Heh, jeg ville først høre om nogen gad. Men jeg kan godt ligge dem op :)
Malware :
Malwarebytes' Anti-Malware 1.36
Database version: 2121
Windows 6.0.6001 Service Pack 1
13-05-2009 13:37:22
mbam-log-2009-05-13 (13-37-22).txt
Skan type: Fuldstændig skanning (C:\|D:\|)
Objekter skannet: 276041
Tid tilbagelagt: 1 hour(s), 42 minute(s), 51 second(s)
Inficerede Hukommelses Processer: 1
Inficerede Hukommelses Moduler: 1
Inficerede Registeringsdatabase Nøgler: 7
Inficerede Registeringsdatabase Værdier: 3
Inficerede Registeringsdatabase Filer: 0
Inficerede Mapper: 1
Inficerede Filer: 10
Inficerede Hukommelses Processer:
C:\Windows\pp06.exe (Worm.KoobFace) -> Unloaded process successfully.
Inficerede Hukommelses Moduler:
C:\Windows\System32\218538\218538.dll (Trojan.BHO) -> Delete on reboot.
Inficerede Registeringsdatabase Nøgler:
HKEY_CLASSES_ROOT\TypeLib\{e63648f7-3933-440e-b4f6-a8584dd7b7eb} (Trojan.BHO) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{f7d09218-46d7-4d3d-9b7f-315204cd0836} (Trojan.BHO) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{5e5efa8f-9f53-418e-b78e-44866667a404} (Trojan.BHO) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{5e5efa8f-9f53-418e-b78e-44866667a404} (Trojan.BHO) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5e5efa8f-9f53-418e-b78e-44866667a404} (Trojan.BHO) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\fe345.fe345mgr (Trojan.FakeAlert) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\fe345.fe345mgr.1 (Trojan.FakeAlert) -> Quarantined and deleted successfully.
Inficerede Registeringsdatabase Værdier:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\pp (Worm.KoobFace) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\sysfbtray (Worm.KoobFace) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\sysldtray (Worm.Koobface) -> Quarantined and deleted successfully.
Inficerede Registeringsdatabase Filer:
(Ingen mistænkelige filer fundet)
Inficerede Mapper:
C:\Windows\System32\218538 (Trojan.BHO) -> Delete on reboot.
Inficerede Filer:
C:\Windows\pp06.exe (Worm.KoobFace) -> Quarantined and deleted successfully.
C:\Windows\System32\218538\218538.dll (Trojan.BHO) -> Delete on reboot.
C:\Users\Christina\AppData\Local\Temp\jopaxx_1242185825.exe (Worm.KoobFace) -> Quarantined and deleted successfully.
C:\Windows\freddy42.exe (Worm.KoobFace) -> Quarantined and deleted successfully.
C:\Windows\t55ft2668f44.dat (Worm.KoobFace) -> Quarantined and deleted successfully.
C:\Windows\t55ft3105f44.dat (Worm.KoobFace) -> Quarantined and deleted successfully.
C:\Windows\ld08.exe (Worm.Koobface) -> Quarantined and deleted successfully.
C:\Windows\9g2234wesdf3dfgjf23 (Worm.KoobFace) -> Quarantined and deleted successfully.
C:\Windows\f5087.dat (Worm.KoobFace) -> Quarantined and deleted successfully.
C:\Windows\f23567.dat (Worm.KoobFace) -> Quarantined and deleted successfully.
Combo - log
ComboFix 09-05-12.06 - Christina 13-05-2009 13:56.1 - NTFSx86
Microsoft® Windows Vista™ Home Premium 6.0.6001.1.1252.45.1030.18.2046.975 [GMT 2:00]
Kører fra: c:\users\Christina\Desktop\Spil\Virus - programmer\ComboFix.exe
AV: Symantec AntiVirus *On-access scanning disabled* (Updated)
.
((((((((((((((((((((((((((((( Filer skabt fra 2009-04-13 til 2009-05-13 )))))))))))))))))))))))))))))))))))
.
