Godt nytår! Det tog sindsygt lang tid for at køre combofix over et døgn!!! her er de nye logs.
Logfile of HijackThis v1.99.1
Scan saved at 14:01, on 1-01-2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16574)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
c:\programmer\fælles filer\logishrd\lvmvfm\LVPrcSrv.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
C:\WINDOWS\Explorer.EXE
C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
C:\PROGRA~1\Grisoft\AVG7\avgemc.exe
C:\WINDOWS\system32\HPZipm12.exe
C:\WINDOWS\system32\svchost.exe
C:\Programmer\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\Programmer\Synaptics\SynTP\SynTPLpr.exe
C:\Programmer\Synaptics\SynTP\SynTPEnh.exe
C:\Programmer\HPQ\Quick Launch Buttons\EabServr.exe
C:\Programmer\hpq\HP Wireless Assistant\HP Wireless Assistant.exe
C:\PROGRA~1\Grisoft\AVG7\avgcc.exe
C:\WINDOWS\System32\svchost.exe
C:\Programmer\Fælles filer\LogiShrd\LComMgr\Communications_Helper.exe
C:\Programmer\Fælles filer\LogiShrd\LComMgr\LVComSX.exe
C:\Programmer\MSN Messenger\msnmsgr.exe
C:\Programmer\HPQ\Shared\hpqwmi.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Programmer\SUPERAntiSpyware\SUPERAntiSpyware.exe
C:\PROGRA~1\Grisoft\AVG7\avgw.exe
C:\WINDOWS\system32\notepad.exe
C:\Programmer\Internet Explorer\IEXPLORE.EXE
C:\Documents and Settings\Tanggaard Wulff.PAVILIONZV6000\Skrivebord\Scanprogrammer\alternativ.exe
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext =
http://www.hp.com/R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Hyperlinks
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programmer\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programmer\Java\jre1.6.0_01\bin\ssv.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\programmer\google\googletoolbar2.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\programmer\google\googletoolbar2.dll
O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - HKLM\..\Run: [ATIPTA] C:\Programmer\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [Cpqset] C:\Programmer\HPQ\Default Settings\cpqset.exe
O4 - HKLM\..\Run: [SynTPLpr] C:\Programmer\Synaptics\SynTP\SynTPLpr.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Programmer\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [eabconfg.cpl] C:\Programmer\HPQ\Quick Launch Buttons\EabServr.exe /Start
O4 - HKLM\..\Run: [hpWirelessAssistant] C:\Programmer\hpq\HP Wireless Assistant\HP Wireless Assistant.exe
O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVG7\avgcc.exe /STARTUP
O4 - HKLM\..\Run: [LogitechCommunicationsManager] "C:\Programmer\Fælles filer\LogiShrd\LComMgr\Communications_Helper.exe"
O4 - HKLM\..\Run: [LVCOMSX] "C:\Programmer\Fælles filer\LogiShrd\LComMgr\LVComSX.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Programmer\QuickTime\qttask.exe" -atboottime
O4 - HKCU\..\Run: [msnmsgr] "C:\Programmer\MSN Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [SUPERAntiSpyware] C:\Programmer\SUPERAntiSpyware\SUPERAntiSpyware.exe
O4 - Global Startup: Adobe Reader Hurtigstart.lnk = C:\Programmer\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Programmer\Microsoft Office\Office10\OSA.EXE
O8 - Extra context menu item: E&ksporter til Microsoft Excel -
res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000O11 - Options group: [INTERNATIONAL] International*
O16 - DPF: {05D96F71-87C6-11D3-9BE4-00902742D6E0} (QuickPlace Class) -
http://frbsrv03.udd.sembsc.dk/qp2.cabO16 - DPF: {07D09E9E-C667-45DD-B035-217BC2A61A3B} (ActiveX sikkerhedssoftware Control) -
https://www.sparlolland.dk/package/sdc/external/activex/ActiveXSikkerhedssoftware-prod-1.10.cabO16 - DPF: {2EF3FB47-7B1E-4536-BA4D-51427BD45DFA} (Snapfish Drag and Drop upload plugin) -
http://www.pixaco.dk/static/download/pixacodndupload.cabO16 - DPF: {4445EA6A-9008-40D5-9160-035FDE5214C4} (MultiUpload Class) -
http://www.123hjemmeside.dk/builder/pages/Mpu-dk-1-0-0-8.cabO16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) -
https://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cabO16 - DPF: {D8575CE3-3432-4540-88A9-85A1325D3375} (e-Safekey) -
https://netbank.danskebank.dk/html/activex/e-Safekey/DB/e-Safekey.cabO16 - DPF: {E008A543-CEFB-4559-912F-C27C2B89F13B} (Domino Web Access 7 Control) -
