CIO Tech Eksperten IT-JOB IT-Kurser Events Podcast Søg
Cookie ikon
Avatar billede Keld Nielsen Professor
30. maj 2010 - 11:54 Der er 10 kommentarer og
2 løsninger

Antispyware Soft

Jeg har været angrebet af Antispyware Soft - og har af forskellige vej arbejdet mig frem mod "næsten" at have fjernet den.

Men min computer fryser engang imellem - og tror der stadig kan være mén efter angrebet.

Da jeg kører Vista64 - har jeg brugt dds.scr til at lave et print af status - som er herunder.

Er der stadig, noget "snavs" som skal fjernes ??


DDS (Ver_10-03-17.01) - NTFSX64 
Run by Keld at  8:36:58,36 on 30-05-2010
Internet Explorer: 8.0.6001.18904 BrowserJavaVersion: 1.6.0_20
Microsoft® Windows Vista™ Ultimate  6.0.6002.2.1252.45.1033.18.12285.8994 [GMT 2:00]

AV: Lavasoft Ad-Watch Live! Anti-Virus *On-access scanning disabled* (Updated)  {A1C4F2E0-7FDE-4917-AFAE-013EFC3EDE33}
SP: Spybot - Search and Destroy *disabled* (Updated) {ED588FAF-1B8F-43B4-ACA8-8E3C85DADBE9}
SP: Lavasoft Ad-Watch Live! *disabled* (Updated) {67844DAE-4F77-4D69-9457-98E8CFFDAA22}
SP: Windows Defender *enabled* (Updated) {D68DDC3A-831F-4FAE-9E44-DA132C1ACF46}

============== Running Processes ===============

C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\nvvsvc.exe
C:\Windows\system32\svchost.exe -k rpcss
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\SLsvc.exe
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\nvvsvc.exe
C:\Windows\system32\svchost.exe -k NetworkService
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskeng.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files\Canon\MyPrinter\BJMYPRT.EXE
C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\updaterstartuputility.exe
C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe
C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files (x86)\Adobe\Adobe Bridge CS5\Bridge.exe
C:\Program Files (x86)\Google\Google Calendar Sync\GoogleCalendarSync.exe
E:\Program Files\Logitech\SetPoint\SetPoint.exe
C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
E:\Program Files (x86)\Stardock\ObjectDock\ObjectDock.exe
C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe
e:\Program Files (x86)\Adobe\Photoshop Elements 7.0\PhotoshopElementsFileAgent.exe
C:\Program Files (x86)\Common Files\LogiShrd\LComMgr\LVComSX.exe
E:\Program Files (x86)\Adobe\Elements Organizer 8.0\PhotoshopElementsFileAgent.exe
C:\Program Files (x86)\Google\Quick Search Box\GoogleQuickSearchBox.exe
C:\Program Files\Alwil Software\Avast4\ashDisp.exe
C:\Program Files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe
C:\Program Files (x86)\Canon\Canon IJ Network Scan Utility\CNMNSUT.exe
E:\Program Files (x86)\Norton Ghost\Agent\VProTray.exe
C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Windows\SysWOW64\astsrv.exe
E:\Program Files (x86)\IVT Corporation\BlueSoleil\BlueSoleilCS.exe
E:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
C:\Program Files (x86)\Spyware Doctor\pctsTray.exe
C:\Users\Keld\AppData\Local\Temp\DCOM.exe
C:\Program Files (x86)\Bonjour\mDNSResponder.exe
C:\Program Files (x86)\Spyware Doctor\BDT\BDTUpdateService.exe
E:\Program Files (x86)\IVT Corporation\BlueSoleil\BsMobileCS.exe
C:\Windows\system32\CISVC.EXE
C:\Windows\SysWOW64\fsproflt.exe
C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE
C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe
C:\Windows\system32\nlsInterface.exe
E:\Program Files (x86)\Norton Ghost\Agent\VProSvc.exe
e:\Program Files\Raxco\PerfectDisk10\PDAgent.exe
C:\Program Files (x86)\Packard Bell\Software Suite\PowerSave\PSPBSSS.exe
c:\Program Files (x86)\Photodex\ProShowProducer\ScsiAccess.exe
C:\Program Files (x86)\Spyware Doctor\pctsAuxs.exe
C:\Program Files (x86)\Spyware Doctor\pctsSvc.exe
C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\system32\Wacom_Tablet.exe
e:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe
C:\Windows\System32\TUProgSt.exe
C:\Program Files (x86)\TuneUp Utilities 2010\TuneUpUtilitiesService64.exe
C:\Windows\System32\svchost.exe -k WerSvcGroup
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Windows\system32\WTablet\Wacom_TabletUser.exe
C:\Windows\system32\SearchIndexer.exe
C:\Windows\system32\Wacom_Tablet.exe
E:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe
C:\Program Files (x86)\TuneUp Utilities 2010\TuneUpUtilitiesApp64.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
E:\Program Files\Logitech\SetPoint\x86\SetPoint32.exe
E:\Program Files (x86)\Stardock\ObjectDock\Dock64.exe
C:\Program Files\Common Files\Logitech\KhalShared\KHALMNPR.EXE
C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
E:\Program Files (x86)\IVT Corporation\BlueSoleil\BsHelpCS.exe
e:\Program Files\Raxco\PerfectDisk10\PDEngine.exe
E:\Program Files (x86)\Norton Ghost\Shared\Drivers\SymSnapServicex64.exe
e:\Program Files\Raxco\PerfectDisk10\PDAgentS1.exe
e:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Windows\system32\wuauclt.exe
E:\Program Files\Raxco\PerfectDisk10\PerfectDisk.exe
C:\Windows\system32\conime.exe
C:\Windows\system32\vssvc.exe
C:\Windows\system32\dllhost.exe
C:\Windows\system32\dllhost.exe
C:\Windows\System32\msdtc.exe
C:\progra~2\micros~3\office12\outlook.exe
C:\Windows\System32\svchost.exe -k swprv
C:\Windows\sysWow64\SearchProtocolHost.exe
C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\AAM Updates Notifier.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Users\Keld\Desktop\dds.scr
C:\Windows\system32\wbem\wmiprvse.exe