2009-05-13 09:39 . 2009-05-13 09:39 -------- d-----w c:\users\Christina\AppData\Roaming\Malwarebytes
2009-05-13 09:39 . 2009-04-06 13:32 15504 ----a-w c:\windows\system32\drivers\mbam.sys
2009-05-13 09:39 . 2009-04-06 13:32 38496 ----a-w c:\windows\system32\drivers\mbamswissarmy.sys
2009-05-13 09:39 . 2009-05-13 09:39 -------- d-----w c:\programdata\Malwarebytes
2009-05-13 09:39 . 2009-05-13 09:39 -------- d-----w c:\users\All Users\Malwarebytes
2009-05-13 09:39 . 2009-05-13 09:39 -------- d-----w c:\program files\Malwarebytes' Anti-Malware
2009-05-13 09:32 . 2009-05-13 09:32 -------- d-----w c:\users\Christina\CCleaner
2009-04-28 16:20 . 2009-05-13 11:46 -------- d-----w c:\users\Christina\Tracing
2009-04-28 16:11 . 2009-02-06 16:08 55280 ----a-w c:\windows\system32\drivers\fssfltr.sys
2009-04-28 16:09 . 2009-04-28 16:09 -------- d-----w c:\program files\Microsoft Sync Framework
2009-04-28 16:03 . 2009-04-28 16:11 -------- d-----w c:\program files\Microsoft
2009-04-28 16:03 . 2009-04-28 16:03 -------- d-----w c:\program files\Windows Live SkyDrive
2009-04-28 15:54 . 2009-04-28 15:54 -------- d-----w c:\program files\Common Files\Windows Live
2009-04-17 00:03 . 2008-12-06 04:42 376832 ----a-w c:\windows\system32\winhttp.dll
2009-04-17 00:03 . 2008-06-06 03:27 562176 ----a-w c:\windows\system32\msdtcprx.dll
2009-04-17 00:03 . 2008-06-06 03:27 38912 ----a-w c:\windows\system32\xolehlp.dll
.
(((((((((((((((((((((((((((((((((((((((( Find3M Rapport ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-05-13 11:53 . 2006-11-02 11:18 -------- d-----w c:\program files\Windows Mail
2009-05-13 11:51 . 2006-11-21 04:49 77542 ----a-w c:\windows\system32\perfc006.dat
2009-05-13 11:51 . 2006-11-21 04:49 463668 ----a-w c:\windows\system32\perfh006.dat
2009-05-13 11:42 . 2007-07-31 13:56 12 ----a-w c:\windows\bthservsdp.dat
2009-05-13 09:02 . 2008-11-28 21:30 410984 ----a-w c:\windows\system32\deploytk.dll
2009-05-13 09:02 . 2007-06-22 06:33 -------- d-----w c:\program files\Java
2009-05-13 08:49 . 2007-10-06 21:57 680 ----a-w c:\users\Christina\AppData\Local\d3d9caps.dat
2009-05-06 09:58 . 2008-11-05 14:23 130637 ----a-w c:\users\Christina\AppData\Roaming\nvModes.dat
2009-04-28 16:11 . 2008-03-12 23:49 -------- d-----w c:\program files\Windows Live
2009-03-31 13:35 . 2009-04-26 17:33 17160 ----a-w c:\windows\Help\OEM\scripts\HC_TotalCareAdvisorUpdate.exe
2009-03-30 15:30 . 2009-04-26 17:33 17160 ----a-w c:\windows\Help\OEM\scripts\HC_DanzkaDubraBIOSUpdate.exe
2009-03-17 03:38 . 2009-04-17 00:04 13824 ----a-w c:\windows\system32\apilogen.dll
2009-03-17 03:38 . 2009-04-17 00:04 24064 ----a-w c:\windows\system32\amxread.dll
2009-03-06 16:12 . 2008-04-16 13:25 21256 ----a-w c:\windows\Help\OEM\scripts\HPScript.exe
2009-03-05 11:29 . 2009-03-15 18:51 16648 ----a-w c:\windows\Help\OEM\scripts\HC_ProtectSmartPatch.exe
2009-03-03 04:46 . 2009-04-17 00:04 3599328 ----a-w c:\windows\system32\ntkrnlpa.exe
2009-03-03 04:46 . 2009-04-17 00:04 3547632 ----a-w c:\windows\system32\ntoskrnl.exe
2009-03-03 04:40 . 2009-04-17 00:04 827392 ----a-w c:\windows\system32\wininet.dll
2009-03-03 04:39 . 2009-04-17 00:04 183296 ----a-w c:\windows\system32\sdohlp.dll
2009-03-03 04:39 . 2009-04-17 00:04 551424 ----a-w c:\windows\system32\rpcss.dll
2009-03-03 04:39 . 2009-04-17 00:04 26112 ----a-w c:\windows\system32\printfilterpipelineprxy.dll
2009-03-03 04:37 . 2009-04-17 00:04 78336 ----a-w c:\windows\system32\ieencode.dll
2009-03-03 04:37 . 2009-04-17 00:04 98304 ----a-w c:\windows\system32\iasrecst.dll
2009-03-03 04:37 . 2009-04-17 00:04 54784 ----a-w c:\windows\system32\iasads.dll
2009-03-03 04:37 . 2009-04-17 00:04 44032 ----a-w c:\windows\system32\iasdatastore.dll
2009-03-03 03:04 . 2009-04-17 00:04 666624 ----a-w c:\windows\system32\printfilterpipelinesvc.exe
2009-03-03 02:38 . 2009-04-17 00:04 17408 ----a-w c:\windows\system32\iashost.exe
2009-03-03 02:28 . 2009-04-17 00:04 26624 ----a-w c:\windows\system32\ieUnatt.exe
2009-02-13 08:49 . 2009-04-17 00:04 72704 ----a-w c:\windows\system32\secur32.dll
2009-02-13 08:49 . 2009-04-17 00:04 1255936 ----a-w c:\windows\system32\lsasrv.dll
2008-09-24 18:17 . 2006-11-02 12:50 174 --sha-w c:\program files\desktop.ini
2007-07-31 19:06 . 2007-07-31 19:06 22 --sha-w c:\windows\SMINST\HPCD.sys
.