http://frbsrv02.udd.sembsc.dk/dwa7W.cabO18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O20 - Winlogon Notify: !SASWinLogon - C:\Programmer\SUPERAntiSpyware\SASWINLO.dll
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
O23 - Service: AVG E-mail Scanner (AVGEMS) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgemc.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Programmer\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: HP WMI Interface (hpqwmi) - Hewlett-Packard Development Company, L.P. - C:\Programmer\HPQ\Shared\hpqwmi.exe
O23 - Service: Process Monitor (LVPrcSrv) - Logitech Inc. - c:\programmer\fælles filer\logishrd\lvmvfm\LVPrcSrv.exe
O23 - Service: LVSrvLauncher - Logitech Inc. - C:\Programmer\Fælles filer\LogiShrd\SrvLnch\SrvLnch.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
ComboFix 07-12-21.4 - Tanggaard Wulff 2007-12-31 10:24:59.3 - NTFSx86
Microsoft Windows XP Home Edition 5.1.2600.2.1252.1.1030.18.666 [GMT 1:00]
Running from: C:\Documents and Settings\Tanggaard Wulff.PAVILIONZV6000\Skrivebord\Scanprogrammer\ComboFix.exe
Command switches used :: C:\Documents and Settings\Tanggaard Wulff.PAVILIONZV6000\Skrivebord\Scanprogrammer\CFScript.txt
* Created a new restore point
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
C:\Documents and Settings\All Users.WINDOWS\Application Data\LICENSE ADMIN OPTION BIB
C:\Documents and Settings\All Users.WINDOWS\Application Data\LICENSE ADMIN OPTION BIB\Jugs Dash.exe
C:\Documents and Settings\Tanggaard Wulff.PAVILIONZV6000\Application Data\Azureus
C:\Documents and Settings\Tanggaard Wulff.PAVILIONZV6000\Application Data\Azureus\.certs
C:\Documents and Settings\Tanggaard Wulff.PAVILIONZV6000\Application Data\Azureus\.keystore
C:\Documents and Settings\Tanggaard Wulff.PAVILIONZV6000\Application Data\Azureus\.lock
C:\Documents and Settings\Tanggaard Wulff.PAVILIONZV6000\Application Data\Azureus\active\
0EBC38B09278DDF60FE14631A2079DF3336ECB33.dat
C:\Documents and Settings\Tanggaard Wulff.PAVILIONZV6000\Application Data\Azureus\active\
0EBC38B09278DDF60FE14631A2079DF3336ECB33.dat.bak
C:\Documents and Settings\Tanggaard Wulff.PAVILIONZV6000\Application Data\Azureus\active\1C672DCE4BE5656F278AE4C12D0F3EC3851A6A23.dat
C:\Documents and Settings\Tanggaard Wulff.PAVILIONZV6000\Application Data\Azureus\active\1C672DCE4BE5656F278AE4C12D0F3EC3851A6A23.dat.bak
C:\Documents and Settings\Tanggaard Wulff.PAVILIONZV6000\Application Data\Azureus\active\2ABE2B873E48ABEED19B16B9389ED75BDDDEDF14.dat
C:\Documents and Settings\Tanggaard Wulff.PAVILIONZV6000\Application Data\Azureus\active\2ABE2B873E48ABEED19B16B9389ED75BDDDEDF14.dat.bak
C:\Documents and Settings\Tanggaard Wulff.PAVILIONZV6000\Application Data\Azureus\active\3606102B7130002C3275C25D280FB23D2442B087.dat
C:\Documents and Settings\Tanggaard Wulff.PAVILIONZV6000\Application Data\Azureus\active\3606102B7130002C3275C25D280FB23D2442B087.dat.bak
C:\Documents and Settings\Tanggaard Wulff.PAVILIONZV6000\Application Data\Azureus\active\4E8057DD6639FFDDF5B80ABAB0151D1B5190EF54.dat
C:\Documents and Settings\Tanggaard Wulff.PAVILIONZV6000\Application Data\Azureus\active\4E8057DD6639FFDDF5B80ABAB0151D1B5190EF54.dat.bak
C:\Documents and Settings\Tanggaard Wulff.PAVILIONZV6000\Application Data\Azureus\active\5630D88F7142A5577FD3D88F15347CB6BB44B27B.dat
C:\Documents and Settings\Tanggaard Wulff.PAVILIONZV6000\Application Data\Azureus\active\5630D88F7142A5577FD3D88F15347CB6BB44B27B.dat.bak
C:\Documents and Settings\Tanggaard Wulff.PAVILIONZV6000\Application Data\Azureus\active\69BC0E57283F601A6B09663C7C9C4C100554BAB7.dat
C:\Documents and Settings\Tanggaard Wulff.PAVILIONZV6000\Application Data\Azureus\active\69BC0E57283F601A6B09663C7C9C4C100554BAB7.dat.bak
C:\Documents and Settings\Tanggaard Wulff.PAVILIONZV6000\Application Data\Azureus\active\6EDC718F14CC6E718C456E7C9CCEA40C00E1F801.dat
C:\Documents and Settings\Tanggaard Wulff.PAVILIONZV6000\Application Data\Azureus\active\6EDC718F14CC6E718C456E7C9CCEA40C00E1F801.dat.bak
C:\Documents and Settings\Tanggaard Wulff.PAVILIONZV6000\Application Data\Azureus\active\76C0929C3AB46C3946A5213852FB4009159E1F97.dat
C:\Documents and Settings\Tanggaard Wulff.PAVILIONZV6000\Application Data\Azureus\active\76C0929C3AB46C3946A5213852FB4009159E1F97.dat.bak
