS\$NtUninstallKB824141$\spuninst\_install.exe"
109231 27 Oct 2007 "C:\WINDOWS\$NtUninstallKB823182$\spuninst\_install.exe"
109231 27 Oct 2007 "C:\WINDOWS\$NtUninstallKB840374$\spuninst\_install.exe"
109231 27 Oct 2007 "C:\WINDOWS\$NtUninstallKB828035$\spuninst\_install.exe"
109231 27 Oct 2007 "C:\WINDOWS\$NtUninstallKB835732$\spuninst\_install.exe"
109231 27 Oct 2007 "C:\WINDOWS\$NtUninstallKB824105$\spuninst\_install.exe"
109231 27 Oct 2007 "C:\WINDOWS\$NtUninstallKB828741$\spuninst\_install.exe"
109231 27 Oct 2007 "C:\WINDOWS\$NtUninstallKB839645$\spuninst\_install.exe"
109231 27 Oct 2007 "C:\WINDOWS\$NtUninstallKB833407$\spuninst\_install.exe"
109231 27 Oct 2007 "C:\WINDOWS\$NtUninstallKB825119$\spuninst\_install.exe"
109231 27 Oct 2007 "C:\WINDOWS\$NtUninstallQ828026$\spuninst\_install.exe"
109231 27 Oct 2007 "C:\WINDOWS\$NtUninstallKB826939$\spuninst\_install.exe"
109231 27 Oct 2007 "C:\WINDOWS\$NtUninstallKB840315$\spuninst\_install.exe"
109231 27 Oct 2007 "C:\WINDOWS\$NtUninstallKB842773$\spuninst\_install.exe"
109231 27 Oct 2007 "C:\WINDOWS\$NtUninstallKB841873$\spuninst\_install.exe"
109231 27 Oct 2007 "C:\WINDOWS\Installer\{11C762F9-95EA-486A-A8E7-683A50C231C1}\_install.exe"
109231 27 Oct 2007 "C:\WINDOWS\Installer\{17BCE8EF-361E-48AF-813C-97A6C502191F}\_install.exe"
109231 27 Oct 2007 "C:\WINDOWS\Installer\{350C97B0-3D7C-4EE8-BAA9-00BCB3D54227}\_install.exe"
109231 27 Oct 2007 "C:\WINDOWS\Installer\{5A24DD7E-7B01-41AC-ADA8-F1776177A3BA}\_install.exe"
109231 27 Oct 2007 "C:\WINDOWS\Installer\{716E0306-8318-4364-8B8F-0CC4E9376BAC}\_install.exe"
109231 27 Oct 2007 "C:\WINDOWS\Installer\{898D6241-AB24-4DF7-82FE-21F315DB34E7}\_install.exe"
109231 27 Oct 2007 "C:\WINDOWS\Installer\{90110406-6000-11D3-8CFE-0150048383C9}\_install.exe"
109231 27 Oct 2007 "C:\WINDOWS\Installer\{961C3C01-A1E1-4CD0-8B15-256ED4EA2263}\_install.exe"
109231 27 Oct 2007 "C:\WINDOWS\Installer\{AC76BA86-7AD7-1030-7B44-A00000000001}\_install.exe"
109231 27 Oct 2007 "C:\WINDOWS\Installer\{C5B9C677-4BE8-11D3-8B01-0008C7797B27}\_install.exe"
109231 27 Oct 2007 "C:\WINDOWS\Installer\{C90F3E44-3BF6-11D4-A110-00500405613A}\_install.exe"
109231 27 Oct 2007 "C:\WINDOWS\Installer\{F71C0208-1D32-439D-9257-F90F0BAACE6A}\_install.exe"
109231 27 Oct 2007 "C:\WINDOWS\Installer\{FCA586EB-8FB0-41A4-B724-13AED3A31A47}\_install.exe"
109231 27 Oct 2007 "C:\WINDOWS\RegisteredPackages\{3FDF25EE-E592-4495-8391-6E9C504DAC2B}\_install.exe"
109231 27 Oct 2007 "C:\WINDOWS\RegisteredPackages\{44BBA855-CC51-11CF-AAFA-00AA00B6015C}\_install.exe"
109231 27 Oct 2007 "C:\WINDOWS\RegisteredPackages\{981FB688-E76B-4246-987B-92083185B90A}\_install.exe"
109231 27 Oct 2007 "C:\WINDOWS\RegisteredPackages\{AAC1D942-0B38-4E37-9E4E-5B96A9DD2170}\_install.exe"
109231 27 Oct 2007 "C:\WINDOWS\RegisteredPackages\{DD90D410-1823-43EB-9A16-A2331BF08799}\_install.exe"
109231 27 Oct 2007 "C:\WINDOWS\system32\Com\_install.exe"
109231 27 Oct 2007 "C:\WINDOWS\system32\Cult3D\_install.exe"
109231 27 Oct 2007 "C:\WINDOWS\system32\npp\_install.exe"
109231 27 Oct 2007 "C:\WINDOWS\system32\oobe\_install.exe"
109231 27 Oct 2007 "C:\WINDOWS\system32\QuickTime\_install.exe"
109231 27 Oct 2007 "C:\WINDOWS\system32\Restore\_install.exe"
109231 27 Oct 2007 "C:\WINDOWS\system32\usmt\_install.exe"
109231 27 Oct 2007 "C:\WINDOWS\system32\wbem\_install.exe"
109231 27 Oct 2007 "C:\WINDOWS\twain_32\QuickCam\_install.exe"
109231 27 Oct 2007 "C:\WINDOWS\uninstall\Natula © Freeware 1\_install.exe"
109231 27 Oct 2007 "C:\Documents and Settings\Greg\.limewire\.NetworkShare\_install.exe"
109231 27 Oct 2007 "C:\Documents and Settings\Greg\Local Settings\Temp\_install.exe"
109231 27 Oct 2007 "C:\Documents and Settings\Greg\My Documents\Setup\_install.exe"
109231 27 Oct 2007 "C:\Documents and Settings\Greg\My Documents\SuperSoccerManager 2005\_install.exe"
109231 27 Oct 2007 "C:\Program Files\3DO\Heroes3\Heat\_install.exe"
109231 27 Oct 2007 "C:\Program Files\3DO\Heroes3\ONLINE\_install.exe"
109231 27 Oct 2007 "C:\Program Files\3DO\Heroes3\Support\_install.exe"
109231 27 Oct 2007 "C:\Program Files\Adobe\Acrobat 6.0\Reader\_install.exe"
109231 27 Oct 2007 "C:\Program Files\Eidos\CM 03-04\Utils\_install.exe"
109231 27 Oct 2007 "C:\Program Files\Google\Gmail Notifier\G001-1.0.25.0\_install.exe"
109231 27 Oct 2007 "C:\Program Files\Logitech\ImageStudio\WME\_install.exe"
109231 27 Oct 2007 "C:\Program Files\mozilla.org\Mozilla\components\_install.exe"
109231 27 Oct 2007 "C:\Program Files\mozilla.org\Mozilla\uninstall\_install.exe"
109231 27 Oct 2007 "C:\Program Files\MSN\MSNCoreFiles\Setup\_install.exe"
109231 27 Oct 2007 "C:\Program Files\MSN\MSNCoreFiles.BAK.{FEC69D39-ADBA-4928-98F0-3571AA97ABDF}\Setup\_install.exe"
109231 27 Oct 2007 "C:\Program Files\Real\RealPlayer\Setup\_install.exe"
109231 27 Oct 2007 "C:\WINDOWS\AU_Temp\1\27\_install.exe"
109231 27 Oct 2007 "C:\WINDOWS\Cache\Adobe Reader 6.0.1\DANBIG\_install.exe"
109231 27 Oct 2007 "C:\WINDOWS\Downloaded Program Files\WebEx\320\_install.exe"
109231 27 Oct 2007 "C:\WINDOWS\Help\Tours\mmTour\_install.exe"
109231 27 Oct 2007 "C:\WINDOWS\PCHealth\HelpCtr\Binaries\_install.exe"
109231 27 Oct 2007 "C:\WINDOWS\PCHealth\UploadLB\Binaries\_install.exe"
109231 27 Oct 2007 "C:\WINDOWS\RegisteredPackages\{3FDF25EE-E592-4495-8391-6E9C504DAC2B}$BACKUP$\System\_install.exe"
109231 27 Oct 2007 "C:\WINDOWS\RegisteredPackages\{981FB688-E76B-4246-987B-92083185B90A}$BACKUP$\System\_install.exe"
109231 27 Oct 2007 "C:\WINDOWS\RegisteredPackages\{AAC1D942-0B38-4E37-9E4E-5B96A9DD2170}$BACKUP$\System\_install.exe"
109231 27 Oct 2007 "C:\WINDOWS\RegisteredPackages\{DD90D410-1823-43EB-9A16-A2331BF08799}$BACKUP$\System\_install.exe"
109231 27 Oct 2007 "C:\WINDOWS\SoftwareDistribution\Download\6ca7b3a8efd5a9b6f87fff395a2eb989\_install.exe"
109231 27 Oct 2007 "C:\WINDOWS\system32\Macromed\Flash\_install.exe"
109231 27 Oct 2007 "C:\WINDOWS\system32\Macromed\Shockwave 10\_install.exe"
109231 27 Oct 2007 "C:\Documents and Settings\All Users\Start Menu\Programs\AGPUtil\_install.exe"
109231 27 Oct 2007 "C:\Documents and Settings\Greg\Local Settings\Application Data\ApplicationHistory\_install.exe"
109231 27 Oct 2007 "C:\Documents and Settings\Greg\My Documents\Adobe\Acrobat\_install.exe"
109231 27 Oct 2007 "C:\Program Files\Adobe\Acrobat 6.0\Reader\Updater\_install.exe"
109231 27 Oct 2007 "C:\WINDOWS\SoftwareDistribution\Download\6ca7b3a8efd5a9b6f87fff395a2eb989\ip\_install.exe"
109231 27 Oct 2007 "C:\WINDOWS\SoftwareDistribution\Download\6ca7b3a8efd5a9b6f87fff395a2eb989\lang\_install.exe"
109231 27 Oct 2007 "C:\WINDOWS\SoftwareDistribution\Download\6ca7b3a8efd5a9b6f87fff395a2eb989\update\_install.exe"
109231 27 Oct 2007 "C:\Documents and Settings\Greg\Application Data\Microsoft\Installer\{2FE5DDEF-64E3-45BF-B3E9-39C64905A45C}\_install.exe"
109231 27 Oct 2007 "C:\Documents and Settings\Greg\Application Data\Microsoft\Installer\{5BBFB0E4-2250-49C3-A8A3-65BE2197D13B}\_install.exe"
109231 27 Oct 2007 "C:\Documents and Settings\Greg\Application Data\Microsoft\Installer\{C64C7D95-E368-4A5C-9E64-0E8E298FB220}\_install.exe"
109231 27 Oct 2007 "C:\Program Files\Logitech\Desktop Messenger\8876480\7.2.0.137-8876480SL\Install\_install.exe"
109231 27 Oct 2007 "C:\Program Files\Logitech\Desktop Messenger\8876480\7.2.0.137-8876480SL\Program\_install.exe"
109231 27 Oct 2007 "C:\Program Files\Logitech\Desktop Messenger\8876480\Users\Greg\_install.exe"
109231 27 Oct 2007 "C:\Program Files\Logitech\Desktop Messenger\8876480\Users\Greg\Data\4da8\a9acb3e\_install.exe"
109231 27 Oct 2007 "C:\Program Files\Logitech\Desktop Messenger\8876480\Users\Greg\Data\7b25\a9a3f18\_install.exe"
109231 27 Oct 2007 "D:\Acrobat\_install.exe"
109231 27 Oct 2007 "D:\CM 03-04\_install.exe"
109231 27 Oct 2007 "D:\Cost Calculator\_install.exe"
109231 27 Oct 2007 "D:\Distillr\_install.exe"
109231 27 Oct 2007 "D:\Documents and Settings\_install.exe"
109231 27 Oct 2007 "D:\Ereg\_install.exe"
109231 27 Oct 2007 "D:\Fractal Maze\_install.exe"
109231 27 Oct 2007 "D:\Jokes\_install.exe"
109231 27 Oct 2007 "D:\Kyodai Mahjongg\_install.exe"
109231 27 Oct 2007 "D:\mplayAB\_install.exe"
109231 27 Oct 2007 "D:\Programmer\_install.exe"
109231 27 Oct 2007 "D:\Reader\_install.exe"
109231 27 Oct 2007 "D:\Register\_install.exe"
109231 27 Oct 2007 "D:\Support\_install.exe"
109231 27 Oct 2007 "D:\Themes\_install.exe"
109231 27 Oct 2007 "D:\WINDOWS\_install.exe"
109231 27 Oct 2007 "D:\Yahtzee\_install.exe"
109231 27 Oct 2007 "D:\Acrobat3\Reader\_install.exe"
109231 27 Oct 2007 "D:\CM 03-04\Utils\_install.exe"
109231 27 Oct 2007 "D:\EA SPORTS\NBA LIVE 2004\_install.exe"
109231 27 Oct 2007 "D:\Eidos\CM 03-04\_install.exe"
109231 27 Oct 2007 "D:\Overf›rte filer fra C\Program Files\_install.exe"
109231 27 Oct 2007 "D:\Programmer\Active CPU\_install.exe"
109231 27 Oct 2007 "D:\Programmer\Apple Software Update\_install.exe"
109231 27 Oct 2007 "D:\Programmer\Attila\_install.exe"
109231 27 Oct 2007 "D:\Programmer\BearShare\_install.exe"
109231 27 Oct 2007 "D:\Programmer\BearShare Turbo\_install.exe"
109231 27 Oct 2007 "D:\Programmer\Blaze Media Pro\_install.exe"
109231 27 Oct 2007 "D:\Programmer\Blindskrift\_install.exe"
109231 27 Oct 2007 "D:\Programmer\BPFTP Server\_install.exe"
109231 27 Oct 2007 "D:\Programmer\C-Media 3D Audio\_install.exe"
109231 27 Oct 2007 "D:\Programmer\Gads Bogskab\_install.exe"
109231 27 Oct 2007 "D:\Programmer\Google\_install.exe"
109231 27 Oct 2007 "D:\Programmer\GTs Betting Calculator 3.01\_install.exe"
109231 27 Oct 2007 "D:\Programmer\IE Privacy Keeper\_install.exe"
109231 27 Oct 2007 "D:\Programmer\Internet Explorer\_install.exe"
109231 27 Oct 2007 "D:\Programmer\iTunes\_install.exe"
109231 27 Oct 2007 "D:\Programmer\LimeWire\_install.exe"
109231 27 Oct 2007 "D:\Programmer\Messenger\_install.exe"
109231 27 Oct 2007 "D:\Programmer\Microsoft ActiveSync\_install.exe"
109231 27 Oct 2007 "D:\Programmer\Movie Maker\_install.exe"
109231 27 Oct 2007 "D:\Programmer\Mozilla Firefox\_install.exe"
109231 27 Oct 2007 "D:\Programmer\MSN Messenger\_install.exe"
109231 27 Oct 2007 "D:\Programmer\NetMeeting\_install.exe"
109231 27 Oct 2007 "D:\Programmer\Outlook Express\_install.exe"
109231 27 Oct 2007 "D:\Programmer\Phex_0.9.0.44\_install.exe"
109231 27 Oct 2007 "D:\Programmer\QuickTime\_install.exe"
109231 27 Oct 2007 "D:\Programmer\Registry Mechanic\_install.exe"
109231 27 Oct 2007 "D:\Programmer\SiSLan\_install.exe"
109231 27 Oct 2007 "D:\Programmer\SoftwareRevenue.org\_install.exe"
109231 27 Oct 2007 "D:\Programmer\SpywareBlaster\_install.exe"
109231 27 Oct 2007 "D:\Programmer\Support\_install.exe"
109231 27 Oct 2007 "D:\Programmer\UltimateZip 2.7\_install.exe"
109231 27 Oct 2007 "D:\Programmer\VirtualDub\_install.exe"
109231 27 Oct 2007 "D:\Programmer\Windows NT\_install.exe"
109231 27 Oct 2007 "D:\Programmer\Windows Media Player\_install.exe"
109231 27 Oct 2007 "D:\WINDOWS\$MSI31Uninstall_KB893803$\_install.exe"
109231 27 Oct 2007 "D:\WINDOWS\bak\_install.exe"
109231 27 Oct 2007 "D:\WINDOWS\Downloaded Program Files\_install.exe"
109231 27 Oct 2007 "D:\WINDOWS\Easy CD-DA Extractor\_install.exe"
109231 27 Oct 2007 "D:\WINDOWS\ehome\_install.exe"
109231 27 Oct 2007 "D:\WINDOWS\inf\_install.exe"
109231 27 Oct 2007 "D:\WINDOWS\Installationsfiler til Windows Update\_install.exe"
109231 27 Oct 2007 "D:\WINDOWS\msagent\_install.exe"
109231 27 Oct 2007 "D:\WINDOWS\system\_install.exe"
109231 27 Oct 2007 "D:\WINDOWS\system32\_install.exe"
109231 27 Oct 2007 "D:\Andr‚\Andr‚\Spywareprogrammer\_install.exe"
109231 27 Oct 2007 "D:\EA SPORTS\NBA LIVE 2004\Support\_install.exe"
109231 27 Oct 2007 "D:\Eidos\CM 03-04\Utils\_install.exe"
109231 27 Oct 2007 "D:\Overf›rte filer fra C\Program Files\All Video Joiner\_install.exe"
109231 27 Oct 2007 "D:\Overf›rte filer fra C\Program Files\AVI MPEG RM WMV Joiner\_install.exe"
109231 27 Oct 2007 "D:\Overf›rte filer fra C\Program Files\Azureus\_install.exe"
109231 27 Oct 2007 "D:\Overf›rte filer fra C\Program Files\Blindskrift\_install.exe"
109231 27 Oct 2007 "D:\Overf›rte filer fra C\Program Files\Calendar Magic\_install.exe"
109231 27 Oct 2007 "D:\Overf›rte filer fra C\Program Files\CDBurnerXP Pro\_install.exe"
109231 27 Oct 2007 "D:\Overf›rte filer fra C\Program Files\ClickOff\_install.exe"
109231 27 Oct 2007 "D:\Overf›rte filer fra C\Program Files\Dictionary\_install.exe"
109231 27 Oct 2007 "D:\Overf›rte filer fra C\Program Files\Easy Movie Splitter\_install.exe"
109231 27 Oct 2007 "D:\Overf›rte filer fra C\Program Files\FlasKMPEG\_install.exe"
109231 27 Oct 2007 "D:\Overf›rte filer fra C\Program Files\GThing\_install.exe"
109231 27 Oct 2007 "D:\Overf›rte filer fra C\Program Files\Internet Explorer\_install.exe"
109231 27 Oct 2007 "D:\Overf›rte filer fra C\Program Files\Messenger\_install.exe"
109231 27 Oct 2007 "D:\Overf›rte filer fra C\Program Files\Movie Maker\_install.exe"
109231 27 Oct 2007 "D:\Overf›rte filer fra C\Program Files\MSN Messenger\_install.exe"
109231 27 Oct 2007 "D:\Overf›rte filer fra C\Program Files\NetMeeting\_install.exe"
109231 27 Oct 2007 "D:\Overf›rte filer fra C\Program Files\NimoCodec Pack\_install.exe"
109231 27 Oct 2007 "D:\Overf›rte filer fra C\Program Files\Outlook Express\_install.exe"
109231 27 Oct 2007 "D:\Overf›rte filer fra C\Program Files\Poker Superstars\_install.exe"
109231 27 Oct 2007 "D:\Overf›rte filer fra C\Program Files\QuickTime\_install.exe"
109231 27 Oct 2007 "D:\Overf›rte filer fra C\Program Files\RegSupreme\_install.exe"
109231 27 Oct 2007 "D:\Overf›rte filer fra C\Program Files\SiSLan\_install.exe"
109231 27 Oct 2007 "D:\Overf›rte filer fra C\Program Files\SmartFTP\_install.exe"
109231 27 Oct 2007 "D:\Overf›rte filer fra C\Program Files\SmartFTP Setup Files\_install.exe"
109231 27 Oct 2007 "D:\Overf›rte filer fra C\Program Files\Split Join Convert Video\_install.exe"
109231 27 Oct 2007 "D:\Overf›rte filer fra C\Program Files\Spybot - Search & Destroy\_install.exe"
109231 27 Oct 2007 "D:\Overf›rte filer fra C\Program Files\SpywareGuard\_install.exe"
109231 27 Oct 2007 "D:\Overf›rte filer fra C\Program Files\SpywareBlaster\_install.exe"
109231 27 Oct 2007 "D:\Overf›rte filer fra C\Program Files\StartBtn Renamer\_install.exe"
109231 27 Oct 2007 "D:\Overf›rte filer fra C\Program Files\SurfSecret\_install.exe"
109231 27 Oct 2007 "D:\Overf›rte filer fra C\Program Files\Virtual Notes\_install.exe"
109231 27 Oct 2007 "D:\Overf›rte filer fra C\Program Files\Windows NT\_install.exe"
109231 27 Oct 2007 "D:\Overf›rte filer fra C\Program Files\Windows Media Player\_install.exe"
109231 27 Oct 2007 "D:\Overf›rte filer fra C\Program Files\Xvideo\_install.exe"
109231 27 Oct 2007 "D:\Programmer\3DO\Heroes3\_install.exe"
109231 27 Oct 2007 "D:\Programmer\Antiy Labs\AGuard\_install.exe"
109231 27 Oct 2007 "D:\Programmer\Antiy Labs\Alive\_install.exe"
109231 27 Oct 2007 "D:\Programmer\BearShare\Installer\_install.exe"
109231 27 Oct 2007 "D:\Programmer\BearShare Applications\BearShare\_install.exe"
109231 27 Oct 2007 "D:\Programmer\Blindskrift\Agent Setup\_install.exe"
109231 27 Oct 2007 "D:\Programmer\C-Media 3D Audio\Play3D\_install.exe"
109231 27 Oct 2007 "D:\Programmer\Canon\CAL\_install.exe"
109231 27 Oct 2007 "D:\Programmer\Canon\CSCLIB\_install.exe"
109231 27 Oct 2007 "D:\Programmer\Canon\EOS Utility\_install.exe"
109231 27 Oct 2007 "D:\Programmer\Canon\PhotoStitch\_install.exe"
109231 27 Oct 2007 "D:\Programmer\Canon\RAW Image Task\_install.exe"
109231 27 Oct 2007 "D:\Programmer\CoolSystems\ordbogen.com\_install.exe"
109231 27 Oct 2007 "D:\Programmer\Corel\Corel Paint Shop Pro X - Installation Files\_install.exe"
109231 27 Oct 2007 "D:\Programmer\Creative\CTDPlugin\_install.exe"
109231 27 Oct 2007 "D:\Programmer\Creative\Mouse Optical\_install.exe"
109231 27 Oct 2007 "D:\Programmer\Creative\Shared Files\_install.exe"
109231 27 Oct 2007 "D:\Programmer\CyberLink\Common\_install.exe"
109231 27 Oct 2007 "D:\Programmer\CyberLink\PhotoNow\_install.exe"
109231 27 Oct 2007 "D:\Programmer\CyberLink\PowerDVD\_install.exe"
109231 27 Oct 2007 "D:\Programmer\EA SPORTS\NBA LIVE 2004\_install.exe"
109231 27 Oct 2007 "D:\Programmer\Family Games\EuroGeo\_install.exe"
109231 27 Oct 2007 "D:\Programmer\Google\Google Desktop Search\_install.exe"
109231 27 Oct 2007 "D:\Programmer\Google\GoogleToolbarNotifier\_install.exe"
109231 27 Oct 2007 "D:\Programmer\Grisoft\AVG Anti-Spyware 7.5\_install.exe"
109231 27 Oct 2007 "D:\Programmer\ImTOO\MPEG Encoder 3\_install.exe"
109231 27 Oct 2007 "D:\Programmer\InstallShield Installation Information\{2EBA5473-558B-462C-AEE4-FE50FA799F2A}\_install.exe"
109231 27 Oct 2007 "D:\Programmer\InstallShield Installation Information\{4B35F00C-E63D-40DC-9839-DF15A33EAC46}\_install.exe"
109231 27 Oct 2007 "D:\Programmer\InstallShield Installation Information\{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}\_install.exe"
109231 27 Oct 2007 "D:\Programmer\InstallShield Installation Information\{8EF1122E-E90C-4EE9-AB0C-7FDE2BA42C26}\_install.exe"
109231 27 Oct 2007 "D:\Programmer\InstallShield Installation Information\{B023185F-F1EF-4F97-B0BD-AE6D802226D1}\_install.exe"
109231 27 Oct 2007 "D:\Programmer\InstallShield Installation Information\{B97CF5C3-0487-11D8-A36E-0050BAE317E1}\_install.exe"
109231 27 Oct 2007 "D:\Programmer\InstallShield Installation Information\{D36DD326-7280-11D8-97C8-000129760CBE}\_install.exe"
109231 27 Oct 2007 "D:\Programmer\InstallShield Installation Information\{E0AD4033-D89B-11D7-97C2-00055D0CA761}\_install.exe"
109231 27 Oct 2007 "D:\Programmer\InstallShield Installation Information\{E2D27B84-6365-11D6-9BAF-0090271AF8A4}\_install.exe"
109231 27 Oct 2007 "D:\Programmer\InstallShield Installation Information\{F5346614-B7C4-4E94-826A-E2363155233D}\_install.exe"
109231 27 Oct 2007 "D:\Programmer\Internet Explorer\Connection Wizard\_install.exe"
109231 27 Oct 2007 "D:\Programmer\Internet Explorer\IE Uninstall\_install.exe"
109231 27 Oct 2007 "D:\Programmer\Internet Explorer\W2K\_install.exe"
109231 27 Oct 2007 "D:\Programmer\iPod\bin\_install.exe"
109231 27 Oct 2007 "D:\Programmer\iTunes\bak\_install.exe"
109231 27 Oct 2007 "D:\Programmer\Kazaa\My Shared Folder\_install.exe"
109231 27 Oct 2007 "D:\Programmer\Lavasoft\Ad-Aware 2007\_install.exe"
109231 27 Oct 2007 "D:\Programmer\Microsoft Games\Motocross Madness 2 Trial\_install.exe"