============== Pseudo HJT Report ===============

uStart Page = about:blank
uSearch Bar = Preserve
mStart Page = hxxp://www.nixat.com/
mLocal Page = c:\windows\syswow64\blank.htm
uInternet Settings,ProxyServer = http=127.0.0.1:5555
uInternet Settings,ProxyOverride = <local>
BHO: SnagIt Toolbar Loader: {00c6482d-c502-44c8-8409-fce54ad9c208} - e:\program files (x86)\techsmith\snagit 9\SnagitBHO.dll
BHO: ContributeBHO Class: {074c1dc5-9320-4a9a-947d-c042949c6216} - c:\program files (x86)\adobe\adobe contribute cs5\plugins\ieplugin\contributeieplugin.dll
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files (x86)\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
BHO: PC Tools Browser Guard BHO: {2a0f3d1b-0909-4ff4-b272-609cce6054e7} - c:\program files (x86)\spyware doctor\bdt\PCTBrowserDefender.dll
BHO: Canon Easy-WebPrint EX BHO: {3785d0ad-bfff-47f6-bf5b-a587c162fed9} - c:\program files (x86)\canon\easy-webprint ex\ewpexbho.dll
BHO: Spybot-S&D IE Protection: {53707962-6f74-2d53-2644-206d7942484f} - e:\program files (x86)\spybot - search & destroy\SDHelper.dll
BHO: Groove GFS Browser Helper: {72853161-30c5-4d22-b7f9-0bbc1d38a37e} - c:\program files (x86)\microsoft office\office12\GrooveShellExtensions.dll
BHO: Windows Live ID Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - c:\program files (x86)\common files\microsoft shared\windows live\WindowsLiveLogin.dll
BHO: Google Toolbar Helper: {aa58ed58-01dd-4d91-8333-cf10577473f7} - c:\program files (x86)\google\google toolbar\GoogleToolbar_32.dll
BHO: Adobe PDF Conversion Toolbar Helper: {ae7cd045-e861-484f-8273-0445ee161910} - c:\program files (x86)\common files\adobe\acrobat\activex\AcroIEFavClient.dll
BHO: Google Toolbar Notifier BHO: {af69de43-7d58-4638-b6fa-ce66b5ad205d} - c:\program files (x86)\google\googletoolbarnotifier\5.5.5126.1836\swg.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files (x86)\java\jre6\bin\jp2ssv.dll
BHO: ChromeFrame BHO: {ecb3c477-1a0a-44bd-bb57-78f9efe34fa7} - c:\program files (x86)\google\chrome frame\application\5.0.375.62\npchrome_frame.dll
BHO: SmartSelect Class: {f4971ee7-daa0-4053-9964-665d8ee6a077} - c:\program files (x86)\common files\adobe\acrobat\activex\AcroIEFavClient.dll
TB: Adobe PDF: {47833539-d0c5-4125-9fa8-0819e2eaac93} - c:\program files (x86)\common files\adobe\acrobat\activex\AcroIEFavClient.dll
TB: Contribute Toolbar: {517bdde4-e3a7-4570-b21e-2b52b6139fc7} - c:\program files (x86)\adobe\adobe contribute cs5\plugins\ieplugin\contributeieplugin.dll
TB: Snagit: {8ff5e183-abde-46eb-b09e-d2aab95cabe3} - e:\program files (x86)\techsmith\snagit 9\SnagitIEAddin.dll
TB: Canon Easy-WebPrint EX: {759d9886-0c6f-4498-bab6-4a5f47c6c72f} - c:\program files (x86)\canon\easy-webprint ex\ewpexhlp.dll
TB: Google Toolbar: {2318c2b1-4965-11d4-9b18-009027a5cd4f} - c:\program files (x86)\google\google toolbar\GoogleToolbar_32.dll
TB: PC Tools Browser Guard: {472734ea-242a-422b-adf8-83d1e48cc825} - c:\program files (x86)\spyware doctor\bdt\PCTBrowserDefender.dll
TB: {8FF5E180-ABDE-46EB-B09E-D2AAB95CABE3} - No File
EB: Canon Easy-WebPrint EX: {21347690-ec41-4f9a-8887-1f4aee672439} - c:\program files (x86)\canon\easy-webprint ex\ewpexhlp.dll
uRun: [msnmsgr] "c:\program files (x86)\windows live\messenger\msnmsgr.exe" /background
uRun: [swg] "c:\program files (x86)\google\googletoolbarnotifier\GoogleToolbarNotifier.exe"
uRun: [AdobeBridge] "c:\program files (x86)\adobe\adobe bridge cs5\Bridge.exe" -stealth
uRun: [<NO NAME>] c:\users\keld\appdata\local\temp\DCOM.exe
mRun: [JMB36X IDE Setup] c:\windows\raidtool\xInsIDE.exe
mRun: [<NO NAME>] c:\users\keld\appdata\local\temp\DCOM.exe
mRun: [LVCOMSX] "c:\program files (x86)\common files\logishrd\lcommgr\LVComSX.exe"
mRun: [Google Quick Search Box] "c:\program files (x86)\google\quick search box\GoogleQuickSearchBox.exe"  /autorun
mRun: [avast!] c:\progra~1\alwils~1\avast4\ashDisp.exe
mRun: [IJNetworkScanUtility] "c:\program files (x86)\canon\canon ij network scan utility\CNMNSUT.exe"
mRun: [SwitchBoard] "c:\program files (x86)\common files\adobe\switchboard\SwitchBoard.exe"
mRun: [AdobeCS5ServiceManager] "c:\program files (x86)\common files\adobe\cs5servicemanager\CS5ServiceManager.exe" -launchedbylogin
mRun: [Malwarebytes' Anti-Malware] "e:\program files (x86)\malwarebytes' anti-malware\mbamgui.exe" /starttray
mRun: [ISTray] "c:\program files (x86)\spyware doctor\pctsTray.exe"
StartupFolder: c:\users\keld\appdata\roaming\micros~1\windows\startm~1\programs\startup\stardo~1.lnk - e:\program files (x86)\stardock\objectdock\ObjectDock.exe
StartupFolder: c:\progra~3\micros~1\windows\startm~1\programs\startup\google~1.lnk - c:\program files (x86)\google\google calendar sync\GoogleCalendarSync.exe