((((((((((((((((((((((((((((((((((( Start steder i reg.basen ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Bemærk* tomme linier & lovlige standard linier vises ikke
REGEDIT4
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2008-01-19 1233920]
"ehTray.exe"="c:\windows\ehome\ehTray.exe" [2008-01-19 125952]
"msnmsgr"="c:\program files\Windows Live\Messenger\MsnMsgr.Exe" [2009-02-06 3885408]
"swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2008-04-15 68856]
"TomTomHOME.exe"="c:\program files\TomTom HOME 2\HOMERunner.exe" [2008-05-06 202088]
"DAEMON Tools"="c:\program files\DAEMON Tools\daemon.exe" [2007-08-29 171464]
"LightScribe Control Panel"="c:\program files\Common Files\LightScribe\LightScribeControlPanel.exe" [2008-06-09 2363392]
"WindowsWelcomeCenter"="oobefldr.dll" - c:\windows\System32\oobefldr.dll [2008-01-19 2153472]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2007-01-13 827392]
"QPService"="c:\program files\HP\QuickPlay\QPService.exe" [2007-04-23 176128]
"QlbCtrl"="c:\program files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe" [2007-02-13 159744]
"HP Health Check Scheduler"="c:\program files\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe" [2008-06-16 75008]
"hpWirelessAssistant"="c:\program files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe" [2007-03-01 472776]
"WAWifiMessage"="c:\program files\Hewlett-Packard\HP Wireless Assistant\WiFiMsg.exe" [2007-01-10 317128]
"CognizanceTS"="c:\progra~1\BIOSCR~1\VeriSoft\Bin\ASTSVCC.dll" [2003-12-22 17920]
"ccApp"="c:\program files\Common Files\Symantec Shared\ccApp.exe" [2006-11-22 107112]
"vptray"="c:\progra~1\SYMANT~1\VPTray.exe" [2006-11-28 134808]
"fssui"="c:\program files\Windows Live\Family Safety\fsui.exe" [2009-02-06 454000]
"AppleSyncNotifier"="c:\program files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe" [2008-11-07 111936]
"HP Software Update"="c:\program files\Hp\HP Software Update\HPWuSchd2.exe" [2007-05-08 54840]
"NvSvc"="c:\windows\system32\nvsvc.dll" [2007-09-19 86016]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2007-09-19 8497696]
"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2007-09-19 81920]
"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2008-11-04 413696]
"iTunesHelper"="d:\xxx\iTunesHelper.exe" [2008-11-20 290088]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2008-10-15 39792]
"SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2009-05-13 148888]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce]
"Launcher"="c:\windows\SMINST\launcher.exe" [2006-11-07 44128]
c:\users\Christina\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
09.jpg [2008-9-2 39715]
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
BTTray.lnk - c:\program files\WIDCOMM\Bluetooth Software\BTTray.exe [2007-3-29 719664]
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableUIADesktopToggle"= 0 (0x0)
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=c:\windows\System32\APSHook.dll
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Notification Packages REG_MULTI_SZ scecli ASWLNPkg
[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"UacDisableNotify"=dword:00000001
"InternetSettingsDisableNotify"=dword:00000001
"AutoUpdateDisableNotify"=dword:00000001
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring]
"DisableMonitoring"=dword:00000001
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]
"DisableMonitoring"=dword:00000001
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]
"DisableMonitoring"=dword:00000001
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\FirewallRules]