109231 27 Oct 2007 "D:\Programmer\MindSoft\MindSoft Utilities XP 8.2\_install.exe"
109231 27 Oct 2007 "D:\Programmer\Mozilla Firefox\plugins\_install.exe"
109231 27 Oct 2007 "D:\Programmer\Mozilla Firefox\uninstall\_install.exe"
109231 27 Oct 2007 "D:\Programmer\MP3 Player Utilities V1.28\RDiskUtility\_install.exe"
109231 27 Oct 2007 "D:\Programmer\MP3 Player Utilities V1.28\RDiskUpdate\_install.exe"
109231 27 Oct 2007 "D:\Programmer\MP3 Player Utilities V1.28\SoundConvert\_install.exe"
109231 27 Oct 2007 "D:\Programmer\MSN\MSNCoreFiles\_install.exe"
109231 27 Oct 2007 "D:\Programmer\MSN Gaming Zone\Windows\_install.exe"
109231 27 Oct 2007 "D:\Programmer\MSN Messenger\Device Manager\_install.exe"
109231 27 Oct 2007 "D:\Programmer\Musicmatch\Musicmatch Jukebox\_install.exe"
109231 27 Oct 2007 "D:\Programmer\Musicmatch\Musicmatch Update\_install.exe"
109231 27 Oct 2007 "D:\Programmer\QuickTime\bak\_install.exe"
109231 27 Oct 2007 "D:\Programmer\QuickTime\QTSystem\_install.exe"
109231 27 Oct 2007 "D:\Programmer\Registry Mechanic\backup\_install.exe"
109231 27 Oct 2007 "D:\Programmer\Robusst.ws\ISB\_install.exe"
109231 27 Oct 2007 "D:\Programmer\Rockstar Games\Grand Theft Auto Vice City\_install.exe"
109231 27 Oct 2007 "D:\Programmer\Skype\Phone\_install.exe"
109231 27 Oct 2007 "D:\Programmer\ToniArts\EasyCleaner\_install.exe"
109231 27 Oct 2007 "D:\Programmer\Trend Micro\PC-cillin 2002\_install.exe"
109231 27 Oct 2007 "D:\Programmer\Windows NT\Tilbeh›r\_install.exe"
109231 27 Oct 2007 "D:\Programmer\Yahoo!\Common\_install.exe"
109231 27 Oct 2007 "D:\Programmer\Yahoo!\Installs\_install.exe"
109231 27 Oct 2007 "D:\Program Files\Altnet\Download Manager\_install.exe"
109231 27 Oct 2007 "D:\WINDOWS\$MSI31Uninstall_KB893803$\spuninst\_install.exe"
109231 27 Oct 2007 "D:\WINDOWS\$NtUninstallKB842773$\spuninst\_install.exe"
109231 27 Oct 2007 "D:\WINDOWS\Downloaded Installations\{501BADCD-F8F7-44CB-AC3F-6ED25C1A28B5}\_install.exe"
109231 27 Oct 2007 "D:\WINDOWS\Downloaded Installations\{54C0D94A-F467-4ABC-9D02-6E58748668D4}\_install.exe"
109231 27 Oct 2007 "D:\WINDOWS\Downloaded Installations\{872653C6-5DDC-488B-B7C2-CF9E4D9335E5}\_install.exe"
109231 27 Oct 2007 "D:\WINDOWS\Installer\{1CB92574-96F2-467B-B793-5CEB35C40C29}\_install.exe"
109231 27 Oct 2007 "D:\WINDOWS\Installer\{350C97C6-3D7C-4EE8-BAA9-00BCB3D54227}\_install.exe"
109231 27 Oct 2007 "D:\WINDOWS\Installer\{3868A8EE-5051-4DB0-8DF6-4F4B8A98D083}\_install.exe"
109231 27 Oct 2007 "D:\WINDOWS\Installer\{446DBFFA-4088-48E3-8932-74316BA4CAE4}\_install.exe"
109231 27 Oct 2007 "D:\WINDOWS\Installer\{49FC50FC-F965-40D9-89B4-CBFF80941033}\_install.exe"
109231 27 Oct 2007 "D:\WINDOWS\Installer\{53480370-6CA2-47EC-BC05-02B4B9271C31}\_install.exe"
109231 27 Oct 2007 "D:\WINDOWS\Installer\{716E0306-8318-4364-8B8F-0CC4E9376BAC}\_install.exe"
109231 27 Oct 2007 "D:\WINDOWS\Installer\{872653C6-5DDC-488B-B7C2-CF9E4D9335E5}\_install.exe"
109231 27 Oct 2007 "D:\WINDOWS\Installer\{8F5B0B2A-5EE7-4DF5-9405-1A985C377EAF}\_install.exe"
109231 27 Oct 2007 "D:\WINDOWS\Installer\{90110406-6000-11D3-8CFE-0150048383C9}\_install.exe"
109231 27 Oct 2007 "D:\WINDOWS\Installer\{A50C25D7-62E9-4511-AD70-8E2DA5E79B7D}\_install.exe"
109231 27 Oct 2007 "D:\WINDOWS\Installer\{AC76BA86-7AD7-1030-7B44-000000000001}\_install.exe"
109231 27 Oct 2007 "D:\WINDOWS\Installer\{C5B9C677-4BE8-11D3-8B01-0008C7797B27}\_install.exe"
109231 27 Oct 2007 "D:\WINDOWS\Installer\{C90F3E44-3BF6-11D4-A110-00500405613A}\_install.exe"
109231 27 Oct 2007 "D:\WINDOWS\Installer\{DED53B0B-B67C-4244-AE6A-D6FD3C28D1EF}\_install.exe"
109231 27 Oct 2007 "D:\WINDOWS\Installer\{F71C0208-1D32-439D-9257-F90F0BAACE6A}\_install.exe"
109231 27 Oct 2007 "D:\WINDOWS\RegisteredPackages\{3FDF25EE-E592-4495-8391-6E9C504DAC2B}\_install.exe"
109231 27 Oct 2007 "D:\WINDOWS\RegisteredPackages\{44BBA855-CC51-11CF-AAFA-00AA00B6015C}\_install.exe"
109231 27 Oct 2007 "D:\WINDOWS\RegisteredPackages\{60BFF50D-FB2C-4498-A577-C9548C390BB9}\_install.exe"
109231 27 Oct 2007 "D:\WINDOWS\RegisteredPackages\{981FB688-E76B-4246-987B-92083185B90A}\_install.exe"
109231 27 Oct 2007 "D:\WINDOWS\RegisteredPackages\{AAC1D942-0B38-4E37-9E4E-5B96A9DD2170}\_install.exe"
109231 27 Oct 2007 "D:\WINDOWS\RegisteredPackages\{DD90D410-1823-43EB-9A16-A2331BF08799}\_install.exe"
109231 27 Oct 2007 "D:\WINDOWS\system32\Com\_install.exe"
109231 27 Oct 2007 "D:\WINDOWS\system32\npp\_install.exe"
109231 27 Oct 2007 "D:\WINDOWS\system32\oobe\_install.exe"
109231 27 Oct 2007 "D:\WINDOWS\system32\Restore\_install.exe"
109231 27 Oct 2007 "D:\WINDOWS\system32\usmt\_install.exe"
109231 27 Oct 2007 "D:\WINDOWS\system32\wbem\_install.exe"
109231 27 Oct 2007 "D:\Andr‚\Andr‚\Billeder\Smileys\_install.exe"
109231 27 Oct 2007 "D:\Andr‚\Andr‚\Musik\backups\_install.exe"
109231 27 Oct 2007 "D:\Andr‚\Andr‚\Musik\cm0304Patch415\_install.exe"
109231 27 Oct 2007 "D:\Andr‚\Andr‚\Musik\cm0304Patch4[1].1.4\_install.exe"
109231 27 Oct 2007 "D:\Andr‚\Andr‚\Musik\Ejay\_install.exe"
109231 27 Oct 2007 "D:\Andr‚\Andr‚\Musik\fm2005_demo_alllang_full\_install.exe"
109231 27 Oct 2007 "D:\Andr‚\Andr‚\Musik\install_2_11_F\_install.exe"
109231 27 Oct 2007 "D:\Andr‚\Andr‚\Musik\J-96bulls\_install.exe"
109231 27 Oct 2007 "D:\Andr‚\Andr‚\Musik\kd-50sCourt\_install.exe"
109231 27 Oct 2007 "D:\Andr‚\Andr‚\Musik\morfitt\_install.exe"
109231 27 Oct 2007 "D:\Andr‚\Andr‚\Musik\Musik-Video-filer\_install.exe"
109231 27 Oct 2007 "D:\Andr‚\Andr‚\Musik\racedriverdemo\_install.exe"
109231 27 Oct 2007 "D:\Andr‚\Andr‚\Musik\rookiepack\_install.exe"
109231 27 Oct 2007 "D:\Andr‚\Andr‚\Musik\th-87lakers\_install.exe"
109231 27 Oct 2007 "D:\Andr‚\Andr‚\Musik\th-89pistons\_install.exe"
109231 27 Oct 2007 "D:\Andr‚\Andr‚\Musik\th-96bulls\_install.exe"
109231 27 Oct 2007 "D:\Andr‚\Andr‚\Musik\th-legends_megaupdate\_install.exe"
109231 27 Oct 2007 "D:\Andr‚\Andr‚\Musik\th-legends_pack1\_install.exe"
109231 27 Oct 2007 "D:\Andr‚\Andr‚\Musik\thnb-95rockets\_install.exe"
109231 27 Oct 2007 "D:\Andr‚\Andr‚\Musik\USB-Device-Driver\_install.exe"
109231 27 Oct 2007 "D:\Documents and Settings\All Users\Application Data\{CFAB4006-0AE0-414D-866A-DCB2C46553CF}\_install.exe"
109231 27 Oct 2007 "D:\Documents and Settings\Andr‚\Skrivebord\Antivirus-pakke\_install.exe"
109231 27 Oct 2007 "D:\Overf›rte filer fra C\Program Files\3DO\Heroes3\_install.exe"
109231 27 Oct 2007 "D:\Overf›rte filer fra C\Program Files\Acclaim Entertainment\Re-Volt Demo\_install.exe"
109231 27 Oct 2007 "D:\Overf›rte filer fra C\Program Files\Acer Advanced MP3 Player Tools 4.0\RDiskUtility\_install.exe"
109231 27 Oct 2007 "D:\Overf›rte filer fra C\Program Files\Acer Advanced MP3 Player Tools 4.0\RDiskUpdate\_install.exe"
109231 27 Oct 2007 "D:\Overf›rte filer fra C\Program Files\Acer Advanced MP3 Player Tools 4.0\SoundConvert\_install.exe"
109231 27 Oct 2007 "D:\Overf›rte filer fra C\Program Files\Anatoli Klassen Software\akFontViewer\_install.exe"
109231 27 Oct 2007 "D:\Overf›rte filer fra C\Program Files\Apple Computer\DVD@ccess\_install.exe"
109231 27 Oct 2007 "D:\Overf›rte filer fra C\Program Files\Ashampoo\Ashampoo WinOptimizer 2004\_install.exe"
109231 27 Oct 2007 "D:\Overf›rte filer fra C\Program Files\Aspyr\MTX MotoTrax Demo\_install.exe"
109231 27 Oct 2007 "D:\Overf›rte filer fra C\Program Files\BlackBeanGames\SCAR Demo\_install.exe"
109231 27 Oct 2007 "D:\Overf›rte filer fra C\Program Files\Blindskrift\Agent Setup\_install.exe"
109231 27 Oct 2007 "D:\Overf›rte filer fra C\Program Files\Codemasters\Race Driver 2 Demo\_install.exe"
109231 27 Oct 2007 "D:\Overf›rte filer fra C\Program Files\CoolSystems\ordbogen.com\_install.exe"
109231 27 Oct 2007 "D:\Overf›rte filer fra C\Program Files\Creative\Shared Files\_install.exe"
109231 27 Oct 2007 "D:\Overf›rte filer fra C\Program Files\CyberLink\Common\_install.exe"
109231 27 Oct 2007 "D:\Overf›rte filer fra C\Program Files\CyberLink\PowerDVD\_install.exe"
109231 27 Oct 2007 "D:\Overf›rte filer fra C\Program Files\Davka Corp\DavkaViewer Platinum\_install.exe"
109231 27 Oct 2007 "D:\Overf›rte filer fra C\Program Files\Disney Interactive\Disneys Tarzan Action Game Demo\_install.exe"
109231 27 Oct 2007 "D:\Overf›rte filer fra C\Program Files\DivX\DivX\_install.exe"
109231 27 Oct 2007 "D:\Overf›rte filer fra C\Program Files\EA SPORTS\EA SPORTS online\_install.exe"
109231 27 Oct 2007 "D:\Overf›rte filer fra C\Program Files\EA SPORTS\NBA LIVE 2004\_install.exe"
109231 27 Oct 2007 "D:\Overf›rte filer fra C\Program Files\EA SPORTS\Tiger Woods PGA TOUR 2004 Demo\_install.exe"
109231 27 Oct 2007 "D:\Overf›rte filer fra C\Program Files\Eidos\CM 03-04\_install.exe"
109231 27 Oct 2007 "D:\Overf›rte filer fra C\Program Files\Elaborate Bytes\CloneDVD2\_install.exe"
109231 27 Oct 2007 "D:\Overf›rte filer fra C\Program Files\ewido\security suite\_install.exe"
109231 27 Oct 2007 "D:\Overf›rte filer fra C\Program Files\Executive Software\Diskeeper Home Edition Setup\_install.exe"
109231 27 Oct 2007 "D:\Overf›rte filer fra C\Program Files\Firebird\Firebird_1_5\_install.exe"
109231 27 Oct 2007 "D:\Overf›rte filer fra C\Program Files\Gallup Interactive\NetBehaviour\_install.exe"
109231 27 Oct 2007 "D:\Overf›rte filer fra C\Program Files\Google\Gmail Notifier\_install.exe"
109231 27 Oct 2007 "D:\Overf›rte filer fra C\Program Files\Google\Google Earth\_install.exe"
109231 27 Oct 2007 "D:\Overf›rte filer fra C\Program Files\Grisoft\AVG Free\_install.exe"
109231 27 Oct 2007 "D:\Overf›rte filer fra C\Program Files\Helexis\Icon Catcher\_install.exe"
109231 27 Oct 2007 "D:\Overf›rte filer fra C\Program Files\Illustrate\dBpowerAMP\_install.exe"
109231 27 Oct 2007 "D:\Overf›rte filer fra C\Program Files\Infogrames\RollerCoaster Tycoon 2\_install.exe"
109231 27 Oct 2007 "D:\Overf›rte filer fra C\Program Files\InstallShield Installation Information\{2B34414C-14FB-11D6-A329-0050045C24B2}\_install.exe"
109231 27 Oct 2007 "D:\Overf›rte filer fra C\Program Files\InstallShield Installation Information\{3DE5E7D4-7B88-403C-A3FD-2017A8240C5B}\_install.exe"
109231 27 Oct 2007 "D:\Overf›rte filer fra C\Program Files\InstallShield Installation Information\{4B35F00C-E63D-40DC-9839-DF15A33EAC46}\_install.exe"
109231 27 Oct 2007 "D:\Overf›rte filer fra C\Program Files\InstallShield Installation Information\{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}\_install.exe"
109231 27 Oct 2007 "D:\Overf›rte filer fra C\Program Files\InstallShield Installation Information\{72DF62BD-FF36-424E-AA5F-D89BAFF2C249}\_install.exe"
109231 27 Oct 2007 "D:\Overf›rte filer fra C\Program Files\InstallShield Installation Information\{84146EF9-4DCB-4321-89AE-EA38956F5FC7}\_install.exe"
109231 27 Oct 2007 "D:\Overf›rte filer fra C\Program Files\InstallShield Installation Information\{900B1197-53F5-4F46-A882-2CFFFE2EEDCB}\_install.exe"
109231 27 Oct 2007 "D:\Overf›rte filer fra C\Program Files\InstallShield Installation Information\{984F10FD-11FD-4BED-8163-92DB81E6A825}\_install.exe"
109231 27 Oct 2007 "D:\Overf›rte filer fra C\Program Files\InstallShield Installation Information\{F5346614-B7C4-4E94-826A-E2363155233D}\_install.exe"
109231 27 Oct 2007 "D:\Overf›rte filer fra C\Program Files\Internet Explorer\Connection Wizard\_install.exe"
109231 27 Oct 2007 "D:\Overf›rte filer fra C\Program Files\LG PC Suite\LG Phone Manager\_install.exe"
109231 27 Oct 2007 "D:\Overf›rte filer fra C\Program Files\Logitech\ImageStudio\_install.exe"
109231 27 Oct 2007 "D:\Overf›rte filer fra C\Program Files\Logitech\IM Video Companion\_install.exe"
109231 27 Oct 2007 "D:\Overf›rte filer fra C\Program Files\Microsoft Games\Motocross Madness 2 Trial\_install.exe"
109231 27 Oct 2007 "D:\Overf›rte filer fra C\Program Files\mozilla.org\Mozilla\_install.exe"
109231 27 Oct 2007 "D:\Overf›rte filer fra C\Program Files\MSN\MSNCoreFiles\_install.exe"
109231 27 Oct 2007 "D:\Overf›rte filer fra C\Program Files\MSN\MSNCoreFiles.BAK.{FEC69D39-ADBA-4928-98F0-3571AA97ABDF}\_install.exe"
109231 27 Oct 2007 "D:\Overf›rte filer fra C\Program Files\MSN Gaming Zone\Windows\_install.exe"
109231 27 Oct 2007 "D:\Overf›rte filer fra C\Program Files\NimoCodec Pack\DirectVobSub\_install.exe"
109231 27 Oct 2007 "D:\Overf›rte filer fra C\Program Files\PJW\SPGuard\_install.exe"
109231 27 Oct 2007 "D:\Overf›rte filer fra C\Program Files\Prismatic Software\DupDetector\_install.exe"
109231 27 Oct 2007 "D:\Overf›rte filer fra C\Program Files\Real\RealPlayer\_install.exe"
109231 27 Oct 2007 "D:\Overf›rte filer fra C\Program Files\SlySoft\AnyDVD\_install.exe"
109231 27 Oct 2007 "D:\Overf›rte filer fra C\Program Files\Spybot - Search & Destroy\Updates\_install.exe"
109231 27 Oct 2007 "D:\Overf›rte filer fra C\Program Files\SuperAudiotool\WAV MP3 Converter\_install.exe"
109231 27 Oct 2007 "D:\Overf›rte filer fra C\Program Files\THQ\MotoGP URT 3 Demo\_install.exe"
109231 27 Oct 2007 "D:\Overf›rte filer fra C\Program Files\ToniArts\EasyCleaner\_install.exe"
109231 27 Oct 2007 "D:\Overf›rte filer fra C\Program Files\Trend Micro\PC-cillin 2002\_install.exe"
109231 27 Oct 2007 "D:\Overf›rte filer fra C\Program Files\Windows Media 7 PowerToys\Player\_install.exe"
109231 27 Oct 2007 "D:\Overf›rte filer fra C\Program Files\Windows NT\Accessories\_install.exe"
109231 27 Oct 2007 "D:\Overf›rte filer fra C\Program Files\Windows NT\Pinball\_install.exe"
109231 27 Oct 2007 "D:\Overf›rte filer fra C\Program Files\Windows Media Player\Installer\_install.exe"
109231 27 Oct 2007 "D:\Overf›rte filer fra C\Program Files\Windows Media Components\Encoder\_install.exe"
109231 27 Oct 2007 "D:\Programmer\3DO\Heroes3\Heat\_install.exe"
109231 27 Oct 2007 "D:\Programmer\3DO\Heroes3\mplayAB\_install.exe"
109231 27 Oct 2007 "D:\Programmer\3DO\Heroes3\ONLINE\_install.exe"
109231 27 Oct 2007 "D:\Programmer\3DO\Heroes3\OnlineAB\_install.exe"
109231 27 Oct 2007 "D:\Programmer\3DO\Heroes3\Register\_install.exe"
109231 27 Oct 2007 "D:\Programmer\3DO\Heroes3\Support\_install.exe"
109231 27 Oct 2007 "D:\Programmer\Adobe\Acrobat 6.0\Reader\_install.exe"
109231 27 Oct 2007 "D:\Programmer\Adobe\Acrobat 5.0\Acrobat\_install.exe"
109231 27 Oct 2007 "D:\Programmer\Adobe\Acrobat 5.0\Distillr\_install.exe"
109231 27 Oct 2007 "D:\Programmer\Adobe\Acrobat 5.0\Reader\_install.exe"
109231 27 Oct 2007 "D:\Programmer\Canon\CameraWindow\CameraWindowMC\_install.exe"
109231 27 Oct 2007 "D:\Programmer\Canon\CameraWindow\CameraWindowDVC6\_install.exe"
109231 27 Oct 2007 "D:\Programmer\Canon\CameraWindow\CameraWindowDVC\_install.exe"
109231 27 Oct 2007 "D:\Programmer\Canon\CameraWindow\RemoteCaptureTask DC\_install.exe"
109231 27 Oct 2007 "D:\Programmer\Canon\ZoomBrowser EX\Program\_install.exe"
109231 27 Oct 2007 "D:\Programmer\Creative\Mouse Optical\bak\_install.exe"
109231 27 Oct 2007 "D:\Programmer\Creative\Product Registration\English\_install.exe"
109231 27 Oct 2007 "D:\Programmer\EA SPORTS\NBA LIVE 2004\Support\_install.exe"
109231 27 Oct 2007 "D:\Programmer\F‘lles filer\Adobe\Web\_install.exe"
109231 27 Oct 2007 "D:\Programmer\F‘lles filer\InstallShield\UpdateService\_install.exe"
109231 27 Oct 2007 "D:\Programmer\F‘lles filer\Microsoft Shared\MSInfo\_install.exe"
109231 27 Oct 2007 "D:\Programmer\F‘lles filer\Microsoft Shared\Smart Tag\_install.exe"
109231 27 Oct 2007 "D:\Programmer\F‘lles filer\Microsoft Shared\Speech\_install.exe"
109231 27 Oct 2007 "D:\Programmer\F‘lles filer\Microsoft Shared\VS7DEBUG\_install.exe"
109231 27 Oct 2007 "D:\Programmer\Google\Common\Google Updater\_install.exe"
109231 27 Oct 2007 "D:\Programmer\Java\jre1.5.0_04\bin\_install.exe"
109231 27 Oct 2007 "D:\Programmer\Java\jre1.5.0_10\bin\_install.exe"
109231 27 Oct 2007 "D:\Programmer\Java\jre1.5.0_06\bin\_install.exe"
109231 27 Oct 2007 "D:\Programmer\MSN\MSNCoreFiles\Setup\_install.exe"
109231 27 Oct 2007 "D:\Programmer\Musicmatch\Musicmatch Update\DLM\_install.exe"
109231 27 Oct 2007 "D:\Programmer\Musicmatch\Musicmatch Update\MMJB\_install.exe"
109231 27 Oct 2007 "D:\Programmer\Musicmatch\Musicmatch Update\TDM\_install.exe"
109231 27 Oct 2007 "D:\Programmer\Trend Micro\PC-cillin 2002\bak\_install.exe"
109231 27 Oct 2007 "D:\WINDOWS\Cache\Adobe Reader 6.0\DANBIG\_install.exe"
109231 27 Oct 2007 "D:\WINDOWS\Help\Tours\mmTour\_install.exe"
109231 27 Oct 2007 "D:\WINDOWS\PCHEALTH\HELPCTR\Binaries\_install.exe"
109231 27 Oct 2007 "D:\WINDOWS\PCHEALTH\UploadLB\Binaries\_install.exe"
109231 27 Oct 2007 "D:\WINDOWS\RegisteredPackages\{3FDF25EE-E592-4495-8391-6E9C504DAC2B}$BACKUP$\System\_install.exe"
109231 27 Oct 2007 "D:\WINDOWS\RegisteredPackages\{AAC1D942-0B38-4E37-9E4E-5B96A9DD2170}$BACKUP$\System\_install.exe"
109231 27 Oct 2007 "D:\WINDOWS\RegisteredPackages\{DD90D410-1823-43EB-9A16-A2331BF08799}$BACKUP$\System\_install.exe"
109231 27 Oct 2007 "D:\WINDOWS\system32\Macromed\Flash\_install.exe"
109231 27 Oct 2007 "D:\WINDOWS\system32\Macromed\Shockwave 10\_install.exe"
109231 27 Oct 2007 "D:\Documents and Settings\All Users\Menuen Start\Programmer\AGPUtil\_install.exe"
109231 27 Oct 2007 "D:\Documents and Settings\Andr‚\Application Data\LimeWire\.NetworkShare\_install.exe"
109231 27 Oct 2007 "D:\Documents and Settings\Andr‚\Skrivebord\Antivirus-pakke\smitRem\_install.exe"
109231 27 Oct 2007 "D:\Overf›rte filer fra C\Program Files\3DO\Heroes3\Heat\_install.exe"
109231 27 Oct 2007 "D:\Overf›rte filer fra C\Program Files\3DO\Heroes3\ONLINE\_install.exe"
109231 27 Oct 2007 "D:\Overf›rte filer fra C\Program Files\3DO\Heroes3\Support\_install.exe"
109231 27 Oct 2007 "D:\Overf›rte filer fra C\Program Files\Adobe\Acrobat 6.0\Reader\_install.exe"
109231 27 Oct 2007 "D:\Overf›rte filer fra C\Program Files\Aspyr\MTX MotoTrax Demo\Game\_install.exe"
109231 27 Oct 2007 "D:\Overf›rte filer fra C\Program Files\Common Files\Adobe\Web\_install.exe"
109231 27 Oct 2007 "D:\Overf›rte filer fra C\Program Files\Common Files\InstallShield\UpdateService\_install.exe"
109231 27 Oct 2007 "D:\Overf›rte filer fra C\Program Files\Common Files\Logitech\QCDriver\_install.exe"
109231 27 Oct 2007 "D:\Overf›rte filer fra C\Program Files\Common Files\Logitech\QCDriver3\_install.exe"
109231 27 Oct 2007 "D:\Overf›rte filer fra C\Program Files\Common Files\Logitech\QCDriver2\_install.exe"
109231 27 Oct 2007 "D:\Overf›rte filer fra C\Program Files\Common Files\Microsoft Shared\dasetup\_install.exe"
109231 27 Oct 2007 "D:\Overf›rte filer fra C\Program Files\Common Files\Microsoft Shared\MSInfo\_install.exe"