StartupFolder: c:\progra~3\micros~1\windows\startm~1\programs\startup\logite~1.lnk - e:\program files\logitech\setpoint\SetPoint.exe
StartupFolder: c:\progra~3\micros~1\windows\startm~1\programs\startup\logoca~1.lnk - e:\program files (x86)\gretagmacbeth\i1\eye-one match 3\calibrationloader\CalibrationLoader.exe
StartupFolder: c:\progra~3\micros~1\windows\startm~1\programs\startup\profil~1.lnk - e:\program files (x86)\gretagmacbeth\i1\eye-one match 3\ProfileReminder.exe
StartupFolder: c:\progra~3\micros~1\windows\startm~1\programs\startup\sendcr~1.lnk - c:\windows\installer\{0c3bb61c-f28a-4865-b851-27d473d0d0dc}\NewShortcut1.CC6BC988_E897_4B98_94B4_10417EFCE47E.exe
mPolicies-explorer: NoActiveDesktop = 1 (0x1)
mPolicies-explorer: ForceActiveDesktopOn = 0 (0x0)
mPolicies-explorer: BindDirectlyToPropertySetStorage = 0 (0x0)
mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
IE: Google Sidewiki ... - c:\program files (x86)\google\google toolbar\component\GoogleToolbarDynamic_mui_en_2EC7709873947E87.dll/cmsidewiki.html
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\progra~2\micros~3\office12\ONBttnIE.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~2\micros~3\office12\REFIEBAR.DLL
IE: {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - {53707962-6F74-2D53-2644-206D7942484F} - e:\program files (x86)\spybot - search & destroy\SDHelper.dll
Trusted Zone: danid.dk
Trusted Zone: danskebank.dk
DPF: {07E8D22D-C723-485C-BE6F-003241549305} - hxxp://extcom.esoft.dk/extern/3d/eplan.cab
DPF: {0D6709DD-4ED8-40CA-B459-2757AEEF7BEE} - hxxp://download.gigabyte.com.tw/object/Dldrv.ocx
DPF: {17492023-C23A-453E-A040-C7C580BBF700} - hxxp://download.microsoft.com/download/C/0/C/C0CBBA88-A6F2-48D9-9B0E-1719D1177202/LegitCheckControl.cab
DPF: {4871A87A-BFDD-4106-8153-FFDE2BAC2967} - hxxp://dlm.tools.akamai.com/dlmanager/versions/activex/dlm-activex-2.2.4.8.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab
DPF: {9DF01F00-08E7-4DBE-9070-94841463B3FE} - hxxps://danid.dk/csp/authenticode/csp.exe
DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab
DPF: {CB50428B-657F-47DF-9B32-671F82AA73F7} - hxxp://www.photodex.com/pxplay.cab
DPF: {D821DC4A-0814-435E-9820-661C543A4679} - hxxp://drmlicense.one.microsoft.com/crlupdate/en/crlocx.ocx
DPF: {D8575CE3-3432-4540-88A9-85A1325D3375} - hxxps://netbank.danskebank.dk/html/activex/e-Safekey/DB/e-Safekey.cab
DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
DPF: {E6BB2089-163F-466B-812A-748096614DFD} - hxxp://cainternetsecurity.net/scanner/cascanner.cab
Handler: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - c:\program files\logitech\desktop messenger\8876480\program\GAPlugProtocol-8876480.dll
Handler: gcf - {9875BFAF-B04D-445E-8A69-BE36838CDE3E} - c:\program files (x86)\google\chrome frame\application\5.0.375.62\npchrome_frame.dll
Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - c:\program files (x86)\microsoft office\office12\GrooveSystemServices.dll
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - c:\progra~2\common~1\skype\SKYPE4~1.DLL
AppInit_DLLs: e:\progra~1\dvdxst~1\dvdxut~1.83\dvdghost\DVDGHO~1.DLL
SEH: Groove GFS Stub Execution Hook: {b5a7f190-dda6-4420-b3ba-52453494e6cd} - c:\program files (x86)\microsoft office\office12\GrooveShellExtensions.dll
SEH: ExecuteHooker Class: {569dac0f-2791-46ab-8efc-a54b77c04c20} - e:\program files (x86)\dvd x studios\dvd x utilities 2.83\dvdghost\ExecuteHooker.dll
mASetup: {A8D647C8-65AC-409F-B7B2-3C0FEE1A32F2} - c:\program files (x86)\pixiepack codec pack\InstallerHelper.exe
{00C6482D-C502-44C8-8409-FCE54AD9C208}
{9030D464-4C02-4ABF-8ECC-5164760863C6}
{AA58ED58-01DD-4d91-8333-CF10577473F7}
{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}
{DBC80044-A445-435b-BC74-9C25C1C588A9}
{2318C2B1-4965-11d4-9B18-009027A5CD4F}
TB-X64: {47833539-D0C5-4125-9FA8-0819E2EAAC93} - No File
TB-X64: {8FF5E180-ABDE-46EB-B09E-D2AAB95CABE3} - No File
{759D9886-0C6F-4498-BAB6-4A5F47C6C72F}
{472734EA-242A-422B-ADF8-83D1E48CC825}
EB-X64: {21347690-EC41-4F9A-8887-1F4AEE672439} - No File
mRun-x64: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
mRun-x64: [Kernel and Hardware Abstraction Layer] KHALMNPR.EXE
mRun-x64: [CanonMyPrinter] c:\program files\canon\myprinter\BJMyPrt.exe /logon
mRun-x64: [CanonSolutionMenu] "c:\program files (x86)\canon\solutionmenu\CNSLMAIN.exe" /logon
mRun-x64: [RtHDVCpl] c:\program files\realtek\audio\hda\RAVCpl64.exe -s
mRun-x64: [AdobeAAMUpdater-1.0] "c:\program files (x86)\common files\adobe\oobe\pdapp\uwa\UpdaterStartupUtility.exe"
STS-X64: {E31004D1-A431-41B8-826F-E902F9D95C81}: Windows DreamScene
Hosts: 127.0.0.1    www.spywareinfo.com

