Notifikationer

Markér alle som læst Log ud

keld10 Nybegynder

16. maj 2009 - 19:45 Der er 5 kommentarer

Gennemgang af logfiles

Hvis der er nogen der vil gennemgå mine logfiles, vil jeg være meget taknemlig.

Malwarebytes' Anti-Malware 1.36
Database version: 2142
Windows 5.1.2600 Service Pack 3

16-05-2009 18:42:38
mbam-log-2009-05-16 (18-42-37).txt

Skan type: Fuldstændig skanning (C:\|D:\|)
Objekter skannet: 126563
Tid tilbagelagt: 38 minute(s), 27 second(s)

Inficerede Hukommelses Processer: 1
Inficerede Hukommelses Moduler: 1
Inficerede Registeringsdatabase Nøgler: 78
Inficerede Registeringsdatabase Værdier: 6
Inficerede Registeringsdatabase Filer: 3
Inficerede Mapper: 34
Inficerede Filer: 165

Inficerede Hukommelses Processer:
C:\Documents and Settings\Ejer\Application Data\pcdefender.exe (Rogue.PCDefender) -> Unloaded process successfully.

Inficerede Hukommelses Moduler:
C:\WINDOWS\ieocx.dll (Trojan.BHO) -> Delete on reboot.

Inficerede Registeringsdatabase Nøgler:
HKEY_CLASSES_ROOT\coresrv.lfgax (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\coresrv.lfgax.1 (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\shoppingreport.hbax (Adware.Shopping.Report) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\shoppingreport.hbax.1 (Adware.Shopping.Report) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\shoppingreport.hbinfoband (Adware.Shopping.Report) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\shoppingreport.hbinfoband.1 (Adware.Shopping.Report) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\shoppingreport.iebutton (Adware.Shopping.Report) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\shoppingreport.iebutton.1 (Adware.Shopping.Report) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\shoppingreport.iebuttona (Adware.Shopping.Report) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\shoppingreport.iebuttona.1 (Adware.Shopping.Report) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\shoppingreport.rprtctrl (Adware.Shopping.Report) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\shoppingreport.rprtctrl.1 (Adware.Shopping.Report) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\wininetapp.wininet (Trojan.BHO) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\TypeLib\{b360243e-09e8-402f-8721-00b6798089ad} (Trojan.BHO) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{4b66e1df-4de3-4cda-83b5-11673eadab0b} (Trojan.BHO) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{9692be2f-eb8f-49d9-a11c-c24c1ef734d5} (Trojan.BHO) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{39fc2065-c9c7-49cd-8942-44cc2dedc844} (Trojan.BHO) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{39fc2065-c9c7-49cd-8942-44cc2dedc844} (Trojan.BHO) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{39fc2065-c9c7-49cd-8942-44cc2dedc844} (Trojan.BHO) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\wininetapp.wininet.1 (Trojan.BHO) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{8ad9ad05-36be-4e40-ba62-5422eb0d02fb} (Adware.Shopping.Report) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{aebf09e2-0c15-43c8-99bf-928c645d98a0} (Adware.Shopping.Report) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{d8560ac2-21b5-4c1a-bdd4-bd12bc83b082} (Adware.Shopping.Report) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Typelib\{cdca70d8-c6a6-49ee-9bed-7429d6c477a2} (Adware.Shopping.Report) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Typelib\{d136987f-e1c4-4ccc-a220-893df03ec5df} (Adware.Shopping.Report) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Typelib\{e343edfc-1e6c-4cb5-aa29-e9c922641c80} (Adware.Shopping.Report) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{100eb1fd-d03e-47fd-81f3-ee91287f9465} (Adware.Shopping.Report) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{c5428486-50a0-4a02-9d20-520b59a9f9b2} (Adware.Shopping.Report) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{c5428486-50a0-4a02-9d20-520b59a9f9b3} (Adware.Shopping.Report) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{6fd31ed6-7c94-4bbc-8e95-f927f4d3a949} (Adware.180Solutions) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{100eb1fd-d03e-47fd-81f3-ee91287f9465} (Adware.Shopping.Report) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{eddbb5ee-bb64-4bfc-9dbe-e7c85941335b} (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Explorer Bars\{a7cddcdc-beeb-4685-a062-978f5e07ceee} (Adware.Shopping.Report) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{c5428486-50a0-4a02-9d20-520b59a9f9b2} (Adware.Shopping.Report) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{c5428486-50a0-4a02-9d20-520b59a9f9b3} (Adware.Shopping.Report) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\TypeLib\{8292078f-f6e9-412b-8eb1-360c05c5ece5} (Adware.180Solutions) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{2447e305-5e90-42a8-bd1e-0bc333b807e1} (Adware.180Solutions) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{50d2fdcc-2707-49cb-8223-7fe0424909aa} (Adware.180Solutions) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{878ce013-7ba9-4650-a78c-b2234c0c1648} (Adware.180Solutions) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{a5b6fa30-d317-41ca-9cb1-c898d3c7f34e} (Adware.180Solutions) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{cc19a5f2-b4ad-41d5-a5c9-0680904c1483} (Adware.180Solutions) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\TypeLib\{abec1835-3181-4abd-8dde-875aec4df6d2} (Adware.180Solutions) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{0af9a087-0cbf-46b2-9dc9-52d0d16b5ab6} (Adware.180Solutions) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{69725738-cd68-4f36-8d02-8c43722ee5da} (Adware.180Solutions) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{69725738-cd68-4f36-8d02-8c43722ee5da} (Adware.180Solutions) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\shoppingreport (Adware.Shopping.Report) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\WinPC Defender (Rogue.WinPCDefender) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\ShoppingReport (Adware.Shopping.Report) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\ShoppingReport (Adware.Shopping.Report) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\zangosa (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Zango (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\zangoax.clientdetector (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\zangoax.clientdetector.1 (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\zangoax.userprofiles (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\zangoax.userprofiles.1 (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\wallpaper.wallpapermanager (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\wallpaper.wallpapermanager.1 (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\toolbar.toolbarctl (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\toolbar.toolbarctl.1 (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\toolbar.htmlmenuui (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\toolbar.htmlmenuui.1 (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\srv.coreservices (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\srv.coreservices.1 (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\hostol.webmailsend (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\hostol.webmailsend.1 (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\hostol.mailanim (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\hostol.mailanim.1 (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\hostie.bho (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\hostie.bho.1 (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\hbr.hbmain (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\hbr.hbmain.1 (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\hbmain.commband (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\hbmain.commband.1 (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\coresrv.coreservices (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\coresrv.coreservices.1 (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\zango (Adware.180Solutions) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\UAC (Rootkit.Trace) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{90b8b761-df2b-48ac-bbe0-bcc03a819b3b} (Adware.BHO) -> Quarantined and deleted successfully.

Inficerede Registeringsdatabase Værdier:
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\sysav (Rogue.PCDefender) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Extensions\CmdMapping\{c5428486-50a0-4a02-9d20-520b59a9f9b2} (Adware.Shopping.Report) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Extensions\CmdMapping\{c5428486-50a0-4a02-9d20-520b59a9f9b3} (Adware.Shopping.Report) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\User Agent\Post Platform\zango 10.3.75.0 (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\Control Panel\don't load\scui.cpl (Hijack.SecurityCenter) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\Control Panel\don't load\wscui.cpl (Hijack.SecurityCenter) -> Quarantined and deleted successfully.

Inficerede Registeringsdatabase Filer:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\AntiVirusDisableNotify (Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\FirewallDisableNotify (Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\UpdatesDisableNotify (Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.

