100 % Cpu

måske dette:
http://www.hcma.dk/tips61to70.htm#no61

Jeg tror ikke det ville hjælpe. Jeg har også service pack 3 og det du linker til er et kendt problem til service pack 1. Og det forklarer jo heller ikke det store cpu forbrug ved pakkede filer.

Har du et Antivirus program som pakker filerne ud og scanner dem? Det er Norton stærkt berygtet for, for det kan lægge enhvert computer ned...

Hej schwarz, nej det er desværre heller ikke det. Det problem har jeg oplevet tidligere, men nu laver jeg en online virus scan ind i mellem.

Mon der er nogen der kan kigge en Hijack this rapport igennem og se om der er noget der er helt galt?

Tak for hjælpen so far!

Som du selv er inde på ->

Hent og instalér CCleaner http://www.ccleaner.com/ + http://www.spywarefri.dk/manualer/ccleaner-manual.htm
Under installationen får du tilbudt [Yahoo Toolbar]. Du kan sige ja eller *NEJ* til den.
Lad programmet foretage en oprydning...

--------

Hent Malwarebytes Anti-Malware herfra:
http://www.besttechie.net/tools/mbam-setup.exe
Eller herfra ->
http://www.majorgeeks.com/Malwarebytes_Anti-Malware_d5756.html

Installer programmet - når det er gjort skal du lade programmet opdatere sig. Herefter åbner et vindue, hvor du skal flytte prikken til "Kør et fuldstændigt systemscan" - klik på Skan Knappen - lad programmet arbejde. Når det er færdig (det tager lidt tid afhængig af hvor meget du har på computeren).
Derefter - Tryk på "Vis resultater" knappen efter scanningen - og herefter tryk på "Fjern det valgte" - nu åbnes log'en og du skal gemme den et sted, hvor du kan finde den igen.
Kopier indholdet herind sammen med en frisk log fra HiJackThis...

...og her er omtalte HiJackThis ->
http://www.spywareinfo.dk/index.htm#/manualer/hijackthis.htm

Bemærk at HiJackThis.exe programmet skal gemmes i en dertil oprettet mappe og IKKE køres direkte fra nettet...

PS: Brug denne version af HJT -> http://www.trendsecure.com/portal/en-US/_download/HiJackThis.exe

(Jooo - jeg har 'virus' på hjernen...)

Mht.: Vista - HøjreMusseTast på *.EXE filen - Kør som Administrator...

------------------

Hej larry,

Tak for guiden. Jeg har idag været igang med Malwarebytes Anti-Malware, men efter den havde kørt i 2 timer var den ikke kommet ret langt, og cpu'en kørte 100% så den når det ikke idag da jeg havde en del arbejde jeg skal ha lavet. Men sætter den igang igen i nat.

Hermed logfilerne.

Malwarebytes' Anti-Malware 1.29
Database version: 1299
Windows 5.1.2600 Service Pack 3

21-10-2008 13:11:21
mbam-log-2008-10-21 (13-11-21).txt

Skan type: Fuldstændig skanning (C:\|)
Objekter skannet: 117968
Tid tilbagelagt: 4 hour(s), 42 minute(s), 28 second(s)

Inficerede Hukommelses Processer: 0
Inficerede Hukommelses Moduler: 0
Inficerede Registeringsdatabase Nøgler: 1
Inficerede Registeringsdatabase Værdier: 1
Inficerede Registeringsdatabase Filer: 0
Inficerede Mapper: 0
Inficerede Filer: 1

Inficerede Hukommelses Processer:
(Ingen mistænkelige filer fundet)

Inficerede Hukommelses Moduler:
(Ingen mistænkelige filer fundet)

Inficerede Registeringsdatabase Nøgler:
HKEY_CLASSES_ROOT\CLSID\{bf0a1ff4-bbaf-487f-bc85-a24ef8f443a8} (Adware.Comet) -> Quarantined and deleted successfully.

Inficerede Registeringsdatabase Værdier:
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Toolbar\WebBrowser\{bfb5f154-9212-46f3-b547-ac6106030a54} (Adware.DosPopToolbar) -> Quarantined and deleted successfully.

Inficerede Registeringsdatabase Filer:
(Ingen mistænkelige filer fundet)

Inficerede Mapper:
(Ingen mistænkelige filer fundet)

Inficerede Filer:
C:\System Volume Information\_restore{59C5BC42-E01A-41CF-9176-87939E0A469E}\RP192\A0034924.exe (Adware.Comet) -> Quarantined and deleted successfully.


Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 13:13:04, on 21-10-2008
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16735)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\brsvc01a.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Programmer\TOSHIBA\ConfigFree\CFSvcs.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\brss01a.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\wscntfy.exe
C:\Programmer\Apoint2K\Apoint.exe
C:\Programmer\TOSHIBA\E-KEY\CeEKey.exe
C:\Programmer\TOSHIBA\TouchPad\TPTray.exe
C:\Programmer\Apoint2K\Apntex.exe
C:\WINDOWS\system32\ZoomingHook.exe
C:\WINDOWS\system32\TCtrlIOHook.exe
C:\WINDOWS\system32\TPSMain.exe
C:\Programmer\TOSHIBA\TOSHIBA-zoomfunktion\SmoothView.exe
C:\Programmer\TOSHIBA\TOSHIBA-programmer\TFncKy.exe
C:\Programmer\TOSHIBA\Touch and Launch\PadExe.exe
C:\Programmer\TOSHIBA\Tvs\TvsTray.exe
C:\Programmer\TOSHIBA\ConfigFree\NDSTray.exe
C:\WINDOWS\system32\dla\tfswctrl.exe
C:\Programmer\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\WINDOWS\system32\TPSBattM.exe
C:\Programmer\Microsoft Office\Office12\GrooveMonitor.exe
C:\Programmer\Java\jre1.6.0_07\bin\jusched.exe
C:\WINDOWS\AGRSMMSG.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Programmer\TOSHIBA\TOSCDSPD\toscdspd.exe
C:\Programmer\Windows Live\Messenger\msnmsgr.exe
C:\Programmer\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Programmer\Fælles filer\Ahead\Lib\NMBgMonitor.exe
C:\Programmer\Fælles filer\Ahead\Lib\NMIndexingService.exe
C:\Programmer\DAEMON Tools Lite\daemon.exe
C:\Programmer\Windows Media Player\WMPNSCFG.exe
C:\Programmer\Fælles filer\Ahead\Lib\NMIndexStoreSvr.exe
C:\Programmer\Toshiba\Bluetooth Toshiba Stack\TosBtMng.exe
C:\Programmer\Giganews Accelerator\GiganewsAccelerator.exe
C:\Programmer\PC Connectivity Solution\ServiceLayer.exe
C:\Programmer\Toshiba\Bluetooth Toshiba Stack\TosA2dp.exe
C:\Programmer\Toshiba\Bluetooth Toshiba Stack\TosBtHsp.exe
C:\Programmer\Windows Live\Messenger\usnsvc.exe
C:\WINDOWS\system32\taskmgr.exe
C:\Programmer\Nokia\Nokia Software Launcher\NSLauncher.exe
C:\Programmer\PC Connectivity Solution\Transports\NclUSBSrv.exe
C:\Programmer\PC Connectivity Solution\Transports\NclRSSrv.exe
C:\Programmer\PC Connectivity Solution\Transports\NclToBTSrv.exe
C:\Programmer\Mozilla Firefox\firefox.exe
C:\WINDOWS\system32\NOTEPAD.EXE
C:\Documents and Settings\Martin Hagge\Skrivebord\Hijack\HiJackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.dk/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Hyperlinks
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programmer\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Programmer\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\system32\dla\tfswshx.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Programmer\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programmer\Java\jre1.6.0_07\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Hjælp til tilmelding til Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programmer\Fælles filer\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\programmer\google\googletoolbar1.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Programmer\Google\GoogleToolbarNotifier\3.1.807.1746\swg.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\programmer\google\googletoolbar1.dll
O4 - HKLM\..\Run: [Apoint] C:\Programmer\Apoint2K\Apoint.exe
O4 - HKLM\..\Run: [CeEKEY] C:\Programmer\TOSHIBA\E-KEY\CeEKey.exe
O4 - HKLM\..\Run: [TPNF] C:\Programmer\TOSHIBA\TouchPad\TPTray.exe
O4 - HKLM\..\Run: [HWSetup] C:\Programmer\TOSHIBA\TOSHIBA Applet\HWSetup.exe hwSetUP
O4 - HKLM\..\Run: [SVPWUTIL] C:\Programmer\Toshiba\Windows Utilities\SVPWUTIL.exe SVPwUTIL
O4 - HKLM\..\Run: [Zooming] ZoomingHook.exe
O4 - HKLM\..\Run: [TCtryIOHook] TCtrlIOHook.exe
O4 - HKLM\..\Run: [TPSMain] TPSMain.exe
O4 - HKLM\..\Run: [SmoothView] C:\Programmer\TOSHIBA\TOSHIBA-zoomfunktion\SmoothView.exe
O4 - HKLM\..\Run: [TFncKy] TFncKy.exe
O4 - HKLM\..\Run: [PadTouch] C:\Programmer\TOSHIBA\Touch and Launch\PadExe.exe
O4 - HKLM\..\Run: [Tvs] C:\Programmer\TOSHIBA\Tvs\TvsTray.exe
O4 - HKLM\..\Run: [NDSTray.exe] NDSTray.exe
O4 - HKLM\..\Run: [dla] C:\WINDOWS\system32\dla\tfswctrl.exe
O4 - HKLM\..\Run: [ATIPTA] "C:\Programmer\ATI Technologies\ATI Control Panel\atiptaxx.exe"
O4 - HKLM\..\Run: [Windows Media Connect 2] "C:\Programmer\Windows Media Connect 2\WMCCFG.exe" /StartQuiet
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Programmer\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Programmer\Fælles filer\Ahead\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [ControlCenter2.0] C:\Programmer\Brother\ControlCenter2\brctrcen.exe /autorun
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Programmer\Java\jre1.6.0_07\bin\jusched.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Programmer\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [NSLauncher] C:\Programmer\Nokia\Nokia Software Launcher\NSLauncher.exe /startup
O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe
O4 - HKLM\..\RunOnce: [Malwarebytes' Anti-Malware] C:\Programmer\Malwarebytes' Anti-Malware\mbamgui.exe /install /silent
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [TOSCDSPD] C:\Programmer\TOSHIBA\TOSCDSPD\toscdspd.exe
O4 - HKCU\..\Run: [msnmsgr] "C:\Programmer\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [swg] C:\Programmer\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Programmer\Fælles filer\Ahead\Lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [PC Suite Tray] "C:\Programmer\Nokia\Nokia PC Suite 6\PCSuite.exe" -onlytray
O4 - HKCU\..\Run: [Nokia.PCSync] "C:\Programmer\Nokia\Nokia PC Suite 6\PCSync2.exe" /NoDialog
O4 - HKCU\..\Run: [updateMgr] C:\Programmer\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe AcRdB7_1_0
O4 - HKCU\..\Run: [Yahoo! Pager] "C:\Programmer\Yahoo!\Messenger\YahooMessenger.exe" -quiet
O4 - HKCU\..\Run: [Uniblue RegistryBooster2] C:\Programmer\Uniblue\RegistryBooster 2\RegistryBooster.exe /S
O4 - HKCU\..\Run: [Uniblue SpyEraser] "C:\Programmer\Uniblue\SpyEraser\SpyEraser.exe" -m
O4 - HKCU\..\Run: [Uniblue RegistryBooster 2] C:\Programmer\Uniblue\RegistryBooster 2\RegistryBooster.exe /S
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Programmer\DAEMON Tools Lite\daemon.exe" -autorun
O4 - HKCU\..\Run: [Skype] "C:\Programmer\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKCU\..\Run: [WMPNSCFG] C:\Programmer\Windows Media Player\WMPNSCFG.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOKAL TJENESTE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETVÆRKSTJENESTE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: Adobe Reader Hurtigstart.lnk = C:\Programmer\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Bluetooth Manager.lnk = ?
O4 - Global Startup: Giganews Accelerator.lnk = C:\Programmer\Giganews Accelerator\GiganewsAccelerator.exe
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O8 - Extra context menu item: E&ksporter til Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programmer\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programmer\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra button: Send til OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: S&end til OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Programmer\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: CDPoker - {A68FC757-51CF-4f3c-B13A-BFB8CA69BB99} - C:\Poker\CDPoker\casino.exe
O9 - Extra 'Tools' menuitem: CDPoker - {A68FC757-51CF-4f3c-B13A-BFB8CA69BB99} - C:\Poker\CDPoker\casino.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programmer\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programmer\Messenger\msmsgs.exe
O16 - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} (QuickTime Plugin Control) - http://appldnld.apple.com.edgesuite.net/content.info.apple.com/QuickTime/qtactivex/qtplugin.cab
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} - http://gfx2.hotmail.com/mail/w2/resources/MSNPUpld.cab
O16 - DPF: {56762DEC-6B0D-4AB4-A8AD-989993B5D08B} (OnlineScanner Control) - http://www.eset.eu/buxus/docs/OnlineScanner.cab
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1204818585301
O16 - DPF: {6F15128C-E66A-490C-B848-5000B5ABEEAC} - https://h20436.www2.hp.com/ediags/dex/secure/HPDEXAXO.cab
O16 - DPF: {D216644A-C6DB-49D9-BBCF-D38FE7991BF2} (Util Class) - https://udstedelse.certifikat.tdc.dk/csp/authenticode/tdccsp-0506.exe
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O16 - DPF: {D8575CE3-3432-4540-88A9-85A1325D3375} (e-Safekey) - https://netbank.danskebank.dk/html/activex/e-Safekey/DB/e-Safekey.cab
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Programmer\Microsoft Office\Office12\GrooveSystemServices.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\FLLESF~1\Skype\SKYPE4~1.DLL
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: BrSplService (Brother XP spl Service) - brother Industries Ltd - C:\WINDOWS\system32\brsvc01a.exe
O23 - Service: ConfigFree Service (CFSvcs) - TOSHIBA CORPORATION - C:\Programmer\TOSHIBA\ConfigFree\CFSvcs.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Programmer\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: NBService - Nero AG - C:\Programmer\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Programmer\Fælles filer\Ahead\Lib\NMIndexingService.exe
O23 - Service: ServiceLayer - Nokia. - C:\Programmer\PC Connectivity Solution\ServiceLayer.exe