109231 27 Oct 2007 "D:\Overf›rte filer fra C\Program Files\Common Files\Microsoft Shared\Smart Tag\_install.exe"
109231 27 Oct 2007 "D:\Overf›rte filer fra C\Program Files\Common Files\Microsoft Shared\Speech\_install.exe"
109231 27 Oct 2007 "D:\Overf›rte filer fra C\Program Files\Common Files\Microsoft Shared\VS7DEBUG\_install.exe"
109231 27 Oct 2007 "D:\Overf›rte filer fra C\Program Files\Common Files\Real\Update\_install.exe"
109231 27 Oct 2007 "D:\Overf›rte filer fra C\Program Files\EA SPORTS\Tiger Woods PGA TOUR 2004 Demo\Bin\_install.exe"
109231 27 Oct 2007 "D:\Overf›rte filer fra C\Program Files\Eidos\CM 03-04\Utils\_install.exe"
109231 27 Oct 2007 "D:\Overf›rte filer fra C\Program Files\Firebird\Firebird_1_5\bin\_install.exe"
109231 27 Oct 2007 "D:\Overf›rte filer fra C\Program Files\GameSpy Arcade\Services\_common\_install.exe"
109231 27 Oct 2007 "D:\Overf›rte filer fra C\Program Files\Google\Gmail Notifier\G001-1.0.25.0\_install.exe"
109231 27 Oct 2007 "D:\Overf›rte filer fra C\Program Files\Java\j2re1.4.2_06\bin\_install.exe"
109231 27 Oct 2007 "D:\Overf›rte filer fra C\Program Files\Java\j2re1.4.2_06\javaws\_install.exe"
109231 27 Oct 2007 "D:\Overf›rte filer fra C\Program Files\Java\j2re1.4.2_05\bin\_install.exe"
109231 27 Oct 2007 "D:\Overf›rte filer fra C\Program Files\Java\j2re1.4.2_05\javaws\_install.exe"
109231 27 Oct 2007 "D:\Overf›rte filer fra C\Program Files\Java\j2re1.4.2_04\bin\_install.exe"
109231 27 Oct 2007 "D:\Overf›rte filer fra C\Program Files\Java\j2re1.4.2_04\javaws\_install.exe"
109231 27 Oct 2007 "D:\Overf›rte filer fra C\Program Files\Java\jre1.5.0_04\bin\_install.exe"
109231 27 Oct 2007 "D:\Overf›rte filer fra C\Program Files\Java\jre1.5.0_02\bin\_install.exe"
109231 27 Oct 2007 "D:\Overf›rte filer fra C\Program Files\Logitech\ImageStudio\WME\_install.exe"
109231 27 Oct 2007 "D:\Overf›rte filer fra C\Program Files\mozilla.org\Mozilla\components\_install.exe"
109231 27 Oct 2007 "D:\Overf›rte filer fra C\Program Files\mozilla.org\Mozilla\uninstall\_install.exe"
109231 27 Oct 2007 "D:\Overf›rte filer fra C\Program Files\MSN\MSNCoreFiles\Setup\_install.exe"
109231 27 Oct 2007 "D:\Overf›rte filer fra C\Program Files\MSN\MSNCoreFiles.BAK.{FEC69D39-ADBA-4928-98F0-3571AA97ABDF}\Setup\_install.exe"
109231 27 Oct 2007 "D:\Overf›rte filer fra C\Program Files\Real\RealPlayer\Setup\_install.exe"
109231 27 Oct 2007 "D:\Programmer\Adobe\Acrobat 6.0\Reader\Updater\_install.exe"
109231 27 Oct 2007 "D:\Programmer\F‘lles filer\Canon\UIW\1.0.0.0\_install.exe"
109231 27 Oct 2007 "D:\Programmer\F‘lles filer\InterVideo\DVD7\InterActual\_install.exe"
109231 27 Oct 2007 "D:\Programmer\Java\jre1.5.0_10\bin\bak\_install.exe"
109231 27 Oct 2007 "D:\Programmer\Musicmatch\Musicmatch Update\MMJB\TDM\_install.exe"
109231 27 Oct 2007 "D:\Programmer\Musicmatch\Musicmatch Update\MMJB\WMDMDist\_install.exe"
109231 27 Oct 2007 "D:\Programmer\Musicmatch\Musicmatch Update\MMJB\WMFDist\_install.exe"
109231 27 Oct 2007 "D:\Andr‚\Andr‚\Musik\morfitt\DEMOS\MIRROR\_install.exe"
109231 27 Oct 2007 "D:\Documents and Settings\All Users\Application Data\Apple Computer\Installer Cache\iTunes 7.0.2.16\_install.exe"
109231 27 Oct 2007 "D:\Documents and Settings\All Users\Application Data\{CFAB4006-0AE0-414D-866A-DCB2C46553CF}\offline\IFYTMEALEMIPRBMEXFTRGTDRFFFFFF0\_install.exe"
109231 27 Oct 2007 "D:\Documents and Settings\All Users\Application Data\{CFAB4006-0AE0-414D-866A-DCB2C46553CF}\offline\IFGMGCEMXDBRNGKIMSCSXEISDIFFFF0\_install.exe"
109231 27 Oct 2007 "D:\Documents and Settings\All Users\Application Data\{CFAB4006-0AE0-414D-866A-DCB2C46553CF}\offline\IFIDOSSSTM3OGENEXFWNSSDRFFFFFF0\_install.exe"
109231 27 Oct 2007 "D:\Documents and Settings\All Users\Application Data\{CFAB4006-0AE0-414D-866A-DCB2C46553CF}\offline\IFWIDOSSSTM3LAEEEFINYSIRFFFFFF0\_install.exe"
109231 27 Oct 2007 "D:\Documents and Settings\All Users\Application Data\{FBDA53F5-763E-4114-A576-612E9769C133}\offline\IFYTMEALEMIPRBMEXFTRGTDRFFFFFF0\_install.exe"
109231 27 Oct 2007 "D:\Documents and Settings\Andr‚\Application Data\Microsoft\Installer\{2FE5DDEF-64E3-45BF-B3E9-39C64905A45C}\_install.exe"
109231 27 Oct 2007 "D:\Documents and Settings\Andr‚\Application Data\Microsoft\Installer\{5BBFB0E4-2250-49C3-A8A3-65BE2197D13B}\_install.exe"
109231 27 Oct 2007 "D:\Documents and Settings\Andr‚\Skrivebord\Antivirus-pakke\backups\DE 7 MIRAKULSE\_install.exe"
109231 27 Oct 2007 "D:\Overf›rte filer fra C\Program Files\Adobe\Acrobat 6.0\Reader\Updater\_install.exe"
109231 27 Oct 2007 "D:\Overf›rte filer fra C\Program Files\Common Files\Logitech\QCDriver\Install\_install.exe"
109231 27 Oct 2007 "D:\Overf›rte filer fra C\Program Files\Common Files\Logitech\QCDriver3\Install\_install.exe"
109231 27 Oct 2007 "D:\Overf›rte filer fra C\Program Files\Common Files\Logitech\QCDriver2\Install\_install.exe"
109231 27 Oct 2007 "D:\Overf›rte filer fra C\Program Files\Common Files\mozilla.org\GRE\1.7.11_2005072806\_install.exe"
109231 27 Oct 2007 "D:\Overf›rte filer fra C\Program Files\Firebird\Firebird_1_5\doc\sql.extensions\_install.exe"
109231 27 Oct 2007 "D:\Programmer\F‘lles filer\InstallShield\Driver\11\Intel 32\_install.exe"
109231 27 Oct 2007 "D:\Programmer\F‘lles filer\InstallShield\Driver\7\Intel 32\_install.exe"
109231 27 Oct 2007 "D:\Programmer\F‘lles filer\InstallShield\Driver\8\Intel 32\_install.exe"
109231 27 Oct 2007 "D:\Programmer\F‘lles filer\InstallShield\Driver\9\Intel 32\_install.exe"
109231 27 Oct 2007 "D:\Programmer\F‘lles filer\InstallShield\Engine\6\Intel 32\_install.exe"
109231 27 Oct 2007 "D:\Andr‚\Andr‚\Musik\morfitt\DEMOS\MQUAKE3\exe\_install.exe"
109231 27 Oct 2007 "D:\Overf›rte filer fra C\Program Files\Common Files\InstallShield\Driver\7\Intel 32\_install.exe"
109231 27 Oct 2007 "D:\Overf›rte filer fra C\Program Files\Common Files\InstallShield\Driver\8\Intel 32\_install.exe"
109231 27 Oct 2007 "D:\Overf›rte filer fra C\Program Files\Common Files\InstallShield\Engine\6\Intel 32\_install.exe"
109231 27 Oct 2007 "D:\Overf›rte filer fra C\Program Files\Common Files\mozilla.org\GRE\1.7.11_2005072806\uninstall\_install.exe"
109231 27 Oct 2007 "D:\Overf›rte filer fra C\Program Files\Logitech\Desktop Messenger\8876480\7.2.0.137-8876480SL\Install\_install.exe"
109231 27 Oct 2007 "D:\Overf›rte filer fra C\Program Files\Logitech\Desktop Messenger\8876480\7.2.0.137-8876480SL\Program\_install.exe"
109231 27 Oct 2007 "D:\Overf›rte filer fra C\Program Files\Logitech\Desktop Messenger\8876480\Users\Greg\_install.exe"
109231 27 Oct 2007 "D:\Programmer\F‘lles filer\InstallShield\Professional\RunTime\0701\Intel32\_install.exe"
109231 27 Oct 2007 "D:\Programmer\F‘lles filer\Java\Update\Base Images\jre1.5.0.b64\patch-jre1.5.0_10.b03\_install.exe"
109231 27 Oct 2007 "D:\Programmer\F‘lles filer\Java\Update\Base Images\jre1.5.0.b64\patch-jre1.5.0_04.b05\_install.exe"
109231 27 Oct 2007 "D:\Programmer\F‘lles filer\Java\Update\Base Images\jre1.5.0.b64\patch-jre1.5.0_06.b05\_install.exe"
109231 27 Oct 2007 "D:\Overf›rte filer fra C\Program Files\Common Files\InstallShield\Professional\RunTime\0701\Intel32\_install.exe"
109231 27 Oct 2007 "D:\Overf›rte filer fra C\Program Files\Common Files\Java\Update\Base Images\j2re1.4.2-b28\patch-j2re1.4.2_06-b03\_install.exe"
109231 27 Oct 2007 "D:\Overf›rte filer fra C\Program Files\Common Files\Java\Update\Base Images\j2re1.4.2-b28\patch-j2re1.4.2_05-b04\_install.exe"
109231 27 Oct 2007 "D:\Overf›rte filer fra C\Program Files\Common Files\Java\Update\Base Images\j2re1.4.2-b28\patch-j2re1.4.2_04-b05\_install.exe"
109231 27 Oct 2007 "D:\Overf›rte filer fra C\Program Files\Common Files\Java\Update\Base Images\jre1.5.0.b64\patch-jre1.5.0_04.b05\_install.exe"
109231 27 Oct 2007 "D:\Overf›rte filer fra C\Program Files\Common Files\Java\Update\Base Images\jre1.5.0.b64\patch-jre1.5.0_02.b09\_install.exe"
109231 27 Oct 2007 "D:\Programmer\F‘lles filer\InstallShield\Professional\RunTime\09\01\Intel32\_install.exe"
109231 27 Oct 2007 "D:\Programmer\F‘lles filer\InstallShield\Professional\RunTime\11\00\Intel32\_install.exe"
109231 27 Oct 2007 "D:\Overf›rte filer fra C\Program Files\Common Files\InstallShield\Professional\RunTime\09\00\Intel32\_install.exe"
109231 27 Oct 2007 "D:\Overf›rte filer fra C\Program Files\Common Files\InstallShield\Professional\RunTime\09\01\Intel32\_install.exe"
109231 27 Oct 2007 "D:\Overf›rte filer fra C\Program Files\Common Files\InstallShield\Professional\RunTime\10\01\Intel32\_install.exe"
109231 27 Oct 2007 "D:\Overf›rte filer fra C\Program Files\Logitech\Desktop Messenger\8876480\Users\Greg\Data\4da8\a9acb3e\_install.exe"
109231 27 Oct 2007 "D:\Overf›rte filer fra C\Program Files\Logitech\Desktop Messenger\8876480\Users\Greg\Data\7b25\a9a3f18\_install.exe"
256576 27 Dec 2007 "D:\Programmer\iTunes\ituneshelper.exe"
256576 30 Oct 2006 "D:\Programmer\iTunes\bak\iTunesHelper.exe"
102400 2 Jun 2007 "D:\WINDOWS\Installer\{446DBFFA-4088-48E3-8932-74316BA4CAE4}\iTunesIco.exe"
108096 30 Oct 2006 "D:\Documents and Settings\All Users\Application Data\Apple Computer\Installer Cache\iTunes 7.0.2.16\iTunesSetupAdmin.exe"
109231 27 Oct 2007 "C:\_install.exe"
109231 27 Oct 2007 "C:\desktopclean\_install.exe"
109231 27 Oct 2007 "C:\Downloads\_install.exe"
109231 27 Oct 2007 "C:\Kaspersky\_install.exe"
109231 27 Oct 2007 "C:\Mario Forever\_install.exe"
109231 27 Oct 2007 "C:\Program Files\_install.exe"
109231 27 Oct 2007 "C:\WINDOWS\_install.exe"
109231 27 Oct 2007 "C:\Documents and Settings\Greg\_install.exe"
109231 27 Oct 2007 "C:\ie-spyad\choice\_install.exe"
109231 27 Oct 2007 "C:\Program Files\AVI MPEG RM WMV Joiner\_install.exe"
109231 27 Oct 2007 "C:\Program Files\Blindskrift\_install.exe"
109231 27 Oct 2007 "C:\Program Files\BraveSentry\_install.exe"
109231 27 Oct 2007 "C:\Program Files\ClickOff\_install.exe"
109231 27 Oct 2007 "C:\Program Files\Dictionary\_install.exe"
109231 27 Oct 2007 "C:\Program Files\Easy Movie Splitter\_install.exe"
109231 27 Oct 2007 "C:\Program Files\GThing\_install.exe"
109231 27 Oct 2007 "C:\Program Files\Internet Explorer\_install.exe"
109231 27 Oct 2007 "C:\Program Files\Movie Maker\_install.exe"
109231 27 Oct 2007 "C:\Program Files\MSN Messenger\_install.exe"
109231 27 Oct 2007 "C:\Program Files\QuickTime\_install.exe"
109231 27 Oct 2007 "C:\Program Files\RegSupreme\_install.exe"
109231 27 Oct 2007 "C:\Program Files\Windows NT\_install.exe"
109231 27 Oct 2007 "C:\Program Files\Windows Media Player\_install.exe"
109231 27 Oct 2007 "C:\WINDOWS\$NtUninstallKB840374$\_install.exe"
109231 27 Oct 2007 "C:\WINDOWS\$NtUninstallKB828741$\_install.exe"
109231 27 Oct 2007 "C:\WINDOWS\$NtUninstallKB826939$\_install.exe"
109231 27 Oct 2007 "C:\WINDOWS\$NtUninstallKB841873$\_install.exe"
109231 27 Oct 2007 "C:\WINDOWS\Downloaded Program Files\_install.exe"
109231 27 Oct 2007 "C:\WINDOWS\msagent\_install.exe"
109231 27 Oct 2007 "C:\WINDOWS\mui\_install.exe"
109231 27 Oct 2007 "C:\WINDOWS\NV22042208.TMP\_install.exe"
109231 27 Oct 2007 "C:\WINDOWS\system\_install.exe"
109231 27 Oct 2007 "C:\WINDOWS\system32\_install.exe"
109231 27 Oct 2007 "C:\Documents and Settings\Greg\3DSetup\_install.exe"
109231 27 Oct 2007 "C:\NVIDIA\Win2KXP\78.01\_install.exe"
109231 27 Oct 2007 "C:\Program Files\3DO\Heroes3\_install.exe"
109231 27 Oct 2007 "C:\Program Files\Ashampoo\Ashampoo WinOptimizer 2004\_install.exe"
109231 27 Oct 2007 "C:\Program Files\Blindskrift\Agent Setup\_install.exe"
109231 27 Oct 2007 "C:\Program Files\CoolSystems\ordbogen.com\_install.exe"
109231 27 Oct 2007 "C:\Program Files\CyberLink\Common\_install.exe"
109231 27 Oct 2007 "C:\Program Files\CyberLink\PowerDVD\_install.exe"
109231 27 Oct 2007 "C:\Program Files\Davka Corp\DavkaViewer Platinum\_install.exe"
109231 27 Oct 2007 "C:\Program Files\DivX\DivX\_install.exe"
109231 27 Oct 2007 "C:\Program Files\EA SPORTS\NBA LIVE 2004\_install.exe"
109231 27 Oct 2007 "C:\Program Files\Eidos\CM 03-04\_install.exe"
109231 27 Oct 2007 "C:\Program Files\ewido\security suite\_install.exe"
109231 27 Oct 2007 "C:\Program Files\Google\Gmail Notifier\_install.exe"
109231 27 Oct 2007 "C:\Program Files\Google\Google Earth\_install.exe"
109231 27 Oct 2007 "C:\Program Files\Infogrames\RollerCoaster Tycoon 2\_install.exe"
109231 27 Oct 2007 "C:\Program Files\Internet Explorer\Connection Wizard\_install.exe"
109231 27 Oct 2007 "C:\Program Files\Logitech\ImageStudio\_install.exe"
109231 27 Oct 2007 "C:\Program Files\Logitech\IM Video Companion\_install.exe"
109231 27 Oct 2007 "C:\Program Files\mozilla.org\Mozilla\_install.exe"
109231 27 Oct 2007 "C:\Program Files\MSN\MSNCoreFiles\_install.exe"
109231 27 Oct 2007 "C:\Program Files\MSN\MSNCoreFiles.BAK.{FEC69D39-ADBA-4928-98F0-3571AA97ABDF}\_install.exe"
109231 27 Oct 2007 "C:\Program Files\MSN Gaming Zone\Windows\_install.exe"
109231 27 Oct 2007 "C:\Program Files\Real\RealPlayer\_install.exe"
109231 27 Oct 2007 "C:\Program Files\ToniArts\EasyCleaner\_install.exe"
109231 27 Oct 2007 "C:\Program Files\Trend Micro\PC-cillin 2002\_install.exe"
109231 27 Oct 2007 "C:\Program Files\Windows NT\Accessories\_install.exe"
109231 27 Oct 2007 "C:\Program Files\Windows NT\Pinball\_install.exe"
109231 27 Oct 2007 "C:\Program Files\Windows Media Player\Installer\_install.exe"
109231 27 Oct 2007 "C:\WINDOWS\$NtUninstallKB837001$\spuninst\_install.exe"
109231 27 Oct 2007 "C:\WINDOWS\$NtUninstallKB824141$\spuninst\_install.exe"
109231 27 Oct 2007 "C:\WINDOWS\$NtUninstallKB823182$\spuninst\_install.exe"
109231 27 Oct 2007 "C:\WINDOWS\$NtUninstallKB840374$\spuninst\_install.exe"
109231 27 Oct 2007 "C:\WINDOWS\$NtUninstallKB828035$\spuninst\_install.exe"
109231 27 Oct 2007 "C:\WINDOWS\$NtUninstallKB835732$\spuninst\_install.exe"
109231 27 Oct 2007 "C:\WINDOWS\$NtUninstallKB824105$\spuninst\_install.exe"
109231 27 Oct 2007 "C:\WINDOWS\$NtUninstallKB828741$\spuninst\_install.exe"
109231 27 Oct 2007 "C:\WINDOWS\$NtUninstallKB839645$\spuninst\_install.exe"
109231 27 Oct 2007 "C:\WINDOWS\$NtUninstallKB833407$\spuninst\_install.exe"
109231 27 Oct 2007 "C:\WINDOWS\$NtUninstallKB825119$\spuninst\_install.exe"
109231 27 Oct 2007 "C:\WINDOWS\$NtUninstallQ828026$\spuninst\_install.exe"
109231 27 Oct 2007 "C:\WINDOWS\$NtUninstallKB826939$\spuninst\_install.exe"
109231 27 Oct 2007 "C:\WINDOWS\$NtUninstallKB840315$\spuninst\_install.exe"
109231 27 Oct 2007 "C:\WINDOWS\$NtUninstallKB842773$\spuninst\_install.exe"
109231 27 Oct 2007 "C:\WINDOWS\$NtUninstallKB841873$\spuninst\_install.exe"
109231 27 Oct 2007 "C:\WINDOWS\Installer\{11C762F9-95EA-486A-A8E7-683A50C231C1}\_install.exe"
109231 27 Oct 2007 "C:\WINDOWS\Installer\{17BCE8EF-361E-48AF-813C-97A6C502191F}\_install.exe"
109231 27 Oct 2007 "C:\WINDOWS\Installer\{350C97B0-3D7C-4EE8-BAA9-00BCB3D54227}\_install.exe"
109231 27 Oct 2007 "C:\WINDOWS\Installer\{5A24DD7E-7B01-41AC-ADA8-F1776177A3BA}\_install.exe"
109231 27 Oct 2007 "C:\WINDOWS\Installer\{716E0306-8318-4364-8B8F-0CC4E9376BAC}\_install.exe"
109231 27 Oct 2007 "C:\WINDOWS\Installer\{898D6241-AB24-4DF7-82FE-21F315DB34E7}\_install.exe"
109231 27 Oct 2007 "C:\WINDOWS\Installer\{90110406-6000-11D3-8CFE-0150048383C9}\_install.exe"
109231 27 Oct 2007 "C:\WINDOWS\Installer\{961C3C01-A1E1-4CD0-8B15-256ED4EA2263}\_install.exe"
109231 27 Oct 2007 "C:\WINDOWS\Installer\{AC76BA86-7AD7-1030-7B44-A00000000001}\_install.exe"
109231 27 Oct 2007 "C:\WINDOWS\Installer\{C5B9C677-4BE8-11D3-8B01-0008C7797B27}\_install.exe"
109231 27 Oct 2007 "C:\WINDOWS\Installer\{C90F3E44-3BF6-11D4-A110-00500405613A}\_install.exe"
109231 27 Oct 2007 "C:\WINDOWS\Installer\{F71C0208-1D32-439D-9257-F90F0BAACE6A}\_install.exe"
109231 27 Oct 2007 "C:\WINDOWS\Installer\{FCA586EB-8FB0-41A4-B724-13AED3A31A47}\_install.exe"
109231 27 Oct 2007 "C:\WINDOWS\RegisteredPackages\{3FDF25EE-E592-4495-8391-6E9C504DAC2B}\_install.exe"
109231 27 Oct 2007 "C:\WINDOWS\RegisteredPackages\{44BBA855-CC51-11CF-AAFA-00AA00B6015C}\_install.exe"
109231 27 Oct 2007 "C:\WINDOWS\RegisteredPackages\{981FB688-E76B-4246-987B-92083185B90A}\_install.exe"
109231 27 Oct 2007 "C:\WINDOWS\RegisteredPackages\{AAC1D942-0B38-4E37-9E4E-5B96A9DD2170}\_install.exe"
109231 27 Oct 2007 "C:\WINDOWS\RegisteredPackages\{DD90D410-1823-43EB-9A16-A2331BF08799}\_install.exe"
109231 27 Oct 2007 "C:\WINDOWS\system32\Com\_install.exe"
109231 27 Oct 2007 "C:\WINDOWS\system32\Cult3D\_install.exe"
109231 27 Oct 2007 "C:\WINDOWS\system32\npp\_install.exe"
109231 27 Oct 2007 "C:\WINDOWS\system32\oobe\_install.exe"
109231 27 Oct 2007 "C:\WINDOWS\system32\QuickTime\_install.exe"
109231 27 Oct 2007 "C:\WINDOWS\system32\Restore\_install.exe"
109231 27 Oct 2007 "C:\WINDOWS\system32\usmt\_install.exe"
109231 27 Oct 2007 "C:\WINDOWS\system32\wbem\_install.exe"
109231 27 Oct 2007 "C:\WINDOWS\twain_32\QuickCam\_install.exe"
109231 27 Oct 2007 "C:\WINDOWS\uninstall\Natula © Freeware 1\_install.exe"
109231 27 Oct 2007 "C:\Documents and Settings\Greg\.limewire\.NetworkShare\_install.exe"
109231 27 Oct 2007 "C:\Documents and Settings\Greg\Local Settings\Temp\_install.exe"
109231 27 Oct 2007 "C:\Documents and Settings\Greg\My Documents\Setup\_install.exe"
109231 27 Oct 2007 "C:\Documents and Settings\Greg\My Documents\SuperSoccerManager 2005\_install.exe"
109231 27 Oct 2007 "C:\Program Files\3DO\Heroes3\Heat\_install.exe"
109231 27 Oct 2007 "C:\Program Files\3DO\Heroes3\ONLINE\_install.exe"
109231 27 Oct 2007 "C:\Program Files\3DO\Heroes3\Support\_install.exe"
109231 27 Oct 2007 "C:\Program Files\Adobe\Acrobat 6.0\Reader\_install.exe"
109231 27 Oct 2007 "C:\Program Files\Eidos\CM 03-04\Utils\_install.exe"
109231 27 Oct 2007 "C:\Program Files\Google\Gmail Notifier\G001-1.0.25.0\_install.exe"
109231 27 Oct 2007 "C:\Program Files\Logitech\ImageStudio\WME\_install.exe"
109231 27 Oct 2007 "C:\Program Files\mozilla.org\Mozilla\components\_install.exe"
109231 27 Oct 2007 "C:\Program Files\mozilla.org\Mozilla\uninstall\_install.exe"
109231 27 Oct 2007 "C:\Program Files\MSN\MSNCoreFiles\Setup\_install.exe"
109231 27 Oct 2007 "C:\Program Files\MSN\MSNCoreFiles.BAK.{FEC69D39-ADBA-4928-98F0-3571AA97ABDF}\Setup\_install.exe"
109231 27 Oct 2007 "C:\Program Files\Real\RealPlayer\Setup\_install.exe"
109231 27 Oct 2007 "C:\WINDOWS\AU_Temp\1\27\_install.exe"
109231 27 Oct 2007 "C:\WINDOWS\Cache\Adobe Reader 6.0.1\DANBIG\_install.exe"
109231 27 Oct 2007 "C:\WINDOWS\Downloaded Program F