================= FIREFOX ===================

FF - ProfilePath - c:\users\keld\appdata\roaming\mozilla\firefox\profiles\8h1cw50v.default\
FF - component: c:\program files (x86)\adobe\adobe contribute cs5\plugins\firefoxplugin\{01a8ca0a-4c96-465b-a49b-65c46fad54f9}\components\Contribute.dll
FF - component: c:\users\keld\appdata\roaming\mozilla\firefox\profiles\8h1cw50v.default\extensions\{7b13ec3e-999a-4b70-b9cb-2617b8323822}\components\FFExternalAlert.dll
FF - component: c:\users\keld\appdata\roaming\mozilla\firefox\profiles\8h1cw50v.default\extensions\{7b13ec3e-999a-4b70-b9cb-2617b8323822}\components\RadioWMPCore.dll
FF - plugin: c:\program files (x86)\canon\easy-photoprint ex\NPEZFFPI.DLL
FF - plugin: c:\program files (x86)\divx\divx plus web player\npdivx32.dll
FF - plugin: c:\program files (x86)\google\update\1.2.183.13\npGoogleOneClick8.dll
FF - plugin: c:\program files (x86)\google\update\1.2.183.17\npGoogleOneClick8.dll
FF - plugin: c:\program files (x86)\google\update\1.2.183.23\npGoogleOneClick8.dll
FF - plugin: c:\program files (x86)\google\update\1.2.183.7\npGoogleOneClick8.dll
FF - plugin: c:\program files (x86)\java\jre6\bin\new_plugin\npdeployJava1.dll
FF - plugin: c:\program files (x86)\microsoft\office live\npOLW.dll
FF - plugin: c:\program files (x86)\photodex presenter\npPxPlay.dll
FF - plugin: c:\program files (x86)\vistacodecpack\rm\browser\plugins\nppl3260.dll
FF - plugin: c:\program files (x86)\vistacodecpack\rm\browser\plugins\nprpjplug.dll
FF - plugin: c:\program files (x86)\windows live\photo gallery\NPWLPG.dll
FF - plugin: c:\users\keld\appdata\local\google\update\1.2.183.23\npGoogleOneClick8.dll
FF - plugin: c:\users\keld\program files (x86)\dna\plugins\npbtdna.dll
FF - plugin: c:\windows\syswow64\macromed\flash\NPSWF32.dll
FF - plugin: e:\program files (x86)\mozilla firefox\plugins\npbittorrent.dll
FF - plugin: e:\program files (x86)\mozilla firefox\plugins\npContribute.dll
FF - plugin: e:\program files (x86)\opera 10.10 beta\program\plugins\np_gp.dll
FF - plugin: e:\program files (x86)\opera 10.10 beta\program\plugins\npqtplugin.dll
FF - plugin: e:\program files (x86)\opera 10.10 beta\program\plugins\npqtplugin2.dll
FF - plugin: e:\program files (x86)\opera 10.10 beta\program\plugins\npqtplugin3.dll
FF - plugin: e:\program files (x86)\opera 10.10 beta\program\plugins\npqtplugin4.dll
FF - plugin: e:\program files (x86)\opera 10.10 beta\program\plugins\npqtplugin5.dll
FF - plugin: e:\program files (x86)\opera 10.10 beta\program\plugins\npqtplugin6.dll
FF - plugin: e:\program files (x86)\opera 10.10 beta\program\plugins\npqtplugin7.dll
FF - plugin: e:\program files (x86)\opera 10.10 beta\program\plugins\NPSWF32.dll
FF - plugin: e:\program files (x86)\quicktime\plugins\npqtplugin.dll
FF - plugin: e:\program files (x86)\quicktime\plugins\npqtplugin2.dll
FF - plugin: e:\program files (x86)\quicktime\plugins\npqtplugin3.dll
FF - plugin: e:\program files (x86)\quicktime\plugins\npqtplugin4.dll
FF - plugin: e:\program files (x86)\quicktime\plugins\npqtplugin5.dll
FF - plugin: e:\program files (x86)\quicktime\plugins\npqtplugin6.dll
FF - plugin: e:\program files (x86)\quicktime\plugins\npqtplugin7.dll
FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\microsoft.net\framework\v3.5\windows presentation foundation\dotnetassistantextension\
FF - HiddenExtension: Java Console: No Registry Reference - e:\program files (x86)\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0015-ABCDEFFEDCBA}
FF - HiddenExtension: Java Console: No Registry Reference - e:\program files (x86)\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0016-ABCDEFFEDCBA}
FF - HiddenExtension: Java Console: No Registry Reference - e:\program files (x86)\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}