C:\Documents and Settings\Tanggaard Wulff.PAVILIONZV6000\Application Data\Azureus\active\7B22AA35F87CB01D974BBB26DF607CDF7BF3AD60.dat
C:\Documents and Settings\Tanggaard Wulff.PAVILIONZV6000\Application Data\Azureus\active\7B22AA35F87CB01D974BBB26DF607CDF7BF3AD60.dat.bak
C:\Documents and Settings\Tanggaard Wulff.PAVILIONZV6000\Application Data\Azureus\active\7B22AA35F87CB01D974BBB26DF607CDF7BF3AD60\fmfile0.dat
C:\Documents and Settings\Tanggaard Wulff.PAVILIONZV6000\Application Data\Azureus\active\7B22AA35F87CB01D974BBB26DF607CDF7BF3AD60\fmfile1.dat
C:\Documents and Settings\Tanggaard Wulff.PAVILIONZV6000\Application Data\Azureus\active\7B22AA35F87CB01D974BBB26DF607CDF7BF3AD60\fmfile10.dat
C:\Documents and Settings\Tanggaard Wulff.PAVILIONZV6000\Application Data\Azureus\active\7B22AA35F87CB01D974BBB26DF607CDF7BF3AD60\fmfile11.dat
C:\Documents and Settings\Tanggaard Wulff.PAVILIONZV6000\Application Data\Azureus\active\7B22AA35F87CB01D974BBB26DF607CDF7BF3AD60\fmfile12.dat
C:\Documents and Settings\Tanggaard Wulff.PAVILIONZV6000\Application Data\Azureus\active\7B22AA35F87CB01D974BBB26DF607CDF7BF3AD60\fmfile13.dat
C:\Documents and Settings\Tanggaard Wulff.PAVILIONZV6000\Application Data\Azureus\active\7B22AA35F87CB01D974BBB26DF607CDF7BF3AD60\fmfile14.dat
C:\Documents and Settings\Tanggaard Wulff.PAVILIONZV6000\Application Data\Azureus\active\7B22AA35F87CB01D974BBB26DF607CDF7BF3AD60\fmfile15.dat
C:\Documents and Settings\Tanggaard Wulff.PAVILIONZV6000\Application Data\Azureus\active\7B22AA35F87CB01D974BBB26DF607CDF7BF3AD60\fmfile2.dat
C:\Documents and Settings\Tanggaard Wulff.PAVILIONZV6000\Application Data\Azureus\active\7B22AA35F87CB01D974BBB26DF607CDF7BF3AD60\fmfile3.dat
C:\Documents and Settings\Tanggaard Wulff.PAVILIONZV6000\Application Data\Azureus\active\7B22AA35F87CB01D974BBB26DF607CDF7BF3AD60\fmfile4.dat
C:\Documents and Settings\Tanggaard Wulff.PAVILIONZV6000\Application Data\Azureus\active\7B22AA35F87CB01D974BBB26DF607CDF7BF3AD60\fmfile5.dat
C:\Documents and Settings\Tanggaard Wulff.PAVILIONZV6000\Application Data\Azureus\active\7B22AA35F87CB01D974BBB26DF607CDF7BF3AD60\fmfile7.dat
C:\Documents and Settings\Tanggaard Wulff.PAVILIONZV6000\Application Data\Azureus\active\7B22AA35F87CB01D974BBB26DF607CDF7BF3AD60\fmfile8.dat
C:\Documents and Settings\Tanggaard Wulff.PAVILIONZV6000\Application Data\Azureus\active\7B22AA35F87CB01D974BBB26DF607CDF7BF3AD60\fmfile9.dat
C:\Documents and Settings\Tanggaard Wulff.PAVILIONZV6000\Application Data\Azureus\active\7B8DD66D3DDD01F62C166A4686CF0D1DEF2D06B5.dat
C:\Documents and Settings\Tanggaard Wulff.PAVILIONZV6000\Application Data\Azureus\active\7B8DD66D3DDD01F62C166A4686CF0D1DEF2D06B5.dat.bak
C:\Documents and Settings\Tanggaard Wulff.PAVILIONZV6000\Application Data\Azureus\active\8B9C97EA8019EC38A22BD56E6B7A0455401A60C8.dat
C:\Documents and Settings\Tanggaard Wulff.PAVILIONZV6000\Application Data\Azureus\active\8B9C97EA8019EC38A22BD56E6B7A0455401A60C8.dat.bak
C:\Documents and Settings\Tanggaard Wulff.PAVILIONZV6000\Application Data\Azureus\active\8EA2F5F997971BEF18E0A19FDBC29E900AFF6B2B.dat
C:\Documents and Settings\Tanggaard Wulff.PAVILIONZV6000\Application Data\Azureus\active\8EA2F5F997971BEF18E0A19FDBC29E900AFF6B2B.dat.bak
C:\Documents and Settings\Tanggaard Wulff.PAVILIONZV6000\Application Data\Azureus\active\983BA97570B6EDA1916145208FC632BEE988C882.dat
C:\Documents and Settings\Tanggaard Wulff.PAVILIONZV6000\Application Data\Azureus\active\983BA97570B6EDA1916145208FC632BEE988C882.dat.bak
C:\Documents and Settings\Tanggaard Wulff.PAVILIONZV6000\Application Data\Azureus\active\9E4D984B53EA9E5E6CF3FCD7B97217502C0A3E53.dat
C:\Documents and Settings\Tanggaard Wulff.PAVILIONZV6000\Application Data\Azureus\active\9E4D984B53EA9E5E6CF3FCD7B97217502C0A3E53.dat.bak
C:\Documents and Settings\Tanggaard Wulff.PAVILIONZV6000\Application Data\Azureus\active\B38965736335C9A617A4321374FA39892E96E1CE.dat
C:\Documents and Settings\Tanggaard Wulff.PAVILIONZV6000\Application Data\Azureus\active\B38965736335C9A617A4321374FA39892E96E1CE.dat.bak
C:\Documents and Settings\Tanggaard Wulff.PAVILIONZV6000\Application Data\Azureus\active\B7FE4F8CDC90E8621E8593D0894DFD6F41E6AD65.dat
C:\Documents and Settings\Tanggaard Wulff.PAVILIONZV6000\Application Data\Azureus\active\B7FE4F8CDC90E8621E8593D0894DFD6F41E6AD65.dat.bak