Synes godt om

fromsej Praktikant

31. december 2007 - 12:55 #35

Hent og gem denne batfil på skrivebordet:
http://www.fromsej.saknet.dk/download/delinstall.bat
Dobbeltklik på den, det tager sikkert et godt stykke tid, inden den er færdig.
Når den er færdig åbner Notesblok, kopier indholdet herind.

Synes godt om

fromsej Praktikant

31. december 2007 - 13:02 #36

Vent lige 5 min.

Synes godt om

fromsej Praktikant

31. december 2007 - 13:05 #37

Så skulle den være OK.

Synes godt om

djgreg Nybegynder

31. december 2007 - 19:40 #38

Fil slettet - C:\_install.exe
Fil slettet - C:\desktopclean\_install.exe
Fil slettet - C:\Documents and Settings\All Users\Start Menu\Programs\AGPUtil\_install.exe
Fil slettet - C:\Documents and Settings\Greg\_install.exe
Fil slettet - C:\Documents and Settings\Greg\.limewire\.NetworkShare\_install.exe
Fil slettet - C:\Documents and Settings\Greg\3DSetup\_install.exe
Fil slettet - C:\Documents and Settings\Greg\Application Data\Microsoft\Installer\{2FE5DDEF-64E3-45BF-B3E9-39C64905A45C}\_install.exe
Fil slettet - C:\Documents and Settings\Greg\Application Data\Microsoft\Installer\{5BBFB0E4-2250-49C3-A8A3-65BE2197D13B}\_install.exe
Fil slettet - C:\Documents and Settings\Greg\Application Data\Microsoft\Installer\{C64C7D95-E368-4A5C-9E64-0E8E298FB220}\_install.exe
Fil slettet - C:\Documents and Settings\Greg\Local Settings\Application Data\ApplicationHistory\_install.exe
Fil slettet - C:\Documents and Settings\Greg\Local Settings\Temp\_install.exe
Fil slettet - C:\Documents and Settings\Greg\My Documents\Adobe\Acrobat\_install.exe
Fil slettet - C:\Documents and Settings\Greg\My Documents\Setup\_install.exe
Fil slettet - C:\Documents and Settings\Greg\My Documents\SuperSoccerManager 2005\_install.exe
Fil slettet - C:\Downloads\_install.exe
Fil slettet - C:\ie-spyad\choice\_install.exe
Fil slettet - C:\Kaspersky\_install.exe
Fil slettet - C:\Mario Forever\_install.exe
Fil slettet - C:\NVIDIA\Win2KXP\78.01\_install.exe
Fil slettet - C:\Program Files\_install.exe
Fil slettet - C:\Program Files\3DO\Heroes3\_install.exe
Fil slettet - C:\Program Files\3DO\Heroes3\Heat\_install.exe
Fil slettet - C:\Program Files\3DO\Heroes3\ONLINE\_install.exe
Fil slettet - C:\Program Files\3DO\Heroes3\Support\_install.exe
Fil slettet - C:\Program Files\Adobe\Acrobat 6.0\Reader\_install.exe
Fil slettet - C:\Program Files\Adobe\Acrobat 6.0\Reader\Updater\_install.exe
Fil slettet - C:\Program Files\Ashampoo\Ashampoo WinOptimizer 2004\_install.exe
Fil slettet - C:\Program Files\AVI MPEG RM WMV Joiner\_install.exe
Fil slettet - C:\Program Files\Blindskrift\_install.exe
Fil slettet - C:\Program Files\Blindskrift\Agent Setup\_install.exe
Fil slettet - C:\Program Files\BraveSentry\_install.exe
Fil slettet - C:\Program Files\ClickOff\_install.exe
Fil slettet - C:\Program Files\CoolSystems\ordbogen.com\_install.exe
Fil slettet - C:\Program Files\CyberLink\Common\_install.exe
Fil slettet - C:\Program Files\CyberLink\PowerDVD\_install.exe
Fil slettet - C:\Program Files\Davka Corp\DavkaViewer Platinum\_install.exe
Fil slettet - C:\Program Files\Dictionary\_install.exe
Fil slettet - C:\Program Files\DivX\DivX\_install.exe
Fil slettet - C:\Program Files\EA SPORTS\NBA LIVE 2004\_install.exe
Fil slettet - C:\Program Files\Easy Movie Splitter\_install.exe
Fil slettet - C:\Program Files\Eidos\CM 03-04\_install.exe
Fil slettet - C:\Program Files\Eidos\CM 03-04\Utils\_install.exe
Fil slettet - C:\Program Files\ewido\security suite\_install.exe
Fil slettet - C:\Program Files\Google\Gmail Notifier\_install.exe
Fil slettet - C:\Program Files\Google\Gmail Notifier\G001-1.0.25.0\_install.exe
Fil slettet - C:\Program Files\Google\Google Earth\_install.exe
Fil slettet - C:\Program Files\GThing\_install.exe
Fil slettet - C:\Program Files\Infogrames\RollerCoaster Tycoon 2\_install.exe
Fil slettet - C:\Program Files\Internet Explorer\_install.exe
Fil slettet - C:\Program Files\Internet Explorer\Connection Wizard\_install.exe
Fil slettet - C:\Program Files\Logitech\Desktop Messenger\8876480\7.2.0.137-8876480SL\Install\_install.exe
Fil slettet - C:\Program Files\Logitech\Desktop Messenger\8876480\7.2.0.137-8876480SL\Program\_install.exe
Fil slettet - C:\Program Files\Logitech\Desktop Messenger\8876480\Users\Greg\_install.exe
Fil slettet - C:\Program Files\Logitech\Desktop Messenger\8876480\Users\Greg\Data\4da8\a9acb3e\_install.exe
Fil slettet - C:\Program Files\Logitech\Desktop Messenger\8876480\Users\Greg\Data\7b25\a9a3f18\_install.exe
Fil slettet - C:\Program Files\Logitech\IM Video Companion\_install.exe
Fil slettet - C:\Program Files\Logitech\ImageStudio\_install.exe
Fil slettet - C:\Program Files\Logitech\ImageStudio\WME\_install.exe
Fil slettet - C:\Program Files\Movie Maker\_install.exe
Fil slettet - C:\Program Files\mozilla.org\Mozilla\_install.exe
Fil slettet - C:\Program Files\mozilla.org\Mozilla\components\_install.exe
Fil slettet - C:\Program Files\mozilla.org\Mozilla\uninstall\_install.exe
Fil slettet - C:\Program Files\MSN\MSNCoreFiles\_install.exe
Fil slettet - C:\Program Files\MSN\MSNCoreFiles\Setup\_install.exe
Fil slettet - C:\Program Files\MSN\MSNCoreFiles.BAK.{FEC69D39-ADBA-4928-98F0-3571AA97ABDF}\_install.exe
Fil slettet - C:\Program Files\MSN\MSNCoreFiles.BAK.{FEC69D39-ADBA-4928-98F0-3571AA97ABDF}\Setup\_install.exe
Fil slettet - C:\Program Files\MSN Gaming Zone\Windows\_install.exe
Fil slettet - C:\Program Files\MSN Messenger\_install.exe
Fil slettet - C:\Program Files\QuickTime\_install.exe
Fil slettet - C:\Program Files\Real\RealPlayer\_install.exe
Fil slettet - C:\Program Files\Real\RealPlayer\Setup\_install.exe
Fil slettet - C:\Program Files\RegSupreme\_install.exe
Fil slettet - C:\Program Files\ToniArts\EasyCleaner\_install.exe
Fil slettet - C:\Program Files\Trend Micro\PC-cillin 2002\_install.exe
Fil slettet - C:\Program Files\Windows Media Player\_install.exe
Fil slettet - C:\Program Files\Windows Media Player\Installer\_install.exe
Fil slettet - C:\Program Files\Windows NT\_install.exe
Fil slettet - C:\Program Files\Windows NT\Accessories\_install.exe
Fil slettet - C:\Program Files\Windows NT\Pinball\_install.exe
Fil slettet - C:\WINDOWS\_install.exe
Fil slettet - C:\WINDOWS\$NtUninstallKB823182$\spuninst\_install.exe
Fil slettet - C:\WINDOWS\$NtUninstallKB824105$\spuninst\_install.exe
Fil slettet - C:\WINDOWS\$NtUninstallKB824141$\spuninst\_install.exe
Fil slettet - C:\WINDOWS\$NtUninstallKB825119$\spuninst\_install.exe
Fil slettet - C:\WINDOWS\$NtUninstallKB826939$\_install.exe
Fil slettet - C:\WINDOWS\$NtUninstallKB826939$\spuninst\_install.exe
Fil slettet - C:\WINDOWS\$NtUninstallKB828035$\spuninst\_install.exe
Fil slettet - C:\WINDOWS\$NtUninstallKB828741$\_install.exe
Fil slettet - C:\WINDOWS\$NtUninstallKB828741$\spuninst\_install.exe
Fil slettet - C:\WINDOWS\$NtUninstallKB833407$\spuninst\_install.exe
Fil slettet - C:\WINDOWS\$NtUninstallKB835732$\spuninst\_install.exe
Fil slettet - C:\WINDOWS\$NtUninstallKB837001$\spuninst\_install.exe
Fil slettet - C:\WINDOWS\$NtUninstallKB839645$\spuninst\_install.exe
Fil slettet - C:\WINDOWS\$NtUninstallKB840315$\spuninst\_install.exe
Fil slettet - C:\WINDOWS\$NtUninstallKB840374$\_install.exe
Fil slettet - C:\WINDOWS\$NtUninstallKB840374$\spuninst\_install.exe
Fil slettet - C:\WINDOWS\$NtUninstallKB841873$\_install.exe
Fil slettet - C:\WINDOWS\$NtUninstallKB841873$\spuninst\_install.exe
Fil slettet - C:\WINDOWS\$NtUninstallKB842773$\spuninst\_install.exe
Fil slettet - C:\WINDOWS\$NtUninstallQ828026$\spuninst\_install.exe
Fil slettet - C:\WINDOWS\AU_Temp\1\27\_install.exe
Fil slettet - C:\WINDOWS\Cache\Adobe Reader 6.0.1\DANBIG\_install.exe
Fil slettet - C:\WINDOWS\Downloaded Program Files\_install.exe
Fil slettet - C:\WINDOWS\Downloaded Program Files\WebEx\320\_install.exe
Fil slettet - C:\WINDOWS\Driver Cache\i386\_install.exe
Fil slettet - C:\WINDOWS\Help\Tours\mmTour\_install.exe
Fil slettet - C:\WINDOWS\Installer\{11C762F9-95EA-486A-A8E7-683A50C231C1}\_install.exe
Fil slettet - C:\WINDOWS\Installer\{17BCE8EF-361E-48AF-813C-97A6C502191F}\_install.exe
Fil slettet - C:\WINDOWS\Installer\{350C97B0-3D7C-4EE8-BAA9-00BCB3D54227}\_install.exe
Fil slettet - C:\WINDOWS\Installer\{5A24DD7E-7B01-41AC-ADA8-F1776177A3BA}\_install.exe
Fil slettet - C:\WINDOWS\Installer\{716E0306-8318-4364-8B8F-0CC4E9376BAC}\_install.exe
Fil slettet - C:\WINDOWS\Installer\{898D6241-AB24-4DF7-82FE-21F315DB34E7}\_install.exe
Fil slettet - C:\WINDOWS\Installer\{90110406-6000-11D3-8CFE-0150048383C9}\_install.exe
Fil slettet - C:\WINDOWS\Installer\{961C3C01-A1E1-4CD0-8B15-256ED4EA2263}\_install.exe
Fil slettet - C:\WINDOWS\Installer\{AC76BA86-7AD7-1030-7B44-A00000000001}\_install.exe
Fil slettet - C:\WINDOWS\Installer\{C5B9C677-4BE8-11D3-8B01-0008C7797B27}\_install.exe
Fil slettet - C:\WINDOWS\Installer\{C90F3E44-3BF6-11D4-A110-00500405613A}\_install.exe
Fil slettet - C:\WINDOWS\Installer\{F71C0208-1D32-439D-9257-F90F0BAACE6A}\_install.exe
Fil slettet - C:\WINDOWS\Installer\{FCA586EB-8FB0-41A4-B724-13AED3A31A47}\_install.exe
Fil slettet - C:\WINDOWS\msagent\_install.exe
Fil slettet - C:\WINDOWS\mui\_install.exe
Fil slettet - C:\WINDOWS\NV22042208.TMP\_install.exe
Fil slettet - C:\WINDOWS\PCHealth\HelpCtr\Binaries\_install.exe
Fil slettet - C:\WINDOWS\PCHealth\UploadLB\Binaries\_install.exe
Fil slettet - C:\WINDOWS\RegisteredPackages\{3FDF25EE-E592-4495-8391-6E9C504DAC2B}\_install.exe
Fil slettet - C:\WINDOWS\RegisteredPackages\{3FDF25EE-E592-4495-8391-6E9C504DAC2B}$BACKUP$\System\_install.exe
Fil slettet - C:\WINDOWS\RegisteredPackages\{44BBA855-CC51-11CF-AAFA-00AA00B6015C}\_install.exe
Fil slettet - C:\WINDOWS\RegisteredPackages\{981FB688-E76B-4246-987B-92083185B90A}\_install.exe
Fil slettet - C:\WINDOWS\RegisteredPackages\{981FB688-E76B-4246-987B-92083185B90A}$BACKUP$\System\_install.exe
Fil slettet - C:\WINDOWS\RegisteredPackages\{AAC1D942-0B38-4E37-9E4E-5B96A9DD2170}\_install.exe
Fil slettet - C:\WINDOWS\RegisteredPackages\{AAC1D942-0B38-4E37-9E4E-5B96A9DD2170}$BACKUP$\System\_install.exe
Fil slettet - C:\WINDOWS\RegisteredPackages\{DD90D410-1823-43EB-9A16-A2331BF08799}\_install.exe
Fil slettet - C:\WINDOWS\RegisteredPackages\{DD90D410-1823-43EB-9A16-A2331BF08799}$BACKUP$\System\_install.exe
Fil slettet - C:\WINDOWS\SoftwareDistribution\Download\6ca7b3a8efd5a9b6f87fff395a2eb989\_install.exe
Fil slettet - C:\WINDOWS\SoftwareDistribution\Download\6ca7b3a8efd5a9b6f87fff395a2eb989\ip\_install.exe
Fil slettet - C:\WINDOWS\SoftwareDistribution\Download\6ca7b3a8efd5a9b6f87fff395a2eb989\lang\_install.exe
Fil slettet - C:\WINDOWS\SoftwareDistribution\Download\6ca7b3a8efd5a9b6f87fff395a2eb989\update\_install.exe
Fil slettet - C:\WINDOWS\system\_install.exe
Fil slettet - C:\WINDOWS\system32\_install.exe
Fil slettet - C:\WINDOWS\system32\Com\_install.exe
Fil slettet - C:\WINDOWS\system32\Cult3D\_install.exe
Fil slettet - C:\WINDOWS\system32\dllcache\_install.exe
Fil slettet - C:\WINDOWS\system32\Macromed\Flash\_install.exe
Fil slettet - C:\WINDOWS\system32\Macromed\Shockwave 10\_install.exe
Fil slettet - C:\WINDOWS\system32\npp\_install.exe
Fil slettet - C:\WINDOWS\system32\oobe\_install.exe
Fil slettet - C:\WINDOWS\system32\QuickTime\_install.exe
Fil slettet - C:\WINDOWS\system32\Restore\_install.exe
Fil slettet - C:\WINDOWS\system32\usmt\_install.exe
Fil slettet - C:\WINDOWS\system32\wbem\_install.exe
Fil slettet - C:\WINDOWS\twain_32\QuickCam\_install.exe
Fil slettet - C:\WINDOWS\uninstall\Natula ® Freeware 1\_install.exe
Fil slettet - D:\Acrobat\_install.exe
Fil slettet - D:\Acrobat3\Reader\_install.exe
Fil slettet - D:\André\André\Billeder\Smileys\_install.exe
Fil slettet - D:\André\André\Musik\backups\_install.exe
Fil slettet - D:\André\André\Musik\cm0304Patch415\_install.exe
Fil slettet - D:\André\André\Musik\cm0304Patch4[1].1.4\_install.exe
Fil slettet - D:\André\André\Musik\Ejay\_install.exe
Fil slettet - D:\André\André\Musik\fm2005_demo_alllang_full\_install.exe
Fil slettet - D:\André\André\Musik\install_2_11_F\_install.exe
Fil slettet - D:\André\André\Musik\J-96bulls\_install.exe
Fil slettet - D:\André\André\Musik\kd-50sCourt\_install.exe
Fil slettet - D:\André\André\Musik\morfitt\_install.exe
Fil slettet - D:\André\André\Musik\morfitt\DEMOS\MIRROR\_install.exe
Fil slettet - D:\André\André\Musik\morfitt\DEMOS\MQUAKE3\exe\_install.exe
Fil slettet - D:\André\André\Musik\Musik-Video-filer\_install.exe
Fil slettet - D:\André\André\Musik\racedriverdemo\_install.exe
Fil slettet - D:\André\André\Musik\rookiepack\_install.exe
Fil slettet - D:\André\André\Musik\th-87lakers\_install.exe
Fil slettet - D:\André\André\Musik\th-89pistons\_install.exe
Fil slettet - D:\André\André\Musik\th-96bulls\_install.exe
Fil slettet - D:\André\André\Musik\th-legends_megaupdate\_install.exe
Fil slettet - D:\André\André\Musik\th-legends_pack1\_install.exe
Fil slettet - D:\André\André\Musik\thnb-95rockets\_install.exe
Fil slettet - D:\André\André\Musik\USB-Device-Driver\_install.exe
Fil slettet - D:\André\André\Spywareprogrammer\_install.exe
Fil slettet - D:\CM 03-04\_install.exe
Fil slettet - D:\CM 03-04\Utils\_install.exe
Fil slettet - D:\Cost Calculator\_install.exe
Fil slettet - D:\Distillr\_install.exe
Fil slettet - D:\Documents and Settings\_install.exe
Fil slettet - D:\Documents and Settings\All Users\Application Data\Apple Computer\Installer Cache\iTunes 7.0.2.16\_install.exe
Fil slettet - D:\Documents and Settings\All Users\Application Data\{CFAB4006-0AE0-414D-866A-DCB2C46553CF}\_install.exe
Fil slettet - D:\Documents and Settings\All Users\Application Data\{CFAB4006-0AE0-414D-866A-DCB2C46553CF}\offline\IFGMGCEMXDBRNGKIMSCSXEISDIFFFF0\_install.exe
Fil slettet - D:\Documents and Settings\All Users\Application Data\{CFAB4006-0AE0-414D-866A-DCB2C46553CF}\offline\IFIDOSSSTM3OGENEXFWNSSDRFFFFFF0\_install.exe
Fil slettet - D:\Documents and Settings\All Users\Application Data\{CFAB4006-0AE0-414D-866A-DCB2C46553CF}\offline\IFWIDOSSSTM3LAEEEFINYSIRFFFFFF0\_install.exe
Fil slettet - D:\Documents and Settings\All Users\Application Data\{CFAB4006-0AE0-414D-866A-DCB2C46553CF}\offline\IFYTMEALEMIPRBMEXFTRGTDRFFFFFF0\_install.exe
Fil slettet - D:\Documents and Settings\All Users\Application Data\{FBDA53F5-763E-4114-A576-612E9769C133}\offline\IFYTMEALEMIPRBMEXFTRGTDRFFFFFF0\_install.exe
Fil slettet - D:\Documents and Settings\All Users\Menuen Start\Programmer\AGPUtil\_install.exe
Fil slettet - D:\Documents and Settings\André\Application Data\LimeWire\.NetworkShare\_install.exe
Fil slettet - D:\Documents and Settings\André\Application Data\Microsoft\Installer\{2FE5DDEF-64E3-45BF-B3E9-39C64905A45C}\_install.exe
Fil slettet - D:\Documents and Settings\André\Application Data\Microsoft\Installer\{5BBFB0E4-2250-49C3-A8A3-65BE2197D13B}\_install.exe
Fil slettet - D:\Documents and Settings\André\Skrivebord\Antivirus-pakke\_install.exe
Fil slettet - D:\Documents and Settings\André\Skrivebord\Antivirus-pakke\backups\DE 7 MIRAKULØSE\_install.exe
Fil slettet - D:\Documents and Settings\André\Skrivebord\Antivirus-pakke\smitRem\_install.exe
Fil slettet - D:\EA SPORTS\NBA LIVE 2004\_install.exe
Fil slettet - D:\EA SPORTS\NBA LIVE 2004\Support\_install.exe
Fil slettet - D:\Eidos\CM 03-04\_install.exe
Fil slettet - D:\Eidos\CM 03-04\Utils\_install.exe
Fil slettet - D:\Ereg\_install.exe
Fil slettet - D:\Fractal Maze\_install.exe
Fil slettet - D:\Jokes\_install.exe
Fil slettet - D:\Kyodai Mahjongg\_install.exe
Fil slettet - D:\mplayAB\_install.exe
Fil slettet - D:\Overførte filer fra C\Program Files\_install.exe
Fil slettet - D:\Overførte filer fra C\Program Files\3DO\Heroes3\_install.exe
Fil slettet - D:\Overførte filer fra C\Program Files\3DO\Heroes3\Heat\_install.exe
Fil slettet - D:\Overførte filer fra C\Program Files\3DO\Heroes3\ONLINE\_install.exe
Fil slettet - D:\Overførte filer fra C\Program Files\3DO\Heroes3\Support\_install.exe
Fil slettet - D:\Overførte filer fra C\Program Files\Acclaim Entertainment\Re-Volt Demo\_install.exe
Fil slettet - D:\Overførte filer fra C\Program Files\Acer Advanced MP3 Player Tools 4.0\RDiskUpdate\_install.exe
Fil slettet - D:\Overførte filer fra C\Program Files\Acer Advanced MP3 Player Tools 4.0\RDiskUtility\_install.exe
Fil slettet - D:\Overførte filer fra C\Program Files\Acer Advanced MP3 Player Tools 4.0\SoundConvert\_install.exe
Fil slettet - D:\Overførte filer fra C\Program Files\Adobe\Acrobat 6.0\Reader\_install.exe
Fil slettet - D:\Overførte filer fra C\Program Files\Adobe\Acrobat 6.0\Reader\Updater\_install.exe
Fil slettet - D:\Overførte filer fra C\Program Files\All Video Joiner\_install.exe
Fil slettet - D:\Overførte filer fra C\Program Files\Anatoli Klassen Software\akFontViewer\_install.exe
Fil slettet - D:\Overførte filer fra C\Program Files\Apple Computer\DVD@ccess\_install.exe
Fil slettet - D:\Overførte filer fra C\Program Files\Ashampoo\Ashampoo WinOptimizer 2004\_install.exe
Fil slettet - D:\Overførte filer fra C\Program Files\Aspyr\MTX MotoTrax Demo\_install.exe
Fil slettet - D:\Overførte filer fra C\Program Files\Aspyr\MTX MotoTrax Demo\Game\_install.exe
Fil slettet - D:\Overførte filer fra C\Program Files\AVI MPEG RM WMV Joiner\_install.exe
Fil slettet - D:\Overførte filer fra C\Program Files\Azureus\_install.exe
Fil slettet - D:\Overførte filer fra C\Program Files\BlackBeanGames\SCAR Demo\_install.exe
Fil slettet - D:\Overførte filer fra C\Program Files\Blindskrift\_install.exe
Fil slettet - D:\Overførte filer fra C\Program Files\Blindskrift\Agent Setup\_install.exe
Fil slettet - D:\Overførte filer fra C\Program Files\Calendar Magic\_install.exe
Fil slettet - D:\Overførte filer fra C\Program Files\CDBurnerXP Pro\_install.exe
Fil slettet - D:\Overførte filer fra C\Program Files\ClickOff\_install.exe
Fil slettet - D:\Overførte filer fra C\Program Files\Codemasters\Race Driver 2 Demo\_install.exe
Fil slettet - D:\Overførte filer fra C\Program Files\Common Files\Adobe\Web\_install.exe
Fil slettet - D:\Overførte filer fra C\Program Files\Common Files\InstallShield\Driver\7\Intel 32\_install.exe
Fil slettet - D:\Overførte filer fra C\Program Files\Common Files\InstallShield\Driver\8\Intel 32\_install.exe
Fil slettet - D:\Overførte filer fra C\Program Files\Common Files\InstallShield\Engine\6\Intel 32\_install.exe
Fil slettet - D:\Overførte filer fra C\Program Files\Common Files\InstallShield\Professional\RunTime\0701\Intel32\_install.exe
Fil slettet - D:\Overførte filer fra C\Program Files\Common Files\InstallShield\Professional\RunTime\09\00\Intel32\_install.exe
Fil slettet - D:\Overførte filer fra C\Program Files\Common Files\InstallShield\Professional\RunTime\09\01\Intel32\_install.exe
Fil slettet - D:\Overførte filer fra C\Program Files\Common Files\InstallShield\Professional\RunTime\10\01\Intel32\_install.exe
Fil slettet - D:\Overførte filer fra C\Program Files\Common Files\InstallShield\UpdateService\_install.exe
Fil slettet - D:\Overførte filer fra C\Program Files\Common Files\Java\Update\Base Images\j2re1.4.2-b28\patch-j2re1.4.2_04-b05\_install.exe
Fil slettet - D:\Overførte filer fra C\Program Files\Common Files\Java\Update\Base Images\j2re1.4.2-b28\patch-j2re1.4.2_05-b04\_install.exe
Fil slettet - D:\Overførte filer fra C\Program Files\Common Files\Java\Update\Base Images\j2re1.4.2-b28\patch-j2re1.4.2_06-b03\_install.exe
Fil slettet - D:\Overførte filer fra C\Program Files\Common Files\Java\Update\Base Images\jre1.5.0.b64\patch-jre1.5.0_02.b09\_install.exe
Fil slettet - D:\Overførte filer fra C\Program Files\Common Files\Java\Update\Base Images\jre1.5.0.b64\patch-jre1.5.0_04.b05\_install.exe
Fil slettet - D:\Overførte filer fra C\Program Files\Common Files\Logitech\QCDriver\_install.exe
Fil slettet - D:\Overførte filer fra C\Program Files\Common Files\Logitech\QCDriver\Install\_install.exe
Fil slettet - D:\Overførte filer fra C\Program Files\Common Files\Logitech\QCDriver2\_install.exe
Fil slettet - D:\Overførte filer fra C\Program Files\Common Files\Logitech\QCDriver2\Install\_install.exe
Fil slettet - D:\Overførte filer fra C\Program Files\Common Files\Logitech\QCDriver3\_install.exe
Fil slettet - D:\Overførte filer fra C\Program Files\Common Files\Logitech\QCDriver3\Install\_install.exe
Fil slettet - D:\Overførte filer fra C\Program Files\Common Files\Microsoft Shared\dasetup\_install.exe
Fil slettet - D:\Overførte filer fra C\Program Files\Common Files\Microsoft Shared\MSInfo\_install.exe
Fil slettet - D:\Overførte filer fra C\Program Files\Common Files\Microsoft Shared\Smart Tag\_install.exe
Fil slettet - D:\Overførte filer fra C\Program Files\Common Files\Microsoft Shared\Speech\_install.exe
Fil slettet - D:\Overførte filer fra C\Program Files\Common Files\Microsoft Shared\VS7DEBUG\_install.exe
Fil slettet - D:\Overførte filer fra C\Program Files\Common Files\mozilla.org\GRE\1.7.11_2005072806\_install.exe
Fil slettet - D:\Overførte filer fra C\Program Files\Common Files\mozilla.org\GRE\1.7.11_2005072806\uninstall\_install.exe
Fil slettet - D:\Overførte filer fra C\Program Files\Common Files\Real\Update\_install.exe
Fil slettet - D:\Overførte filer fra C\Program Files\CoolSystems\ordbogen.com\_install.exe
Fil slettet - D:\Overførte filer fra C\Program Files\Creative\Shared Files\_install.exe
Fil slettet - D:\Overførte filer fra C\Program Files\CyberLink\Common\_install.exe
Fil slettet - D:\Overførte filer fra C\Program Files\CyberLink\PowerDVD\_install.exe
Fil slettet - D:\Overførte filer fra C\Program Files\Davka Corp\DavkaViewer Platinum\_install.exe
Fil slettet - D:\Overførte filer fra C\Program Files\Dictionary\_install.exe
Fil slettet - D:\Overførte filer fra C\Program Files\Disney Interactive\Disneys Tarzan Action Game Demo\_install.exe
Fil slettet - D:\Overførte filer fra C\Program Files\DivX\DivX\_install.exe
Fil slettet - D:\Overførte filer fra C\Program Files\EA SPORTS\EA SPORTS online\_install.exe
Fil slettet - D:\Overførte filer fra C\Program Files\EA SPORTS\NBA LIVE 2004\_install.exe
Fil slettet - D:\Overførte filer fra C\Program Files\EA SPORTS\Tiger Woods PGA TOUR 2004 Demo\_install.exe
Fil slettet - D:\Overførte filer fra C\Program Files\EA SPORTS\Tiger Woods PGA TOUR 2004 Demo\Bin\_install.exe
Fil slettet - D:\Overførte filer fra C\Program Files\Easy Movie Splitter\_install.exe
Fil slettet - D:\Overførte filer fra C\Program Files\Eidos\CM 03-04\_install.exe
Fil slettet - D:\Overførte filer fra C\Program Files\Eidos\CM 03-04\Utils\_install.exe
Fil slettet - D:\Overførte filer fra C\Program Files\Elaborate Bytes\CloneDVD2\_install.exe
Fil slettet - D:\Overførte filer fra C\Program Files\ewido\security suite\_install.exe
Fil slettet - D:\Overførte filer fra C\Program Files\Executive Software\Diskeeper Home Edition Setup\_install.exe
Fil slettet - D:\Overførte filer fra C\Program Files\Firebird\Firebird_1_5\_install.exe
Fil slettet - D:\Overførte filer fra C\Program Files\Firebird\Firebird_1_5\bin\_install.exe
Fil slettet - D:\Overførte filer fra C\Program Files\Firebird\Firebird_1_5\doc\sql.extensions\_install.exe
Fil slettet - D:\Overførte filer fra C\Program Files\FlasKMPEG\_install.exe
Fil slettet - D:\Overførte filer fra C\Program Files\Gallup Interactive\NetBehaviour\_install.exe
Fil slettet - D:\Overførte filer fra C\Program Files\GameSpy Arcade\Services\_common\_install.exe
Fil slettet - D:\Overførte filer fra C\Program Files\Google\Gmail Notifier\_install.exe