Inficerede Mapper:
C:\Programmer\Zango (Adware.180Solutions) -> Quarantined and deleted successfully.
C:\Programmer\Zango\bin (Adware.180Solutions) -> Quarantined and deleted successfully.
C:\Programmer\Zango\bin\10.3.75.0 (Adware.180Solutions) -> Quarantined and deleted successfully.
C:\Programmer\Zango\bin\10.3.75.0\firefox (Adware.180Solutions) -> Quarantined and deleted successfully.
C:\Programmer\Zango\bin\10.3.75.0\firefox\extensions (Adware.180Solutions) -> Quarantined and deleted successfully.
C:\Programmer\Zango\bin\10.3.75.0\firefox\extensions\components (Adware.180Solutions) -> Quarantined and deleted successfully.
C:\Programmer\Zango\bin\10.3.75.0\firefox\extensions\plugins (Adware.180Solutions) -> Quarantined and deleted successfully.
C:\Documents and Settings\Ejer\Application Data\ShoppingReport (Adware.Shopping.Report) -> Quarantined and deleted successfully.
C:\Documents and Settings\Ejer\Application Data\ShoppingReport\cs (Adware.Shopping.Report) -> Quarantined and deleted successfully.
C:\Documents and Settings\Ejer\Application Data\ShoppingReport\cs\db (Adware.Shopping.Report) -> Quarantined and deleted successfully.
C:\Documents and Settings\Ejer\Application Data\ShoppingReport\cs\dwld (Adware.Shopping.Report) -> Quarantined and deleted successfully.
C:\Documents and Settings\Ejer\Application Data\ShoppingReport\cs\report (Adware.Shopping.Report) -> Quarantined and deleted successfully.
C:\Documents and Settings\Ejer\Application Data\ShoppingReport\cs\res1 (Adware.Shopping.Report) -> Quarantined and deleted successfully.
C:\Programmer\ShoppingReport (Adware.Shopping.Report) -> Quarantined and deleted successfully.
C:\Programmer\ShoppingReport\Bin (Adware.Shopping.Report) -> Quarantined and deleted successfully.
C:\Programmer\ShoppingReport\Bin\2.5.0 (Adware.Shopping.Report) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users\Application Data\ZangoSA (Adware.Zango) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users\Application Data\2ACA5CC3-0F83-453D-A079-1076FE1A8B65 (Adware.Seekmo) -> Quarantined and deleted successfully.
C:\Documents and Settings\Ejer\Application Data\Zango (Adware.Zango) -> Quarantined and deleted successfully.
C:\Documents and Settings\Ejer\Application Data\Zango\IESkins (Adware.Zango) -> Quarantined and deleted successfully.
C:\Documents and Settings\Ejer\Application Data\Zango\v3.0 (Adware.Zango) -> Quarantined and deleted successfully.
C:\Documents and Settings\Ejer\Application Data\Zango\v3.0\HostOI (Adware.Zango) -> Quarantined and deleted successfully.
C:\Documents and Settings\Ejer\Application Data\Zango\v3.0\HostOI\dynamic (Adware.Zango) -> Quarantined and deleted successfully.
C:\Documents and Settings\Ejer\Application Data\Zango\v3.0\HostOI\static (Adware.Zango) -> Quarantined and deleted successfully.
C:\Documents and Settings\Ejer\Application Data\Zango\v3.0\HostOL (Adware.Zango) -> Quarantined and deleted successfully.
C:\Documents and Settings\Ejer\Application Data\Zango\v3.0\HostOL\dynamic (Adware.Zango) -> Quarantined and deleted successfully.
C:\Documents and Settings\Ejer\Application Data\Zango\v3.0\HostOL\static (Adware.Zango) -> Quarantined and deleted successfully.
C:\Documents and Settings\Ejer\Application Data\Zango\v3.0\Zango (Adware.Zango) -> Quarantined and deleted successfully.
C:\Documents and Settings\Ejer\Application Data\Zango\v3.0\Zango\dynamic (Adware.Zango) -> Quarantined and deleted successfully.
C:\Documents and Settings\Ejer\Application Data\Zango\v3.0\Zango\dynamic\TooltipXML (Adware.Zango) -> Quarantined and deleted successfully.
C:\Documents and Settings\Ejer\Application Data\Zango\v3.0\Zango\dynamic\ustat (Adware.Zango) -> Quarantined and deleted successfully.
C:\Documents and Settings\Ejer\Application Data\Zango\v3.0\Zango\static (Adware.Zango) -> Quarantined and deleted successfully.
C:\Documents and Settings\Ejer\Application Data\Zango\v3.0\Zango\static\1 (Adware.Zango) -> Quarantined and deleted successfully.
C:\Documents and Settings\Ejer\Application Data\Zango\v3.0\Zango\static\DownLoad (Adware.Zango) -> Quarantined and deleted successfully.