C:\Documents and Settings\Tanggaard Wulff.PAVILIONZV6000\Application Data\Azureus\active\BD1871E3D0E2F2D5C8D2A28660D57C44C85D1FEC.dat
C:\Documents and Settings\Tanggaard Wulff.PAVILIONZV6000\Application Data\Azureus\active\BD1871E3D0E2F2D5C8D2A28660D57C44C85D1FEC.dat.bak
C:\Documents and Settings\Tanggaard Wulff.PAVILIONZV6000\Application Data\Azureus\active\C579D7D58E6A7272CB8D683C00E765BBD159FC41.dat
C:\Documents and Settings\Tanggaard Wulff.PAVILIONZV6000\Application Data\Azureus\active\C579D7D58E6A7272CB8D683C00E765BBD159FC41.dat.bak
C:\Documents and Settings\Tanggaard Wulff.PAVILIONZV6000\Application Data\Azureus\active\cache.dat
C:\Documents and Settings\Tanggaard Wulff.PAVILIONZV6000\Application Data\Azureus\active\CBED9363554F7378BDDBFD0EC0B1040103E5E156.dat
C:\Documents and Settings\Tanggaard Wulff.PAVILIONZV6000\Application Data\Azureus\active\CBED9363554F7378BDDBFD0EC0B1040103E5E156.dat.bak
C:\Documents and Settings\Tanggaard Wulff.PAVILIONZV6000\Application Data\Azureus\active\CCCF774EB3FD2676D3AACF4409D8BCAC1AAA850E.dat
C:\Documents and Settings\Tanggaard Wulff.PAVILIONZV6000\Application Data\Azureus\active\CCCF774EB3FD2676D3AACF4409D8BCAC1AAA850E.dat.bak
C:\Documents and Settings\Tanggaard Wulff.PAVILIONZV6000\Application Data\Azureus\active\D98AB3BD902FBA4BADF13E16B226379FF798F8E1.dat
C:\Documents and Settings\Tanggaard Wulff.PAVILIONZV6000\Application Data\Azureus\active\D98AB3BD902FBA4BADF13E16B226379FF798F8E1.dat.bak
C:\Documents and Settings\Tanggaard Wulff.PAVILIONZV6000\Application Data\Azureus\active\DC5F1794BA0C0DC22CAD148C493EEC559A7A624C.dat
C:\Documents and Settings\Tanggaard Wulff.PAVILIONZV6000\Application Data\Azureus\active\DC5F1794BA0C0DC22CAD148C493EEC559A7A624C.dat.bak
C:\Documents and Settings\Tanggaard Wulff.PAVILIONZV6000\Application Data\Azureus\azureus.config
C:\Documents and Settings\Tanggaard Wulff.PAVILIONZV6000\Application Data\Azureus\azureus.config.bak
C:\Documents and Settings\Tanggaard Wulff.PAVILIONZV6000\Application Data\Azureus\azureus.statistics
C:\Documents and Settings\Tanggaard Wulff.PAVILIONZV6000\Application Data\Azureus\azureus.statistics.bak
C:\Documents and Settings\Tanggaard Wulff.PAVILIONZV6000\Application Data\Azureus\banips.config
C:\Documents and Settings\Tanggaard Wulff.PAVILIONZV6000\Application Data\Azureus\banips.config.bak
C:\Documents and Settings\Tanggaard Wulff.PAVILIONZV6000\Application Data\Azureus\debug.zip
C:\Documents and Settings\Tanggaard Wulff.PAVILIONZV6000\Application Data\Azureus\debug\evidence.log
C:\Documents and Settings\Tanggaard Wulff.PAVILIONZV6000\Application Data\Azureus\debug\image-0.jpg
C:\Documents and Settings\Tanggaard Wulff.PAVILIONZV6000\Application Data\Azureus\debug\usermessage.txt
C:\Documents and Settings\Tanggaard Wulff.PAVILIONZV6000\Application Data\Azureus\dht\addresses.dat
C:\Documents and Settings\Tanggaard Wulff.PAVILIONZV6000\Application Data\Azureus\dht\contacts.dat
C:\Documents and Settings\Tanggaard Wulff.PAVILIONZV6000\Application Data\Azureus\dht\diverse.dat
C:\Documents and Settings\Tanggaard Wulff.PAVILIONZV6000\Application Data\Azureus\dht\general.dat
C:\Documents and Settings\Tanggaard Wulff.PAVILIONZV6000\Application Data\Azureus\dht\version.dat
C:\Documents and Settings\Tanggaard Wulff.PAVILIONZV6000\Application Data\Azureus\downloads.config
C:\Documents and Settings\Tanggaard Wulff.PAVILIONZV6000\Application Data\Azureus\downloads.config.bak
C:\Documents and Settings\Tanggaard Wulff.PAVILIONZV6000\Application Data\Azureus\ipfilter.cache
C:\Documents and Settings\Tanggaard Wulff.PAVILIONZV6000\Application Data\Azureus\logs\alerts_1.log
C:\Documents and Settings\Tanggaard Wulff.PAVILIONZV6000\Application Data\Azureus\logs\AutoSpeed_1.log
C:\Documents and Settings\Tanggaard Wulff.PAVILIONZV6000\Application Data\Azureus\logs\AutoSpeedSearchHistory_1.log
C:\Documents and Settings\Tanggaard Wulff.PAVILIONZV6000\Application Data\Azureus\logs\debug_1.log
C:\Documents and Settings\Tanggaard Wulff.PAVILIONZV6000\Application Data\Azureus\logs\debug_2.log
C:\Documents and Settings\Tanggaard Wulff.PAVILIONZV6000\Application Data\Azureus\logs\save\1198264663734_alerts_1.log
C:\Documents and Settings\Tanggaard Wulff.PAVILIONZV6000\Application Data\Azureus\logs\save\1198264663734_AutoSpeed_1.log