--
End of file - 12074 bytes

Kør en scanning med Hijackthis,
Du får herunder nogle filer, som du skal fixe. Det, du skal gøre, er at sætte et flueben ud for disse filer. Når du har gjort det, så lukker du alle andre vinduer ned. Det er meget vigtigt at det eneste vindue, som er åbent er HijackThis vinduet. Husk også at lukke dette vindue, når du har markeret filerne. Nu må du fixe. Klik på Fix checked.

Det er disse, som skal fixes:

O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present

Genstart normalt...

------------------------------------------------------------------------

Generelt ->
bruger du disse ?

Uniblue RegistryBooster2
Uniblue SpyEraser
"YahooMessenger"

------------------------------------------------------------------------

Hvordan kører PC'en så nu ?

Jeg fjernede O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present og yahoo messenger.

De to andre uniblue programmer er der endnu da de "burde" optimere systemet?

Men jeg vil ikke sige det har hjulpet. Et reboot tog over 15 min. og jeg måtte i joblisten og åbne explorer derfra før der rigtig skete noget.

Hmmm...

-- Hent Combofix fra et af disse links, og gem den på dit skrivebord:

http://download.bleepingcomputer.com/sUBs/ComboFix.exe
http://download.bleepingcomputer.com/sUBs/Beta/ComboFix.exe

-- Kør så combofix.exe, som du hentede tidligere, og følg anvisningerne.
Du bør ikke klikke på vinduet imens værktøjet kører, idet det kan få din computer til at fryse.
Når combofix er færdig, og efter det har genstartet, skulle der gerne åbnes en logfil: combofix.txt
Indholdet af denne fil må du gerne lægge herind.

Den er her:

ComboFix 08-10-22.05 - Martin Hagge 2008-10-23 13:50:16.2 - NTFSx86
Microsoft Windows XP Home Edition  5.1.2600.3.1252.1.1030.18.328 [GMT 2:00]
Running from: C:\Documents and Settings\Martin Hagge\Skrivebord\ComboFix.exe
* Created a new restore point

[COLOR=RED][B]WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !![/B][/COLOR]
.

(((((((((((((((((((((((((  Files Created from 2008-09-23 to 2008-10-23  )))))))))))))))))))))))))))))))
.

2008-10-20 12:29 . 2008-10-20 12:29    <DIR>    d--------    C:\Programmer\Malwarebytes' Anti-Malware
2008-10-20 12:29 . 2008-10-20 12:29    <DIR>    d--------    C:\Documents and Settings\Martin Hagge\Application Data\Malwarebytes
2008-10-20 12:29 . 2008-10-20 12:29    <DIR>    d--------    C:\Documents and Settings\All Users\Application Data\Malwarebytes
2008-10-20 12:29 . 2008-10-16 20:25    38,496    --a------    C:\WINDOWS\system32\drivers\mbamswissarmy.sys
2008-10-20 12:29 . 2008-10-16 20:25    15,504    --a------    C:\WINDOWS\system32\drivers\mbam.sys
2008-10-16 03:09 . 2008-10-16 03:10    1,393    --a------    C:\WINDOWS\imsins.BAK
2008-10-16 00:41 . 2008-09-08 12:41    333,824    -----c---    C:\WINDOWS\system32\dllcache\srv.sys
2008-10-16 00:40 . 2008-08-14 15:25    2,147,840    -----c---    C:\WINDOWS\system32\dllcache\ntkrnlmp.exe
2008-10-16 00:40 . 2008-08-14 15:25    2,068,608    -----c---    C:\WINDOWS\system32\dllcache\ntkrnlpa.exe
2008-10-16 00:40 . 2008-09-15 17:27    1,846,400    -----c---    C:\WINDOWS\system32\dllcache\win32k.sys
2008-10-16 00:39 . 2008-08-14 15:25    2,191,744    -----c---    C:\WINDOWS\system32\dllcache\ntoskrnl.exe
2008-10-16 00:39 . 2008-08-14 15:25    2,026,496    -----c---    C:\WINDOWS\system32\dllcache\ntkrpamp.exe
2008-10-09 02:13 . 2008-10-09 02:13    <DIR>    d--------    C:\Programmer\CCleaner
2008-10-08 17:54 . 2008-10-08 17:54    56    --ah-----    C:\WINDOWS\system32\ezsidmv.dat
2008-10-08 17:53 . 2008-10-08 17:53    <DIR>    d--------    C:\Programmer\Skype
2008-10-08 17:53 . 2008-10-08 17:53    <DIR>    d--------    C:\Programmer\Fælles filer\Skype
2008-10-08 17:53 . 2008-10-21 21:53    <DIR>    d--------    C:\Documents and Settings\Martin Hagge\Application Data\Skype
2008-10-06 08:56 . 2008-10-06 08:56    <DIR>    d--------    C:\Programmer\Trend Micro
2008-10-05 23:49 . 2008-10-05 23:49    1,720,086    --a------    C:\WINDOWS\system32\TmpA394125
2008-10-03 21:31 . 2008-04-14 03:54    102,664    --a------    C:\WINDOWS\system32\drivers\tmcomm.sys