Inficerede Filer:
C:\Documents and Settings\Ejer\Application Data\pcdefender.exe (Rogue.PCDefender) -> Quarantined and deleted successfully.
C:\WINDOWS\ieocx.dll (Trojan.BHO) -> Delete on reboot.
C:\System Volume Information\_restore{2A7740E7-0EB8-428E-BD39-F370C9F353B4}\RP204\A0042392.dll (Spyware.OnlineGames) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{2A7740E7-0EB8-428E-BD39-F370C9F353B4}\RP204\A0042394.dll (Spyware.OnlineGames) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{2A7740E7-0EB8-428E-BD39-F370C9F353B4}\RP204\A0042395.dll (Spyware.OnlineGames) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{2A7740E7-0EB8-428E-BD39-F370C9F353B4}\RP204\A0042396.dll (Trojan.TDSS) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{2A7740E7-0EB8-428E-BD39-F370C9F353B4}\RP204\A0042397.dll (Spyware.OnlineGames) -> Quarantined and deleted successfully.
C:\Programmer\Zango\bin\10.3.75.0\arrow.ico (Adware.180Solutions) -> Quarantined and deleted successfully.
C:\Programmer\Zango\bin\10.3.75.0\copyright.txt (Adware.180Solutions) -> Quarantined and deleted successfully.
C:\Programmer\Zango\bin\10.3.75.0\HostOL.dll (Adware.180Solutions) -> Quarantined and deleted successfully.
C:\Programmer\Zango\bin\10.3.75.0\link.ico (Adware.180Solutions) -> Quarantined and deleted successfully.
C:\Programmer\Zango\bin\10.3.75.0\Wallpaper.dll (Adware.180Solutions) -> Quarantined and deleted successfully.
C:\Programmer\Zango\bin\10.3.75.0\WeSkin.dll (Adware.180Solutions) -> Quarantined and deleted successfully.
C:\Programmer\Zango\bin\10.3.75.0\firefox\extensions\chrome.manifest (Adware.180Solutions) -> Quarantined and deleted successfully.
C:\Programmer\Zango\bin\10.3.75.0\firefox\extensions\install.rdf (Adware.180Solutions) -> Quarantined and deleted successfully.
C:\Programmer\Zango\bin\10.3.75.0\firefox\extensions\components\npclntax.xpt (Adware.180Solutions) -> Quarantined and deleted successfully.
C:\Documents and Settings\Ejer\Application Data\ShoppingReport\cs\Config.xml (Adware.Shopping.Report) -> Quarantined and deleted successfully.
C:\Documents and Settings\Ejer\Application Data\ShoppingReport\cs\db\Aliases.dbs (Adware.Shopping.Report) -> Quarantined and deleted successfully.
C:\Documents and Settings\Ejer\Application Data\ShoppingReport\cs\db\Sites.dbs (Adware.Shopping.Report) -> Quarantined and deleted successfully.
C:\Documents and Settings\Ejer\Application Data\ShoppingReport\cs\dwld\WhiteList.xip (Adware.Shopping.Report) -> Quarantined and deleted successfully.
C:\Documents and Settings\Ejer\Application Data\ShoppingReport\cs\report\aggr_storage.xml (Adware.Shopping.Report) -> Quarantined and deleted successfully.
C:\Documents and Settings\Ejer\Application Data\ShoppingReport\cs\report\send_storage.xml (Adware.Shopping.Report) -> Quarantined and deleted successfully.
C:\Documents and Settings\Ejer\Application Data\ShoppingReport\cs\res1\WhiteList.dbs (Adware.Shopping.Report) -> Quarantined and deleted successfully.
C:\Programmer\ShoppingReport\Uninst.exe (Adware.Shopping.Report) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users\Application Data\ZangoSA\ZangoSA.dat (Adware.Zango) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users\Application Data\ZangoSA\ZangoSAAbout.mht (Adware.Zango) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users\Application Data\ZangoSA\ZangoSAau.dat (Adware.Zango) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users\Application Data\ZangoSA\ZangoSAEula.mht (Adware.Zango) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users\Application Data\ZangoSA\ZangoSA_kyf.dat (Adware.Zango) -> Quarantined and deleted successfully.
C:\Documents and Settings\Ejer\Application Data\Zango\v3.0\Zango\dynamic\1.sdf (Adware.Zango) -> Quarantined and deleted successfully.
C:\Documents and Settings\Ejer\Application Data\Zango\v3.0\Zango\dynamic\1224397.sdf (Adware.Zango) -> Quarantined and deleted successfully.
C:\Documents and Settings\Ejer\Application Data\Zango\v3.0\Zango\dynamic\122795.sdf (Adware.Zango) -> Quarantined and deleted successfully.
C:\Documents and Settings\Ejer\Application Data\Zango\v3.0\Zango\dynamic\2883915.sdf (Adware.Zango) -> Quarantined and deleted successfully.
C:\Documents and Settings\Ejer\Application Data\Zango\v3.0\Zango\dynamic\3404705.sdf (Adware.Zango) -> Quarantined and deleted successfully.
C:\Documents and Settings\Ejer\Application Data\Zango\v3.0\Zango\dynamic\356563.sdf (Adware.Zango) -> Quarantined and deleted successfully.
C:\Documents and Settings\Ejer\Application Data\Zango\v3.0\Zango\dynamic\499697.sdf (Adware.Zango) -> Quarantined and deleted successfully.
C:\Documents and Settings\Ejer\Application Data\Zango\v3.0\Zango\dynamic\domains.txt (Adware.Zango) -> Quarantined and deleted successfully.
C:\Documents and Settings\Ejer\Application Data\Zango\v3.0\Zango\dynamic\TooltipXML\104622 (Adware.Zango) -> Quarantined and deleted successfully.
C:\Documents and Settings\Ejer\Application Data\Zango\v3.0\Zango\dynamic\TooltipXML\21669 (Adware.Zango) -> Quarantined and deleted successfully.
C:\Documents and Settings\Ejer\Application Data\Zango\v3.0\Zango\dynamic\TooltipXML\250532 (Adware.Zango) -> Quarantined and deleted successfully.
C:\Documents and Settings\Ejer\Application Data\Zango\v3.0\Zango\dynamic\TooltipXML\271110 (Adware.Zango) -> Quarantined and deleted successfully.
C:\Documents and Settings\Ejer\Application Data\Zango\v3.0\Zango\dynamic\TooltipXML\27414 (Adware.Zango) -> Quarantined and deleted successfully.
C:\Documents and Settings\Ejer\Application Data\Zango\v3.0\Zango\dynamic\TooltipXML\31638 (Adware.Zango) -> Quarantined and deleted successfully.
C:\Documents and Settings\Ejer\Application Data\Zango\v3.0\Zango\dynamic\TooltipXML\32075 (Adware.Zango) -> Quarantined and deleted successfully.
C:\Documents and Settings\Ejer\Application Data\Zango\v3.0\Zango\dynamic\TooltipXML\36834 (Adware.Zango) -> Quarantined and deleted successfully.
C:\Documents and Settings\Ejer\Application Data\Zango\v3.0\Zango\dynamic\TooltipXML\37207 (Adware.Zango) -> Quarantined and deleted successfully.
C:\Documents and Settings\Ejer\Application Data\Zango\v3.0\Zango\dynamic\TooltipXML\455745 (Adware.Zango) -> Quarantined and deleted successfully.
C:\Documents and Settings\Ejer\Application Data\Zango\v3.0\Zango\dynamic\TooltipXML\45820 (Adware.Zango) -> Quarantined and deleted successfully.
C:\Documents and Settings\Ejer\Application Data\Zango\v3.0\Zango\dynamic\TooltipXML\516030 (Adware.Zango) -> Quarantined and deleted successfully.
C:\Documents and Settings\Ejer\Application Data\Zango\v3.0\Zango\dynamic\TooltipXML\53813 (Adware.Zango) -> Quarantined and deleted successfully.
C:\Documents and Settings\Ejer\Application Data\Zango\v3.0\Zango\dynamic\TooltipXML\592018 (Adware.Zango) -> Quarantined and deleted successfully.
C:\Documents and Settings\Ejer\Application Data\Zango\v3.0\Zango\dynamic\TooltipXML\59231 (Adware.Zango) -> Quarantined and deleted successfully.
C:\Documents and Settings\Ejer\Application Data\Zango\v3.0\Zango\dynamic\TooltipXML\59287 (Adware.Zango) -> Quarantined and deleted successfully.
C:\Documents and Settings\Ejer\Application Data\Zango\v3.0\Zango\dynamic\TooltipXML\59844 (Adware.Zango) -> Quarantined and deleted successfully.
C:\Documents and Settings\Ejer\Application Data\Zango\v3.0\Zango\dynamic\TooltipXML\59872 (Adware.Zango) -> Quarantined and deleted successfully.
C:\Documents and Settings\Ejer\Application Data\Zango\v3.0\Zango\dynamic\TooltipXML\66855 (Adware.Zango) -> Quarantined and deleted successfully.
C:\Documents and Settings\Ejer\Application Data\Zango\v3.0\Zango\dynamic\TooltipXML\67464 (Adware.Zango) -> Quarantined and deleted successfully.
C:\Documents and Settings\Ejer\Application Data\Zango\v3.0\Zango\dynamic\TooltipXML\69201 (Adware.Zango) -> Quarantined and deleted successfully.
C:\Documents and Settings\Ejer\Application Data\Zango\v3.0\Zango\dynamic\TooltipXML\69866 (Adware.Zango) -> Quarantined and deleted successfully.
C:\Documents and Settings\Ejer\Application Data\Zango\v3.0\Zango\dynamic\TooltipXML\82292 (Adware.Zango) -> Quarantined and deleted successfully.
C:\Documents and Settings\Ejer\Application Data\Zango\v3.0\Zango\dynamic\TooltipXML\91551 (Adware.Zango) -> Quarantined and deleted successfully.
C:\Documents and Settings\Ejer\Application Data\Zango\v3.0\Zango\dynamic\TooltipXML\93921 (Adware.Zango) -> Quarantined and deleted successfully.
C:\Documents and Settings\Ejer\Application Data\Zango\v3.0\Zango\dynamic\ustat\37f4.dat (Adware.Zango) -> Quarantined and deleted successfully.
C:\Documents and Settings\Ejer\Application Data\Zango\v3.0\Zango\static\1\avatar.res (Adware.Zango) -> Quarantined and deleted successfully.
C:\Documents and Settings\Ejer\Application Data\Zango\v3.0\Zango\static\1\btntrans.idx (Adware.Zango) -> Quarantined and deleted successfully.
C:\Documents and Settings\Ejer\Application Data\Zango\v3.0\Zango\static\1\btntrans1.dat (Adware.Zango) -> Quarantined and deleted successfully.
C:\Documents and Settings\Ejer\Application Data\Zango\v3.0\Zango\static\1\buttondir.txt (Adware.Zango) -> Quarantined and deleted successfully.
C:\Documents and Settings\Ejer\Application Data\Zango\v3.0\Zango\static\1\components.cdf (Adware.Zango) -> Quarantined and deleted successfully.
C:\Documents and Settings\Ejer\Application Data\Zango\v3.0\Zango\static\1\cursors.res (Adware.Zango) -> Quarantined and deleted successfully.
C:\Documents and Settings\Ejer\Application Data\Zango\v3.0\Zango\static\1\default.cdf (Adware.Zango) -> Quarantined and deleted successfully.
C:\Documents and Settings\Ejer\Application Data\Zango\v3.0\Zango\static\1\Default_511745-514279.mnu (Adware.Zango) -> Quarantined and deleted successfully.
C:\Documents and Settings\Ejer\Application Data\Zango\v3.0\Zango\static\1\Default_bidzC_ZT_IE-ca.mnu (Adware.Zango) -> Quarantined and deleted successfully.
C:\Documents and Settings\Ejer\Application Data\Zango\v3.0\Zango\static\1\Default_bidzC_ZT_IE-us.mnu (Adware.Zango) -> Quarantined and deleted successfully.
C:\Documents and Settings\Ejer\Application Data\Zango\v3.0\Zango\static\1\Default_categorize.mnu (Adware.Zango) -> Quarantined and deleted successfully.
C:\Documents and Settings\Ejer\Application Data\Zango\v3.0\Zango\static\1\Default_comparison.mnu (Adware.Zango) -> Quarantined and deleted successfully.
C:\Documents and Settings\Ejer\Application Data\Zango\v3.0\Zango\static\1\Default_explorer-Mails.mnu (Adware.Zango) -> Quarantined and deleted successfully.
C:\Documents and Settings\Ejer\Application Data\Zango\v3.0\Zango\static\1\Default_explorer-people.mnu (Adware.Zango) -> Quarantined and deleted successfully.
C:\Documents and Settings\Ejer\Application Data\Zango\v3.0\Zango\static\1\Default_favorites.mnu (Adware.Zango) -> Quarantined and deleted successfully.
C:\Documents and Settings\Ejer\Application Data\Zango\v3.0\Zango\static\1\Default_Games.mnu (Adware.Zango) -> Quarantined and deleted successfully.
C:\Documents and Settings\Ejer\Application Data\Zango\v3.0\Zango\static\1\Default_Hide.mnu (Adware.Zango) -> Quarantined and deleted successfully.
C:\Documents and Settings\Ejer\Application Data\Zango\v3.0\Zango\static\1\Default_hotbarcom.mnu (Adware.Zango) -> Quarantined and deleted successfully.
C:\Documents and Settings\Ejer\Application Data\Zango\v3.0\Zango\static\1\Default_Hotmail.mnu (Adware.Zango) -> Quarantined and deleted successfully.
C:\Documents and Settings\Ejer\Application Data\Zango\v3.0\Zango\static\1\Default_hsskin.mnu (Adware.Zango) -> Quarantined and deleted successfully.
C:\Documents and Settings\Ejer\Application Data\Zango\v3.0\Zango\static\1\Default_jemster.mnu (Adware.Zango) -> Quarantined and deleted successfully.
C:\Documents and Settings\Ejer\Application Data\Zango\v3.0\Zango\static\1\Default_jemsterie.mnu (Adware.Zango) -> Quarantined and deleted successfully.