C:\Documents and Settings\Tanggaard Wulff.PAVILIONZV6000\Application Data\Azureus\logs\save\1198264663734_debug_1.log
C:\Documents and Settings\Tanggaard Wulff.PAVILIONZV6000\Application Data\Azureus\logs\save\1198264663734_debug_2.log
C:\Documents and Settings\Tanggaard Wulff.PAVILIONZV6000\Application Data\Azureus\logs\save\1198264663734_seltrace_1.log
C:\Documents and Settings\Tanggaard Wulff.PAVILIONZV6000\Application Data\Azureus\logs\save\1198264663734_SpeedMan_1.log
C:\Documents and Settings\Tanggaard Wulff.PAVILIONZV6000\Application Data\Azureus\logs\save\1198264663734_thread_1.log
C:\Documents and Settings\Tanggaard Wulff.PAVILIONZV6000\Application Data\Azureus\logs\save\1198264663734_thread_2.log
C:\Documents and Settings\Tanggaard Wulff.PAVILIONZV6000\Application Data\Azureus\logs\seltrace_1.log
C:\Documents and Settings\Tanggaard Wulff.PAVILIONZV6000\Application Data\Azureus\logs\seltrace_2.log
C:\Documents and Settings\Tanggaard Wulff.PAVILIONZV6000\Application Data\Azureus\logs\SpeedMan_1.log
C:\Documents and Settings\Tanggaard Wulff.PAVILIONZV6000\Application Data\Azureus\logs\thread_1.log
C:\Documents and Settings\Tanggaard Wulff.PAVILIONZV6000\Application Data\Azureus\logs\thread_2.log
C:\Documents and Settings\Tanggaard Wulff.PAVILIONZV6000\Application Data\Azureus\net\pm_6785.dat
C:\Documents and Settings\Tanggaard Wulff.PAVILIONZV6000\Application Data\Azureus\plugins\azupnpav\azupnpav_0.1.3.jar
C:\Documents and Settings\Tanggaard Wulff.PAVILIONZV6000\Application Data\Azureus\plugins\azupnpav\azupnpav_0.1.3.zip
C:\Documents and Settings\Tanggaard Wulff.PAVILIONZV6000\Application Data\Azureus\plugins\azupnpav\azupnpav_0.1.7.jar
C:\Documents and Settings\Tanggaard Wulff.PAVILIONZV6000\Application Data\Azureus\plugins\azupnpav\azupnpav_0.1.7.zip
C:\Documents and Settings\Tanggaard Wulff.PAVILIONZV6000\Application Data\Azureus\plugins\azupnpav\plugin.properties
C:\Documents and Settings\Tanggaard Wulff.PAVILIONZV6000\Application Data\Azureus\plugins\azupnpav\plugin.properties_0.1.3
C:\Documents and Settings\Tanggaard Wulff.PAVILIONZV6000\Application Data\Azureus\plugins\azupnpav\plugin.properties_0.1.7
C:\Documents and Settings\Tanggaard Wulff.PAVILIONZV6000\Application Data\Azureus\sharing.config
C:\Documents and Settings\Tanggaard Wulff.PAVILIONZV6000\Application Data\Azureus\sharing.config.bak
C:\Documents and Settings\Tanggaard Wulff.PAVILIONZV6000\Application Data\Azureus\tmp\AZU9157.tmp
C:\Documents and Settings\Tanggaard Wulff.PAVILIONZV6000\Application Data\Azureus\tmp\AZU9158.tmp
C:\Documents and Settings\Tanggaard Wulff.PAVILIONZV6000\Application Data\Azureus\tmp\AZU9159.tmp
C:\Documents and Settings\Tanggaard Wulff.PAVILIONZV6000\Application Data\Azureus\tmp\AZU9160.tmp
C:\Documents and Settings\Tanggaard Wulff.PAVILIONZV6000\Application Data\Azureus\tmp\AZU9161.tmp
C:\Documents and Settings\Tanggaard Wulff.PAVILIONZV6000\Application Data\Azureus\tmp\AZU9162.tmp
C:\Documents and Settings\Tanggaard Wulff.PAVILIONZV6000\Application Data\Azureus\tmp\AZU9163.tmp
C:\Documents and Settings\Tanggaard Wulff.PAVILIONZV6000\Application Data\Azureus\torrents\[Dance_2007]__Rihanna-Umbrella_(Seamus_Haji_and_Paul_Emanuel_Rad.3737037.TPB[1].torrent
C:\Documents and Settings\Tanggaard Wulff.PAVILIONZV6000\Application Data\Azureus\torrents\[Dance_2007]__Rihanna-Umbrella_(Seamus_Haji_and_Paul_Emanuel_Radio_Edit_ft._Jay-Z)__-mininova.org-_[1].torrent
C:\Documents and Settings\Tanggaard Wulff.PAVILIONZV6000\Application Data\Azureus\torrents\[Demonoid.com]-50_Cent_Guess_Who's_Back_[Covers_Tagged]_656388.1444[1].torrent
C:\Documents and Settings\Tanggaard Wulff.PAVILIONZV6000\Application Data\Azureus\torrents\[isoHunt]_300.avi[1].torrent
C:\Documents and Settings\Tanggaard Wulff.PAVILIONZV6000\Application Data\Azureus\torrents\[isoHunt]_300.DVDSCR.XViD-NEPTUNE[1].torrent
C:\Documents and Settings\Tanggaard Wulff.PAVILIONZV6000\Application Data\Azureus\torrents\[isoHunt]_398e7c985940bf1d3365cfbae2d9be1e48c22336[1].torrent
C:\Documents and Settings\Tanggaard Wulff.PAVILIONZV6000\Application Data\Azureus\torrents\[isoHunt]_Alex_feat._Nik__Jay_Hvad_Nu_Hvis.mp3[1].torrent
C:\Documents and Settings\Tanggaard Wulff.PAVILIONZV6000\Application Data\Azureus\torrents\[isoHunt]_Alex_Feat._Nik_Og_Jay_-_Hvad_nu_Hvis.mp3[1].torrent