.
((((((((((((((((((((((((((((((((((((((((  Find3M Report  ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-10-21 19:53    ---------    d-----w    C:\Documents and Settings\Martin Hagge\Application Data\skypePM
2008-10-21 19:43    ---------    d-----w    C:\Programmer\Microsoft Silverlight
2008-10-21 19:39    ---------    d-----w    C:\Programmer\Yahoo!
2008-10-16 01:42    ---------    d-----w    C:\Documents and Settings\All Users\Application Data\Microsoft Help
2008-10-08 15:53    ---------    d-----w    C:\Documents and Settings\All Users\Application Data\Skype
2008-10-06 06:47    ---------    d-----w    C:\Programmer\Google
2008-10-05 21:48    ---------    d-----w    C:\Programmer\Advanced Poker Calculator
2008-10-05 21:11    ---------    d-----w    C:\Programmer\DAEMON Tools Lite
2008-09-23 20:55    ---------    d-----w    C:\Documents and Settings\Martin Hagge\Application Data\dvdcss
2008-09-21 21:14    ---------    d-----w    C:\Documents and Settings\Martin Hagge\Application Data\vlc
2008-09-17 10:47    ---------    d-----w    C:\Programmer\Electronic Arts
2008-09-17 08:44    717,296    ----a-w    C:\WINDOWS\system32\drivers\sptd.sys
2008-09-17 00:27    ---------    d--h--w    C:\Programmer\InstallShield Installation Information
2008-09-15 15:27    1,846,400    ----a-w    C:\WINDOWS\system32\win32k.sys
2008-09-08 10:41    333,824    ----a-w    C:\WINDOWS\system32\drivers\srv.sys
2008-09-04 19:12    ---------    d-----w    C:\Programmer\Messenger Plus! Live
2008-08-26 19:39    ---------    d-----w    C:\Programmer\Image-Line
2008-08-26 08:27    826,368    ----a-w    C:\WINDOWS\system32\wininet.dll
2008-08-26 08:27    826,368    ----a-w    C:\WINDOWS\system32\SET8F3.tmp
2008-08-26 08:27    233,472    ----a-w    C:\WINDOWS\system32\SET8F4.tmp
2008-08-26 08:27    1,159,680    ----a-w    C:\WINDOWS\system32\SET8F5.tmp
2008-08-14 13:25    2,191,744    ----a-w    C:\WINDOWS\system32\ntoskrnl.exe
2008-08-14 13:25    2,068,608    ----a-w    C:\WINDOWS\system32\ntkrnlpa.exe
2008-03-17 00:39    32    ----a-w    C:\Documents and Settings\All Users\Application Data\ezsid.dat
.