"{B9CCBD90-D8D8-4C30-953F-D4FE1582C440}"= c:\program files\HP\QuickPlay\QP.exe:Quick Play
"{097EE0D1-6B64-4B58-8943-30729B56A2F5}"= c:\program files\HP\QuickPlay\QPService.exe:Quick Play Resident Program
"{1EB41F73-2CF3-4C9E-AD32-4F33AB888420}"= UDP:c:\program files\Symantec AntiVirus\Rtvscan.exe:Symantec Antivirus
"{E801BB2B-93E7-4EF5-A161-7C45A394DCC9}"= TCP:c:\program files\Symantec AntiVirus\Rtvscan.exe:Symantec Antivirus
"{A556F2E8-3D16-4110-85F0-A0E8A18264B0}"= UDP:c:\program files\Common Files\Symantec Shared\ccApp.exe:Symantec Email
"{B9BA3ADB-97C6-474A-BC6C-EB4BC1FBD4DD}"= TCP:c:\program files\Common Files\Symantec Shared\ccApp.exe:Symantec Email
"{852C344F-FF6E-4B37-AC25-7ADDD8F1C1E0}"= UDP:c:\program files\LimeWire\LimeWire.exe:LimeWire
"{11428BB4-F2EC-4C18-AFDF-6709E6EBEE48}"= TCP:c:\program files\LimeWire\LimeWire.exe:LimeWire
"TCP Query User{6569FE0E-E09D-4E64-B0A2-98BD164FCF8E}f:\\spil\\heroes\\heroes 3\\heroes of might and magic iii complete\\heroes3.exe"= UDP:f:\spil\heroes\heroes 3\heroes of might and magic iii complete\heroes3.exe:Heroes of Might and Magic® III
"UDP Query User{7424C6F0-0BFA-4D8E-BE03-1E085E7CDA9A}f:\\spil\\heroes\\heroes 3\\heroes of might and magic iii complete\\heroes3.exe"= TCP:f:\spil\heroes\heroes 3\heroes of might and magic iii complete\heroes3.exe:Heroes of Might and Magic® III
"TCP Query User{1636B3AE-2F00-408D-A945-6DFAE701A5DC}c:\\windows\\system32\\dplaysvr.exe"= UDP:c:\windows\system32\dplaysvr.exe:Hjælpeprogram til Microsoft DirectPlay
"UDP Query User{C8229C2C-C49D-42BD-9618-3EC8CEFBF243}c:\\windows\\system32\\dplaysvr.exe"= TCP:c:\windows\system32\dplaysvr.exe:Hjælpeprogram til Microsoft DirectPlay
"TCP Query User{37AB161A-BB27-47C7-9976-A85467F62A39}f:\\spil\\heroes\\heroes 3\\heroes of might and magic iii complete\\heroes3.exe"= UDP:f:\spil\heroes\heroes 3\heroes of might and magic iii complete\heroes3.exe:Heroes of Might and Magic® III
"UDP Query User{D36431F0-C55A-4F1F-A5A8-3A28DC8B9C90}f:\\spil\\heroes\\heroes 3\\heroes of might and magic iii complete\\heroes3.exe"= TCP:f:\spil\heroes\heroes 3\heroes of might and magic iii complete\heroes3.exe:Heroes of Might and Magic® III
"TCP Query User{3755614E-1A7C-4308-B943-90BBF380439A}c:\\program files\\internet explorer\\iexplore.exe"= UDP:c:\program files\internet explorer\iexplore.exe:Internet Explorer
"UDP Query User{24C6DC4A-E7B6-44EB-8B70-370E277199DD}c:\\program files\\internet explorer\\iexplore.exe"= TCP:c:\program files\internet explorer\iexplore.exe:Internet Explorer
"TCP Query User{F0BA4AEE-7FD6-4A09-8716-C251187660DF}c:\\users\\christina\\desktop\\sdu\\zattoo\\zattood.exe"= UDP:c:\users\christina\desktop\sdu\zattoo\zattood.exe:zattood.exe
"UDP Query User{64552398-9254-4252-8915-AD628458EE00}c:\\users\\christina\\desktop\\sdu\\zattoo\\zattood.exe"= TCP:c:\users\christina\desktop\sdu\zattoo\zattood.exe:zattood.exe
"TCP Query User{F73246F1-695D-4627-B8AF-3871CCEEFE48}c:\\users\\christina\\desktop\\sdu\\zattoo\\zattoo.exe"= UDP:c:\users\christina\desktop\sdu\zattoo\zattoo.exe:zattoo.exe
"UDP Query User{7BFBB7AB-D999-4AB9-88EA-39050954A0D0}c:\\users\\christina\\desktop\\sdu\\zattoo\\zattoo.exe"= TCP:c:\users\christina\desktop\sdu\zattoo\zattoo.exe:zattoo.exe
"TCP Query User{01C809C1-E808-4C1E-A9C3-ACD75E505C35}g:\\spil\\fm2008\\fm.exe"= UDP:g:\spil\fm2008\fm.exe:Football Manager 2008
"UDP Query User{7770577B-0176-40F8-A852-70F22F0433AA}g:\\spil\\fm2008\\fm.exe"= TCP:g:\spil\fm2008\fm.exe:Football Manager 2008