C:\Documents and Settings\Tanggaard Wulff.PAVILIONZV6000\Application Data\Azureus\torrents\[isoHunt]_Anden_P___Coke_.3568436.TPB[1].torrent
C:\Documents and Settings\Tanggaard Wulff.PAVILIONZV6000\Application Data\Azureus\torrents\[isoHunt]_Bee.Movie.[2007.Eng].TS.DivX-LTT.3887489.TPB[1].torrent
C:\Documents and Settings\Tanggaard Wulff.PAVILIONZV6000\Application Data\Azureus\torrents\[isoHunt]_Den.Sorte.Madonna.READ.NFO.DVDSCR.DANISH.PAL.DVDR-ByMe[1].torrent
C:\Documents and Settings\Tanggaard Wulff.PAVILIONZV6000\Application Data\Azureus\torrents\[isoHunt]_Eastern_Promises[2007]DvDrip[Eng]-FXG[1].torrent
C:\Documents and Settings\Tanggaard Wulff.PAVILIONZV6000\Application Data\Azureus\torrents\[isoHunt]_Fall_Out_Boy_-_Infinity_on_High___(Full_Album).rar.3716597.TPB[1].torrent
C:\Documents and Settings\Tanggaard Wulff.PAVILIONZV6000\Application Data\Azureus\torrents\[isoHunt]_Good_Charlotte_-_Good_Morning_Revival_[2007][
www.emwreloaded.com][1].torrentC:\Documents and Settings\Tanggaard Wulff.PAVILIONZV6000\Application Data\Azureus\torrents\[isoHunt]_Interpol[1].torrent
C:\Documents and Settings\Tanggaard Wulff.PAVILIONZV6000\Application Data\Azureus\torrents\[isoHunt]_Keane_-_Little_Broken_Words_(2007)[1].torrent
C:\Documents and Settings\Tanggaard Wulff.PAVILIONZV6000\Application Data\Azureus\torrents\[isoHunt]_Lidt_god_dansk_rap.3786394.TPB[1].torrent
C:\Documents and Settings\Tanggaard Wulff.PAVILIONZV6000\Application Data\Azureus\torrents\[isoHunt]_Linkin_Park_-_Live_Earth_2007[1].torrent
C:\Documents and Settings\Tanggaard Wulff.PAVILIONZV6000\Application Data\Azureus\torrents\[isoHunt]_Magtens_Korridorer_-_Frivaerdi_DK_2005.1354065.SN[1].torrent
C:\Documents and Settings\Tanggaard Wulff.PAVILIONZV6000\Application Data\Azureus\torrents\[isoHunt]_Mere_dansk..__Suspekt_-_Prima_Notce_(prerelease).3748487.TPB[1].torrent
C:\Documents and Settings\Tanggaard Wulff.PAVILIONZV6000\Application Data\Azureus\torrents\[isoHunt]_Natasja-_-_I_Danmark_Er_Jeg_Fodt_2007.1263235.SN[1].torrent
C:\Documents and Settings\Tanggaard Wulff.PAVILIONZV6000\Application Data\Azureus\torrents\[isoHunt]_Nephew_feat_L.O.C._-_Hospital_(Live_fra_Roskilde_07.07.07).mp3[1].torrent
C:\Documents and Settings\Tanggaard Wulff.PAVILIONZV6000\Application Data\Azureus\torrents\[isoHunt]_Poul_Potts_-_One_Chance_(NizeGuy).3791660.TPB[1].torrent
C:\Documents and Settings\Tanggaard Wulff.PAVILIONZV6000\Application Data\Azureus\torrents\[isoHunt]_Robyn_-_Robyn_[UK_Edition]_[2007][CD+SkidVid+Cov]192Kbps[1].torrent
C:\Documents and Settings\Tanggaard Wulff.PAVILIONZV6000\Application Data\Azureus\torrents\[isoHunt]_Saybia-Eyes_On_The_Highway-2007-SMO.3783281.TPB[1].torrent
C:\Documents and Settings\Tanggaard Wulff.PAVILIONZV6000\Application Data\Azureus\torrents\[isoHunt]_Spiderman_3_CAM.VCD-CANALSTREET_(A_UKB_KVCD_By_Skagman)[1].torrent
C:\Documents and Settings\Tanggaard Wulff.PAVILIONZV6000\Application Data\Azureus\torrents\[isoHunt]_Timberland_-_Apologize[1].torrent
C:\Documents and Settings\Tanggaard Wulff.PAVILIONZV6000\Application Data\Azureus\torrents\[isoHunt]_Tina_Dickow_-_Count_To_Ten_(2007)_-_Pop_.3790703.TPB[1].torrent
C:\Documents and Settings\Tanggaard Wulff.PAVILIONZV6000\Application Data\Azureus\torrents\[isoHunt]_Top_100_Hot-Pop_Billboard_06-09-07_Charts_@224_Torrent-Tatty[1].torrent
C:\Documents and Settings\Tanggaard Wulff.PAVILIONZV6000\Application Data\Azureus\torrents\[isoHunt]_Top_40_-UK-_Billboard_07-08-07_Charts__224_Torrent-Tatty.3736484.TPB[1].torrent
C:\Documents and Settings\Tanggaard Wulff.PAVILIONZV6000\Application Data\Azureus\torrents\[isoHunt]_TV2-for_dig_ku_jeg_gøre_alting.1328337.SN[1].torrent
C:\Documents and Settings\Tanggaard Wulff.PAVILIONZV6000\Application Data\Azureus\torrents\[isoHunt]_VA_-_Dance_Chart_vol._18[2007][DK][Covers].3721922.TPB[1].torrent
C:\Documents and Settings\Tanggaard Wulff.PAVILIONZV6000\Application Data\Azureus\torrents\[isoHunt]_Vista_Transformation_Pack_7.0.3724535.TPB[1].torrent
C:\Documents and Settings\Tanggaard Wulff.PAVILIONZV6000\Application Data\Azureus\torrents\[isoHunt]_Volbeat_-_The_Strength_The_Sound_The_Songs_[smaragdtorrent.org][1].torrent