---- FIREFOX POLICIES ----
FF - user.js: network.http.max-persistent-connections-per-server - 4
FF - user.js: nglayout.initialpaint.delay - 600
FF - user.js: content.notify.interval - 600000
FF - user.js: content.max.tokenizing.time - 1800000
FF - user.js: content.switch.threshold - 600000
e:\program files (x86)\mozilla firefox\greprefs\all.js - pref("ui.use_native_colors", true);
e:\program files (x86)\mozilla firefox\greprefs\all.js - pref("ui.use_native_popup_windows", false);
e:\program files (x86)\mozilla firefox\greprefs\all.js - pref("browser.enable_click_image_resizing", true);
e:\program files (x86)\mozilla firefox\greprefs\all.js - pref("accessibility.browsewithcaret_shortcut.enabled", true);
e:\program files (x86)\mozilla firefox\greprefs\all.js - pref("javascript.options.mem.high_water_mark", 32);
e:\program files (x86)\mozilla firefox\greprefs\all.js - pref("javascript.options.mem.gc_frequency",  1600);
e:\program files (x86)\mozilla firefox\greprefs\all.js - pref("network.auth.force-generic-ntlm", false);
e:\program files (x86)\mozilla firefox\greprefs\all.js - pref("svg.smil.enabled", false);
e:\program files (x86)\mozilla firefox\greprefs\all.js - pref("ui.trackpoint_hack.enabled", -1);
e:\program files (x86)\mozilla firefox\greprefs\all.js - pref("browser.formfill.debug",            false);
e:\program files (x86)\mozilla firefox\greprefs\all.js - pref("browser.formfill.agedWeight",      2);
e:\program files (x86)\mozilla firefox\greprefs\all.js - pref("browser.formfill.bucketSize",      1);
e:\program files (x86)\mozilla firefox\greprefs\all.js - pref("browser.formfill.maxTimeGroupings", 25);
e:\program files (x86)\mozilla firefox\greprefs\all.js - pref("browser.formfill.timeGroupingSize", 604800);
e:\program files (x86)\mozilla firefox\greprefs\all.js - pref("browser.formfill.boundaryWeight",  25);
e:\program files (x86)\mozilla firefox\greprefs\all.js - pref("browser.formfill.prefixWeight",    5);
e:\program files (x86)\mozilla firefox\greprefs\all.js - pref("html5.enable", false);
e:\program files (x86)\mozilla firefox\greprefs\security-prefs.js - pref("security.ssl.allow_unrestricted_renego_everywhere__temporarily_available_pref", true);
e:\program files (x86)\mozilla firefox\greprefs\security-prefs.js - pref("security.ssl.renego_unrestricted_hosts", "");
e:\program files (x86)\mozilla firefox\greprefs\security-prefs.js - pref("security.ssl.treat_unsafe_negotiation_as_broken", false);
e:\program files (x86)\mozilla firefox\greprefs\security-prefs.js - pref("security.ssl.require_safe_negotiation",  false);
e:\program files (x86)\mozilla firefox\greprefs\security-prefs.js - pref("security.ssl3.rsa_seed_sha", true);
e:\program files (x86)\mozilla firefox\defaults\pref\firefox-branding.js - pref("app.update.download.backgroundInterval", 600);
e:\program files (x86)\mozilla firefox\defaults\pref\firefox-branding.js - pref("app.update.url.manual", "http://www.firefox.com");
e:\program files (x86)\mozilla firefox\defaults\pref\firefox-branding.js - pref("browser.search.param.yahoo-fr-ja", "mozff");
e:\program files (x86)\mozilla firefox\defaults\pref\firefox-l10n.js - pref("browser.fixup.alternate.suffix", ".dk");
e:\program files (x86)\mozilla firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.name", "chrome://browser/locale/browser.properties");
e:\program files (x86)\mozilla firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.description", "chrome://browser/locale/browser.properties");
e:\program files (x86)\mozilla firefox\defaults\pref\firefox.js - pref("xpinstall.whitelist.add", "addons.mozilla.org");
e:\program files (x86)\mozilla firefox\defaults\pref\firefox.js - pref("xpinstall.whitelist.add.36", "getpersonas.com");
e:\program files (x86)\mozilla firefox\defaults\pref\firefox.js - pref("lightweightThemes.update.enabled", true);
e:\program files (x86)\mozilla firefox\defaults\pref\firefox.js - pref("browser.allTabs.previews", false);
e:\program files (x86)\mozilla firefox\defaults\pref\firefox.js - pref("plugins.hide_infobar_for_outdated_plugin", false);
e:\program files (x86)\mozilla firefox\defaults\pref\firefox.js - pref("plugins.update.notifyUser", false);
e:\program files (x86)\mozilla firefox\defaults\pref\firefox.js - pref("toolbar.customization.usesheet", false);
e:\program files (x86)\mozilla firefox\defaults\pref\firefox.js - pref("browser.taskbar.previews.enable", false);
e:\program files (x86)\mozilla firefox\defaults\pref\firefox.js - pref("browser.taskbar.previews.max", 20);
e:\program files (x86)\mozilla firefox\defaults\pref\firefox.js - pref("browser.taskbar.previews.cachetime", 20);