(((((((((((((((((((((((((((((  snapshot@2008-10-10_14.23.29.04  )))))))))))))))))))))))))))))))))))))))))
.
+ 2008-08-14 13:25:42    2,147,840    ------w    C:\WINDOWS\Driver Cache\i386\ntkrnlmp.exe
+ 2008-08-14 13:25:45    2,068,608    ------w    C:\WINDOWS\Driver Cache\i386\ntkrnlpa.exe
+ 2008-08-14 13:25:41    2,026,496    ------w    C:\WINDOWS\Driver Cache\i386\ntkrpamp.exe
+ 2008-08-14 13:25:45    2,191,744    ------w    C:\WINDOWS\Driver Cache\i386\ntoskrnl.exe
+ 2008-06-23 16:33:50    124,928    -c----w    C:\WINDOWS\ie7updates\KB956390-IE7\advpack.dll
+ 2008-06-23 16:33:50    347,136    -c----w    C:\WINDOWS\ie7updates\KB956390-IE7\dxtmsft.dll
+ 2008-06-23 16:33:50    214,528    -c----w    C:\WINDOWS\ie7updates\KB956390-IE7\dxtrans.dll
+ 2008-06-23 16:33:50    133,120    -c----w    C:\WINDOWS\ie7updates\KB956390-IE7\extmgr.dll
+ 2008-06-23 16:33:50    63,488    -c----w    C:\WINDOWS\ie7updates\KB956390-IE7\icardie.dll
+ 2008-06-23 09:19:04    70,656    -c----w    C:\WINDOWS\ie7updates\KB956390-IE7\ie4uinit.exe
+ 2008-06-23 16:33:50    153,088    -c----w    C:\WINDOWS\ie7updates\KB956390-IE7\ieakeng.dll
+ 2008-06-23 16:33:50    230,400    -c----w    C:\WINDOWS\ie7updates\KB956390-IE7\ieaksie.dll
+ 2008-06-21 05:23:54    161,792    -c----w    C:\WINDOWS\ie7updates\KB956390-IE7\ieakui.dll
+ 2008-06-23 16:33:50    383,488    -c----w    C:\WINDOWS\ie7updates\KB956390-IE7\ieapfltr.dll
+ 2008-06-23 16:33:50    384,512    -c----w    C:\WINDOWS\ie7updates\KB956390-IE7\iedkcs32.dll
+ 2008-06-23 16:33:51    6,066,176    -c----w    C:\WINDOWS\ie7updates\KB956390-IE7\ieframe.dll
+ 2008-06-23 16:33:51    44,544    -c----w    C:\WINDOWS\ie7updates\KB956390-IE7\iernonce.dll
+ 2008-06-23 16:33:52    267,776    -c----w    C:\WINDOWS\ie7updates\KB956390-IE7\iertutil.dll
+ 2008-06-23 09:20:26    13,824    -c----w    C:\WINDOWS\ie7updates\KB956390-IE7\ieudinit.exe
+ 2008-06-23 09:19:22    625,664    -c----w    C:\WINDOWS\ie7updates\KB956390-IE7\iexplore.exe
+ 2008-06-23 16:33:52    27,648    -c----w    C:\WINDOWS\ie7updates\KB956390-IE7\jsproxy.dll
+ 2008-06-23 16:33:52    459,264    -c----w    C:\WINDOWS\ie7updates\KB956390-IE7\msfeeds.dll
+ 2008-06-23 16:33:52    52,224    -c----w    C:\WINDOWS\ie7updates\KB956390-IE7\msfeedsbs.dll
+ 2008-06-24 08:33:54    3,592,192    -c----w    C:\WINDOWS\ie7updates\KB956390-IE7\mshtml.dll
+ 2008-06-23 16:33:53    477,696    -c----w    C:\WINDOWS\ie7updates\KB956390-IE7\mshtmled.dll
+ 2008-06-23 16:33:53    193,024    -c----w    C:\WINDOWS\ie7updates\KB956390-IE7\msrating.dll
+ 2008-06-23 16:33:53    671,232    -c----w    C:\WINDOWS\ie7updates\KB956390-IE7\mstime.dll
+ 2008-06-23 16:33:53    102,912    -c----w    C:\WINDOWS\ie7updates\KB956390-IE7\occache.dll
+ 2008-06-23 16:33:53    44,544    -c----w    C:\WINDOWS\ie7updates\KB956390-IE7\pngfilt.dll
+ 2007-03-06 01:11:00    214,752    -c----w    C:\WINDOWS\ie7updates\KB956390-IE7\spuninst\spuninst.exe
+ 2007-03-06 01:12:08    383,200    -c----w    C:\WINDOWS\ie7updates\KB956390-IE7\spuninst\updspapi.dll
+ 2008-06-23 16:33:53    105,984    -c----w    C:\WINDOWS\ie7updates\KB956390-IE7\url.dll
+ 2008-06-23 16:33:53    1,159,680    -c----w    C:\WINDOWS\ie7updates\KB956390-IE7\urlmon.dll
+ 2008-06-23 16:33:54    233,472    -c----w    C:\WINDOWS\ie7updates\KB956390-IE7\webcheck.dll
+ 2008-06-23 16:33:54    826,368    -c----w    C:\WINDOWS\ie7updates\KB956390-IE7\wininet.dll
- 2008-09-16 08:30:05    1,165,584    ----a-r    C:\WINDOWS\Installer\{90120000-0030-0000-0000-0000000FF1CE}\accicons.exe
+ 2008-10-16 01:42:19    1,165,584    ----a-r    C:\WINDOWS\Installer\{90120000-0030-0000-0000-0000000FF1CE}\accicons.exe
- 2008-09-16 08:30:06    20,240    ----a-r    C:\WINDOWS\Installer\{90120000-0030-0000-0000-0000000FF1CE}\cagicon.exe
+ 2008-10-16 01:42:20    20,240    ----a-r    C:\WINDOWS\Installer\{90120000-0030-0000-0000-0000000FF1CE}\cagicon.exe
- 2008-09-16 08:30:05    159,504    ----a-r    C:\WINDOWS\Installer\{90120000-0030-0000-0000-0000000FF1CE}\inficon.exe
+ 2008-10-16 01:42:19    159,504    ----a-r    C:\WINDOWS\Installer\{90120000-0030-0000-0000-0000000FF1CE}\inficon.exe
- 2008-09-16 08:30:05    184,080    ----a-r    C:\WINDOWS\Installer\{90120000-0030-0000-0000-0000000FF1CE}\joticon.exe
+ 2008-10-16 01:42:19    184,080    ----a-r    C:\WINDOWS\Installer\{90120000-0030-0000-0000-0000000FF1CE}\joticon.exe
- 2008-09-16 08:30:06    217,864    ----a-r    C:\WINDOWS\Installer\{90120000-0030-0000-0000-0000000FF1CE}\misc.exe
+ 2008-10-16 01:42:19    217,864    ----a-r    C:\WINDOWS\Installer\{90120000-0030-0000-0000-0000000FF1CE}\misc.exe
- 2008-09-16 08:30:06    18,704    ----a-r    C:\WINDOWS\Installer\{90120000-0030-0000-0000-0000000FF1CE}\mspicons.exe
+ 2008-10-16 01:42:20    18,704    ----a-r    C:\WINDOWS\Installer\{90120000-0030-0000-0000-0000000FF1CE}\mspicons.exe
- 2008-09-16 08:30:07    35,088    ----a-r    C:\WINDOWS\Installer\{90120000-0030-0000-0000-0000000FF1CE}\oisicon.exe
+ 2008-10-16 01:42:20    35,088    ----a-r    C:\WINDOWS\Installer\{90120000-0030-0000-0000-0000000FF1CE}\oisicon.exe
- 2008-09-16 08:30:06    845,584    ----a-r    C:\WINDOWS\Installer\{90120000-0030-0000-0000-0000000FF1CE}\outicon.exe
+ 2008-10-16 01:42:19    845,584    ----a-r    C:\WINDOWS\Installer\{90120000-0030-0000-0000-0000000FF1CE}\outicon.exe
- 2008-09-16 08:30:06    922,384    ----a-r    C:\WINDOWS\Installer\{90120000-0030-0000-0000-0000000FF1CE}\pptico.exe
+ 2008-10-16 01:42:19    922,384    ----a-r    C:\WINDOWS\Installer\{90120000-0030-0000-0000-0000000FF1CE}\pptico.exe
- 2008-09-16 08:30:06    272,648    ----a-r    C:\WINDOWS\Installer\{90120000-0030-0000-0000-0000000FF1CE}\pubs.exe
+ 2008-10-16 01:42:19    272,648    ----a-r    C:\WINDOWS\Installer\{90120000-0030-0000-0000-0000000FF1CE}\pubs.exe
- 2008-09-16 08:30:06    888,080    ----a-r    C:\WINDOWS\Installer\{90120000-0030-0000-0000-0000000FF1CE}\wordicon.exe
+ 2008-10-16 01:42:20    888,080    ----a-r    C:\WINDOWS\Installer\{90120000-0030-0000-0000-0000000FF1CE}\wordicon.exe
- 2008-09-16 08:30:05    1,172,240    ----a-r    C:\WINDOWS\Installer\{90120000-0030-0000-0000-0000000FF1CE}\xlicons.exe
+ 2008-10-16 01:42:19    1,172,240    ----a-r    C:\WINDOWS\Installer\{90120000-0030-0000-0000-0000000FF1CE}\xlicons.exe
- 2008-06-23 16:33:50    124,928    ----a-w    C:\WINDOWS\system32\advpack.dll
+ 2008-08-26 08:27:23    124,928    ----a-w    C:\WINDOWS\system32\advpack.dll
- 2008-06-23 16:33:50    124,928    -c----w    C:\WINDOWS\system32\dllcache\advpack.dll
+ 2008-08-26 08:27:23    124,928    -c----w    C:\WINDOWS\system32\dllcache\advpack.dll
- 2008-06-20 11:40:08    138,496    -c----w    C:\WINDOWS\system32\dllcache\afd.sys
+ 2008-08-14 10:04:36    138,496    -c----w    C:\WINDOWS\system32\dllcache\afd.sys
- 2008-06-23 16:33:50    347,136    -c----w    C:\WINDOWS\system32\dllcache\dxtmsft.dll
+ 2008-08-26 08:27:23    347,136    -c----w    C:\WINDOWS\system32\dllcache\dxtmsft.dll
- 2008-06-23 16:33:50    214,528    -c----w    C:\WINDOWS\system32\dllcache\dxtrans.dll
+ 2008-08-26 08:27:23    214,528    -c----w    C:\WINDOWS\system32\dllcache\dxtrans.dll
- 2008-06-23 16:33:50    133,120    -c----w    C:\WINDOWS\system32\dllcache\extmgr.dll
+ 2008-08-26 08:27:23    133,120    -c----w    C:\WINDOWS\system32\dllcache\extmgr.dll
- 2008-06-23 16:33:50    63,488    -c----w    C:\WINDOWS\system32\dllcache\icardie.dll
+ 2008-08-26 08:27:23    63,488    -c----w    C:\WINDOWS\system32\dllcache\icardie.dll
- 2008-06-23 09:19:04    70,656    -c----w    C:\WINDOWS\system32\dllcache\ie4uinit.exe
+ 2008-08-25 08:36:50    70,656    -c----w    C:\WINDOWS\system32\dllcache\ie4uinit.exe
- 2008-06-23 16:33:50    153,088    -c----w    C:\WINDOWS\system32\dllcache\ieakeng.dll
+ 2008-08-26 08:27:23    153,088    -c----w    C:\WINDOWS\system32\dllcache\ieakeng.dll
- 2008-06-23 16:33:50    230,400    -c----w    C:\WINDOWS\system32\dllcache\ieaksie.dll
+ 2008-08-26 08:27:23    230,400    -c----w    C:\WINDOWS\system32\dllcache\ieaksie.dll
- 2008-06-21 05:23:54    161,792    -c----w    C:\WINDOWS\system32\dllcache\ieakui.dll
+ 2008-08-23 05:54:51    161,792    -c----w    C:\WINDOWS\system32\dllcache\ieakui.dll
- 2008-06-23 16:33:50    383,488    -c----w    C:\WINDOWS\system32\dllcache\ieapfltr.dll
+ 2008-08-26 08:27:24    383,488    -c----w    C:\WINDOWS\system32\dllcache\ieapfltr.dll
- 2008-06-23 16:33:50    384,512    -c----w    C:\WINDOWS\system32\dllcache\iedkcs32.dll
+ 2008-08-26 08:27:24    384,512    -c----w    C:\WINDOWS\system32\dllcache\iedkcs32.dll
- 2008-06-23 16:33:51    6,066,176    -c----w    C:\WINDOWS\system32\dllcache\ieframe.dll
+ 2008-10-03 17:12:34    6,066,176    -c----w    C:\WINDOWS\system32\dllcache\ieframe.dll
- 2008-06-23 16:33:51    44,544    -c----w    C:\WINDOWS\system32\dllcache\iernonce.dll
+ 2008-08-26 08:27:25    44,544    -c----w    C:\WINDOWS\system32\dllcache\iernonce.dll
- 2008-06-23 16:33:52    267,776    -c----w    C:\WINDOWS\system32\dllcache\iertutil.dll
+ 2008-08-26 08:27:25    267,776    -c----w    C:\WINDOWS\system32\dllcache\iertutil.dll
- 2008-06-23 09:20:26    13,824    -c----w    C:\WINDOWS\system32\dllcache\ieudinit.exe
+ 2008-08-25 08:38:00    13,824    -c----w    C:\WINDOWS\system32\dllcache\ieudinit.exe
- 2008-06-23 09:19:22    625,664    -c----w    C:\WINDOWS\system32\dllcache\iexplore.exe
+ 2008-08-23 05:56:15    635,848    -c----w    C:\WINDOWS\system32\dllcache\iexplore.exe
- 2008-06-23 16:33:52    27,648    -c----w    C:\WINDOWS\system32\dllcache\jsproxy.dll
+ 2008-08-26 08:27:26    27,648    -c----w    C:\WINDOWS\system32\dllcache\jsproxy.dll
- 2008-06-23 16:33:52    459,264    -c----w    C:\WINDOWS\system32\dllcache\msfeeds.dll
+ 2008-08-26 08:27:26    459,264    -c----w    C:\WINDOWS\system32\dllcache\msfeeds.dll
- 2008-06-23 16:33:52    52,224    -c----w    C:\WINDOWS\system32\dllcache\msfeedsbs.dll
+ 2008-08-26 08:27:26    52,224    -c----w    C:\WINDOWS\system32\dllcache\msfeedsbs.dll