C:\Documents and Settings\Tanggaard Wulff.PAVILIONZV6000\Application Data\Azureus\torrents\[isoHunt]_Wyclef_Jean-Sweetest_Girl_Ft_Akon_Lil_Wayne_And_Niia-Promo_CDS-2.1328370.SN[1].torrent
C:\Documents and Settings\Tanggaard Wulff.PAVILIONZV6000\Application Data\Azureus\torrents\Anden_P__Coke_.3568436.TPB[1].torrent
C:\Documents and Settings\Tanggaard Wulff.PAVILIONZV6000\Application Data\Azureus\torrents\AZU23675.tmp
C:\Documents and Settings\Tanggaard Wulff.PAVILIONZV6000\Application Data\Azureus\torrents\AZU36258.tmp
C:\Documents and Settings\Tanggaard Wulff.PAVILIONZV6000\Application Data\Azureus\torrents\AZU42952.tmp
C:\Documents and Settings\Tanggaard Wulff.PAVILIONZV6000\Application Data\Azureus\torrents\AZU43062.tmp
C:\Documents and Settings\Tanggaard Wulff.PAVILIONZV6000\Application Data\Azureus\torrents\AZU43066.tmp
C:\Documents and Settings\Tanggaard Wulff.PAVILIONZV6000\Application Data\Azureus\torrents\AZU45451.tmp
C:\Documents and Settings\Tanggaard Wulff.PAVILIONZV6000\Application Data\Azureus\torrents\AZU45454.tmp
C:\Documents and Settings\Tanggaard Wulff.PAVILIONZV6000\Application Data\Azureus\torrents\AZU48369.tmp
C:\Documents and Settings\Tanggaard Wulff.PAVILIONZV6000\Application Data\Azureus\torrents\AZU6960.tmp
C:\Documents and Settings\Tanggaard Wulff.PAVILIONZV6000\Application Data\Azureus\torrents\Brother_Ali_-_The_Undisputed_Truth_(2007)_-_Hip_Hop_.3658760.TPB[1].torrent
C:\Documents and Settings\Tanggaard Wulff.PAVILIONZV6000\Application Data\Azureus\torrents\Gwen_Stefani_feat._Akon_-_The_Sweet_Escape.mp3__-mininova.org-_[1].torrent
C:\Documents and Settings\Tanggaard Wulff.PAVILIONZV6000\Application Data\Azureus\torrents\KNA_Connected_-_Fibs_Løgn_og_Latin.mp3_-[
www.bitenova.nl]-_[1].torrentC:\Documents and Settings\Tanggaard Wulff.PAVILIONZV6000\Application Data\Azureus\torrents\Linkin_Park_-_What_I________ve_Done_MP3_Good_quailty_Vany.K.3653577.TPB[1].torrent
C:\Documents and Settings\Tanggaard Wulff.PAVILIONZV6000\Application Data\Azureus\torrents\Maroon_5_-_It_Won__t_Be_Soon_Before_Long_(256Kbps_covers).3693783.TPB[1].torrent
C:\Documents and Settings\Tanggaard Wulff.PAVILIONZV6000\Application Data\Azureus\torrents\Mere_dansk__Nephew_-_Interkom_Kom_Ind.3558859.TPB[1].torrent
C:\Documents and Settings\Tanggaard Wulff.PAVILIONZV6000\Application Data\Azureus\torrents\Nelly_Furtado-Loose_(Album)(2007)-FUTURE.3696523.TPB[1].torrent
C:\Documents and Settings\Tanggaard Wulff.PAVILIONZV6000\Application Data\Azureus\torrents\SuspekT-Ingen.Slukker.The.Stars_[myBittorrent.com][1].torrent
C:\Documents and Settings\Tanggaard Wulff.PAVILIONZV6000\Application Data\Azureus\torrents\Timbaland_Feat_Nelly_Furtado_And_Justin_Timberlake-Give_It_To_Me.3608612.TPB[1].torrent
C:\Documents and Settings\Tanggaard Wulff.PAVILIONZV6000\Application Data\Azureus\torrents\Timbaland_Nelly_Justin_Give_it_to_me_-_Blackbones_Holiday_mix.mp.3684373.TPB[1].torrent
C:\Documents and Settings\Tanggaard Wulff.PAVILIONZV6000\Application Data\Azureus\torrents\Volbeat_-_The_Strength_The_Sound_The_Songs_-[
www.bitenova.nl]-_[1].torrentC:\Documents and Settings\Tanggaard Wulff.PAVILIONZV6000\Application Data\Azureus\torrents\
www.torrents-and-more.to...Justin_Timberlake-What_Goes_Around_Comes_Around-UKCDM-2007-UKP__-mininova.org-_[1].torrentC:\Documents and Settings\Tanggaard Wulff.PAVILIONZV6000\Application Data\Azureus\tracker.config
C:\Documents and Settings\Tanggaard Wulff.PAVILIONZV6000\Application Data\Azureus\tracker.config.bak
C:\Documents and Settings\Tanggaard Wulff.PAVILIONZV6000\Application Data\Azureus\update.log
C:\Documents and Settings\Tanggaard Wulff.PAVILIONZV6000\Application Data\Azureus\update.properties
C:\Documents and Settings\Tanggaard Wulff.PAVILIONZV6000\Application Data\Azureus\upnp_trace1.log
C:\Documents and Settings\Tanggaard Wulff.PAVILIONZV6000\Application Data\Browsefirstbird
C:\Documents and Settings\Tanggaard Wulff.PAVILIONZV6000\Application Data\Browsefirstbird\
0C:\Documents and Settings\Tanggaard Wulff.PAVILIONZV6000\Application Data\Browsefirstbird\nmurixyw.exe
C:\Documents and Settings\Tanggaard Wulff.PAVILIONZV6000\Application Data\Browsefirstbird\Window64One.exe
C:\Programmer\Browsefirstbird
.
((((((((((((((((((((((((( Files Created from 2007-12-01 to 2008-01-01 )))))))))))))))))))))))))))))))
.