============= SERVICES / DRIVERS ===============

R0 BtHidBus;Bluetooth HID Bus Service;c:\windows\system32\drivers\BtHidBus.sys [2008-1-21 25480]
R0 FSProFilter;FSPro File Filter;c:\windows\system32\drivers\FSPFltd.sys [2009-5-24 55440]
R0 Lbd;Lbd;c:\windows\system32\drivers\Lbd.sys [2009-5-17 68640]
R0 PCTCore;PCTools KDS;c:\windows\system32\drivers\PCTCore64.sys [2010-5-29 218056]
R0 PxHlpa64;PxHlpa64;c:\windows\system32\drivers\PxHlpa64.sys [2009-4-19 55280]
R0 tdrpman258;Acronis Try&Decide and Restore Points filter (build 258);c:\windows\system32\drivers\tdrpm258.sys [2009-11-7 1477728]
R1 aswSP;avast! Self Protection;c:\windows\system32\drivers\aswSP.sys [2009-4-18 89680]
R2 AdobeActiveFileMonitor7.0;Adobe Active File Monitor V7;e:\program files (x86)\adobe\photoshop elements 7.0\PhotoshopElementsFileAgent.exe [2008-9-16 169312]
R2 AdobeActiveFileMonitor8.0;Adobe Active File Monitor V8;e:\program files (x86)\adobe\elements organizer 8.0\PhotoshopElementsFileAgent.exe [2009-9-6 169312]
R2 afcdpsrv;Acronis Nonstop Backup service;c:\program files (x86)\common files\acronis\cdp\afcdpsrv.exe [2009-11-7 2480048]
R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [2009-4-18 22096]
R2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [2009-4-18 65616]
R2 avast! Antivirus;avast! Antivirus;c:\program files\alwil software\avast4\ashServ.exe [2009-4-18 138680]
R2 Browser Defender Update Service;Browser Defender Update Service;c:\program files (x86)\spyware doctor\bdt\BDTUpdateService.exe [2010-5-29 112592]
R2 BsMobileCS;BsMobileCS;e:\program files (x86)\ivt corporation\bluesoleil\BsMobileCS.exe [2008-6-4 143467]
R2 fsproflt;FSPro Filter Service;c:\windows\syswow64\fsproflt.exe [2009-5-24 73392]
R2 MBAMService;MBAMService;e:\program files (x86)\malwarebytes' anti-malware\mbamservice.exe [2010-5-25 304464]
R2 nlscc;Nalpeiron X64 Service;c:\windows\system32\nlsInterface.EXE [2009-12-5 72192]
R2 PowerSave;PowerSave Service;c:\program files (x86)\packard bell\software suite\powersave\PSPBSSS.exe [2009-4-6 1002016]
R2 SBSDWSCService;SBSD Security Center Service;e:\program files (x86)\spybot - search & destroy\SDWinSec.exe [2009-5-17 1153368]
R2 sdAuxService;PC Tools Auxiliary Service;c:\program files (x86)\spyware doctor\pctsAuxs.exe [2010-5-29 365280]
R2 sdCoreService;PC Tools Security Service;c:\program files (x86)\spyware doctor\pctsSvc.exe [2010-5-29 1141712]
R2 TabletServiceWacom;TabletServiceWacom;c:\windows\system32\Wacom_Tablet.exe [2009-5-28 3647272]
R2 TomTomHOMEService;TomTomHOMEService;e:\program files (x86)\tomtom home 2\TomTomHOMEService.exe [2009-11-13 92008]
R2 TuneUp.UtilitiesSvc;TuneUp Utilities Service;c:\program files (x86)\tuneup utilities 2010\TuneUpUtilitiesService64.exe [2009-10-30 1353544]
R3 afcdp;afcdp;c:\windows\system32\drivers\afcdp.sys [2009-11-7 251488]
R3 avast! Mail Scanner;avast! Mail Scanner;c:\program files\alwil software\avast4\ashMaiSv.exe [2009-4-18 254040]
R3 avast! Web Scanner;avast! Web Scanner;c:\program files\alwil software\avast4\ashWebSv.exe [2009-4-18 352920]
R3 GenericMount;Generic Mount Driver;c:\windows\system32\drivers\GenericMount.sys [2009-9-21 54320]
R3 IvtBtBUs;IVT Bluetooth Bus Service;c:\windows\system32\drivers\IvtBtBus.sys [2008-1-21 31752]
R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2010-5-25 24664]