- 2008-06-24 08:33:54    3,592,192    -c----w    C:\WINDOWS\system32\dllcache\mshtml.dll
+ 2008-08-27 09:27:28    3,593,216    -c----w    C:\WINDOWS\system32\dllcache\mshtml.dll
- 2008-06-23 16:33:53    477,696    -c----w    C:\WINDOWS\system32\dllcache\mshtmled.dll
+ 2008-08-26 08:27:27    477,696    -c----w    C:\WINDOWS\system32\dllcache\mshtmled.dll
- 2008-06-23 16:33:53    193,024    -c----w    C:\WINDOWS\system32\dllcache\msrating.dll
+ 2008-08-26 08:27:27    193,024    -c----w    C:\WINDOWS\system32\dllcache\msrating.dll
- 2008-06-23 16:33:53    671,232    -c----w    C:\WINDOWS\system32\dllcache\mstime.dll
+ 2008-08-26 08:27:27    671,232    -c----w    C:\WINDOWS\system32\dllcache\mstime.dll
- 2008-06-23 16:33:53    102,912    -c----w    C:\WINDOWS\system32\dllcache\occache.dll
+ 2008-08-26 08:27:27    102,912    -c----w    C:\WINDOWS\system32\dllcache\occache.dll
- 2008-06-23 16:33:53    44,544    -c----w    C:\WINDOWS\system32\dllcache\pngfilt.dll
+ 2008-08-26 08:27:27    44,544    -c----w    C:\WINDOWS\system32\dllcache\pngfilt.dll
- 2008-06-23 16:33:53    105,984    -c----w    C:\WINDOWS\system32\dllcache\url.dll
+ 2008-08-26 08:27:27    105,984    -c----w    C:\WINDOWS\system32\dllcache\url.dll
- 2008-06-23 16:33:53    1,159,680    -c----w    C:\WINDOWS\system32\dllcache\urlmon.dll
+ 2008-08-26 08:27:27    1,159,680    -c----w    C:\WINDOWS\system32\dllcache\urlmon.dll
- 2008-06-23 16:33:54    233,472    -c----w    C:\WINDOWS\system32\dllcache\webcheck.dll
+ 2008-08-26 08:27:27    233,472    -c----w    C:\WINDOWS\system32\dllcache\webcheck.dll
- 2008-06-23 16:33:54    826,368    -c----w    C:\WINDOWS\system32\dllcache\wininet.dll
+ 2008-08-26 08:27:28    826,368    -c----w    C:\WINDOWS\system32\dllcache\wininet.dll
- 2008-06-20 11:40:08    138,496    ----a-w    C:\WINDOWS\system32\drivers\afd.sys
+ 2008-08-14 10:04:36    138,496    ----a-w    C:\WINDOWS\system32\drivers\afd.sys
- 2008-06-23 16:33:50    347,136    ----a-w    C:\WINDOWS\system32\dxtmsft.dll
+ 2008-08-26 08:27:23    347,136    ----a-w    C:\WINDOWS\system32\dxtmsft.dll
- 2008-06-23 16:33:50    214,528    ----a-w    C:\WINDOWS\system32\dxtrans.dll
+ 2008-08-26 08:27:23    214,528    ----a-w    C:\WINDOWS\system32\dxtrans.dll
- 2008-06-23 16:33:50    133,120    ------w    C:\WINDOWS\system32\extmgr.dll
+ 2008-08-26 08:27:23    133,120    ------w    C:\WINDOWS\system32\extmgr.dll
- 2008-08-14 00:19:56    269,392    ----a-w    C:\WINDOWS\system32\FNTCACHE.DAT
+ 2008-10-16 11:40:55    269,392    ----a-w    C:\WINDOWS\system32\FNTCACHE.DAT
- 2008-06-23 16:33:50    63,488    ----a-w    C:\WINDOWS\system32\icardie.dll
+ 2008-08-26 08:27:23    63,488    ----a-w    C:\WINDOWS\system32\icardie.dll
- 2008-06-23 09:19:04    70,656    ------w    C:\WINDOWS\system32\ie4uinit.exe
+ 2008-08-25 08:36:50    70,656    ------w    C:\WINDOWS\system32\ie4uinit.exe
- 2008-06-23 16:33:50    153,088    ------w    C:\WINDOWS\system32\ieakeng.dll
+ 2008-08-26 08:27:23    153,088    ------w    C:\WINDOWS\system32\ieakeng.dll
- 2008-06-23 16:33:50    230,400    ------w    C:\WINDOWS\system32\ieaksie.dll
+ 2008-08-26 08:27:23    230,400    ------w    C:\WINDOWS\system32\ieaksie.dll
- 2008-06-21 05:23:54    161,792    ------w    C:\WINDOWS\system32\ieakui.dll
+ 2008-08-23 05:54:51    161,792    ------w    C:\WINDOWS\system32\ieakui.dll
- 2008-06-23 16:33:50    383,488    ----a-w    C:\WINDOWS\system32\ieapfltr.dll
+ 2008-08-26 08:27:24    383,488    ----a-w    C:\WINDOWS\system32\ieapfltr.dll
- 2008-06-23 16:33:50    384,512    ------w    C:\WINDOWS\system32\iedkcs32.dll
+ 2008-08-26 08:27:24    384,512    ------w    C:\WINDOWS\system32\iedkcs32.dll
- 2008-06-23 16:33:51    6,066,176    ----a-w    C:\WINDOWS\system32\ieframe.dll
+ 2008-10-03 17:12:34    6,066,176    ----a-w    C:\WINDOWS\system32\ieframe.dll
- 2008-06-23 16:33:51    44,544    ------w    C:\WINDOWS\system32\iernonce.dll
+ 2008-08-26 08:27:25    44,544    ------w    C:\WINDOWS\system32\iernonce.dll
- 2008-06-23 16:33:52    267,776    ----a-w    C:\WINDOWS\system32\iertutil.dll
+ 2008-08-26 08:27:25    267,776    ----a-w    C:\WINDOWS\system32\iertutil.dll
- 2008-06-23 09:20:26    13,824    ----a-w    C:\WINDOWS\system32\ieudinit.exe
+ 2008-08-25 08:38:00    13,824    ----a-w    C:\WINDOWS\system32\ieudinit.exe
- 2008-06-23 16:33:52    27,648    ------w    C:\WINDOWS\system32\jsproxy.dll
+ 2008-08-26 08:27:26    27,648    ------w    C:\WINDOWS\system32\jsproxy.dll
- 2008-08-26 20:28:12    16,208,504    ----a-w    C:\WINDOWS\system32\MRT.exe
+ 2008-10-07 19:19:40    16,721,856    ----a-w    C:\WINDOWS\system32\MRT.exe
- 2008-06-23 16:33:52    459,264    ----a-w    C:\WINDOWS\system32\msfeeds.dll
+ 2008-08-26 08:27:26    459,264    ----a-w    C:\WINDOWS\system32\msfeeds.dll
- 2008-06-23 16:33:52    52,224    ----a-w    C:\WINDOWS\system32\msfeedsbs.dll
+ 2008-08-26 08:27:26    52,224    ----a-w    C:\WINDOWS\system32\msfeedsbs.dll
- 2008-06-24 08:33:54    3,592,192    ----a-w    C:\WINDOWS\system32\mshtml.dll
+ 2008-08-27 09:27:28    3,593,216    ----a-w    C:\WINDOWS\system32\mshtml.dll
- 2008-06-23 16:33:53    477,696    ----a-w    C:\WINDOWS\system32\mshtmled.dll
+ 2008-08-26 08:27:27    477,696    ----a-w    C:\WINDOWS\system32\mshtmled.dll
- 2008-06-23 16:33:53    193,024    ------w    C:\WINDOWS\system32\msrating.dll
+ 2008-08-26 08:27:27    193,024    ------w    C:\WINDOWS\system32\msrating.dll
- 2008-06-23 16:33:53    671,232    ------w    C:\WINDOWS\system32\mstime.dll
+ 2008-08-26 08:27:27    671,232    ------w    C:\WINDOWS\system32\mstime.dll
- 2008-06-23 16:33:53    102,912    ------w    C:\WINDOWS\system32\occache.dll
+ 2008-08-26 08:27:27    102,912    ------w    C:\WINDOWS\system32\occache.dll
- 2008-06-23 16:33:53    44,544    ----a-w    C:\WINDOWS\system32\pngfilt.dll
+ 2008-08-26 08:27:27    44,544    ----a-w    C:\WINDOWS\system32\pngfilt.dll
- 2007-11-30 12:39:13    17,784    ------w    C:\WINDOWS\system32\spmsg.dll
+ 2007-11-30 11:18:31    17,784    ------w    C:\WINDOWS\system32\spmsg.dll
- 2008-06-23 16:33:53    105,984    ----a-w    C:\WINDOWS\system32\url.dll
+ 2008-08-26 08:27:27    105,984    ----a-w    C:\WINDOWS\system32\url.dll
- 2008-06-23 16:33:53    1,159,680    ----a-w    C:\WINDOWS\system32\urlmon.dll
+ 2008-08-26 08:27:27    1,159,680    ----a-w    C:\WINDOWS\system32\urlmon.dll
- 2008-06-23 16:33:54    233,472    ----a-w    C:\WINDOWS\system32\webcheck.dll
+ 2008-08-26 08:27:27    233,472    ------w    C:\WINDOWS\system32\webcheck.dll
.
-- Snapshot reset to current date --
.
(((((((((((((((((((((((((((((((((((((  Reg Loading Points  ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\system32\ctfmon.exe" [2008-04-14 15360]
"TOSCDSPD"="C:\Programmer\TOSHIBA\TOSCDSPD\toscdspd.exe" [2005-04-12 65536]
"msnmsgr"="C:\Programmer\Windows Live\Messenger\msnmsgr.exe" [2007-10-18 5724184]
"swg"="C:\Programmer\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2008-03-11 68856]
"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="C:\Programmer\Fælles filer\Ahead\Lib\NMBgMonitor.exe" [2007-06-27 152872]
"PC Suite Tray"="C:\Programmer\Nokia\Nokia PC Suite 6\PCSuite.exe" [2008-03-28 1079296]
"Nokia.PCSync"="C:\Programmer\Nokia\Nokia PC Suite 6\PCSync2.exe" [2008-03-26 1232896]
"updateMgr"="C:\Programmer\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe" [2006-03-30 313472]
"Uniblue RegistryBooster2"="C:\Programmer\Uniblue\RegistryBooster 2\RegistryBooster.exe" [2007-08-16 1877272]
"Uniblue SpyEraser"="C:\Programmer\Uniblue\SpyEraser\SpyEraser.exe" [2008-04-02 1424648]
"Uniblue RegistryBooster 2"="C:\Programmer\Uniblue\RegistryBooster 2\RegistryBooster.exe" [2007-08-16 1877272]
"DAEMON Tools Lite"="C:\Programmer\DAEMON Tools Lite\daemon.exe" [2008-08-08 490952]
"Skype"="C:\Programmer\Skype\Phone\Skype.exe" [2008-09-29 21755688]
"WMPNSCFG"="C:\Programmer\Windows Media Player\WMPNSCFG.exe" [2006-11-15 204288]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Apoint"="C:\Programmer\Apoint2K\Apoint.exe" [2004-03-24 196608]
"CeEKEY"="C:\Programmer\TOSHIBA\E-KEY\CeEKey.exe" [2005-09-06 671744]
"TPNF"="C:\Programmer\TOSHIBA\TouchPad\TPTray.exe" [2005-08-25 53248]
"HWSetup"="C:\Programmer\TOSHIBA\TOSHIBA Applet\HWSetup.exe" [2004-05-01 28672]
"SVPWUTIL"="C:\Programmer\Toshiba\Windows Utilities\SVPWUTIL.exe" [2004-05-01 65536]
"SmoothView"="C:\Programmer\TOSHIBA\TOSHIBA-zoomfunktion\SmoothView.exe" [2005-05-12 118784]
"PadTouch"="C:\Programmer\TOSHIBA\Touch and Launch\PadExe.exe" [2005-08-30 1077328]
"Tvs"="C:\Programmer\TOSHIBA\Tvs\TvsTray.exe" [2005-04-05 73728]
"dla"="C:\WINDOWS\system32\dla\tfswctrl.exe" [2005-05-31 122941]
"ATIPTA"="C:\Programmer\ATI Technologies\ATI Control Panel\atiptaxx.exe" [2005-08-05 344064]
"Windows Media Connect 2"="C:\Programmer\Windows Media Connect 2\WMCCFG.exe" [2006-10-18 8704]
"GrooveMonitor"="C:\Programmer\Microsoft Office\Office12\GrooveMonitor.exe" [2007-08-24 33648]
"NeroFilterCheck"="C:\Programmer\Fælles filer\Ahead\Lib\NeroCheck.exe" [2007-03-01 153136]
"ControlCenter2.0"="C:\Programmer\Brother\ControlCenter2\brctrcen.exe" [2005-07-22 933888]
"SunJavaUpdateSched"="C:\Programmer\Java\jre1.6.0_07\bin\jusched.exe" [2008-06-10 144784]
"QuickTime Task"="C:\Programmer\QuickTime\qttask.exe" [2008-03-07 385024]
"NSLauncher"="C:\Programmer\Nokia\Nokia Software Launcher\NSLauncher.exe" [2007-09-07 3100672]
"Zooming"="ZoomingHook.exe" [2005-06-06 C:\WINDOWS\system32\ZoomingHook.exe]
"TCtryIOHook"="TCtrlIOHook.exe" [2005-08-22 C:\WINDOWS\system32\TCtrlIOHook.exe]
"TPSMain"="TPSMain.exe" [2005-08-11 C:\WINDOWS\system32\TPSMain.exe]
"TFncKy"="TFncKy.exe" [BU]
"NDSTray.exe"="NDSTray.exe" [BU]
"AGRSMMSG"="AGRSMMSG.exe" [2004-12-22 C:\WINDOWS\agrsmmsg.exe]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\system32\CTFMON.EXE" [2008-04-14 15360]
"Nokia.PCSync"="C:\Programmer\Nokia\Nokia PC Suite 6\PcSync2.exe" [2008-03-26 1232896]