Fil slettet - D:\Overførte filer fra C\Program Files\Google\Gmail Notifier\G001-1.0.25.0\_install.exe
Fil slettet - D:\Overførte filer fra C\Program Files\Google\Google Earth\_install.exe
Fil slettet - D:\Overførte filer fra C\Program Files\Grisoft\AVG Free\_install.exe
Fil slettet - D:\Overførte filer fra C\Program Files\GThing\_install.exe
Fil slettet - D:\Overførte filer fra C\Program Files\Helexis\Icon Catcher\_install.exe
Fil slettet - D:\Overførte filer fra C\Program Files\Illustrate\dBpowerAMP\_install.exe
Fil slettet - D:\Overførte filer fra C\Program Files\Infogrames\RollerCoaster Tycoon 2\_install.exe
Fil slettet - D:\Overførte filer fra C\Program Files\InstallShield Installation Information\{2B34414C-14FB-11D6-A329-0050045C24B2}\_install.exe
Fil slettet - D:\Overførte filer fra C\Program Files\InstallShield Installation Information\{3DE5E7D4-7B88-403C-A3FD-2017A8240C5B}\_install.exe
Fil slettet - D:\Overførte filer fra C\Program Files\InstallShield Installation Information\{4B35F00C-E63D-40DC-9839-DF15A33EAC46}\_install.exe
Fil slettet - D:\Overførte filer fra C\Program Files\InstallShield Installation Information\{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}\_install.exe
Fil slettet - D:\Overførte filer fra C\Program Files\InstallShield Installation Information\{72DF62BD-FF36-424E-AA5F-D89BAFF2C249}\_install.exe
Fil slettet - D:\Overførte filer fra C\Program Files\InstallShield Installation Information\{84146EF9-4DCB-4321-89AE-EA38956F5FC7}\_install.exe
Fil slettet - D:\Overførte filer fra C\Program Files\InstallShield Installation Information\{900B1197-53F5-4F46-A882-2CFFFE2EEDCB}\_install.exe
Fil slettet - D:\Overførte filer fra C\Program Files\InstallShield Installation Information\{984F10FD-11FD-4BED-8163-92DB81E6A825}\_install.exe
Fil slettet - D:\Overførte filer fra C\Program Files\InstallShield Installation Information\{F5346614-B7C4-4E94-826A-E2363155233D}\_install.exe
Fil slettet - D:\Overførte filer fra C\Program Files\Internet Explorer\_install.exe
Fil slettet - D:\Overførte filer fra C\Program Files\Internet Explorer\Connection Wizard\_install.exe
Fil slettet - D:\Overførte filer fra C\Program Files\Java\j2re1.4.2_04\bin\_install.exe
Fil slettet - D:\Overførte filer fra C\Program Files\Java\j2re1.4.2_04\javaws\_install.exe
Fil slettet - D:\Overførte filer fra C\Program Files\Java\j2re1.4.2_05\bin\_install.exe
Fil slettet - D:\Overførte filer fra C\Program Files\Java\j2re1.4.2_05\javaws\_install.exe
Fil slettet - D:\Overførte filer fra C\Program Files\Java\j2re1.4.2_06\bin\_install.exe
Fil slettet - D:\Overførte filer fra C\Program Files\Java\j2re1.4.2_06\javaws\_install.exe
Fil slettet - D:\Overførte filer fra C\Program Files\Java\jre1.5.0_02\bin\_install.exe
Fil slettet - D:\Overførte filer fra C\Program Files\Java\jre1.5.0_04\bin\_install.exe
Fil slettet - D:\Overførte filer fra C\Program Files\LG PC Suite\LG Phone Manager\_install.exe
Fil slettet - D:\Overførte filer fra C\Program Files\Logitech\Desktop Messenger\8876480\7.2.0.137-8876480SL\Install\_install.exe
Fil slettet - D:\Overførte filer fra C\Program Files\Logitech\Desktop Messenger\8876480\7.2.0.137-8876480SL\Program\_install.exe
Fil slettet - D:\Overførte filer fra C\Program Files\Logitech\Desktop Messenger\8876480\Users\Greg\_install.exe
Fil slettet - D:\Overførte filer fra C\Program Files\Logitech\Desktop Messenger\8876480\Users\Greg\Data\4da8\a9acb3e\_install.exe
Fil slettet - D:\Overførte filer fra C\Program Files\Logitech\Desktop Messenger\8876480\Users\Greg\Data\7b25\a9a3f18\_install.exe
Fil slettet - D:\Overførte filer fra C\Program Files\Logitech\IM Video Companion\_install.exe
Fil slettet - D:\Overførte filer fra C\Program Files\Logitech\ImageStudio\_install.exe
Fil slettet - D:\Overførte filer fra C\Program Files\Logitech\ImageStudio\WME\_install.exe
Fil slettet - D:\Overførte filer fra C\Program Files\Messenger\_install.exe
Fil slettet - D:\Overførte filer fra C\Program Files\Microsoft Games\Motocross Madness 2 Trial\_install.exe
Fil slettet - D:\Overførte filer fra C\Program Files\Movie Maker\_install.exe
Fil slettet - D:\Overførte filer fra C\Program Files\mozilla.org\Mozilla\_install.exe
Fil slettet - D:\Overførte filer fra C\Program Files\mozilla.org\Mozilla\components\_install.exe
Fil slettet - D:\Overførte filer fra C\Program Files\mozilla.org\Mozilla\uninstall\_install.exe
Fil slettet - D:\Overførte filer fra C\Program Files\MSN\MSNCoreFiles\_install.exe
Fil slettet - D:\Overførte filer fra C\Program Files\MSN\MSNCoreFiles\Setup\_install.exe
Fil slettet - D:\Overførte filer fra C\Program Files\MSN\MSNCoreFiles.BAK.{FEC69D39-ADBA-4928-98F0-3571AA97ABDF}\_install.exe
Fil slettet - D:\Overførte filer fra C\Program Files\MSN\MSNCoreFiles.BAK.{FEC69D39-ADBA-4928-98F0-3571AA97ABDF}\Setup\_install.exe
Fil slettet - D:\Overførte filer fra C\Program Files\MSN Gaming Zone\Windows\_install.exe
Fil slettet - D:\Overførte filer fra C\Program Files\MSN Messenger\_install.exe
Fil slettet - D:\Overførte filer fra C\Program Files\NetMeeting\_install.exe
Fil slettet - D:\Overførte filer fra C\Program Files\NimoCodec Pack\_install.exe
Fil slettet - D:\Overførte filer fra C\Program Files\NimoCodec Pack\DirectVobSub\_install.exe
Fil slettet - D:\Overførte filer fra C\Program Files\Outlook Express\_install.exe
Fil slettet - D:\Overførte filer fra C\Program Files\PJW\SPGuard\_install.exe
Fil slettet - D:\Overførte filer fra C\Program Files\Poker Superstars\_install.exe
Fil slettet - D:\Overførte filer fra C\Program Files\Prismatic Software\DupDetector\_install.exe
Fil slettet - D:\Overførte filer fra C\Program Files\QuickTime\_install.exe
Fil slettet - D:\Overførte filer fra C\Program Files\Real\RealPlayer\_install.exe
Fil slettet - D:\Overførte filer fra C\Program Files\Real\RealPlayer\Setup\_install.exe
Fil slettet - D:\Overførte filer fra C\Program Files\RegSupreme\_install.exe
Fil slettet - D:\Overførte filer fra C\Program Files\SiSLan\_install.exe
Fil slettet - D:\Overførte filer fra C\Program Files\SlySoft\AnyDVD\_install.exe
Fil slettet - D:\Overførte filer fra C\Program Files\SmartFTP\_install.exe
Fil slettet - D:\Overførte filer fra C\Program Files\SmartFTP Setup Files\_install.exe
Fil slettet - D:\Overførte filer fra C\Program Files\Split Join Convert Video\_install.exe
Fil slettet - D:\Overførte filer fra C\Program Files\Spybot - Search & Destroy\_install.exe
Fil slettet - D:\Overførte filer fra C\Program Files\Spybot - Search & Destroy\Updates\_install.exe
Fil slettet - D:\Overførte filer fra C\Program Files\SpywareBlaster\_install.exe
Fil slettet - D:\Overførte filer fra C\Program Files\SpywareGuard\_install.exe
Fil slettet - D:\Overførte filer fra C\Program Files\StartBtn Renamer\_install.exe
Fil slettet - D:\Overførte filer fra C\Program Files\SuperAudiotool\WAV MP3 Converter\_install.exe
Fil slettet - D:\Overførte filer fra C\Program Files\SurfSecret\_install.exe
Fil slettet - D:\Overførte filer fra C\Program Files\THQ\MotoGP URT 3 Demo\_install.exe
Fil slettet - D:\Overførte filer fra C\Program Files\ToniArts\EasyCleaner\_install.exe
Fil slettet - D:\Overførte filer fra C\Program Files\Trend Micro\PC-cillin 2002\_install.exe
Fil slettet - D:\Overførte filer fra C\Program Files\Virtual Notes\_install.exe
Fil slettet - D:\Overførte filer fra C\Program Files\Windows Media 7 PowerToys\Player\_install.exe
Fil slettet - D:\Overførte filer fra C\Program Files\Windows Media Components\Encoder\_install.exe
Fil slettet - D:\Overførte filer fra C\Program Files\Windows Media Player\_install.exe
Fil slettet - D:\Overførte filer fra C\Program Files\Windows Media Player\Installer\_install.exe
Fil slettet - D:\Overførte filer fra C\Program Files\Windows NT\_install.exe
Fil slettet - D:\Overførte filer fra C\Program Files\Windows NT\Accessories\_install.exe
Fil slettet - D:\Overførte filer fra C\Program Files\Windows NT\Pinball\_install.exe
Fil slettet - D:\Overførte filer fra C\Program Files\Xvideo\_install.exe
Fil slettet - D:\Program Files\Altnet\Download Manager\_install.exe
Fil slettet - D:\Programmer\_install.exe
Fil slettet - D:\Programmer\3DO\Heroes3\_install.exe
Fil slettet - D:\Programmer\3DO\Heroes3\Heat\_install.exe
Fil slettet - D:\Programmer\3DO\Heroes3\mplayAB\_install.exe
Fil slettet - D:\Programmer\3DO\Heroes3\ONLINE\_install.exe
Fil slettet - D:\Programmer\3DO\Heroes3\OnlineAB\_install.exe
Fil slettet - D:\Programmer\3DO\Heroes3\Register\_install.exe
Fil slettet - D:\Programmer\3DO\Heroes3\Support\_install.exe
Fil slettet - D:\Programmer\Active CPU\_install.exe
Fil slettet - D:\Programmer\Adobe\Acrobat 5.0\Acrobat\_install.exe
Fil slettet - D:\Programmer\Adobe\Acrobat 5.0\Distillr\_install.exe
Fil slettet - D:\Programmer\Adobe\Acrobat 5.0\Reader\_install.exe
Fil slettet - D:\Programmer\Adobe\Acrobat 6.0\Reader\_install.exe
Fil slettet - D:\Programmer\Adobe\Acrobat 6.0\Reader\Updater\_install.exe
Fil slettet - D:\Programmer\Antiy Labs\AGuard\_install.exe
Fil slettet - D:\Programmer\Antiy Labs\Alive\_install.exe
Fil slettet - D:\Programmer\Apple Software Update\_install.exe
Fil slettet - D:\Programmer\Attila\_install.exe
Fil slettet - D:\Programmer\BearShare\_install.exe
Fil slettet - D:\Programmer\BearShare\Installer\_install.exe
Fil slettet - D:\Programmer\BearShare Applications\BearShare\_install.exe
Fil slettet - D:\Programmer\BearShare Turbo\_install.exe
Fil slettet - D:\Programmer\Blaze Media Pro\_install.exe
Fil slettet - D:\Programmer\Blindskrift\_install.exe
Fil slettet - D:\Programmer\Blindskrift\Agent Setup\_install.exe
Fil slettet - D:\Programmer\BPFTP Server\_install.exe
Fil slettet - D:\Programmer\C-Media 3D Audio\_install.exe
Fil slettet - D:\Programmer\C-Media 3D Audio\Play3D\_install.exe
Fil slettet - D:\Programmer\Canon\CAL\_install.exe
Fil slettet - D:\Programmer\Canon\CameraWindow\CameraWindowDVC\_install.exe
Fil slettet - D:\Programmer\Canon\CameraWindow\CameraWindowDVC6\_install.exe
Fil slettet - D:\Programmer\Canon\CameraWindow\CameraWindowMC\_install.exe
Fil slettet - D:\Programmer\Canon\CameraWindow\RemoteCaptureTask DC\_install.exe
Fil slettet - D:\Programmer\Canon\CSCLIB\_install.exe
Fil slettet - D:\Programmer\Canon\EOS Utility\_install.exe
Fil slettet - D:\Programmer\Canon\PhotoStitch\_install.exe
Fil slettet - D:\Programmer\Canon\RAW Image Task\_install.exe
Fil slettet - D:\Programmer\Canon\ZoomBrowser EX\Program\_install.exe
Fil slettet - D:\Programmer\CoolSystems\ordbogen.com\_install.exe
Fil slettet - D:\Programmer\Corel\Corel Paint Shop Pro X - Installation Files\_install.exe
Fil slettet - D:\Programmer\Creative\CTDPlugin\_install.exe
Fil slettet - D:\Programmer\Creative\Mouse Optical\_install.exe
Fil slettet - D:\Programmer\Creative\Mouse Optical\bak\_install.exe
Fil slettet - D:\Programmer\Creative\Product Registration\English\_install.exe
Fil slettet - D:\Programmer\Creative\Shared Files\_install.exe
Fil slettet - D:\Programmer\CyberLink\Common\_install.exe
Fil slettet - D:\Programmer\CyberLink\PhotoNow\_install.exe
Fil slettet - D:\Programmer\CyberLink\PowerDVD\_install.exe
Fil slettet - D:\Programmer\EA SPORTS\NBA LIVE 2004\_install.exe
Fil slettet - D:\Programmer\EA SPORTS\NBA LIVE 2004\Support\_install.exe
Fil slettet - D:\Programmer\Family Games\EuroGeo\_install.exe
Fil slettet - D:\Programmer\Fælles filer\Adobe\Web\_install.exe
Fil slettet - D:\Programmer\Fælles filer\Canon\UIW\1.0.0.0\_install.exe
Fil slettet - D:\Programmer\Fælles filer\InstallShield\Driver\11\Intel 32\_install.exe
Fil slettet - D:\Programmer\Fælles filer\InstallShield\Driver\7\Intel 32\_install.exe
Fil slettet - D:\Programmer\Fælles filer\InstallShield\Driver\8\Intel 32\_install.exe
Fil slettet - D:\Programmer\Fælles filer\InstallShield\Driver\9\Intel 32\_install.exe
Fil slettet - D:\Programmer\Fælles filer\InstallShield\Engine\6\Intel 32\_install.exe
Fil slettet - D:\Programmer\Fælles filer\InstallShield\Professional\RunTime\0701\Intel32\_install.exe
Fil slettet - D:\Programmer\Fælles filer\InstallShield\Professional\RunTime\09\01\Intel32\_install.exe
Fil slettet - D:\Programmer\Fælles filer\InstallShield\Professional\RunTime\11\00\Intel32\_install.exe
Fil slettet - D:\Programmer\Fælles filer\InstallShield\UpdateService\_install.exe
Fil slettet - D:\Programmer\Fælles filer\InterVideo\DVD7\InterActual\_install.exe
Fil slettet - D:\Programmer\Fælles filer\Java\Update\Base Images\jre1.5.0.b64\patch-jre1.5.0_04.b05\_install.exe
Fil slettet - D:\Programmer\Fælles filer\Java\Update\Base Images\jre1.5.0.b64\patch-jre1.5.0_06.b05\_install.exe
Fil slettet - D:\Programmer\Fælles filer\Java\Update\Base Images\jre1.5.0.b64\patch-jre1.5.0_10.b03\_install.exe
Fil slettet - D:\Programmer\Fælles filer\Microsoft Shared\MSInfo\_install.exe
Fil slettet - D:\Programmer\Fælles filer\Microsoft Shared\Smart Tag\_install.exe
Fil slettet - D:\Programmer\Fælles filer\Microsoft Shared\Speech\_install.exe
Fil slettet - D:\Programmer\Fælles filer\Microsoft Shared\VS7DEBUG\_install.exe
Fil slettet - D:\Programmer\Gads Bogskab\_install.exe
Fil slettet - D:\Programmer\Google\_install.exe
Fil slettet - D:\Programmer\Google\Common\Google Updater\_install.exe
Fil slettet - D:\Programmer\Google\Google Desktop Search\_install.exe
Fil slettet - D:\Programmer\Google\GoogleToolbarNotifier\_install.exe
Fil slettet - D:\Programmer\Grisoft\AVG Anti-Spyware 7.5\_install.exe
Fil slettet - D:\Programmer\GTs Betting Calculator 3.01\_install.exe
Fil slettet - D:\Programmer\IE Privacy Keeper\_install.exe
Fil slettet - D:\Programmer\ImTOO\MPEG Encoder 3\_install.exe
Fil slettet - D:\Programmer\InstallShield Installation Information\{2EBA5473-558B-462C-AEE4-FE50FA799F2A}\_install.exe
Fil slettet - D:\Programmer\InstallShield Installation Information\{4B35F00C-E63D-40DC-9839-DF15A33EAC46}\_install.exe
Fil slettet - D:\Programmer\InstallShield Installation Information\{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}\_install.exe
Fil slettet - D:\Programmer\InstallShield Installation Information\{8EF1122E-E90C-4EE9-AB0C-7FDE2BA42C26}\_install.exe
Fil slettet - D:\Programmer\InstallShield Installation Information\{B023185F-F1EF-4F97-B0BD-AE6D802226D1}\_install.exe
Fil slettet - D:\Programmer\InstallShield Installation Information\{B97CF5C3-0487-11D8-A36E-0050BAE317E1}\_install.exe
Fil slettet - D:\Programmer\InstallShield Installation Information\{D36DD326-7280-11D8-97C8-000129760CBE}\_install.exe
Fil slettet - D:\Programmer\InstallShield Installation Information\{E0AD4033-D89B-11D7-97C2-00055D0CA761}\_install.exe
Fil slettet - D:\Programmer\InstallShield Installation Information\{E2D27B84-6365-11D6-9BAF-0090271AF8A4}\_install.exe
Fil slettet - D:\Programmer\InstallShield Installation Information\{F5346614-B7C4-4E94-826A-E2363155233D}\_install.exe
Fil slettet - D:\Programmer\Internet Explorer\_install.exe
Fil slettet - D:\Programmer\Internet Explorer\Connection Wizard\_install.exe
Fil slettet - D:\Programmer\Internet Explorer\IE Uninstall\_install.exe
Fil slettet - D:\Programmer\Internet Explorer\W2K\_install.exe
Fil slettet - D:\Programmer\iPod\bin\_install.exe
Fil slettet - D:\Programmer\iTunes\_install.exe
Fil slettet - D:\Programmer\iTunes\bak\_install.exe
Fil slettet - D:\Programmer\Java\jre1.5.0_04\bin\_install.exe
Fil slettet - D:\Programmer\Java\jre1.5.0_06\bin\_install.exe
Fil slettet - D:\Programmer\Java\jre1.5.0_10\bin\_install.exe
Fil slettet - D:\Programmer\Java\jre1.5.0_10\bin\bak\_install.exe
Fil slettet - D:\Programmer\Kazaa\My Shared Folder\_install.exe
Fil slettet - D:\Programmer\Lavasoft\Ad-Aware 2007\_install.exe
Fil slettet - D:\Programmer\LimeWire\_install.exe
Fil slettet - D:\Programmer\Messenger\_install.exe
Fil slettet - D:\Programmer\Microsoft ActiveSync\_install.exe
Fil slettet - D:\Programmer\Microsoft Games\Motocross Madness 2 Trial\_install.exe
Fil slettet - D:\Programmer\MindSoft\MindSoft Utilities XP 8.2\_install.exe
Fil slettet - D:\Programmer\Movie Maker\_install.exe
Fil slettet - D:\Programmer\Mozilla Firefox\_install.exe
Fil slettet - D:\Programmer\Mozilla Firefox\plugins\_install.exe
Fil slettet - D:\Programmer\Mozilla Firefox\uninstall\_install.exe
Fil slettet - D:\Programmer\MP3 Player Utilities V1.28\RDiskUpdate\_install.exe
Fil slettet - D:\Programmer\MP3 Player Utilities V1.28\RDiskUtility\_install.exe
Fil slettet - D:\Programmer\MP3 Player Utilities V1.28\SoundConvert\_install.exe
Fil slettet - D:\Programmer\MSN\MSNCoreFiles\_install.exe
Fil slettet - D:\Programmer\MSN\MSNCoreFiles\Setup\_install.exe
Fil slettet - D:\Programmer\MSN Gaming Zone\Windows\_install.exe
Fil slettet - D:\Programmer\MSN Messenger\_install.exe
Fil slettet - D:\Programmer\MSN Messenger\Device Manager\_install.exe
Fil slettet - D:\Programmer\Musicmatch\Musicmatch Jukebox\_install.exe
Fil slettet - D:\Programmer\Musicmatch\Musicmatch Update\_install.exe
Fil slettet - D:\Programmer\Musicmatch\Musicmatch Update\DLM\_install.exe
Fil slettet - D:\Programmer\Musicmatch\Musicmatch Update\MMJB\_install.exe
Fil slettet - D:\Programmer\Musicmatch\Musicmatch Update\MMJB\TDM\_install.exe
Fil slettet - D:\Programmer\Musicmatch\Musicmatch Update\MMJB\WMDMDist\_install.exe
Fil slettet - D:\Programmer\Musicmatch\Musicmatch Update\MMJB\WMFDist\_install.exe
Fil slettet - D:\Programmer\Musicmatch\Musicmatch Update\TDM\_install.exe
Fil slettet - D:\Programmer\NetMeeting\_install.exe
Fil slettet - D:\Programmer\Outlook Express\_install.exe
Fil slettet - D:\Programmer\Phex_0.9.0.44\_install.exe
Fil slettet - D:\Programmer\QuickTime\_install.exe
Fil slettet - D:\Programmer\QuickTime\bak\_install.exe
Fil slettet - D:\Programmer\QuickTime\QTSystem\_install.exe
Fil slettet - D:\Programmer\Registry Mechanic\_install.exe
Fil slettet - D:\Programmer\Registry Mechanic\backup\_install.exe
Fil slettet - D:\Programmer\Robusst.ws\ISB\_install.exe
Fil slettet - D:\Programmer\Rockstar Games\Grand Theft Auto Vice City\_install.exe
Fil slettet - D:\Programmer\SiSLan\_install.exe
Fil slettet - D:\Programmer\Skype\Phone\_install.exe
Fil slettet - D:\Programmer\SoftwareRevenue.org\_install.exe
Fil slettet - D:\Programmer\SpywareBlaster\_install.exe
Fil slettet - D:\Programmer\Support\_install.exe
Fil slettet - D:\Programmer\ToniArts\EasyCleaner\_install.exe
Fil slettet - D:\Programmer\Trend Micro\PC-cillin 2002\_install.exe
Fil slettet - D:\Programmer\Trend Micro\PC-cillin 2002\bak\_install.exe
Fil slettet - D:\Programmer\UltimateZip 2.7\_install.exe
Fil slettet - D:\Programmer\VirtualDub\_install.exe
Fil slettet - D:\Programmer\Windows Media Player\_install.exe
Fil slettet - D:\Programmer\Windows NT\_install.exe
Fil slettet - D:\Programmer\Windows NT\Tilbehør\_install.exe
Fil slettet - D:\Programmer\Yahoo!\Common\_install.exe
Fil slettet - D:\Programmer\Yahoo!\Installs\_install.exe
Fil slettet - D:\Reader\_install.exe
Fil slettet - D:\Register\_install.exe
Fil slettet - D:\Support\_install.exe
Fil slettet - D:\Themes\_install.exe
Fil slettet - D:\WINDOWS\_install.exe
Fil slettet - D:\WINDOWS\$MSI31Uninstall_KB893803$\_install.exe
Fil slettet - D:\WINDOWS\$MSI31Uninstall_KB893803$\spuninst\_install.exe
Fil slettet - D:\WINDOWS\$NtServicePackUninstall$\_install.exe
Fil slettet - D:\WINDOWS\$NtServicePackUninstall$\spuninst\_install.exe
Fil slettet - D:\WINDOWS\$NtUninstallKB842773$\spuninst\_install.exe
Fil slettet - D:\WINDOWS\bak\_install.exe
Fil slettet - D:\WINDOWS\Cache\Adobe Reader 6.0\DANBIG\_install.exe
Fil slettet - D:\WINDOWS\Downloaded Installations\{501BADCD-F8F7-44CB-AC3F-6ED25C1A28B5}\_install.exe
Fil slettet - D:\WINDOWS\Downloaded Installations\{54C0D94A-F467-4ABC-9D02-6E58748668D4}\_install.exe
Fil slettet - D:\WINDOWS\Downloaded Installations\{872653C6-5DDC-488B-B7C2-CF9E4D9335E5}\_install.exe
Fil slettet - D:\WINDOWS\Downloaded Program Files\_install.exe
Fil slettet - D:\WINDOWS\Easy CD-DA Extractor\_install.exe
Fil slettet - D:\WINDOWS\ehome\_install.exe
Fil slettet - D:\WINDOWS\Help\Tours\mmTour\_install.exe
Fil slettet - D:\WINDOWS\inf\_install.exe
Fil slettet - D:\WINDOWS\Installationsfiler til Windows Update\_install.exe
Fil slettet - D:\WINDOWS\Installer\{1CB92574-96F2-467B-B793-5CEB35C40C29}\_install.exe
Fil slettet - D:\WINDOWS\Installer\{350C97C6-3D7C-4EE8-BAA9-00BCB3D54227}\_install.exe
Fil slettet - D:\WINDOWS\Installer\{3868A8EE-5051-4DB0-8DF6-4F4B8A98D083}\_install.exe
Fil slettet - D:\WINDOWS\Installer\{446DBFFA-4088-48E3-8932-74316BA4CAE4}\_install.exe
Fil slettet - D:\WINDOWS\Installer\{49FC50FC-F965-40D9-89B4-CBFF80941033}\_install.exe
Fil slettet - D:\WINDOWS\Installer\{53480370-6CA2-47EC-BC05-02B4B9271C31}\_install.exe
Fil slettet - D:\WINDOWS\Installer\{716E0306-8318-4364-8B8F-0CC4E9376BAC}\_install.exe
Fil slettet - D:\WINDOWS\Installer\{872653C6-5DDC-488B-B7C2-CF9E4D9335E5}\_install.exe
Fil slettet - D:\WINDOWS\Installer\{8F5B0B2A-5EE7-4DF5-9405-1A985C377EAF}\_install.exe
Fil slettet - D:\WINDOWS\Installer\{90110406-6000-11D3-8CFE-0150048383C9}\_install.exe
Fil slettet - D:\WINDOWS\Installer\{A50C25D7-62E9-4511-AD70-8E2DA5E79B7D}\_install.exe
Fil slettet - D:\WINDOWS\Installer\{AC76BA86-7AD7-1030-7B44-000000000001}\_install.exe
Fil slettet - D:\WINDOWS\Installer\{C5B9C677-4BE8-11D3-8B01-0008C7797B27}\_install.exe
Fil slettet - D:\WINDOWS\Installer\{C90F3E44-3BF6-11D4-A110-00500405613A}\_install.exe
Fil slettet - D:\WINDOWS\Installer\{DED53B0B-B67C-4244-AE6A-D6FD3C28D1EF}\_install.exe
Fil slettet - D:\WINDOWS\Installer\{F71C0208-1D32-439D-9257-F90F0BAACE6A}\_install.exe
Fil slettet - D:\WINDOWS\msagent\_install.exe
Fil slettet - D:\WINDOWS\PCHEALTH\HELPCTR\Binaries\_install.exe
Fil slettet - D:\WINDOWS\PCHEALTH\UploadLB\Binaries\_install.exe
Fil slettet - D:\WINDOWS\RegisteredPackages\{3FDF25EE-E592-4495-8391-6E9C504DAC2B}\_install.exe
Fil slettet - D:\WINDOWS\RegisteredPackages\{3FDF25EE-E592-4495-8391-6E9C504DAC2B}$BACKUP$\System\_install.exe
Fil slettet - D:\WINDOWS\RegisteredPackages\{44BBA855-CC51-11CF-AAFA-00AA00B6015C}\_install.exe
Fil slettet - D:\WINDOWS\RegisteredPackages\{60BFF50D-FB2C-4498-A577-C9548C390BB9}\_install.exe
Fil slettet - D:\WINDOWS\RegisteredPackages\{981FB688-E76B-4246-987B-92083185B90A}\_install.exe
Fil slettet - D:\WINDOWS\RegisteredPackages\{AAC1D942-0B38-4E37-9E4E-5B96A9DD2170}\_install.exe
Fil slettet - D:\WINDOWS\RegisteredPackages\{AAC1D942-0B38-4E37-9E4E-5B96A9DD2170}$BACKUP$\System\_install.exe
Fil slettet - D:\WINDOWS\RegisteredPackages\{DD90D410-1823-43EB-9A16-A2331BF08799}\_install.exe
Fil slettet - D:\WINDOWS\RegisteredPackages\{DD90D410-1823-43EB-9A16-A2331BF08799}$BACKUP$\System\_install.exe
Fil slettet - D:\WINDOWS\ServicePackFiles\i386\_install.exe
Fil slettet - D:\WINDOWS\ServicePackFiles\i386\lang\_install.exe
Fil slettet - D:\WINDOWS\system\_install.exe
Fil slettet - D:\WINDOWS\system32\_install.exe
Fil slettet - D:\WINDOWS\system32\Com\_install.exe
Fil slettet - D:\WINDOWS\system32\dllcache\_install.exe
Fil slettet - D:\WINDOWS\system32\Macromed\Flash\_install.exe
Fil slettet - D:\WINDOWS\system32\Macromed\Shockwave 10\_install.exe
Fil slettet - D:\WINDOWS\system32\npp\_install.exe
Fil slettet - D:\WINDOWS\system32\oobe\_install.exe
Fil slettet - D:\WINDOWS\system32\Restore\_install.exe
Fil slettet - D:\WINDOWS\system32\usmt\_install.exe
Fil slettet - D:\WINDOWS\system32\wbem\_install.exe
Fil slettet - D:\Yahtzee\_install.exe