C:\Documents and Settings\Ejer\Application Data\Zango\v3.0\Zango\static\1\Default_jemsteruk.mnu (Adware.Zango) -> Quarantined and deleted successfully.
C:\Documents and Settings\Ejer\Application Data\Zango\v3.0\Zango\static\1\Default_jobsearch.mnu (Adware.Zango) -> Quarantined and deleted successfully.
C:\Documents and Settings\Ejer\Application Data\Zango\v3.0\Zango\static\1\Default_Mails.mnu (Adware.Zango) -> Quarantined and deleted successfully.
C:\Documents and Settings\Ejer\Application Data\Zango\v3.0\Zango\static\1\Default_MobileSidewalk.mnu (Adware.Zango) -> Quarantined and deleted successfully.
C:\Documents and Settings\Ejer\Application Data\Zango\v3.0\Zango\static\1\Default_new.mnu (Adware.Zango) -> Quarantined and deleted successfully.
C:\Documents and Settings\Ejer\Application Data\Zango\v3.0\Zango\static\1\Default_premium.mnu (Adware.Zango) -> Quarantined and deleted successfully.
C:\Documents and Settings\Ejer\Application Data\Zango\v3.0\Zango\static\1\Default_reun.mnu (Adware.Zango) -> Quarantined and deleted successfully.
C:\Documents and Settings\Ejer\Application Data\Zango\v3.0\Zango\static\1\Default_ringtones.mnu (Adware.Zango) -> Quarantined and deleted successfully.
C:\Documents and Settings\Ejer\Application Data\Zango\v3.0\Zango\static\1\Default_SearchBoxTrapper.mnu (Adware.Zango) -> Quarantined and deleted successfully.
C:\Documents and Settings\Ejer\Application Data\Zango\v3.0\Zango\static\1\Default_searchfor.mnu (Adware.Zango) -> Quarantined and deleted successfully.
C:\Documents and Settings\Ejer\Application Data\Zango\v3.0\Zango\static\1\Default_searchgo.mnu (Adware.Zango) -> Quarantined and deleted successfully.
C:\Documents and Settings\Ejer\Application Data\Zango\v3.0\Zango\static\1\Default_weather.mnu (Adware.Zango) -> Quarantined and deleted successfully.
C:\Documents and Settings\Ejer\Application Data\Zango\v3.0\Zango\static\1\Default_yellowpages.mnu (Adware.Zango) -> Quarantined and deleted successfully.
C:\Documents and Settings\Ejer\Application Data\Zango\v3.0\Zango\static\1\d_icons_buttons_1000.res (Adware.Zango) -> Quarantined and deleted successfully.
C:\Documents and Settings\Ejer\Application Data\Zango\v3.0\Zango\static\1\d_icons_buttons_2000.res (Adware.Zango) -> Quarantined and deleted successfully.
C:\Documents and Settings\Ejer\Application Data\Zango\v3.0\Zango\static\1\d_icons_buttons_3000.res (Adware.Zango) -> Quarantined and deleted successfully.
C:\Documents and Settings\Ejer\Application Data\Zango\v3.0\Zango\static\1\d_icons_buttons_bar.res (Adware.Zango) -> Quarantined and deleted successfully.
C:\Documents and Settings\Ejer\Application Data\Zango\v3.0\Zango\static\1\d_icons_buttons_bbar1.res (Adware.Zango) -> Quarantined and deleted successfully.
C:\Documents and Settings\Ejer\Application Data\Zango\v3.0\Zango\static\1\d_icons_buttons_logos.res (Adware.Zango) -> Quarantined and deleted successfully.
C:\Documents and Settings\Ejer\Application Data\Zango\v3.0\Zango\static\1\d_icons_buttons_other.res (Adware.Zango) -> Quarantined and deleted successfully.
C:\Documents and Settings\Ejer\Application Data\Zango\v3.0\Zango\static\1\d_icons_weather.res (Adware.Zango) -> Quarantined and deleted successfully.
C:\Documents and Settings\Ejer\Application Data\Zango\v3.0\Zango\static\1\editblbuttons.res (Adware.Zango) -> Quarantined and deleted successfully.
C:\Documents and Settings\Ejer\Application Data\Zango\v3.0\Zango\static\1\email-def-511724-548964.mnu (Adware.Zango) -> Quarantined and deleted successfully.
C:\Documents and Settings\Ejer\Application Data\Zango\v3.0\Zango\static\1\email-def-511724-9595.mnu (Adware.Zango) -> Quarantined and deleted successfully.
C:\Documents and Settings\Ejer\Application Data\Zango\v3.0\Zango\static\1\email-t1-bg.res (Adware.Zango) -> Quarantined and deleted successfully.
C:\Documents and Settings\Ejer\Application Data\Zango\v3.0\Zango\static\1\icons2.res (Adware.Zango) -> Quarantined and deleted successfully.
C:\Documents and Settings\Ejer\Application Data\Zango\v3.0\Zango\static\1\ie_games_icon.res (Adware.Zango) -> Quarantined and deleted successfully.
C:\Documents and Settings\Ejer\Application Data\Zango\v3.0\Zango\static\1\ie_video.res (Adware.Zango) -> Quarantined and deleted successfully.
C:\Documents and Settings\Ejer\Application Data\Zango\v3.0\Zango\static\1\keywords.idx (Adware.Zango) -> Quarantined and deleted successfully.
C:\Documents and Settings\Ejer\Application Data\Zango\v3.0\Zango\static\1\keywords1.dat (Adware.Zango) -> Quarantined and deleted successfully.
C:\Documents and Settings\Ejer\Application Data\Zango\v3.0\Zango\static\1\layout.cdf (Adware.Zango) -> Quarantined and deleted successfully.
C:\Documents and Settings\Ejer\Application Data\Zango\v3.0\Zango\static\1\linkpathlegal.txt (Adware.Zango) -> Quarantined and deleted successfully.
C:\Documents and Settings\Ejer\Application Data\Zango\v3.0\Zango\static\1\progress.res (Adware.Zango) -> Quarantined and deleted successfully.
C:\Documents and Settings\Ejer\Application Data\Zango\v3.0\Zango\static\1\sales_buttons.res (Adware.Zango) -> Quarantined and deleted successfully.
C:\Documents and Settings\Ejer\Application Data\Zango\v3.0\Zango\static\1\sdfmodifier.xml (Adware.Zango) -> Quarantined and deleted successfully.
C:\Documents and Settings\Ejer\Application Data\Zango\v3.0\Zango\static\1\s_icons_buttons.res (Adware.Zango) -> Quarantined and deleted successfully.
C:\Documents and Settings\Ejer\Application Data\Zango\v3.0\Zango\static\1\t2_bg.res (Adware.Zango) -> Quarantined and deleted successfully.
C:\Documents and Settings\Ejer\Application Data\Zango\v3.0\Zango\static\1\theweb.mnu (Adware.Zango) -> Quarantined and deleted successfully.
C:\Documents and Settings\Ejer\Application Data\Zango\v3.0\Zango\static\1\top7.cdf (Adware.Zango) -> Quarantined and deleted successfully.
C:\Documents and Settings\Ejer\Application Data\Zango\v3.0\Zango\static\1\Top7_theweb.mnu (Adware.Zango) -> Quarantined and deleted successfully.
C:\Documents and Settings\Ejer\Application Data\Zango\v3.0\Zango\static\1\tsd_bg.res (Adware.Zango) -> Quarantined and deleted successfully.
C:\Documents and Settings\Ejer\Application Data\Zango\v3.0\Zango\static\1\zango_btn.res (Adware.Zango) -> Quarantined and deleted successfully.
C:\Documents and Settings\Ejer\Application Data\Zango\v3.0\Zango\static\1\zango_ie_menu.res (Adware.Zango) -> Quarantined and deleted successfully.
C:\Documents and Settings\Ejer\Application Data\Zango\v3.0\Zango\static\DownLoad\avatar.xip (Adware.Zango) -> Quarantined and deleted successfully.
C:\Documents and Settings\Ejer\Application Data\Zango\v3.0\Zango\static\DownLoad\BtnTrans.xip (Adware.Zango) -> Quarantined and deleted successfully.
C:\Documents and Settings\Ejer\Application Data\Zango\v3.0\Zango\static\DownLoad\BtnTrans1.xip (Adware.Zango) -> Quarantined and deleted successfully.
C:\Documents and Settings\Ejer\Application Data\Zango\v3.0\Zango\static\DownLoad\buttondir.xip (Adware.Zango) -> Quarantined and deleted successfully.
C:\Documents and Settings\Ejer\Application Data\Zango\v3.0\Zango\static\DownLoad\cursors.xip (Adware.Zango) -> Quarantined and deleted successfully.
C:\Documents and Settings\Ejer\Application Data\Zango\v3.0\Zango\static\DownLoad\default.xip (Adware.Zango) -> Quarantined and deleted successfully.
C:\Documents and Settings\Ejer\Application Data\Zango\v3.0\Zango\static\DownLoad\d_icons_buttons_1000.xip (Adware.Zango) -> Quarantined and deleted successfully.
C:\Documents and Settings\Ejer\Application Data\Zango\v3.0\Zango\static\DownLoad\d_icons_buttons_2000.xip (Adware.Zango) -> Quarantined and deleted successfully.
C:\Documents and Settings\Ejer\Application Data\Zango\v3.0\Zango\static\DownLoad\d_icons_buttons_3000.xip (Adware.Zango) -> Quarantined and deleted successfully.
C:\Documents and Settings\Ejer\Application Data\Zango\v3.0\Zango\static\DownLoad\d_icons_buttons_bar.xip (Adware.Zango) -> Quarantined and deleted successfully.
C:\Documents and Settings\Ejer\Application Data\Zango\v3.0\Zango\static\DownLoad\d_icons_buttons_bbar1.xip (Adware.Zango) -> Quarantined and deleted successfully.
C:\Documents and Settings\Ejer\Application Data\Zango\v3.0\Zango\static\DownLoad\d_icons_buttons_logos.xip (Adware.Zango) -> Quarantined and deleted successfully.
C:\Documents and Settings\Ejer\Application Data\Zango\v3.0\Zango\static\DownLoad\d_icons_buttons_other.xip (Adware.Zango) -> Quarantined and deleted successfully.
C:\Documents and Settings\Ejer\Application Data\Zango\v3.0\Zango\static\DownLoad\d_icons_weather.xip (Adware.Zango) -> Quarantined and deleted successfully.
C:\Documents and Settings\Ejer\Application Data\Zango\v3.0\Zango\static\DownLoad\editblbuttons.xip (Adware.Zango) -> Quarantined and deleted successfully.
C:\Documents and Settings\Ejer\Application Data\Zango\v3.0\Zango\static\DownLoad\email-t1-bg.xip (Adware.Zango) -> Quarantined and deleted successfully.
C:\Documents and Settings\Ejer\Application Data\Zango\v3.0\Zango\static\DownLoad\icons2.xip (Adware.Zango) -> Quarantined and deleted successfully.
C:\Documents and Settings\Ejer\Application Data\Zango\v3.0\Zango\static\DownLoad\ie_games_icon.xip (Adware.Zango) -> Quarantined and deleted successfully.
C:\Documents and Settings\Ejer\Application Data\Zango\v3.0\Zango\static\DownLoad\ie_video.xip (Adware.Zango) -> Quarantined and deleted successfully.
C:\Documents and Settings\Ejer\Application Data\Zango\v3.0\Zango\static\DownLoad\keywords.xip (Adware.Zango) -> Quarantined and deleted successfully.
C:\Documents and Settings\Ejer\Application Data\Zango\v3.0\Zango\static\DownLoad\keywords1.xip (Adware.Zango) -> Quarantined and deleted successfully.
C:\Documents and Settings\Ejer\Application Data\Zango\v3.0\Zango\static\DownLoad\layout.xip (Adware.Zango) -> Quarantined and deleted successfully.
C:\Documents and Settings\Ejer\Application Data\Zango\v3.0\Zango\static\DownLoad\linkpathlegal.xip (Adware.Zango) -> Quarantined and deleted successfully.
C:\Documents and Settings\Ejer\Application Data\Zango\v3.0\Zango\static\DownLoad\progress.xip (Adware.Zango) -> Quarantined and deleted successfully.
C:\Documents and Settings\Ejer\Application Data\Zango\v3.0\Zango\static\DownLoad\sales_buttons.xip (Adware.Zango) -> Quarantined and deleted successfully.
C:\Documents and Settings\Ejer\Application Data\Zango\v3.0\Zango\static\DownLoad\samplegroups2.txt (Adware.Zango) -> Quarantined and deleted successfully.
C:\Documents and Settings\Ejer\Application Data\Zango\v3.0\Zango\static\DownLoad\samplegroups2.xip (Adware.Zango) -> Quarantined and deleted successfully.
C:\Documents and Settings\Ejer\Application Data\Zango\v3.0\Zango\static\DownLoad\sdfmodifier.xip (Adware.Zango) -> Quarantined and deleted successfully.
C:\Documents and Settings\Ejer\Application Data\Zango\v3.0\Zango\static\DownLoad\s_icons_buttons.xip (Adware.Zango) -> Quarantined and deleted successfully.
C:\Documents and Settings\Ejer\Application Data\Zango\v3.0\Zango\static\DownLoad\t2_bg.xip (Adware.Zango) -> Quarantined and deleted successfully.
C:\Documents and Settings\Ejer\Application Data\Zango\v3.0\Zango\static\DownLoad\top7.xip (Adware.Zango) -> Quarantined and deleted successfully.
C:\Documents and Settings\Ejer\Application Data\Zango\v3.0\Zango\static\DownLoad\tsd_bg.xip (Adware.Zango) -> Quarantined and deleted successfully.
C:\Documents and Settings\Ejer\Application Data\Zango\v3.0\Zango\static\DownLoad\zango_btn.xip (Adware.Zango) -> Quarantined and deleted successfully.
C:\Documents and Settings\Ejer\Application Data\Zango\v3.0\Zango\static\DownLoad\zango_ie_menu.xip (Adware.Zango) -> Quarantined and deleted successfully.
C:\Documents and Settings\Ejer\Skrivebord\WinPC Defender.LNK (Rogue.WinPCDefender) -> Quarantined and deleted successfully.
C:\Documents and Settings\Ejer\Menuen Start\WinPC Defender.LNK (Rogue.WinPCDefender) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\uacinit.dll (Trojan.Agent) -> Quarantined and deleted successfully.