C:\Documents and Settings\All Users\Menuen Start\Programmer\Start\
Adobe Reader Hurtigstart.lnk - C:\Programmer\Adobe\Acrobat 7.0\Reader\reader_sl.exe [2008-04-23 29696]
Bluetooth Manager.lnk - C:\Programmer\Toshiba\Bluetooth Toshiba Stack\TosBtMng.exe [2005-03-22 483328]
Giganews Accelerator.lnk - C:\Programmer\Giganews Accelerator\GiganewsAccelerator.exe [2007-12-18 757760]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\WBSrv]
2008-03-07 01:57 229376 C:\Programmer\Stardock\Object Desktop\WindowBlinds\WbSrv.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=wbsys.dll

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"C:\\Programmer\\Microsoft Office\\Office12\\OUTLOOK.EXE"=
"C:\\Programmer\\Microsoft Office\\Office12\\GROOVE.EXE"=
"C:\\Programmer\\Microsoft Office\\Office12\\ONENOTE.EXE"=
"C:\\Programmer\\Nokia\\Nokia Software Updater\\nsu_ui_client.exe"=
"C:\\Programmer\\Fælles filer\\Nokia\\Service Layer\\A\\nsl_host_process.exe"=
"C:\\Programmer\\Windows Media Player\\wmplayer.exe"=
"C:\\Programmer\\InterPoker\\UA.exe"=
"C:\\Programmer\\Windows Live\\Messenger\\msnmsgr.exe"=
"C:\\Programmer\\Windows Live\\Messenger\\livecall.exe"=
"C:\\Programmer\\Skype\\Phone\\Skype.exe"=