"TCP Query User{F6E58457-9737-4717-94B1-C567A57D9F8C}c:\\users\\christina\\desktop\\sdu\\zattoo\\zattoo.exe"= UDP:c:\users\christina\desktop\sdu\zattoo\zattoo.exe:zattoo.exe
"UDP Query User{E0E8A257-4BCF-4B6E-B632-28987FB2CA64}c:\\users\\christina\\desktop\\sdu\\zattoo\\zattoo.exe"= TCP:c:\users\christina\desktop\sdu\zattoo\zattoo.exe:zattoo.exe
"TCP Query User{E54F933C-1099-42CB-902D-6E3D27E887F7}g:\\spil\\heroes\\heroes 3\\heroes of might and magic iii complete\\heroes3.exe"= UDP:g:\spil\heroes\heroes 3\heroes of might and magic iii complete\heroes3.exe:Heroes of Might and Magic® III
"UDP Query User{6CB6BF6C-AB17-43A3-8D7E-EDD08E2AB7EA}g:\\spil\\heroes\\heroes 3\\heroes of might and magic iii complete\\heroes3.exe"= TCP:g:\spil\heroes\heroes 3\heroes of might and magic iii complete\heroes3.exe:Heroes of Might and Magic® III
"{FDFAB598-B92D-487D-AE6F-944FAEACC2A0}"= UDP:c:\program files\Bonjour\mDNSResponder.exe:Bonjour
"{30973975-E78D-4F19-BA7C-D5837FBB5AF3}"= TCP:c:\program files\Bonjour\mDNSResponder.exe:Bonjour
"TCP Query User{D456C1AD-7AA4-4CAF-840E-891D15FCC7C6}c:\\users\\christina\\desktop\\heroes\\heroes 3\\heroes of might and magic iii complete\\heroes3.exe"= UDP:c:\users\christina\desktop\heroes\heroes 3\heroes of might and magic iii complete\heroes3.exe:heroes3.exe
"UDP Query User{12341949-11BD-4EE5-97C1-DD23BF3B9B3A}c:\\users\\christina\\desktop\\heroes\\heroes 3\\heroes of might and magic iii complete\\heroes3.exe"= TCP:c:\users\christina\desktop\heroes\heroes 3\heroes of might and magic iii complete\heroes3.exe:heroes3.exe
"TCP Query User{75C8038A-7752-4B81-975F-BB0C8159C661}g:\\spil\\fm2008\\fm.exe"= UDP:g:\spil\fm2008\fm.exe:Football Manager 2008
"UDP Query User{01782EE8-C48E-4A9F-A4EB-EA5865EDF034}g:\\spil\\fm2008\\fm.exe"= TCP:g:\spil\fm2008\fm.exe:Football Manager 2008
"{DCE57125-DB95-434E-9F9B-2354CCD48B2F}"= UDP:d:\xxx\iTunes.exe:iTunes
"{2DCD3FAC-EDE5-41C5-BFEE-C985274EFC24}"= TCP:d:\xxx\iTunes.exe:iTunes
"TCP Query User{993DAC93-EF0A-4D93-9F7E-042AA545E703}c:\\users\\christina\\desktop\\age of empires ii\\empires2.exe"= UDP:c:\users\christina\desktop\age of empires ii\empires2.exe:empires2.exe
"UDP Query User{6DA97B65-A907-4891-B220-8EF789490F4B}c:\\users\\christina\\desktop\\age of empires ii\\empires2.exe"= TCP:c:\users\christina\desktop\age of empires ii\empires2.exe:empires2.exe
"TCP Query User{2AD26508-F8A5-461B-BAEF-803F6B9845FD}c:\\users\\christina\\desktop\\age of empires ii\\age2_x1.exe"= UDP:c:\users\christina\desktop\age of empires ii\age2_x1.exe:age2_x1.exe
"UDP Query User{C9EEAD3D-4437-4A72-939A-3D4FBDD361B0}c:\\users\\christina\\desktop\\age of empires ii\\age2_x1.exe"= TCP:c:\users\christina\desktop\age of empires ii\age2_x1.exe:age2_x1.exe
"{12E3964E-36F8-4841-AF4B-EC6EC5C07262}"= Disabled:UDP:g:\spil\FM2009\FM2009\fm.exe:Football Manager 2009
"{75DB05F5-D67D-4A2F-A1B7-1021DA6AB515}"= Disabled:TCP:g:\spil\FM2009\FM2009\fm.exe:Football Manager 2009
"{2564D94E-B0F1-41CB-8888-6D4C20FC2969}"= UDP:c:\program files\Sports Interactive\Football Manager 2009\fm.exe:Football Manager 2009
"{169A15AA-C3A0-4F14-9E39-CAC18F72731B}"= TCP:c:\program files\Sports Interactive\Football Manager 2009\fm.exe:Football Manager 2009
"{974F4360-E7CD-49A1-9828-9456CA475D0F}"= UDP:c:\program files\uTorrent\uTorrent.exe:µTorrent (TCP-In)
"{DB0FBA35-BEE1-4352-9898-54626A2E2E9D}"= TCP:c:\program files\uTorrent\uTorrent.exe:µTorrent (UDP-In)
"TCP Query User{829023EF-DD52-4990-A051-EF6776B50802}c:\\users\\christina\\desktop\\spil\\heroes\\heroes 3\\heroes of might and magic iii complete\\heroes3.exe"= UDP:c:\users\christina\desktop\spil\heroes\heroes 3\heroes of might and magic iii complete\heroes3.exe:heroes3.exe