2007-12-30 14:17 . 2007-12-30 16:36 3,368 --a------ C:\WINDOWS\system32\tmp.reg
2007-12-30 14:16 . 2007-12-30 16:37 <DIR> d-------- C:\SmitfraudFix
2007-12-30 14:03 . 2007-12-30 14:03 1,129,580 --a------ C:\SmitfraudFix.exe
2007-12-29 19:34 . 2007-12-29 19:34 <DIR> d-------- C:\Documents and Settings\Administrator\Application Data\SUPERAntiSpyware.com
2007-12-29 19:29 . 2007-03-14 20:33 <DIR> d-------- C:\Documents and Settings\Administrator\Skrivebord
2007-12-29 19:29 . 2007-03-14 19:44 <DIR> d--h----- C:\Documents and Settings\Administrator\Skabeloner
2007-12-29 19:29 . 2007-03-14 20:33 <DIR> d--h----- C:\Documents and Settings\Administrator\Printere
2007-12-29 19:29 . 2007-03-14 20:33 <DIR> dr------- C:\Documents and Settings\Administrator\Menuen Start
2007-12-29 19:29 . 2007-12-29 20:34 <DIR> d--h----- C:\Documents and Settings\Administrator\Lokale indstillinger
2007-12-29 19:29 . 2007-03-14 20:33 <DIR> d-------- C:\Documents and Settings\Administrator\Foretrukne
2007-12-29 19:29 . 2007-03-14 20:33 <DIR> d-------- C:\Documents and Settings\Administrator\Dokumenter
2007-12-29 19:29 . 2007-03-14 20:33 <DIR> d--h----- C:\Documents and Settings\Administrator\Andre computere
2007-12-29 19:22 . 2007-12-29 21:11 <DIR> d-------- C:\Programmer\SUPERAntiSpyware
2007-12-29 19:22 . 2007-12-29 19:22 <DIR> d-------- C:\Documents and Settings\Tanggaard Wulff.PAVILIONZV6000\Application Data\SUPERAntiSpyware.com
2007-12-29 19:22 . 2007-12-29 19:22 <DIR> d-------- C:\Documents and Settings\All Users.WINDOWS\Application Data\SUPERAntiSpyware.com
2007-12-27 23:34 . 2007-12-30 21:09 <DIR> d-------- C:\My Downloads
2007-12-07 21:47 . 2007-12-07 21:47 0 --a------ C:\WINDOWS\iPlayer.INI
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2007-12-31 07:49 --------- d-----w C:\Documents and Settings\Tanggaard Wulff.PAVILIONZV6000\Application Data\AVG7
2007-12-30 19:20 --------- d-----w C:\Programmer\HAM
2007-12-29 18:22 --------- d-----w C:\Programmer\Fælles filer\Wise Installation Wizard
2007-12-28 18:46 --------- d-----w C:\Documents and Settings\All Users.WINDOWS\Application Data\Spybot - Search & Destroy
2007-12-27 17:36 --------- d-----w C:\Documents and Settings\Tanggaard Wulff.PAVILIONZV6000\Application Data\AdobeUM
2007-11-19 21:00 149,685 ----a-w C:\WINDOWS\HAM Uninstaller.exe
2007-11-13 10:25 20,480 ----a-w C:\WINDOWS\system32\drivers\secdrv.sys
2007-04-10 11:59 46,608 ----a-w C:\Documents and Settings\Tanggaard Wulff.PAVILIONZV6000\Application Data\GDIPFONTCACHEV1.DAT
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"msnmsgr"="C:\Programmer\MSN Messenger\msnmsgr.exe" [2007-01-19 12:55]
"ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-27 13:00]
"SUPERAntiSpyware"="C:\Programmer\SUPERAntiSpyware\SUPERAntiSpyware.exe" [2007-04-23 15:46]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IMJPMIG8.1"="C:\WINDOWS\IME\imjp8_1\IMJPMIG.exe" [2004-08-27 13:00]
"PHIME2002ASync"="C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.exe" [2004-08-27 13:00]
"PHIME2002A"="C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.exe" [2004-08-27 13:00]
"ATIPTA"="C:\Programmer\ATI Technologies\ATI Control Panel\atiptaxx.exe" [2005-03-22 21:05]
"Cpqset"="C:\Programmer\HPQ\Default Settings\cpqset.exe" [2005-02-17 14:01]
"SynTPLpr"="C:\Programmer\Synaptics\SynTP\SynTPLpr.exe" [2005-02-02 13:12]
"SynTPEnh"="C:\Programmer\Synaptics\SynTP\SynTPEnh.exe" [2005-02-02 13:11]
"eabconfg.cpl"="C:\Programmer\HPQ\Quick Launch Buttons\EabServr.exe" [2004-12-03 13:24]
"hpWirelessAssistant"="C:\Programmer\hpq\HP Wireless Assistant\HP Wireless Assistant.exe" [2005-04-11 15:21]
"AVG7_CC"="C:\PROGRA~1\Grisoft\AVG7\avgcc.exe" [2007-12-21 15:28]
"LogitechCommunicationsManager"="C:\Programmer\Fælles filer\LogiShrd\LComMgr\Communications_Helper.exe" []
"LVCOMSX"="C:\Programmer\Fælles filer\LogiShrd\LComMgr\LVComSX.exe" []
"QuickTime Task"="C:\Programmer\QuickTime\qttask.exe" [2007-03-14 20:21]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"AVG7_Run"="C:\PROGRA~1\Grisoft\AVG7\avgw.exe" [2007-10-23 20:57]
C:\Documents and Settings\All Users.WINDOWS\Menuen Start\Programmer\Start\
Adobe Reader Hurtigstart.lnk - C:\Programmer\Adobe\Acrobat 7.0\Reader\reader_sl.exe [2005-09-23 22:05:26]
Microsoft Office.lnk - C:\Programmer\Microsoft Office\Office10\OSA.EXE [2001-02-13 10:01:04]
[hkey_local_machine\software\microsoft\windows\currentversion\explorer\shellexecutehooks]
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= C:\Programmer\SUPERAntiSpyware\SASSEH.DLL [2006-12-20 13:55 77824]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\!SASWinLogon]
C:\Programmer\SUPERAntiSpyware\SASWINLO.dll 2007-04-19 13:41 294912 C:\Programmer\SUPERAntiSpyware\SASWINLO.dll
R3 HSFHWATI;HSFHWATI;C:\WINDOWS\system32\DRIVERS\HSFHWATI.sys [2005-03-22 15:39]
.
Contents of the 'Scheduled Tasks' folder
"2008-01-01 12:01:18 C:\WINDOWS\Tasks\AFE5CD10918A7E20.job"
- c:\docume~1\tangga~1.pav\applic~1\browse~1\Window64One.exe
.
**************************************************************************
catchme 0.3.1333 W2K/XP/Vista - rootkit/stealth malware detector by Gmer,
http://www.gmer.netRootkit scan 2008-01-01 13:04:57
Windows 5.1.2600 Service Pack 2 NTFS
scanning hidden processes ...
scanning hidden autostart entries ...
HKLM\Software\Microsoft\Windows\CurrentVersion\Run
Cpqset = C:\Programmer\HPQ\Default Settings\cpqset.exe???????????3?1?2?1??????? ???B????????? ???hLC????????
scanning hidden files ...
scan completed successfully
hidden files: 0
**************************************************************************
.
Completion time: 2008-01-01 13:07:48 - machine was rebooted [Tanggaard Wulff]
.
2007-12-13 20:45:09 --- E O F ---