Synes godt om

fromsej Praktikant

01. januar 2008 - 10:40 #39

Det tog forhåbentlig det rå.

Dobbeltklik på FindAWF.exe
Skriv 1. Så kører scanningen

Det vil tage lidt tid for at fuldføre scanningen.
Når scanningen er færdig åbner notesblok med en txt fil der hedder AWF.txt som bliver gemt på skrivebordet

Send AWF.txt loggen herind i dit næste svar

Synes godt om

djgreg Nybegynder

01. januar 2008 - 14:58 #40

Synes godt om

fromsej Praktikant

01. januar 2008 - 18:33 #41

Klik på FindAWF ikonet igen
Skriv - 2 -> (to restore files from bak folders) - tryk Enter

En text fil åbner med navnet: files.txt
Kopiér indholdet mellem de stiplede linier ind: ( Det er kun et eksempel)
---------------------------------------

D:\WINDOWS\bak\SiSUSBrg.exe
D:\Programmer\iTunes\ituneshelper.exe
D:\Programmer\iTunes\bak\iTunesHelper.exe
D:\WINDOWS\Installer\{446DBFFA-4088-48E3-8932-74316BA4CAE4}\iTunesIco.exe
D:\Documents and Settings\All Users\Application Data\Apple Computer\Installer Cache\iTunes 7.0.2.16\iTunesSetupAdmin.exe
D:\Programmer\Microsoft ActiveSync\WCESCOMM.EXE
D:\Programmer\Microsoft ActiveSync\bak\WCESCOMM.EXE
D:\Programmer\QuickTime\qttask.exe
D:\Programmer\QuickTime\bak\qttask.exe
D:\Programmer\Creative\Mouse Optical\mouse_2k.exe
D:\Programmer\Creative\Mouse Optical\bak\mouse_2k.exe
C:\Program Files\Trend Micro\PC-cillin 2002\PCCClient.exe
D:\Programmer\Trend Micro\PC-cillin 2002\bak\PCCClient.exe
C:\Program Files\Trend Micro\PC-cillin 2002\pccguide.exe
D:\Overf›rte filer fra C\Program Files\Trend Micro\PC-cillin 2002\pccguide.exe
D:\Programmer\Trend Micro\PC-cillin 2002\bak\pccguide.exe
C:\Program Files\Trend Micro\PC-cillin 2002\Pop3trap.exe
D:\Overf›rte filer fra C\Program Files\Trend Micro\PC-cillin 2002\Pop3trap.exe
D:\Programmer\Trend Micro\PC-cillin 2002\bak\Pop3trap.exe
D:\Programmer\Java\jre1.5.0_04\bin\jusched.exe
D:\Programmer\Java\jre1.5.0_06\bin\jusched.exe
D:\Overf›rte filer fra C\Program Files\Java\j2re1.4.2_06\bin\jusched.exe
D:\Overf›rte filer fra C\Program Files\Java\j2re1.4.2_05\bin\jusched.exe
D:\Overf›rte filer fra C\Program Files\Java\jre1.5.0_04\bin\jusched.exe
D:\Overf›rte filer fra C\Program Files\Java\jre1.5.0_02\bin\jusched.exe
D:\Programmer\Java\jre1.5.0_10\bin\bak\jusched.exe

---------------------------------------------

Derefter, luk filen og sig ja til gemme ændringerne.
Når files.txt er gemt, gør FindAWF følgende:

Sletter de inficerede filer fra de respektive mapper.
Kopierer de originale filer til de rigtige mapper
Derefter kører den en ny scan, og åbner en ny log.
Kopier denne log herind i næste svar.