"UDP Query User{87BAEC51-F183-4B35-B245-4E9EFDEA6EB9}c:\\users\\christina\\desktop\\spil\\heroes\\heroes 3\\heroes of might and magic iii complete\\heroes3.exe"= TCP:c:\users\christina\desktop\spil\heroes\heroes 3\heroes of might and magic iii complete\heroes3.exe:heroes3.exe
"{FE904C3E-C82E-42D0-AD81-065539B30122}"= c:\program files\Windows Live\Sync\WindowsLiveSync.exe:Windows Live Sync
"TCP Query User{5DF69C6B-A977-4528-A8DC-3E38A2AE2F21}c:\\windows\\system32\\sys32dll.exe"= UDP:c:\windows\system32\sys32dll.exe:SYS32DLL
"UDP Query User{45BABCA0-8B23-48E1-9344-0F84E045393E}c:\\windows\\system32\\sys32dll.exe"= TCP:c:\windows\system32\sys32dll.exe:SYS32DLL
R2 ASBroker;Logon Session Broker;c:\windows\System32\svchost.exe -k Cognizance [20-09-2008 09:46 21504]
R2 ASChannel;Local Communication Channel;c:\windows\System32\svchost.exe -k Cognizance [20-09-2008 09:46 21504]
R2 fssfltr;FssFltr;c:\windows\System32\drivers\fssfltr.sys [28-04-2009 18:11 55280]
R2 fsssvc;Windows Live Family Safety;c:\program files\Windows Live\Family Safety\fsssvc.exe [06-02-2009 18:08 533360]
R2 SeaPort;SeaPort;c:\program files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe [14-01-2009 17:53 226656]
R3 EraserUtilRebootDrv;EraserUtilRebootDrv;c:\program files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [28-02-2009 12:13 101936]
S3 SavRoam;SAVRoam;c:\program files\Symantec AntiVirus\SavRoam.exe [28-11-2006 07:34 122008]
S3 USBAAPL;Apple Mobile USB Driver;c:\windows\System32\drivers\usbaapl.sys [01-10-2008 13:01 32000]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
bthsvcs REG_MULTI_SZ BthServ
Cognizance REG_MULTI_SZ ASBroker ASChannel
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\F]
\shell\AutoRun\command - F:\RunGame.exe
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{1c7eaddc-7263-11dc-a8e7-001a6bad495d}]
\shell\AutoRun\command - EXPLORER.EXE
\shell\explore\Command - EXPLORER.EXE
\shell\open\Command - EXPLORER.EXE
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{281a4bfa-3f6d-11dc-ba92-806e6f6e6963}]
\shell\AutoRun\command - E:\Setup.exe
\shell\setup\command - E:\setup.exe
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{839b36c4-c271-11dc-a84b-001a6bad495d}]
\shell\AutoRun\command - F:\InstallTomTomHOME.exe
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{10880D85-AAD9-4558-ABDC-2AB1552D831F}]
"c:\program files\Common Files\LightScribe\LSRunOnce.exe"
.
Indhold af mappen 'Planlagte Opgaver'
2009-05-13 c:\windows\Tasks\Google Software Updater.job
- c:\program files\Google\Common\Google Updater\GoogleUpdaterService.exe [2007-08-07 08:39]
2009-05-12 c:\windows\Tasks\NeroLiveEpgUpdate-Christina-PC_Christina.job
- c:\nero\Nero 9\Nero Live\NeroLive.exe [2008-09-18 11:51]
.
.
------- Yderligere scanning -------
.
uStart Page =
hxxp://www.google.dk/mStart Page =
hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=DA_DK&c=73&bd=Pavilion&pf=laptopuInternet Settings,ProxyOverride = *.local
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~3\OFFICE11\EXCEL.EXE/3000
IE: Send billede til &Bluetooth-enhed... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
IE: Send siden til &Bluetooth-enhed... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
IE: {{C53BFCFC-7A54-4627-AEBA-2CD4871FCA97} - c:\microgaming\Poker\UnibetpokerMPP\MPPoker.exe
Filter: x-sdch - {B1759355-3EEC-4C1E-B0F1-B719FE26E377} - c:\program files\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll
DPF: {F27237D7-93C8-44C2-AC6E-D6057B9A918F} -
hxxps://logon.sdu.dk/dana-cached/sc/JuniperSetupClient.cab.