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"41952:TCP"= 41952:TCP:MediaServer.exe

.
Contents of the 'Scheduled Tasks' folder

2008-03-06 C:\WINDOWS\Tasks\Registreringspåmindelse 2.job
- C:\WINDOWS\system32\OOBE\oobebaln.exe [2008-04-14 18:05]

2008-08-09 C:\WINDOWS\Tasks\Uniblue SpyEraser.job
- C:\Programmer\Uniblue\SpyEraser\SpyEraser.exe [2008-04-02 09:50]
.
.
------- Supplementary Scan -------
.
FireFox -: Profile - C:\Documents and Settings\Martin Hagge\Application Data\Mozilla\Firefox\Profiles\2poykota.default\
FireFox -: prefs.js - STARTUP.HOMEPAGE - hxxp://www.google.dk/
FF -: plugin - C:\Programmer\Adobe\Acrobat 7.0\Reader\browser\nppdf32.dll
FF -: plugin - c:\Programmer\Microsoft Silverlight\2.0.31005.0\npctrl.1.0.30716.0.dll
FF -: plugin - c:\Programmer\Microsoft Silverlight\2.0.31005.0\npctrl.dll
FF -: plugin - C:\Programmer\Mozilla Firefox\plugins\npGoogleGadgetPluginFirefoxWin.dll
.

**************************************************************************

catchme 0.3.1367 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-10-23 13:54:08
Windows 5.1.2600 Service Pack 3 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************
.
Completion time: 2008-10-23 13:56:12
ComboFix-quarantined-files.txt  2008-10-23 11:55:59
ComboFix2.txt  2008-10-10 12:24:17

Pre-Run: 26.509.352.960 byte ledig
Post-Run: 26,575,286,272 byte ledig

345    --- E O F ---    2008-10-21 01:01:17

Hmmm... Har du noget specielt Hardware tilsluttet ???
USB enheder ell. lign. ?

Nej, jeg har en ekstern harddisk men den har ikke været tilsluttet de sidste par måneder.

Hmmm...

Til XP styresystem:
Sæt Windows cd’en i drevet > når den popper-op så luk den ned oppe i det røde X i højre hjørne.
Gå i Start > Kør > Skriv: sfc /scannow – bemærk mellemrummet efter sfc > Tryk OK
Der kommer en bjælke så længe scanningen køre – og når den er færdig forsvinder den igen og du får ikke andre meldinger.
Genstart…

Er det muligt at køre testen uden windows cd'en?

Det var det - det har dog ikke hjulpet.

Jeg tror jeg vil sige tak for hjælpen og overveje en ny computer i stedet for at bøvle mere med det. Mange tak for hjælpen