ComboFix 09-05-15.08 - Ejer 16-05-2009 19:02.1 - NTFSx86
Microsoft Windows XP Home Edition 5.1.2600.3.1252.45.1030.18.894.550 [GMT 2:00]
Kører fra: c:\documents and settings\Ejer\Skrivebord\Oprydning\ComboFix.exe
AV: Norman Security Suite *On-access scanning enabled* (Updated) {EB9EFB40-AE72-4C43-B204-0FCD0E92D5F1}
.

((((((((((((((((((((((((((((((((((((((( Andet, der er slettet )))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\documents and settings\All Users\Application Data\Microsoft\Network\Downloader\qmgr0.dat
c:\documents and settings\All Users\Application Data\Microsoft\Network\Downloader\qmgr1.dat
c:\documents and settings\All Users\Menuen Start\Programmer\Zango
c:\documents and settings\All Users\Menuen Start\Programmer\Zango\Reset Cursor.lnk
c:\documents and settings\All Users\Menuen Start\Programmer\Zango\Weather.lnk
c:\documents and settings\All Users\Menuen Start\Programmer\Zango\Zango Customer Support Center.lnk
c:\documents and settings\All Users\Menuen Start\Programmer\Zango\Zango Games!.lnk
c:\documents and settings\All Users\Menuen Start\Programmer\Zango\Zango Library.lnk
c:\documents and settings\All Users\Menuen Start\Programmer\Zango\Zango Screensavers!.lnk
c:\documents and settings\All Users\Menuen Start\Programmer\Zango\Zango Uninstall Instructions.lnk
c:\documents and settings\All Users\Menuen Start\Programmer\Zango\Zango Videos!.lnk
c:\documents and settings\Ejer\Application Data\WeatherDPA
c:\documents and settings\Ejer\Application Data\WeatherDPA\Weather\WeatherStartup.xml
c:\windows\system32\UACuirrlrysqtkdwfr.dat
c:\windows\system32\UACyiwpjirsxqtcpqb.log

----- BITS: Mulige inficerede internetsteder -----

hxxp://pornproductions09.com
.
((((((((((((((((((((((((((((( Filer skabt fra 2009-04-16 til 2009-05-16 )))))))))))))))))))))))))))))))))))
.