Synes godt om

djgreg Nybegynder

01. januar 2008 - 19:20 #42

Find AWF report by noahdfear ©2006
Version 1.40
Option 2 run successfully

bak folders found
~~~~~~~~~~~

Disken i drev C har ikke noget navn.
Diskens serienummer er 08CD-147E

Indhold af C:\PROGRA~1\MSNMES~1\BAK

0 fil(er) 0 byte
2 mappe(r) 7,119,806,464 byte ledig
Disken i drev D har ikke noget navn.
Diskens serienummer er CCC1-4508

Indhold af D:\WINDOWS\BAK

2002-07-12 11:15 106,496 SiSUSBrg.exe
1 fil(er) 106,496 byte
2 mappe(r) 25,596,342,272 byte ledig
Disken i drev D har ikke noget navn.
Diskens serienummer er CCC1-4508

Indhold af D:\PROGRA~1\ITUNES\BAK

2006-10-30 09:36 256,576 iTunesHelper.exe
1 fil(er) 256,576 byte
2 mappe(r) 25,596,338,176 byte ledig
Disken i drev D har ikke noget navn.
Diskens serienummer er CCC1-4508

Indhold af D:\PROGRA~1\MI3AA1~1\BAK

2004-02-24 14:07 401,491 WCESCOMM.EXE
1 fil(er) 401,491 byte
2 mappe(r) 25,596,338,176 byte ledig
Disken i drev D har ikke noget navn.
Diskens serienummer er CCC1-4508

Indhold af D:\PROGRA~1\QUICKT~1\BAK

2006-10-25 18:58 282,624 qttask.exe
1 fil(er) 282,624 byte
2 mappe(r) 25,596,338,176 byte ledig
Disken i drev D har ikke noget navn.
Diskens serienummer er CCC1-4508

Indhold af D:\PROGRA~1\CREATIVE\MOUSEO~1\BAK

2003-09-07 19:41 503,808 mouse_2k.exe
1 fil(er) 503,808 byte
2 mappe(r) 25,596,338,176 byte ledig
Disken i drev D har ikke noget navn.
Diskens serienummer er CCC1-4508

Indhold af D:\PROGRA~1\TRENDM~1\PC-CIL~1\BAK

2002-07-18 16:12 327,680 PCCClient.exe
2002-07-18 16:18 258,048 pccguide.exe
2002-07-18 16:15 307,266 Pop3trap.exe
3 fil(er) 892,994 byte
2 mappe(r) 25,596,338,176 byte ledig
Disken i drev D har ikke noget navn.
Diskens serienummer er CCC1-4508

Indhold af D:\PROGRA~1\FLLESF~1\AHEAD\LIB\BAK

0 fil(er) 0 byte
2 mappe(r) 25,596,338,176 byte ledig
Disken i drev D har ikke noget navn.
Diskens serienummer er CCC1-4508

Indhold af D:\PROGRA~1\JAVA\JRE15~1.0_1\BIN\BAK

2006-11-09 15:07 49,263 jusched.exe
1 fil(er) 49,263 byte
2 mappe(r) 25,596,338,176 byte ledig

Duplicate files of bak directory contents
~~~~~~~~~~~~~~~~~~~~~~~

106496 12 Jul 2002 "D:\WINDOWS\SiSUSBrg.exe"
106496 12 Jul 2002 "D:\WINDOWS\bak\SiSUSBrg.exe"
256576 30 Oct 2006 "D:\Programmer\iTunes\iTunesHelper.exe"
256576 30 Oct 2006 "D:\Programmer\iTunes\bak\iTunesHelper.exe"
102400 2 Jun 2007 "D:\WINDOWS\Installer\{446DBFFA-4088-48E3-8932-74316BA4CAE4}\iTunesIco.exe"
108096 30 Oct 2006 "D:\Documents and Settings\All Users\Application Data\Apple Computer\Installer Cache\iTunes 7.0.2.16\iTunesSetupAdmin.exe"
0 5 Jun 2003 "D:\Programmer\Microsoft ActiveSync\WCESCOMM.EXE"
401491 24 Feb 2004 "D:\Programmer\Microsoft ActiveSync\bak\WCESCOMM.EXE"
282624 25 Oct 2006 "D:\Programmer\QuickTime\qttask.exe"
282624 25 Oct 2006 "D:\Programmer\QuickTime\bak\qttask.exe"
0 5 Jun 2003 "D:\Programmer\Creative\Mouse Optical\mouse_2k.exe"
503808 7 Sep 2003 "D:\Programmer\Creative\Mouse Optical\bak\mouse_2k.exe"
327680 18 Jul 2002 "C:\Program Files\Trend Micro\PC-cillin 2002\PCCClient.exe"
327680 18 Jul 2002 "D:\Overf›rte filer fra C\Program Files\Trend Micro\PC-cillin 2002\PCCClient.exe"
327680 18 Jul 2002 "D:\Programmer\Trend Micro\PC-cillin 2002\bak\PCCClient.exe"
258048 18 Jul 2002 "C:\Program Files\Trend Micro\PC-cillin 2002\pccguide.exe"
258048 18 Jul 2002 "D:\Overf›rte filer fra C\Program Files\Trend Micro\PC-cillin 2002\pccguide.exe"
258048 18 Jul 2002 "D:\Programmer\Trend Micro\PC-cillin 2002\bak\pccguide.exe"
307266 18 Jul 2002 "C:\Program Files\Trend Micro\PC-cillin 2002\Pop3trap.exe"
307266 18 Jul 2002 "D:\Overf›rte filer fra C\Program Files\Trend Micro\PC-cillin 2002\Pop3trap.exe"
307266 18 Jul 2002 "D:\Programmer\Trend Micro\PC-cillin 2002\bak\Pop3trap.exe"
36975 3 Jun 2005 "D:\Programmer\Java\jre1.5.0_04\bin\jusched.exe"
49263 9 Nov 2006 "D:\Programmer\Java\jre1.5.0_10\bin\jusched.exe"
36975 10 Nov 2005 "D:\Programmer\Java\jre1.5.0_06\bin\jusched.exe"
32881 28 Sep 2004 "D:\Overf›rte filer fra C\Program Files\Java\j2re1.4.2_06\bin\jusched.exe"
32881 3 Jun 2004 "D:\Overf›rte filer fra C\Program Files\Java\j2re1.4.2_05\bin\jusched.exe"
36975 3 Jun 2005 "D:\Overf›rte filer fra C\Program Files\Java\jre1.5.0_04\bin\jusched.exe"
36975 4 Mar 2005 "D:\Overf›rte filer fra C\Program Files\Java\jre1.5.0_02\bin\jusched.exe"
49263 9 Nov 2006 "D:\Programmer\Java\jre1.5.0_10\bin\bak\jusched.exe"

end of report

Synes godt om

djgreg Nybegynder

01. januar 2008 - 22:34 #43

I øvrigt er jeg åbenbart ikke administrator på min computer. Jeg kan ikke gå ind i kontrolpanelet, idet jeg får denne besked når jeg prøver:

Begrænsninger

Denne handling er blevet annulleret på grund af begrænsninger på computeren. Kontakt systemadministratoren

Synes godt om

magictouch Nybegynder

02. januar 2008 - 07:20 #44

Fromsej er forhindret i dag, så jeg er "udnævnt" til substitut så længe. Kør lige samme procedure igen, på en lidt anden måde

Klik FindAWF ikonet igen

Skriv - 2 -> to restore files from bak folders - tryk Enter

En text fil åbner med navnet: files.txt
Kopiér indholdet mellem de stiplede linier ind-

---------------------------------------

D:\Programmer\Microsoft ActiveSync\bak
D:\Programmer\QuickTime\bak
D:\Programmer\Creative\Mouse Optical\bak
D:\Programmer\Trend Micro\PC-cillin 2002\bak
D:\Programmer\Trend Micro\PC-cillin 2002\bak
D:\Programmer\Trend Micro\PC-cillin 2002\bak
D:\Programmer\Java\jre1.5.0_10\bin\bak
D:\WINDOWS\bak

---------------------------------------------

Derefter, luk filen og sig ja til ændringerne.

Så kører den en ny scan, og åbner en ny log.

Kopier denne log herind i næste svar

Synes godt om

djgreg Nybegynder

02. januar 2008 - 09:19 #45

Find AWF report by noahdfear ©2006
Version 1.40
Option 2 run successfully

bak folders found
~~~~~~~~~~~

Disken i drev C har ikke noget navn.
Diskens serienummer er 08CD-147E

Indhold af C:\PROGRA~1\MSNMES~1\BAK

0 fil(er) 0 byte
2 mappe(r) 7,119,806,464 byte ledig
Disken i drev D har ikke noget navn.
Diskens serienummer er CCC1-4508

Indhold af D:\WINDOWS\BAK

0 fil(er) 0 byte
2 mappe(r) 25,574,457,344 byte ledig
Disken i drev D har ikke noget navn.
Diskens serienummer er CCC1-4508

Indhold af D:\PROGRA~1\ITUNES\BAK

2006-10-30 09:36 256,576 iTunesHelper.exe
1 fil(er) 256,576 byte
2 mappe(r) 25,574,453,248 byte ledig
Disken i drev D har ikke noget navn.
Diskens serienummer er CCC1-4508

Indhold af D:\PROGRA~1\MI3AA1~1\BAK

2004-02-24 14:07 401,491 WCESCOMM.EXE
1 fil(er) 401,491 byte
2 mappe(r) 25,574,453,248 byte ledig
Disken i drev D har ikke noget navn.
Diskens serienummer er CCC1-4508

Indhold af D:\PROGRA~1\QUICKT~1\BAK

0 fil(er) 0 byte
2 mappe(r) 25,574,453,248 byte ledig
Disken i drev D har ikke noget navn.
Diskens serienummer er CCC1-4508

Indhold af D:\PROGRA~1\CREATIVE\MOUSEO~1\BAK

2003-09-07 19:41 503,808 mouse_2k.exe
1 fil(er) 503,808 byte
2 mappe(r) 25,574,453,248 byte ledig
Disken i drev D har ikke noget navn.
Diskens serienummer er CCC1-4508

Indhold af D:\PROGRA~1\TRENDM~1\PC-CIL~1\BAK

2002-07-18 16:12 327,680 PCCClient.exe
2002-07-18 16:18 258,048 pccguide.exe
2002-07-18 16:15 307,266 Pop3trap.exe
3 fil(er) 892,994 byte
2 mappe(r) 25,574,453,248 byte ledig
Disken i drev D har ikke noget navn.
Diskens serienummer er CCC1-4508

Indhold af D:\PROGRA~1\FLLESF~1\AHEAD\LIB\BAK

0 fil(er) 0 byte
2 mappe(r) 25,574,453,248 byte ledig
Disken i drev D har ikke noget navn.
Diskens serienummer er CCC1-4508

Indhold af D:\PROGRA~1\JAVA\JRE15~1.0_1\BIN\BAK

0 fil(er) 0 byte
2 mappe(r) 25,574,453,248 byte ledig

Duplicate files of bak directory contents
~~~~~~~~~~~~~~~~~~~~~~~

256576 30 Oct 2006 "D:\Programmer\iTunes\iTunesHelper.exe"
256576 30 Oct 2006 "D:\Programmer\iTunes\bak\iTunesHelper.exe"
102400 2 Jun 2007 "D:\WINDOWS\Installer\{446DBFFA-4088-48E3-8932-74316BA4CAE4}\iTunesIco.exe"
108096 30 Oct 2006 "D:\Documents and Settings\All Users\Application Data\Apple Computer\Installer Cache\iTunes 7.0.2.16\iTunesSetupAdmin.exe"
0 5 Jun 2003 "D:\Programmer\Microsoft ActiveSync\WCESCOMM.EXE"
401491 24 Feb 2004 "D:\Programmer\Microsoft ActiveSync\bak\WCESCOMM.EXE"
0 5 Jun 2003 "D:\Programmer\Creative\Mouse Optical\mouse_2k.exe"
503808 7 Sep 2003 "D:\Programmer\Creative\Mouse Optical\bak\mouse_2k.exe"
327680 18 Jul 2002 "C:\Program Files\Trend Micro\PC-cillin 2002\PCCClient.exe"
327680 18 Jul 2002 "D:\Overf›rte filer fra C\Program Files\Trend Micro\PC-cillin 2002\PCCClient.exe"
327680 18 Jul 2002 "D:\Programmer\Trend Micro\PC-cillin 2002\bak\PCCClient.exe"
258048 18 Jul 2002 "C:\Program Files\Trend Micro\PC-cillin 2002\pccguide.exe"
258048 18 Jul 2002 "D:\Overf›rte filer fra C\Program Files\Trend Micro\PC-cillin 2002\pccguide.exe"
258048 18 Jul 2002 "D:\Programmer\Trend Micro\PC-cillin 2002\bak\pccguide.exe"
307266 18 Jul 2002 "C:\Program Files\Trend Micro\PC-cillin 2002\Pop3trap.exe"
307266 18 Jul 2002 "D:\Overf›rte filer fra C\Program Files\Trend Micro\PC-cillin 2002\Pop3trap.exe"
307266 18 Jul 2002 "D:\Programmer\Trend Micro\PC-cillin 2002\bak\Pop3trap.exe"

end of report

Synes godt om

magictouch Nybegynder

02. januar 2008 - 13:21 #46

Kopiér indholdet mellem de bølgede linier ind i et notepad-vindue, og gem filen med navnet CFScript.txt. Når du gemmer, skal du sikre, at der under "filtyper" står "alle filer".

~~~~~~~~~~~~~~~~~~~~~~~~~~

KILLALL::

Snapshot::

Folder::
D:\Programmer\iTunes\bak
D:\Programmer\Microsoft ActiveSync\bak
D:\Programmer\Creative\Mouse Optical\bak
D:\Programmer\Trend Micro\PC-cillin 2002\bak
D:\Programmer\Trend Micro\PC-cillin 2002\bak
D:\Programmer\Trend Micro\PC-cillin 2002\bak

~~~~~~~~~~~~~~~~~~~~~~~~~~
Tag så fat i den nye fil med musen, og før den hen over Combofix-filen, hvorefter du "giver slip" med musen. - Som vist her - >>> http://www.fromsej.saknet.dk/billeder/cfscript.gif

Så skulle Combofix gerne give sig til at arbejde. Muligvis vil den kræve en genstart, hvilket du skal tillade. Du bør ikke klikke på vinduet imens værktøjet kører, idet det kan få din computer til at fryse.

Send en ny combofix log herind sammen med en ny AWF log, efter du har valgt/kørt Nr. 3

Synes godt om

djgreg Nybegynder

02. januar 2008 - 15:28 #47

Altså jeg kørte combofix, men da computeren tændte igen genstartede den, og dermed kom der ingen log. Jeg tror dog den fik gjort arbejdet færdigt idet mit kontrolpanel er tilbage. Her er AWF'en. Jeg lukkede bare den notepad som kom op ned igen uden indhold og lod den køre i 3'eren.

Find AWF report by noahdfear ©2006
Version 1.40
Option 2 run successfully

bak folders found
~~~~~~~~~~~

Disken i drev C har ikke noget navn.
Diskens serienummer er 08CD-147E

Indhold af C:\PROGRA~1\MSNMES~1\BAK

0 fil(er) 0 byte
2 mappe(r) 7,119,806,464 byte ledig
Disken i drev D har ikke noget navn.
Diskens serienummer er CCC1-4508

Indhold af D:\WINDOWS\BAK

2002-07-12 11:15 106,496 SiSUSBrg.exe
1 fil(er) 106,496 byte
2 mappe(r) 25,596,342,272 byte ledig
Disken i drev D har ikke noget navn.
Diskens serienummer er CCC1-4508

Indhold af D:\PROGRA~1\ITUNES\BAK

2006-10-30 09:36 256,576 iTunesHelper.exe
1 fil(er) 256,576 byte
2 mappe(r) 25,596,338,176 byte ledig
Disken i drev D har ikke noget navn.
Diskens serienummer er CCC1-4508

Indhold af D:\PROGRA~1\MI3AA1~1\BAK

2004-02-24 14:07 401,491 WCESCOMM.EXE
1 fil(er) 401,491 byte
2 mappe(r) 25,596,338,176 byte ledig
Disken i drev D har ikke noget navn.
Diskens serienummer er CCC1-4508

Indhold af D:\PROGRA~1\QUICKT~1\BAK

2006-10-25 18:58 282,624 qttask.exe
1 fil(er) 282,624 byte
2 mappe(r) 25,596,338,176 byte ledig
Disken i drev D har ikke noget navn.
Diskens serienummer er CCC1-4508

Indhold af D:\PROGRA~1\CREATIVE\MOUSEO~1\BAK

2003-09-07 19:41 503,808 mouse_2k.exe
1 fil(er) 503,808 byte
2 mappe(r) 25,596,338,176 byte ledig
Disken i drev D har ikke noget navn.
Diskens serienummer er CCC1-4508

Indhold af D:\PROGRA~1\TRENDM~1\PC-CIL~1\BAK

2002-07-18 16:12 327,680 PCCClient.exe
2002-07-18 16:18 258,048 pccguide.exe
2002-07-18 16:15 307,266 Pop3trap.exe
3 fil(er) 892,994 byte
2 mappe(r) 25,596,338,176 byte ledig
Disken i drev D har ikke noget navn.
Diskens serienummer er CCC1-4508

Indhold af D:\PROGRA~1\FLLESF~1\AHEAD\LIB\BAK

0 fil(er) 0 byte
2 mappe(r) 25,596,338,176 byte ledig
Disken i drev D har ikke noget navn.
Diskens serienummer er CCC1-4508

Indhold af D:\PROGRA~1\JAVA\JRE15~1.0_1\BIN\BAK

2006-11-09 15:07 49,263 jusched.exe
1 fil(er) 49,263 byte
2 mappe(r) 25,596,338,176 byte ledig

Duplicate files of bak directory contents
~~~~~~~~~~~~~~~~~~~~~~~

106496 12 Jul 2002 "D:\WINDOWS\SiSUSBrg.exe"
106496 12 Jul 2002 "D:\WINDOWS\bak\SiSUSBrg.exe"
256576 30 Oct 2006 "D:\Programmer\iTunes\iTunesHelper.exe"
256576 30 Oct 2006 "D:\Programmer\iTunes\bak\iTunesHelper.exe"
102400 2 Jun 2007 "D:\WINDOWS\Installer\{446DBFFA-4088-48E3-8932-74316BA4CAE4}\iTunesIco.exe"
108096 30 Oct 2006 "D:\Documents and Settings\All Users\Application Data\Apple Computer\Installer Cache\iTunes 7.0.2.16\iTunesSetupAdmin.exe"
0 5 Jun 2003 "D:\Programmer\Microsoft ActiveSync\WCESCOMM.EXE"
401491 24 Feb 2004 "D:\Programmer\Microsoft ActiveSync\bak\WCESCOMM.EXE"
282624 25 Oct 2006 "D:\Programmer\QuickTime\qttask.exe"
282624 25 Oct 2006 "D:\Programmer\QuickTime\bak\qttask.exe"
0 5 Jun 2003 "D:\Programmer\Creative\Mouse Optical\mouse_2k.exe"
503808 7 Sep 2003 "D:\Programmer\Creative\Mouse Optical\bak\mouse_2k.exe"
327680 18 Jul 2002 "C:\Program Files\Trend Micro\PC-cillin 2002\PCCClient.exe"
327680 18 Jul 2002 "D:\Overf›rte filer fra C\Program Files\Trend Micro\PC-cillin 2002\PCCClient.exe"
327680 18 Jul 2002 "D:\Programmer\Trend Micro\PC-cillin 2002\bak\PCCClient.exe"
258048 18 Jul 2002 "C:\Program Files\Trend Micro\PC-cillin 2002\pccguide.exe"
258048 18 Jul 2002 "D:\Overf›rte filer fra C\Program Files\Trend Micro\PC-cillin 2002\pccguide.exe"
258048 18 Jul 2002 "D:\Programmer\Trend Micro\PC-cillin 2002\bak\pccguide.exe"
307266 18 Jul 2002 "C:\Program Files\Trend Micro\PC-cillin 2002\Pop3trap.exe"
307266 18 Jul 2002 "D:\Overf›rte filer fra C\Program Files\Trend Micro\PC-cillin 2002\Pop3trap.exe"
307266 18 Jul 2002 "D:\Programmer\Trend Micro\PC-cillin 2002\bak\Pop3trap.exe"
36975 3 Jun 2005 "D:\Programmer\Java\jre1.5.0_04\bin\jusched.exe"
49263 9 Nov 2006 "D:\Programmer\Java\jre1.5.0_10\bin\jusched.exe"
36975 10 Nov 2005 "D:\Programmer\Java\jre1.5.0_06\bin\jusched.exe"
32881 28 Sep 2004 "D:\Overf›rte filer fra C\Program Files\Java\j2re1.4.2_06\bin\jusched.exe"
32881 3 Jun 2004 "D:\Overf›rte filer fra C\Program Files\Java\j2re1.4.2_05\bin\jusched.exe"
36975 3 Jun 2005 "D:\Overf›rte filer fra C\Program Files\Java\jre1.5.0_04\bin\jusched.exe"
36975 4 Mar 2005 "D:\Overf›rte filer fra C\Program Files\Java\jre1.5.0_02\bin\jusched.exe"
49263 9 Nov 2006 "D:\Programmer\Java\jre1.5.0_10\bin\bak\jusched.exe"

end of report

Synes godt om

magictouch Nybegynder

02. januar 2008 - 15:49 #48

Det lyder godt :-) Kør AWF igen, vælg nr 4.

Men kør lige et par scanninger mere, for en sikkerheds skyld -

Download free Trial af SuperAntiSpyware Pro til Skrivebordet:

http://www.superantispyware.com/downloads/SUPERAntiSpywarePro1241.exe

Installer den, og lad den opdatere med nyeste opdateringer.

Så vil den spørge om din mail adresse, det er op til dig selv om du vil udfylde det.Tryk så på Næste og Næste igen -Udfør.

Dansk vejledning her:
http://www.spywarefri.dk/manualer/superantispyware-manual.htm

Luk progammet.