**************************************************************************
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer,
http://www.gmer.netRootkit scan 2009-05-13 14:01
Windows 6.0.6001 Service Pack 1 NTFS
scanner skjulte processer ...
scanner skjulte autostarter ...
scanner skjulte filer ...
scanning gennemført med succes
skjulte filer: 0
**************************************************************************
.
--------------------- LÅSTE REGISTRERINGS NØGLER ---------------------
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\
0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
--------------------- DLLs startet under kørende Processer ---------------------
- - - - - - - > 'winlogon.exe'(804)
c:\windows\system32\APSHook.dll
- - - - - - - > 'lsass.exe'(764)
c:\windows\system32\APSHook.dll
c:\program files\Bioscrypt\VeriSoft\bin\ASWLNPkg.dll
c:\program files\Bioscrypt\VeriSoft\bin\ItMsg.dll
- - - - - - - > 'Explorer.exe'(4572)
c:\program files\Bioscrypt\VeriSoft\Bin\ItClient.dll
c:\windows\system32\btmmhook.dll
c:\windows\system32\btncopy.dll
.
Gennemført tid: 2009-05-13 14:03
ComboFix-quarantined-files.txt 2009-05-13 12:03
Pre-Kørsel: 24.341.106.688 byte ledig
Post-Kørsel: 24.256.192.512 byte ledig
243 --- E O F --- 2009-05-13 11:54
Hijack - log
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 14:08:29, on 13-05-2009
Platform: Windows Vista SP1 (WinNT 6.00.1905)
MSIE: Internet Explorer v7.00 (7.00.6001.18226)
Boot mode: Normal
Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\system32\taskeng.exe
c:\Program Files\Bioscrypt\VeriSoft\Bin\AsGHost.exe
C:\Program Files\Windows Defender\MSASCui.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\HP\QuickPlay\QPService.exe
C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QLBCTRL.exe
C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
C:\Program Files\Hewlett-Packard\HP Wireless Assistant\WiFiMsg.exe
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\Program Files\Symantec AntiVirus\VPTray.exe
C:\Program Files\Windows Live\Family Safety\fsui.exe
C:\Program Files\HP\HP Software Update\hpwuSchd2.exe
C:\Windows\System32\rundll32.exe
D:\xxx\iTunesHelper.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Windows\ehome\ehtray.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe
C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
C:\Windows\System32\rundll32.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Windows\ehome\ehmsas.exe
C:\Program Files\Hewlett-Packard\Shared\HpqToaster.exe
C:\Program Files\WIDCOMM\Bluetooth Software\BtStackServer.exe
C:\Program Files\Internet Explorer\ieuser.exe
C:\Windows\system32\conime.exe
C:\Windows\system32\wuauclt.exe
C:\Windows\Explorer.exe
C:\Program Files\Microsoft Office\OFFICE11\WINWORD.EXE
C:\Program Files\Microsoft\Office Live\OfficeLiveSignIn.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Google\Google Toolbar\GoogleToolbarUser.exe
C:\Program Files\Windows Live\Toolbar\wltuser.exe
C:\Windows\system32\Macromed\Flash\FlashUtil10b.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =
http://www.google.dk/R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
http://go.microsoft.com/fwlink/?LinkId=69157R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
http://go.microsoft.com/fwlink/?LinkId=54896R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =
http://go.microsoft.com/fwlink/?LinkId=54896R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =
http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=DA_DK&c=73&bd=Pavilion&pf=laptopR1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O1 - Hosts: ::1 localhost
O1 - Hosts: 200.124.131.116 casinocontroller.com
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Windows Live Family Safety Browser Helper - {4f3ed5cd-0726-42a9-87f5-d13f3d2976ac} - (no file)
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SearchHelper.dll
O2 - BHO: Hjælp til tilmelding til Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.1.1309.3572\swg.dll
O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: VeriSoft Access Manager - {DF21F1DB-80C6-11D3-9483-B03D0EC10000} - c:\Program Files\Bioscrypt\VeriSoft\Bin\ItIEAddIn.dll
O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll
O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [QPService] "C:\Program Files\HP\QuickPlay\QPService.exe"
O4 - HKLM\..\Run: [QlbCtrl] %ProgramFiles%\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe /Start
O4 - HKLM\..\Run: [HP Health Check Scheduler] c:\Program Files\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe
O4 - HKLM\..\Run: [hpWirelessAssistant] %ProgramFiles%\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
O4 - HKLM\..\Run: [WAWifiMessage] %ProgramFiles%\Hewlett-Packard\HP Wireless Assistant\WiFiMsg.exe
O4 - HKLM\..\Run: [CognizanceTS] rundll32.exe c:\PROGRA~1\BIOSCR~1\VeriSoft\Bin\ASTSVCC.dll,RegisterModule
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [vptray] C:\PROGRA~1\SYMANT~1\VPTray.exe
O4 - HKLM\..\Run: [fssui] "C:\Program Files\Windows Live\Family Safety\fsui.exe" -autorun
O4 - HKLM\..\Run: [AppleSyncNotifier] C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [NvSvc] RUNDLL32.EXE C:\Windows\system32\nvsvc.dll,nvsvcStart
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "D:\xxx\iTunesHelper.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\RunOnce: [Launcher] %WINDIR%\SMINST\launcher.exe
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [TomTomHOME.exe] "C:\Program Files\TomTom HOME 2\HOMERunner.exe"
O4 - HKCU\..\Run: [DAEMON Tools] "C:\Program Files\DAEMON Tools\daemon.exe" -lang 1033
O4 - HKCU\..\Run: [LightScribe Control Panel] C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe -hidden
O4 - Startup: 09.jpg
O4 - Global Startup: BTTray.lnk = ?