2009-05-16 15:54 . 2009-05-16 15:54 -------- d-----w c:\documents and settings\Ejer\Application Data\Malwarebytes
2009-05-16 15:54 . 2009-04-06 13:32 15504 ----a-w c:\windows\system32\drivers\mbam.sys
2009-05-16 15:54 . 2009-04-06 13:32 38496 ----a-w c:\windows\system32\drivers\mbamswissarmy.sys
2009-05-16 15:54 . 2009-05-16 15:54 -------- d-----w c:\documents and settings\All Users\Application Data\Malwarebytes
2009-05-16 15:54 . 2009-05-16 15:54 -------- d-----w c:\programmer\Malwarebytes' Anti-Malware
2009-05-16 15:01 . 2009-05-16 15:02 6853096 ----a-w C:\SpyHunter-Compact-OS.exe
2009-05-16 15:01 . 2009-05-16 15:01 -------- d-----w c:\programmer\Enigma Software Group
2009-05-16 12:21 . 2009-05-16 15:18 -------- d--h--w C:\$AVG8.VAULT$
2009-05-16 12:12 . 2009-05-16 15:27 -------- d-----w c:\documents and settings\All Users\Application Data\avg8
2009-05-12 18:51 . 2009-05-12 18:51 -------- d-----w c:\programmer\MSECache

.
(((((((((((((((((((((((((((((((((((((((( Find3M Rapport ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-05-16 16:46 . 2008-11-29 14:36 -------- d-----w c:\programmer\Steam
2009-05-16 16:45 . 2008-04-11 10:18 -------- d-----w c:\programmer\Norman
2009-05-16 13:48 . 2008-08-29 19:24 -------- d-----w c:\programmer\ScandicBookmakers.com
2009-05-16 09:03 . 2009-03-26 19:12 -------- d-----w c:\programmer\Norton Security Scan
2009-05-16 08:52 . 2009-05-16 08:52 43 ----a-w c:\documents and settings\Ejer\Application Data\~ygw.tmp
2009-05-16 08:51 . 2008-03-26 18:16 47880 ----a-w c:\documents and settings\Ejer\Lokale indstillinger\Application Data\GDIPFONTCACHEV1.DAT
2009-05-02 10:24 . 2008-04-11 10:44 -------- d-----w c:\programmer\PartyGaming
2009-04-17 08:06 . 2004-08-27 12:00 76586 ----a-w c:\windows\system32\perfc006.dat
2009-04-17 08:06 . 2004-08-27 12:00 424910 ----a-w c:\windows\system32\perfh006.dat
2009-04-08 16:02 . 2009-03-26 19:13 -------- d-----w c:\programmer\Fælles filer\Symantec Shared
2009-03-19 15:08 . 2009-03-19 15:08 499712 ----a-w c:\windows\system32\msvcp71.dll
2009-03-19 15:08 . 2009-03-19 15:08 348160 ----a-w c:\windows\system32\msvcr71.dll
2009-03-09 15:13 . 2009-03-09 15:13 0 ----a-w c:\documents and settings\Ejer\temp.dat
2009-03-09 12:42 . 2009-03-09 12:43 410984 ----a-w c:\windows\system32\deploytk.dll
2009-03-06 14:20 . 2004-08-27 12:00 284672 ----a-w c:\windows\system32\pdh.dll
2009-03-03 00:11 . 2004-08-27 12:00 826368 ----a-w c:\windows\system32\wininet.dll
2009-02-20 17:12 . 2004-08-27 12:00 78336 ----a-w c:\windows\system32\ieencode.dll
.

((((((((((((((((((((((((((((((((((( Start steder i reg.basen ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Bemærk* tomme linier & lovlige standard linier vises ikke
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\ctfmon.exe" [2008-04-14 15360]
"MsnMsgr"="c:\programmer\Windows Live\Messenger\MsnMsgr.Exe" [2009-02-06 3885408]
"swg"="c:\programmer\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2008-10-10 68856]
"Steam"="c:\programmer\Steam\Steam.exe" [2008-11-29 1410296]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Norman ZANDA"="c:\programmer\Norman\Npm\Bin\ZLH.EXE" [2009-02-11 187504]
"QuickTime Task"="c:\programmer\QuickTime\qttask.exe" [2008-05-27 413696]
"iTunesHelper"="c:\programmer\iTunes\iTunesHelper.exe" [2008-06-02 267048]
"Adobe Reader Speed Launcher"="c:\programmer\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2008-10-15 39792]
"SunJavaUpdateSched"="c:\programmer\Java\jre6\bin\jusched.exe" [2009-03-09 148888]
"RTHDCPL"="RTHDCPL.EXE" - c:\windows\RTHDCPL.exe [2006-04-17 16143872]
"SMSERIAL"="sm56hlpr.exe" - c:\windows\sm56hlpr.exe [2006-01-20 544768]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]

[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"AntiVirusDisableNotify"="0"
"UpdatesDisableNotify"="0"

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Programmer\\Messenger\\msmsgs.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Programmer\\Sports Interactive\\Football Manager 2008\\fm.exe"=
"c:\\Programmer\\iTunes\\iTunes.exe"=
"c:\\Programmer\\Steam\\SteamApps\\common\\football manager 2009\\fm.exe"=
"c:\\Programmer\\Windows Live\\Sync\\WindowsLiveSync.exe"=
"c:\\Programmer\\Windows Live\\Messenger\\msnmsgr.exe"=

R0 O2MDRDR;O2MDRDR;c:\windows\system32\drivers\o2media.sys [27-02-2006 16:00 34880]
R0 O2SDRDR;O2SDRDR;c:\windows\system32\drivers\o2sd.sys [20-02-2006 17:01 29056]
R2 fssfltr;FssFltr;c:\windows\system32\drivers\fssfltr_tdi.sys [17-03-2009 08:26 55152]
R2 NVOY;Norman Resource Provider;c:\programmer\Norman\Npm\Bin\nvoy.exe [04-06-2008 14:54 126008]
R2 SeaPort;SeaPort;c:\programmer\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe [14-01-2009 18:53 226656]
R3 Scheduler;Norman Scheduler Service;c:\programmer\Norman\Npm\Bin\scheduler.exe [12-05-2009 19:29 130104]
R4 Ndiskio;Ndiskio;\??\c:\programmer\Norman\Nse\bin\NDISKIO.SYS --> c:\programmer\Norman\Nse\bin\NDISKIO.SYS [?]
R4 NPROSEC;Norman Security driver;c:\programmer\Norman\ngs\bin\nprosec.sys [12-05-2009 19:29 53816]
S3 fsssvc;Windows Live Family Safety;c:\programmer\Windows Live\Family Safety\fsssvc.exe [06-02-2009 19:08 533360]
S3 NVCScheduler;Norman Virus Control Scheduler;"c:\programmer\Norman\Npm\Bin\Nvcsched.exe" --> c:\programmer\Norman\Npm\Bin\Nvcsched.exe [?]
S3 USBAAPL;Apple Mobile USB Driver;c:\windows\system32\drivers\usbaapl.sys [13-06-2008 21:35 30464]

--- Andre Services/Drivers i Hukommelsen ---

*Deregistered* - mchInjDrv
*Deregistered* - NGS
.
Indhold af mappen 'Planlagte Opgaver'

2009-02-23 c:\windows\Tasks\AppleSoftwareUpdate.job
- c:\programmer\Apple Software Update\SoftwareUpdate.exe [2007-08-29 11:34]

2009-05-16 c:\windows\Tasks\Norton Security Scan for Ejer.job
- c:\programmer\Norton Security Scan\Nss.exe [2009-03-13 18:20]
.
- - - - TOMME GENVEJE FJERNET - - - -

HKLM-Run-POEngine - (no file)

.
------- Yderligere scanning -------
.
uStart Page = www.bold.dk/
IE: E&ksporter til Microsoft Excel - c:\progra~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
IE: {{B4B52284-A248-4c51-9F7C-F0A0C67FCC9D} - c:\programmer\PartyGaming\PartyCasino\RunApp.exe
Filter: x-sdch - {B1759355-3EEC-4C1E-B0F1-B719FE26E377} - c:\programmer\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll
DPF: {07D09E9E-C667-45DD-B035-217BC2A61A3B} - hxxps://www.sparoj.dk/package/sdc/external/activex/ActiveXSikkerhedssoftware-prod-1.30.cab
.