Hent Ccleaner: [url="http://www.ccleaner.com/ccdownload.asp"]
[red]Ccleaner[/red][/url]
Installer programmet, men lad vær med at køre det endnu!
Husk at vælge dansk ved installationen.
Fjern flueben ved - Tilføj Yahoo Toolbar. Hvis du ikke ønsker den.
Ccleaner programmet fjerner overflødige Temp filer.
Og gør de nedenstående scanninger hurtigere

Dansk manual:
[url="http://spywareinfo.dk/#/manualer/ccleaner.htm"]
[blue]Ccleaner manual[/blue] [/url]

Download cureit til skrivebordet ->ftp://ftp.drweb.com/pub/drweb/cureit/drweb-cureit.exe

[green]Jeg vil foreslå at du printer nedenstående ud, da du ikke kan se vejledingen i fejlsikret tilstand[/green]

Genstart til fejlsikret tilstand. Du trykker F8 nogle gange når Windows starter op.

Kør CCleaner.
Tryk så på "Renser" i menuen i venstre side.
Nu skal du trykke på knappen "Kør Cleaner" - det gør du mindst 2 gange.
Luk programmet.

Dobbeltklik på drweb-cureit.exe, klik på Start - i den boks der popper op, den vil køre en expressscan, det siger du OK til.

Første gang Dr.Web finder noget, klik "Yes to All", så fjerner den hvad den finder.

Når den skriver Done nederst til venstre, skal du klikke på Options->Change settings.

Tryk på fanebladet Scan, fjern fluebenet ved Heuristic analysis.

Skift til fanebladet Actions, her skal alle punkter under Malware sættes til Rename.
Tryk på - Anvend. Luk Actions - fanebladet ved at trykke på det firkantede kryds i øverste højre hjørne.

Tryk på Scan - fanen. Flyt så prikken i Express Scan ned til Complete Scan,tyk så på den grønne pil til pil til højre så starter scanningen.
Første gang Dr.Web finder noget, klik "Yes to All", så fjerner den hvad den finder.
Når scanningen er færdig, gå op i file – Tryk på- Save Report list. Gem filen på skrivebordet.

Så ligger der en en fil der her hedder "drweb.csv" på skrivebordet.

Luk Programmet.

NB. Under scanningen popper der en boks op med - Buy -den boks lukker du bare ned

Start superantispyware, klik på Scan your Computer, sæt flueben i de drev der skal scannes.
(Fixed disk betyder harddisk)
Flyt prikken til Perform complete scan og klik på Næste, så kører scanningen.

Når den er færdig kommer der et vindue med en opsummering, klik på OK, klik så på næste og så på Udfør.

Der kommer et vindue med Quarantine and removal Complete, klik på OK, klik på Udfør.
Luk programmet.

Genstart normalt.

Start superantispyware igen, klik på Preferences, skift til fanebladet Statistics/Logs, i vinduet dobbeltklikker du på SUPERAntiSpyware Scan Log, den åbner i notesblok, kopier resultatet herind.
Dobbeltklik på drweb.csv og kopier teksten fra den herind.

Sammen med en ny hijackthis log, SUPERAntiSpyware Scan Log og fortæl hvordan computeren kører nu

Synes godt om

djgreg Nybegynder

02. januar 2008 - 23:40 #49

Nettet lader til at fungere. Jeg har dog 2 primære problemer. Mit trådløse tastatur fungerer ikke, f.eks. når jeg vil skrive et punktum kommer der en apostrof osv. Jeg bruger nu et med ledning jeg har sat til vedsiden af. Desuden fungerer Windows Live Messenger heller ikke, hvilket det ikke har gjort i et stykke tid nu. Det fungerede dog før vi startede på alt det her. Men ellers kører den ret godt, ingen virusskilte mere. Her kommer logsne.

SUPERAntiSpyware Scan Log
http://www.superantispyware.com

Generated 01/02/2008 at 11:20 PM

Application Version : 3.7.1018

Core Rules Database Version : 3222
Trace Rules Database Version: 1233

Scan type : Complete Scan
Total Scan Time : 01:02:57

Memory items scanned : 158
Memory threats detected : 0
Registry items scanned : 6043
Registry threats detected : 0
File items scanned : 61602
File threats detected : 0

dr.web:

bldy332e-15e.sys d:\windows\system32 Trojan.Spambot.2386 Deleted.
lor03.sys d:\windows\system32\drivers BackDoor.Bulknet.112 Deleted.
init_7a0e-6aff.sys d:\windows\system32 Trojan.Spambot.2386 Deleted.
taskmon.sys d:\windows\system32 Trojan.Packed.142 Deleted.
lo-1227781000.exe C:\ Trojan.Packed.264 Deleted.
lo-125153593.exe C:\ Trojan.Packed.264 Deleted.
lo-1682154724.exe C:\ Trojan.Packed.264 Deleted.
lo-327541906.exe C:\ Trojan.Packed.264 Deleted.
lo-728890251.exe C:\ Trojan.Packed.264 Deleted.
lo-735052321.exe C:\ Trojan.Packed.193 Deleted.
lo-845730799.exe C:\ Trojan.Packed.264 Deleted.
lo-876567074.exe C:\ Trojan.Packed.264 Deleted.
lo901246511.exe C:\ Trojan.Packed.264 Deleted.
pv.exe C:\desktopclean Program.PrcView.3741 Renamed.
Process.exe C:\SDFix\apps Tool.Prockill Renamed.
Process.exe C:\SmitfraudFix\SmitfraudFix Tool.Prockill Renamed.
restart.exe C:\SmitfraudFix\SmitfraudFix Tool.ShutDown.11 Renamed.
A0005087.exe C:\System Volume Information\_restore{082E591D-AE27-4968-897B-B4112D7D4953}\RP4 Trojan.Packed.264 Deleted.
A0005088.exe C:\System Volume Information\_restore{082E591D-AE27-4968-897B-B4112D7D4953}\RP4 Trojan.Packed.264 Deleted.
A0005089.exe C:\System Volume Information\_restore{082E591D-AE27-4968-897B-B4112D7D4953}\RP4 Trojan.Packed.264 Deleted.
A0005090.exe C:\System Volume Information\_restore{082E591D-AE27-4968-897B-B4112D7D4953}\RP4 Trojan.Packed.264 Deleted.
A0005091.exe C:\System Volume Information\_restore{082E591D-AE27-4968-897B-B4112D7D4953}\RP4 Trojan.Packed.264 Deleted.
A0005092.exe C:\System Volume Information\_restore{082E591D-AE27-4968-897B-B4112D7D4953}\RP4 Trojan.Packed.193 Deleted.
A0005093.exe C:\System Volume Information\_restore{082E591D-AE27-4968-897B-B4112D7D4953}\RP4 Trojan.Packed.264 Deleted.
A0005094.exe C:\System Volume Information\_restore{082E591D-AE27-4968-897B-B4112D7D4953}\RP4 Trojan.Packed.264 Deleted.
A0005095.exe C:\System Volume Information\_restore{082E591D-AE27-4968-897B-B4112D7D4953}\RP4 Trojan.Packed.264 Deleted.
A0005096.exe C:\System Volume Information\_restore{082E591D-AE27-4968-897B-B4112D7D4953}\RP4 Program.PrcView.3741 Renamed.
A0005097.exe C:\System Volume Information\_restore{082E591D-AE27-4968-897B-B4112D7D4953}\RP4 Tool.Prockill Renamed.
A0005098.exe C:\System Volume Information\_restore{082E591D-AE27-4968-897B-B4112D7D4953}\RP4 Tool.Prockill Renamed.
A0005099.exe C:\System Volume Information\_restore{082E591D-AE27-4968-897B-B4112D7D4953}\RP4 Tool.ShutDown.11 Renamed.
Process.exe D:\Documents and Settings\André\Skrivebord Tool.Prockill Renamed.
Process.#xe D:\Documents and Settings\André\Skrivebord\Antivirus-pakke\smitRem Tool.Prockill Renamed.
pv.exe D:\Documents and Settings\André\Skrivebord\Antivirus-pakke\smitRem Program.PrcView.3741 Renamed.
Process.exe D:\Documents and Settings\André\Skrivebord\Ny mappe\SDFix\apps Tool.Prockill Renamed.
Process.exe D:\Documents and Settings\André\Skrivebord\Ny mappe\SmitfraudFix Tool.Prockill Renamed.
restart.exe D:\Documents and Settings\André\Skrivebord\Ny mappe\SmitfraudFix Tool.ShutDown.11 Renamed.
Process.exe D:\Documents and Settings\André\Skrivebord\SmitfraudFix Tool.Prockill Renamed.
restart.exe D:\Documents and Settings\André\Skrivebord\SmitfraudFix Tool.ShutDown.11 Renamed.
FakeStart.exe D:\Jokes Joke.Start Renamed.
murka.dat.vir D:\QooBox\Quarantine\D\WINDOWS Trojan.Proxy.1739 Deleted.
suspend.exe.vir D:\QooBox\Quarantine\D\WINDOWS\system32 Trojan.Click.5018 Deleted.
Process.exe D:\SDFix\apps Tool.Prockill Renamed.
A0000016.sys D:\System Volume Information\_restore{082E591D-AE27-4968-897B-B4112D7D4953}\RP2 Trojan.NtRootKit.360 Deleted.
A0000019.exe D:\System Volume Information\_restore{082E591D-AE27-4968-897B-B4112D7D4953}\RP2 Trojan.Click.5018 Deleted.
A0003016.sys D:\System Volume Information\_restore{082E591D-AE27-4968-897B-B4112D7D4953}\RP2 BackDoor.Bulknet.112 Deleted.
A0003026.sys D:\System Volume Information\_restore{082E591D-AE27-4968-897B-B4112D7D4953}\RP2 Trojan.NtRootKit.360 Deleted.
A0004024.sys D:\System Volume Information\_restore{082E591D-AE27-4968-897B-B4112D7D4953}\RP4 Trojan.NtRootKit.360 Deleted.
A0005048.sys D:\System Volume Information\_restore{082E591D-AE27-4968-897B-B4112D7D4953}\RP4 BackDoor.Bulknet.112 Deleted.
A0005083.sys D:\System Volume Information\_restore{082E591D-AE27-4968-897B-B4112D7D4953}\RP4 Trojan.Spambot.2386 Deleted.
A0005084.sys D:\System Volume Information\_restore{082E591D-AE27-4968-897B-B4112D7D4953}\RP4 BackDoor.Bulknet.112 Deleted.
A0005085.sys D:\System Volume Information\_restore{082E591D-AE27-4968-897B-B4112D7D4953}\RP4 Trojan.Spambot.2386 Deleted.
A0005086.sys D:\System Volume Information\_restore{082E591D-AE27-4968-897B-B4112D7D4953}\RP4 Trojan.Packed.142 Deleted.
A0005100.exe D:\System Volume Information\_restore{082E591D-AE27-4968-897B-B4112D7D4953}\RP4 Tool.Prockill Renamed.
A0005101.exe D:\System Volume Information\_restore{082E591D-AE27-4968-897B-B4112D7D4953}\RP4 Program.PrcView.3741 Renamed.
A0005102.exe D:\System Volume Information\_restore{082E591D-AE27-4968-897B-B4112D7D4953}\RP4 Tool.Prockill Renamed.
A0005103.exe D:\System Volume Information\_restore{082E591D-AE27-4968-897B-B4112D7D4953}\RP4 Tool.Prockill Renamed.
A0005104.exe D:\System Volume Information\_restore{082E591D-AE27-4968-897B-B4112D7D4953}\RP4 Tool.ShutDown.11 Renamed.
A0005105.exe D:\System Volume Information\_restore{082E591D-AE27-4968-897B-B4112D7D4953}\RP4 Tool.Prockill Renamed.
A0005106.exe D:\System Volume Information\_restore{082E591D-AE27-4968-897B-B4112D7D4953}\RP4 Tool.ShutDown.11 Renamed.
A0005107.exe D:\System Volume Information\_restore{082E591D-AE27-4968-897B-B4112D7D4953}\RP4 Joke.Start Renamed.
A0005108.exe D:\System Volume Information\_restore{082E591D-AE27-4968-897B-B4112D7D4953}\RP4 Tool.Prockill Renamed.
mrofinu27.exe.tmp D:\WINDOWS Trojan.DownLoader.38055 Deleted.
Process.exe D:\WINDOWS\system32 Tool.Prockill Renamed.
susp32.exe D:\WINDOWS\system32 Trojan.Click.5018 Deleted.

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 23:40, on 2008-01-02
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)
Boot mode: Normal

Running processes:
D:\WINDOWS\System32\smss.exe
D:\WINDOWS\system32\winlogon.exe
D:\WINDOWS\system32\services.exe
D:\WINDOWS\system32\lsass.exe
D:\WINDOWS\system32\svchost.exe
D:\WINDOWS\System32\svchost.exe
D:\Programmer\Lavasoft\Ad-Aware 2007\aawservice.exe
D:\WINDOWS\system32\spoolsv.exe
D:\Programmer\Antiy Labs\Alive\ALiveCenter.exe
D:\Programmer\Grisoft\AVG Anti-Spyware 7.5\guard.exe
D:\Programmer\Fælles filer\Microsoft Shared\VS7DEBUG\MDM.EXE
D:\WINDOWS\System32\nvsvc32.exe
D:\WINDOWS\System32\svchost.exe
D:\WINDOWS\System32\svchost.exe
D:\Programmer\Trend Micro\PC-cillin 2002\Tmntsrv.exe
D:\WINDOWS\System32\MsPMSPSv.exe
D:\Programmer\Trend Micro\PC-cillin 2002\PCCPFW.exe
D:\Programmer\Canon\CAL\CALMAIN.exe
D:\WINDOWS\Explorer.EXE
D:\Programmer\iTunes\iTunesHelper.exe
D:\Programmer\QuickTime\qttask.exe
D:\Programmer\MSN Messenger\msnmsgr.exe
D:\Programmer\SUPERAntiSpyware\SUPERAntiSpyware.exe
D:\Programmer\iPod\bin\iPodService.exe
D:\WINDOWS\System32\wuauclt.exe
D:\Programmer\Mozilla Firefox\firefox.exe
D:\Documents and Settings\André\Skrivebord\Ny mappe\HiJackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.dr.dk/sporten
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://85.255.113.67/privacyWarning.php
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Hyperlinks
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - D:\Programmer\Java\jre1.5.0_10\bin\ssv.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - d:\programmer\google\googletoolbar1.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - D:\WINDOWS\System32\msdxm.ocx
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - d:\programmer\google\googletoolbar1.dll
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE D:\WINDOWS\System32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE D:\WINDOWS\System32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [iTunesHelper] "D:\Programmer\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [QuickTime Task] "D:\Programmer\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKCU\..\Run: [msnmsgr] "D:\Programmer\MSN Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [SUPERAntiSpyware] D:\Programmer\SUPERAntiSpyware\SUPERAntiSpyware.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] D:\WINDOWS\System32\CTFMON.EXE (User 'LOKAL TJENESTE')
O4 - HKUS\S-1-5-19\..\Run: [Ordbogen.com] D:\Programmer\CoolSystems\ordbogen.com\ordbogen.exe (User 'LOKAL TJENESTE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] D:\WINDOWS\System32\CTFMON.EXE (User 'NETVÆRKSTJENESTE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] D:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] D:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
O8 - Extra context menu item: Add to AMV Convert Tool... - D:\Programmer\MP3 Player Utilities 3.79\AMVConverter\grab.html
O8 - Extra context menu item: E&ksporter til Microsoft Excel - res://D:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: MediaManager tool grab multimedia file - D:\Programmer\MP3 Player Utilities 3.79\MediaManager\grab.html
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - D:\Programmer\Java\jre1.5.0_10\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - D:\Programmer\Java\jre1.5.0_10\bin\ssv.dll
O9 - Extra button: Opret Foretrukken på mobil enhed - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - D:\Programmer\Microsoft ActiveSync\inetrepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - D:\Programmer\Microsoft ActiveSync\inetrepl.dll
O9 - Extra 'Tools' menuitem: Opret Foretrukken på mobil enhed... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - D:\Programmer\Microsoft ActiveSync\inetrepl.dll
O9 - Extra button: Opslag - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - D:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - D:\WINDOWS\System32\shdocvw.dll
O9 - Extra 'Tools' menuitem: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - D:\WINDOWS\System32\shdocvw.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - D:\Programmer\Messenger\MSMSGS.EXE
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - D:\Programmer\Messenger\MSMSGS.EXE
O10 - Unknown file in Winsock LSP: d:\windows\system32\nwprovau.dll
O12 - Plugin for .spop: D:\Programmer\Internet Explorer\Plugins\NPDocBox.dll
O16 - DPF: {029FDBA6-3547-11D7-AA4C-0050BF051A00} (Rawflow ICD Client) - http://downol.dr.dk/download/netradio/Rawflow.cab
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab31267.cab
O16 - DPF: {3D2CB570-D425-11D5-ABD0-00008369C46F} (CSMenu Class) - https://netbank.bgbank.dk/html/activex/BG/Menu.cab
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx2.hotmail.com/mail/w2/resources/MSNPUpld.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1133301966077
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab31267.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O16 - DPF: {D216644A-C6DB-49D9-BBCF-D38FE7991BF2} (Util Class) - https://udstedelse.certifikat.tdc.dk/csp/authenticode/tdccsp-0506.exe
O16 - DPF: {D8575CE3-3432-4540-88A9-85A1325D3375} (e-Safekey) - https://netbank.bgbank.dk/html/activex/e-Safekey/BG/e-Safekey.cab
O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab56986.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{9721E5A9-F71E-4EC0-9716-2D6E45DB2400}: NameServer = 143.166.83.13
O17 - HKLM\System\CCS\Services\Tcpip\..\{B9F22EF0-C082-4806-BD72-87329AB09547}: NameServer = 143.166.83.13
O20 - Winlogon Notify: !SASWinLogon - D:\Programmer\SUPERAntiSpyware\SASWINLO.dll
O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft AB - D:\Programmer\Lavasoft\Ad-Aware 2007\aawservice.exe
O23 - Service: Gatewaytjeneste til programlaget (ALG) - Unknown owner - cmd.exe (file missing)
O23 - Service: Antiy live update (Alive Auto-Update Service) - Unknown owner - D:\Programmer\Antiy Labs\Alive\ALiveCenter.exe
O23 - Service: AVG Anti-Spyware Guard - Anti-Malware Development a.s. - D:\Programmer\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: Canon Camera Access Library 8 (CCALib8) - Canon Inc. - D:\Programmer\Canon\CAL\CALMAIN.exe
O23 - Service: Google Updater Service (gusvc) - Google - D:\Programmer\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - D:\Programmer\Fælles filer\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Computer, Inc. - D:\Programmer\iPod\bin\iPodService.exe
O23 - Service: NetMeeting - Deling af fjernskrivebord mnmsrvcUMWdf (mnmsrvcUMWdf) - Unknown owner - D:\WINDOWS\System32\1037d.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - D:\WINDOWS\System32\nvsvc32.exe
O23 - Service: PC-cillin PersonalFirewall (PCCPFW) - Trend Micro Inc. - D:\Programmer\Trend Micro\PC-cillin 2002\PCCPFW.exe
O23 - Service: Trend NT Realtime Service (Tmntsrv) - Trend Micro Inc. - D:\Programmer\Trend Micro\PC-cillin 2002\Tmntsrv.exe

--
End of file - 8240 bytes

Synes godt om

magictouch Nybegynder

03. januar 2008 - 09:15 #50

Der er heller ikke mere at komme efter i loggen, men du skal nok geninstallere - Windows Live Messenger, og dit trådløse tastatur (Logitech) - for de har været ramt af infektionen, samt vil jeg foreslå at du opdaterer systemet til SP2.

Synes godt om

fromsej Praktikant

03. januar 2008 - 17:52 #51

Tak for assistancen Magictouch, læg et svar, pointene må absolut være dine. :-)

Synes godt om

djgreg Nybegynder

03. januar 2008 - 19:29 #52

Synes bestemt i har arbejdet meget flittig begge 2. Gav jer gerne begge 200, bruger alligevel ikke mine point til andet. Er det muligt?

Synes godt om

fromsej Praktikant

03. januar 2008 - 19:42 #53

Nej, det er ikke muligt indenfor regelsættet her på Eksperten.
Men hvis det er OK med Magictouch kan vi dele dem, der er alligevel ingen af os der går ret højt op i pointene.
Jeg lægger svar, når Magictouch har gjort det samme, markerer du begge vores navne i feltet og klikker på Accepter, så bliver pointene fordelt.

Synes godt om

djgreg Nybegynder

03. januar 2008 - 19:42 #54

Hmm, jeg har prøvet at geninstallere Windows Live Messenger. Den siger der er en fejl. Når jeg så klikker på fejlfinding kommer der en gul trekant med "!" i ud for "primære porte". Nogen der har en ide?

Synes godt om

djgreg Nybegynder

03. januar 2008 - 20:02 #55

Ok, fint nok. Nogen som i øvrigt har en ide med min windows live? I får pointene uanset, men nu er jeg jo igang. Mener faktisk den gik ud af funktion idet jeg satte min servicepack til. Samtidig ønsker jeg at installere internet explorer 7.0 til min computer idet min netbank nu kræver det, men den siger netop at mine servicepack-instillinger hindrer det.

Synes godt om

magictouch Nybegynder

04. januar 2008 - 02:29 #56

Prøv at se om "din" fejl er her: http://messenger-support.spaces.live.com/

Helt nøjagtigt, hvad skriver den her - "servicepack-instillinger hindrer det" ?

Synes godt om

djgreg Nybegynder

04. januar 2008 - 18:45 #57

Den siger:

Installer Windows Internet Explorer

Denne installation understøtter ikke operativsystemets nuværende Service Pack-version.

Jeg har prøvet at følge MSN-vejledningen. Det fungerer fortsat ikke.

Synes godt om

magictouch Nybegynder

05. januar 2008 - 07:15 #58

Hvis du ikke har fået opdateret til SP2 endnu, er det årsagen til - Denne installation understøtter ikke operativsystemets nuværende Service Pack-version

Jeg må desværre melde pas mht msn, for det kan være noget af det mest bøvlede L... når den begynder at drille

Synes godt om

djgreg Nybegynder

05. januar 2008 - 09:38 #59

Fair nok, jeg prøver lige at høre med nogle andre ;) Og Værsågod

Synes godt om

magictouch Nybegynder

05. januar 2008 - 10:05 #60

Takker :->)

Synes godt om

fromsej Praktikant

05. januar 2008 - 11:17 #61

Tak for point. :-)

Synes godt om

Ny bruger Nybegynder

Din løsning...

Tilladte BB-code-tags: [b]fed[/b] [i]kursiv[/i] [u]understreget[/u] Web- og emailadresser omdannes automatisk til links. Der sættes "nofollow" på alle links.

Følg dette spørgsmål

Opret Preview

Se alle it-kurser fra Computerworld Kurser

IT-kurser om Microsoft 365, sikkerhed, personlig vækst, udvikling, digital markedsføring, grafisk design, SAP og forretningsanalyse.

Se alle it-kurser

Flere spørgsmål fra Virus kategorien

Titel	Indlæg	Oprettet	Seneste aktivitet
Vil skrifte antivirusprogram. Af ErikHg i Virus	22	26/11/202510:42	23/12/202514:29
Er gratis Bitdefender værd at installere ? Af Ikke-ekspert i Virus	8	31/08/202519:08	01/09/202514:18
Ukendte filer på min Pc Af jonpet i Virus	10	03/02/202514:20	04/02/202511:05
mulig ukendt virus Af jackie18 i Virus	3	18/01/202514:07	18/01/202516:39
virus popper op med jævne mellemrum Af Malm i Virus	13	18/01/202511:40	20/01/202517:53

Se alle spørgsmål i kategorien Opret spørgsmål

Log ind eller opret profil

Hov!

For at kunne deltage på Computerworld Eksperten skal du være logget ind.

Det er heldigvis nemt at oprette en bruger: Det tager to minutter og du kan vælge at bruge enten e-mail, Facebook eller Google som login.

Du kan også logge ind via nedenstående tjenester

Alle kategorier på Eksperten

Seneste artiklerRSS