O8 - Extra context menu item: E&xport to Microsoft Excel -
res://C:\PROGRA~1\MICROS~3\OFFICE11\EXCEL.EXE/3000O8 - Extra context menu item: Send billede til &Bluetooth-enhed... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
O8 - Extra context menu item: Send siden til &Bluetooth-enhed... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: Blog det - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Blog det i Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\OFFICE11\REFIEBAR.DLL
O9 - Extra button: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Users\Christina\Desktop\SDU\poker\PartyPoker\RunApp.exe (file missing)
O9 - Extra 'Tools' menuitem: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Users\Christina\Desktop\SDU\poker\PartyPoker\RunApp.exe (file missing)
O9 - Extra button: Unibet Poker - {C53BFCFC-7A54-4627-AEBA-2CD4871FCA97} - C:\Microgaming\Poker\UnibetpokerMPP\MPPoker.exe
O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O13 - Gopher Prefix:
O16 - DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} (Facebook Photo Uploader 5 Control) -
http://upload.facebook.com/controls/2008.10.10_v5.5.8/FacebookPhotoUploader5.cabO16 - DPF: {3EA4FA88-E0BE-419A-A732-9B79B87A6ED0} (CTVUAxCtrl Object) -
http://dl.tvunetworks.com/TVUAx.cabO16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} (Java Runtime Environment 1.6.0) -
http://dl8-cdn-09.sun.com/s/ESD7/JSCDL/jdk/6u13-b03/jinstall-6u13-windows-i586-jc.cab?e=1242205428221&h=56ce8bdb6d5e82089e755f530cd1aa01/&filename=jinstall-6u13-windows-i586-jc.cabO16 - DPF: {CFCDAA03-8BE4-11CF-B84B-0020AFBBCCFA} -
http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cabO16 - DPF: {F27237D7-93C8-44C2-AC6E-D6057B9A918F} (JuniperSetupClientControl Class) -
https://logon.sdu.dk/dana-cached/sc/JuniperSetupClient.cabO18 - Filter: x-sdch - {B1759355-3EEC-4C1E-B0F1-B719FE26E377} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll
O20 - AppInit_DLLs: C:\Windows\System32\APSHook.dll
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Bonjour-tjeneste (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: CyberLink Background Capture Service (CBCS) (CLCapSvc) - Unknown owner - C:\Program Files\HP\QuickPlay\Kernel\TV\CLCapSvc.exe
O23 - Service: CyberLink Task Scheduler (CTS) (CLSched) - Unknown owner - C:\Program Files\HP\QuickPlay\Kernel\TV\CLSched.exe
O23 - Service: Com4Qlb - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4Qlb.exe
O23 - Service: Symantec AntiVirus Definition Watcher (DefWatch) - Symantec Corporation - C:\Program Files\Symantec AntiVirus\DefWatch.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: HP Health Check Service - Hewlett-Packard - c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe
O23 - Service: hpqwmiex - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: iPod-tjeneste (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
O23 - Service: Nero BackItUp Scheduler 4.0 - Nero AG - C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe
O23 - Service: RoxMediaDB9 - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe
O23 - Service: SAVRoam (SavRoam) - symantec - C:\Program Files\Symantec AntiVirus\SavRoam.exe
O23 - Service: stllssvr - MicroVision Development, Inc. - C:\Program Files\Common Files\SureThing Shared\stllssvr.exe
O23 - Service: Symantec AntiVirus - Symantec Corporation - C:\Program Files\Symantec AntiVirus\Rtvscan.exe
O23 - Service: Symantec Core LC - Unknown owner - C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
O23 - Service: XAudioService - Conexant Systems, Inc. - C:\Windows\system32\DRIVERS\xaudio.exe
--
End of file - 12666 bytes
Ny bruger
Nybegynder
Opret
Preview