**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-05-16 19:04
Windows 5.1.2600 Service Pack 3 NTFS

scanner skjulte processer ...

scanner skjulte autostarter ...

scanner skjulte filer ...

scanning gennemført med succes
skjulte filer: 0

**************************************************************************
.
--------------------- DLLs startet under kørende Processer ---------------------

- - - - - - - > 'winlogon.exe'(600)
c:\windows\system32\Ati2evxx.dll
.
Gennemført tid: 2009-05-16 19:05
ComboFix-quarantined-files.txt 2009-05-16 17:05

Pre-Kørsel: 101.636.231.168 byte ledig
Post-Kørsel: 101.639.565.312 byte ledig

WindowsXP-KB310994-SP2-Home-BootDisk-DAN.exe
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS
[operating systems]
c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Home Edition" /noexecute=optin /fastdetect /usepmtimer

148 --- E O F --- 2009-05-13 19:32

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 19:29:25, on 16-05-2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16827)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\Programmer\Norman\Npm\Bin\eLogsvc.exe
C:\Programmer\Norman\Ngs\Bin\Nprosec.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Programmer\Norman\Npm\Bin\Zanda.exe
C:\Programmer\Norman\npm\bin\nvoy.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\svchost.exe
C:\Programmer\Fælles filer\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Programmer\Java\jre6\bin\jqs.exe
C:\WINDOWS\system32\o2flash.exe
C:\Programmer\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
C:\Programmer\Norman\Npm\Bin\scheduler.exe
C:\Programmer\Norman\Npm\Bin\Njeeves.exe
C:\WINDOWS\System32\alg.exe
C:\Programmer\Norman\Nse\Bin\NSESVC.EXE
C:\WINDOWS\RTHDCPL.EXE
C:\WINDOWS\sm56hlpr.exe
C:\Programmer\Norman\Npm\Bin\ZLH.EXE
C:\Programmer\QuickTime\qttask.exe
C:\Programmer\iTunes\iTunesHelper.exe
C:\Programmer\Java\jre6\bin\jusched.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Programmer\Windows Live\Messenger\MsnMsgr.Exe
C:\Programmer\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Programmer\Steam\Steam.exe
C:\Programmer\Windows Live\Contacts\wlcomm.exe
C:\Programmer\iPod\bin\iPodService.exe
C:\Programmer\Norman\Nvc\Bin\Nip.exe
C:\Programmer\Internet Explorer\IEXPLORE.EXE
C:\Programmer\Windows Live\Toolbar\wltuser.exe
C:\Programmer\Trend Micro\HijackThis\HijackThis.exe
C:\WINDOWS\system32\rundll32.exe
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = www.bold.dk/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Hyperlinks
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programmer\Fælles filer\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - (no file)
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Programmer\Microsoft\Search Enhancement Pack\Search Helper\SearchHelper.dll
O2 - BHO: Hjælp til tilmelding til Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programmer\Fælles filer\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Programmer\Google\Google Toolbar\GoogleToolbar.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Programmer\Google\GoogleToolbarNotifier\5.1.1309.3572\swg.dll
O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Programmer\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Programmer\Java\jre6\bin\jp2ssv.dll
O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Programmer\Windows Live\Toolbar\wltcore.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Programmer\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Programmer\Windows Live\Toolbar\wltcore.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Programmer\Google\Google Toolbar\GoogleToolbar.dll
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [SMSERIAL] sm56hlpr.exe
O4 - HKLM\..\Run: [Norman ZANDA] "C:\Programmer\Norman\Npm\Bin\ZLH.EXE" /LOAD /SPLASH
O4 - HKLM\..\Run: [QuickTime Task] "C:\Programmer\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Programmer\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Programmer\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Programmer\Java\jre6\bin\jusched.exe"
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Programmer\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [swg] C:\Programmer\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [Steam] "C:\Programmer\Steam\Steam.exe" -silent
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O8 - Extra context menu item: E&ksporter til Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: Blog det - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Programmer\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Blog det i Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Programmer\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: PartyGammon.com - {59A861EE-32B3-42cd-8CCA-FC130EDF3A44} - C:\Programmer\PartyGaming\PartyGammon\RunBackGammon.exe (file missing)
O9 - Extra 'Tools' menuitem: PartyGammon.com - {59A861EE-32B3-42cd-8CCA-FC130EDF3A44} - C:\Programmer\PartyGaming\PartyGammon\RunBackGammon.exe (file missing)
O9 - Extra button: Opslag - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: PartyCasino - {B4B52284-A248-4c51-9F7C-F0A0C67FCC9D} - C:\Programmer\PartyGaming\PartyCasino\RunApp.exe (file missing)
O9 - Extra 'Tools' menuitem: PartyCasino - {B4B52284-A248-4c51-9F7C-F0A0C67FCC9D} - C:\Programmer\PartyGaming\PartyCasino\RunApp.exe (file missing)
O9 - Extra button: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Programmer\PartyGaming\PartyPoker\RunApp.exe
O9 - Extra 'Tools' menuitem: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Programmer\PartyGaming\PartyPoker\RunApp.exe
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programmer\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programmer\Messenger\msmsgs.exe
O16 - DPF: {07D09E9E-C667-45DD-B035-217BC2A61A3B} (ActiveX sikkerhedssoftware Control) - https://www.sparoj.dk/package/sdc/external/activex/ActiveXSikkerhedssoftware-prod-1.30.cab
O16 - DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} (Facebook Photo Uploader 5 Control) - http://upload.facebook.com/controls/2008.10.10_v5.5.8/FacebookPhotoUploader5.cab
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx1.hotmail.com/mail/w2/resources/MSNPUpld.cab
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} (Java Runtime Environment 1.6.0) - http://dl8-cdn-01.sun.com/s/ESD7/JSCDL/jdk/6u12-b04/jinstall-6u12-windows-i586-jc.cab?e=1236602387532&h=039f46481cfea886250bc50f9e35942c/&filename=jinstall-6u12-windows-i586-jc.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - https://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab
O18 - Filter: x-sdch - {B1759355-3EEC-4C1E-B0F1-B719FE26E377} - C:\Programmer\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Programmer\Fælles filer\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: Norman eLogger service 6 (eLoggerSvc6) - Norman ASA - C:\Programmer\Norman\Npm\Bin\eLogsvc.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Programmer\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Programmer\Fælles filer\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: iPod-tjeneste (iPod Service) - Apple Inc. - C:\Programmer\iPod\bin\iPodService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Programmer\Java\jre6\bin\jqs.exe
O23 - Service: Norman NJeeves - Norman ASA - C:\Programmer\Norman\Npm\Bin\Njeeves.exe
O23 - Service: Norman ZANDA - Norman ASA - C:\Programmer\Norman\Npm\Bin\Zanda.exe
O23 - Service: Norman Security service (NPROSECSVC) - Norman ASA - C:\Programmer\Norman\Ngs\Bin\Nprosec.exe
O23 - Service: Norman Scanner Engine Service (nsesvc) - Norman ASA - C:\Programmer\Norman\Nse\Bin\NSESVC.EXE
O23 - Service: Norman Virus Control on-access component (nvcoas) - Norman ASA - C:\Programmer\Norman\Nvc\Bin\nvcoas.exe
O23 - Service: Norman Virus Control Scheduler (NVCScheduler) - Unknown owner - C:\Programmer\Norman\Npm\Bin\Nvcsched.exe (file missing)
O23 - Service: Norman Resource Provider (NVOY) - Norman ASA - C:\Programmer\Norman\npm\bin\nvoy.exe
O23 - Service: O2Micro Flash Memory (O2Flash) - Unknown owner - C:\WINDOWS\system32\o2flash.exe
O23 - Service: Norman Scheduler Service (Scheduler) - Norman ASA - C:\Programmer\Norman\Npm\Bin\scheduler.exe
O23 - Service: ServiceLayer - Nokia. - C:\Programmer\PC Connectivity Solution\ServiceLayer.exe

--
End of file - 10185 bytes

Synes godt om

Computer Hjælp (Gratis) Mester

16. maj 2009 - 20:15 #1

[Malwarbytes] + [Combox] fik jo nappet en del 'snavs' - derefter lidt oprydning ->

Afinstaller

* Google Software Updater
* Apple Mobile Device
* iPod-tjeneste (iPod Service)

via
[Start][Indstilninger][Kontrolpanel][Tilføj/fjern programmer]

Genstart for at fuldføre afinstalationen...