R3 Symantec SymSnap VSS Provider;Symantec SymSnap VSS Provider;c:\windows\system32\dllhost.exe [2006-11-2 8704]
R3 SymSnapService;SymSnapService;e:\program files (x86)\norton ghost\shared\drivers\SymSnapServicex64.exe [2009-9-21 2963960]
R3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv;c:\program files (x86)\tuneup utilities 2010\TuneUpUtilitiesDriver64.sys [2009-10-14 11856]
R3 wacmoumonitor;Wacom Mode Helper;c:\windows\system32\drivers\wacmoumonitor.sys [2010-1-24 18216]
S2 clr_optimization_v4.0.21006_32;Microsoft .NET Framework NGEN v4.0.21006_X86;c:\windows\microsoft.net\framework\v4.0.21006\mscorsvw.exe [2009-10-7 129856]
S2 clr_optimization_v4.0.21006_64;Microsoft .NET Framework NGEN v4.0.21006_X64;c:\windows\microsoft.net\framework64\v4.0.21006\mscorsvw.exe [2009-10-7 138560]
S2 GEST Service;GEST Service for program management.;c:\program files (x86)\gigabyte\energysaver\GSvr.exe [2009-4-18 68136]
S2 gupdate;Google Update Service (gupdate);c:\program files (x86)\google\update\GoogleUpdate.exe [2009-10-5 133104]
S3 Adobe Version Cue CS4;Adobe Version Cue CS4;c:\program files (x86)\common files\adobe\adobe version cue cs4\server\bin\VersionCueCS4.exe [2008-8-15 288112]
S3 btnetBUs;Bluetooth PAN Bus Service;c:\windows\system32\drivers\btnetBus.sys [2009-6-17 34440]
S3 EyeOneDisplay;EyeOneDisplay;c:\windows\system32\drivers\i1display_x64.sys [2009-4-20 7808]
S3 FLEXnet Licensing Service 64;FLEXnet Licensing Service 64;c:\program files\common files\macrovision shared\flexnet publisher\FNPLicensingService64.exe [2009-4-19 1038088]
S3 FontCache;Tjenesten Windows-skrifttypecache;c:\windows\system32\svchost.exe -k LocalServiceAndNoImpersonation [2008-1-21 27648]
S3 GenericMount Helper Service;GenericMount Helper Service;e:\program files (x86)\norton ghost\shared\drivers\GenericMountHelper.exe [2009-9-21 1571336]
S3 Lavasoft Ad-Aware Service;Lavasoft Ad-Aware Service;c:\program files (x86)\lavasoft\ad-aware\AAWService.exe [2009-1-18 1029456]
S3 Netaapl;Apple Mobile Device Ethernet Service;c:\windows\system32\drivers\netaapl64.sys [2009-8-28 21504]
S3 PerfHost;Vært for DLL-ydelsestæller;c:\windows\syswow64\perfhost.exe [2008-1-21 19968]
S3 SandraAgentSrv;SiSoftware Deployment Agent Service;e:\program files\sisoftware\sisoftware sandra professional business 2009.sp3c\RpcAgentSrv.exe [2009-5-23 98488]
S3 SeqCal;SeqCal;c:\windows\system32\drivers\SeqCal.sys [2009-4-20 7808]
S3 SwitchBoard;SwitchBoard;c:\program files (x86)\common files\adobe\switchboard\SwitchBoard.exe [2010-2-19 517096]
S3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\drivers\usbaapl64.sys [2009-8-28 49152]
S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\microsoft.net\framework64\v4.0.21006\wpf\WPFFontCache_v0400.exe [2009-10-7 1007448]
S4 clr_optimization_v2.0.50727_64;Microsoft .NET Framework NGEN v2.0.50727_X64;c:\windows\microsoft.net\framework64\v2.0.50727\mscorsvw.exe [2009-9-11 89920]
S4 MSSQLServerADHelper100;SQL Active Directory Helper Service;c:\program files\microsoft sql server\100\shared\sqladhlp.exe [2009-7-22 61976]
S4 RsFx0103;RsFx0103 Driver;c:\windows\system32\drivers\RsFx0103.sys [2009-3-30 311656]
S4 SQLAgent$SQLEXPRESS;SQL Server Agent (SQLEXPRESS);c:\program files\microsoft sql server\mssql10.sqlexpress\mssql\binn\SQLAGENT.EXE [2009-3-30 427880]