------------------------------------------------------------------------

Kør en scanning med Hijackthis,
Du får herunder nogle filer, som du skal fixe. Det, du skal gøre, er at sætte et flueben ud for disse filer. Når du har gjort det, så lukker du alle andre vinduer ned. Det er meget vigtigt at det eneste vindue, som er åbent er HijackThis vinduet. Husk også at lukke dette vindue, når du har markeret filerne. Nu må du fixe. Klik på Fix checked.

Det er disse, som skal fixes:

O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - (no file)
O4 - HKLM\..\Run: [QuickTime Task] "C:\Programmer\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Programmer\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Programmer\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKCU\..\Run: [swg] C:\Programmer\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe

O9 - Extra button: PartyGammon.com - {59A861EE-32B3-42cd-8CCA-FC130EDF3A44} - C:\Programmer\PartyGaming\PartyGammon\RunBackGammon.exe (file missing)
O9 - Extra 'Tools' menuitem: PartyGammon.com - {59A861EE-32B3-42cd-8CCA-FC130EDF3A44} - C:\Programmer\PartyGaming\PartyGammon\RunBackGammon.exe (file missing)

O9 - Extra button: PartyCasino - {B4B52284-A248-4c51-9F7C-F0A0C67FCC9D} - C:\Programmer\PartyGaming\PartyCasino\RunApp.exe (file missing)
O9 - Extra 'Tools' menuitem: PartyCasino - {B4B52284-A248-4c51-9F7C-F0A0C67FCC9D} - C:\Programmer\PartyGaming\PartyCasino\RunApp.exe (file missing)
O9 - Extra button: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Programmer\PartyGaming\PartyPoker\RunApp.exe
O9 - Extra 'Tools' menuitem: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Programmer\PartyGaming\PartyPoker\RunApp.exe

O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Programmer\Fælles filer\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: iPod-tjeneste (iPod Service) - Apple Inc. - C:\Programmer\iPod\bin\iPodService.exe

Genstart normalt...

------------------------------------------------------------------------

Check hos WindowsUpdate for opdateringer; du mangler bla. IE8 + efterfølgende opdateringer...

------------------------------------------------------------------------

Registreringsdatabase oprydning kan anbefales ->
http://www.ccleaner.com/ + http://www.spywarefri.dk/manualer/ccleaner-manual.htm (Specielt punktet [Register]...)
http://www.ccleaner.com/download/builds/downloading-slim
Under installationen får du tilbudt [Yahoo Toolbar]. Du kan sige ja eller *NEJ* til den.

http://vistaguide.dk/?Artikler/CCleaner-GuideTilOptimeringAfVista/763

------------------------------------------------------------------------

Hvordan kører PC'en så nu ?

Synes godt om

keld10 Nybegynder

16. maj 2009 - 20:43 #2

Kan det passe, at jeg ikke har google software updater og Ipod-tjeneste, fordi jeg kan ikke finde dem??

Synes godt om

Computer Hjælp (Gratis) Mester

16. maj 2009 - 20:54 #3

(Dem napper vi senere - behøver nemlig ikke at bruge resouser/kræfter fra din PC...)

Synes godt om

keld10 Nybegynder

16. maj 2009 - 21:37 #4

Kun ikke finde O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Programmer\Fælles filer\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe i scanning med Hijackthis. Er det et problem? Computeren kører som ny. Rigtig mange gange tak.

Synes godt om

Computer Hjælp (Gratis) Mester

23. maj 2009 - 22:19 #5

Der er ikke mere 'snavs' ifølge din Log...

Du er velkommen en anden gang...

Efter sådan en tur er det altid en god ide og rydde op i systemgendannelsesfilerne.
Deaktiver systemgendannelse -> http://www.spywareinfo.dk/#/tip-og-tricks/deaktiver_systemgendannelse.htm
Genstart din computer - aktiver systemgendannelse. Dette gøres samme sted, hvor du deaktiverede, denne gang skal du blot aktivere.
Det vil også være en god idé manuelt at oprette et nyt punkt, som du kan navngive, og vende tilbage til, hvis du skulle få problemer af nogen art.

Safe Surfing...

--------------

Synes godt om

Ny bruger Nybegynder

Din løsning...

Tilladte BB-code-tags: [b]fed[/b] [i]kursiv[/i] [u]understreget[/u] Web- og emailadresser omdannes automatisk til links. Der sættes "nofollow" på alle links.

Følg dette spørgsmål

Opret Preview

Se alle it-kurser fra Computerworld Kurser

IT-kurser om Microsoft 365, sikkerhed, personlig vækst, udvikling, digital markedsføring, grafisk design, SAP og forretningsanalyse.

Se alle it-kurser

Flere spørgsmål fra Virus kategorien

Titel	Indlæg	Oprettet	Seneste aktivitet
Vil skrifte antivirusprogram. Af ErikHg i Virus	22	26/11/202510:42	23/12/202514:29
Er gratis Bitdefender værd at installere ? Af Ikke-ekspert i Virus	8	31/08/202519:08	01/09/202514:18
Ukendte filer på min Pc Af jonpet i Virus	10	03/02/202514:20	04/02/202511:05
mulig ukendt virus Af jackie18 i Virus	3	18/01/202514:07	18/01/202516:39
virus popper op med jævne mellemrum Af Malm i Virus	13	18/01/202511:40	20/01/202517:53

Se alle spørgsmål i kategorien Opret spørgsmål

Log ind eller opret profil

Hov!

For at kunne deltage på Computerworld Eksperten skal du være logget ind.

Det er heldigvis nemt at oprette en bruger: Det tager to minutter og du kan vælge at bruge enten e-mail, Facebook eller Google som login.

Du kan også logge ind via nedenstående tjenester

Alle kategorier på Eksperten

Seneste artiklerRSS

27/12

AI er blevet forretningskritisk: Her er de fem skift, der definerer 2026

26/12

Nørgaard: Jeg har sparet MANGE penge for jer

24/12

AI-lab #17: Jeg mistede en af mine AI-superkræfter – men fandt en endnu stærkere en midt i juletravlheden

23/12

Dansk pensionskæmpe køber op i hemmelighedsfuld it-komet fra Aalborg

23/12

Vil publicere millioner af hackede sange fra Spotify: Enhver vil kunne lave sin egen version af musiktjenesten, advarer eksperter

23/12

Hackerangreb rammer dansk a-kasse med 86.000 medlemmer: Cpr-numre og personlige oplysninger i fare for misbrug

23/12

Fransk postvæsen ramt af omfattende cyberangreb midt i juleræset

23/12

Investeringerne i datacentre slår alle rekorder - så mange milliarder bruges der i år

23/12

Flygiganten Airbus vil flytte sin kritiske it-systemer til en suveræn europæisk cloud: På vej med stort udbud

23/12

Vil du have fuldt udbytte af AI, så skal du lære dette nye begreb

23/12

Film: Too rich to care

Vis flere artikler

IT-JOB

FOA

To Full Stack udviklere til digitalisering der gør en forskel

TV2

Erfaren Software Engineer til Audience Management & Permission

Politiets Efterretningstjeneste

Teknisk stærk senior IT-projektleder til PET

Politiets Efterretningstjeneste

Sektionsleder til DevOps i PET

Politi

Skab fremtidens AI-teknologi til politiet og gør en reel forskel i samfundet

Vis flere jobs

Seneste spørgsmål Seneste aktivitet

I går 22:02	Låse brugt iPad op Af drstein i iOS, iPhone & iPad
I går 19:21	Hvor finder jeg en oversigt over mine spørgsmål Af KurtG i Hjælp og fejl
I går 11:31	TP-Link Wifi extender opsat som accesspoint giver 50% up- og download, Af Uvanga i Wifi
26/1213:05	Hvorfor bliver tiff-filer større ved konvertering til samme format Af KurtG i Billedbehandling
23/1221:36	Gøre Ikonerne lidt større i proceslinjen (Windows 10) Af Ikke-ekspert i Windows

White papers

Revolutionér kundeoplevelsen med AI og automatisering
Sabio
Udnyt Genesys Cloud CX optimalt og styrk kundeoplevelsen
Sabio
Undgå at printeren bliver svageste led i sikkerheden
Konica Minolta
IT i front: Sådan bliver netværk en strategisk driver
TDC Erhverv

Flere white papers »