============== File Associations ===============

JSEFile=c:\windows\syswow64\WScript.exe "%1" %*

=============== Created Last 30 ================

2010-05-29 06:06:03    0    d-----w-    c:\program files (x86)\common files\PC Tools
2010-05-29 06:06:02    0    d-----w-    c:\users\keld\appdata\roaming\PC Tools
2010-05-29 06:06:02    0    d-----w-    c:\programdata\PC Tools
2010-05-29 06:06:02    0    d-----w-    c:\program files (x86)\Spyware Doctor
2010-05-28 15:57:21    0    d-----w-    c:\programdata\CA
2010-05-28 06:28:16    0    d-----w-    c:\program files (x86)\ESET
2010-05-26 15:16:25    2048    ----a-w-    c:\windows\syswow64\tzres.dll
2010-05-26 15:16:25    2048    ----a-w-    c:\windows\system32\tzres.dll
2010-05-25 15:00:29    0    d-----w-    c:\users\keld\appdata\roaming\Malwarebytes
2010-05-25 15:00:17    0    d-----w-    c:\programdata\Malwarebytes
2010-05-25 15:00:16    24664    ----a-w-    c:\windows\system32\drivers\mbam.sys
2010-05-25 14:25:06    0    d-----w-    c:\windows\4FC9DA9DF608454E8191D7EFFDCC5726.TMP
2010-05-24 11:03:39    65536    --sha-w-    c:\users\keld\ntuser.dat{02fe1a0f-6722-11df-a2c6-0011670eb82c}.TM.blf
2010-05-24 11:03:39    524288    --sha-w-    c:\users\keld\ntuser.dat{02fe1a0f-6722-11df-a2c6-0011670eb82c}.TMContainer00000000000000000002.regtrans-ms
2010-05-24 11:03:39    524288    --sha-w-    c:\users\keld\ntuser.dat{02fe1a0f-6722-11df-a2c6-0011670eb82c}.TMContainer00000000000000000001.regtrans-ms
2010-05-24 10:05:00    0    d-----w-    c:\program files (x86)\Panda Security
2010-05-23 18:45:20    0    d-sh--w-    c:\users\keld\Configurações locais
2010-05-23 18:45:13    0    d-----w-    c:\windows\XSxS
2010-05-23 18:45:13    0    d-----w-    c:\program files (x86)\Xenocode
2010-05-23 15:08:32    0    d-----w-    c:\users\keld\appdata\roaming\Artisteer
2010-05-23 10:27:16    0    d-----w-    c:\program files (x86)\common files\Nikon(661)
2010-05-23 10:27:11    0    d-----w-    c:\program files (x86)\FotoWare(662)
2010-05-22 13:29:39    0    d-----w-    c:\program files (x86)\PixiePack Codec Pack
2010-05-22 13:29:18    0    d-----w-    c:\programdata\RapidSolution
2010-05-12 19:27:48    0    d-----w-    c:\users\keld\appdata\roaming\Adobe Mini Bridge CS5
2010-05-12 19:27:47    0    d-----w-    c:\users\keld\appdata\roaming\StageManager.BD092818F67280F4B42B04877600987F0111B594.1
2010-05-12 15:40:14    46112    ----a-w-    c:\windows\system32\drivers\tbhsd.sys
2010-05-12 05:34:07    974848    ----a-w-    c:\windows\system32\inetcomm.dll
2010-05-12 05:34:07    738816    ----a-w-    c:\windows\syswow64\inetcomm.dll
2010-05-09 10:14:23    0    d-----w-    c:\users\keld\appdata\roaming\PACE Anti-Piracy
2010-05-09 10:14:23    0    d-----w-    c:\programdata\PACE Anti-Piracy
2010-05-08 16:51:26    0    d-----w-    c:\users\keld\.eclipse
2010-05-08 12:07:15    0    d-----w-    c:\users\keld\Adobe Flash Builder 4
2010-05-08 11:43:15    0    d-----w-    c:\program files (x86)\My Company Name
2010-05-06 06:40:59    0    d-----w-    c:\users\keld\Logitech
2010-05-06 06:40:27    0    d-----w-    c:\program files (x86)\common files\Remote Control Software Common
2010-05-06 06:39:58    0    d-----w-    c:\program files (x86)\common files\Remote Control USB Driver
2010-05-03 19:38:15    0    d-----w-    c:\programdata\regid.1986-12.com.adobe
2010-05-02 08:15:50    0    d-----w-    c:\users\keld\appdata\roaming\NVIDIA
2010-05-01 19:04:09    0    ---ha-w-    c:\windows\system32\drivers\Msft_Kernel_GenericMount_01009.Wdf
2010-05-01 19:04:08    0    ---ha-w-    c:\windows\system32\drivers\MsftWdf_Kernel_01009_Coinstaller_Critical.Wdf
2010-05-01 19:03:49    3    ----a-w-    c:\windows\system32\drivers\MsftWdf_Kernel_01009_Inbox_Critical.Wdf
2010-05-01 19:03:48    654928    ----a-w-    c:\windows\system32\drivers\Wdf01000.sys
2010-05-01 19:03:48    42064    ----a-w-    c:\windows\system32\drivers\WdfLdr.sys
2010-05-01 19:03:48    4052    ----a-w-    c:\windows\system32\wbem\Wdf01000.mof
2010-05-01 19:03:48    118    ----a-w-    c:\windows\system32\wbem\Wdf01000Uninstall.mof
2010-05-01 18:56:40    154168    ----a-w-    c:\windows\system32\drivers\WimFltr.sys
2010-05-01 18:56:18    170032    ----a-w-    c:\windows\system32\drivers\symsnap.sys
2010-05-01 18:55:59    20528    ----a-w-    c:\windows\system32\drivers\vproeventmonitor.sys
2010-05-01 18:55:55    0    d-----w-    c:\program files (x86)\common files\Symantec Shared
2010-05-01 18:55:51    0    d-----w-    c:\programdata\{1C6FDDD8-FC9E-4C12-9FA5-1AAD377097B3}
2010-05-01 17:02:04    4096    --sha-w-    C:\VSNAP.IDX
2010-05-01 15:32:50    0    d-----w-    c:\users\keld\appdata\roaming\Symantec
2010-05-01 14:50:24    511328    ----a-w-    c:\windows\syswow64\capicom.dll
2010-05-01 14:50:23    0    d-----w-    c:\program files (x86)\Symantec
2010-05-01 14:49:37    18224    ----a-w-    c:\windows\system32\drivers\GEARAspiWDM.sys
2010-05-01 14:49:37    124208    ----a-w-    c:\windows\system32\GEARAspi64.dll
2010-05-01 14:49:37    109360    ----a-w-    c:\windows\syswow64\GEARAspi.dll
2010-05-01 14:48:57    0    d-----w-    c:\programdata\Symantec
2010-04-30 11:32:50    0    d-----w-    c:\programdata\Raxco

==================== Find3M  ====================

2010-05-30 06:31:24    579680    ----a-w-    c:\windows\system32\perfh006.dat
2010-05-30 06:31:24    123448    ----a-w-    c:\windows\system32\perfc006.dat
2010-05-30 06:24:57    24072    ----a-w-    c:\windows\gdrv.sys
2010-05-30 06:24:33    35565    ----a-w-    c:\programdata\nvModes.dat
2010-05-22 13:34:16    51200    ----a-w-    c:\windows\inf\infpub.dat
2010-05-22 13:34:16    143360    ----a-w-    c:\windows\inf\infstrng.dat
2010-05-22 13:34:15    143360    ----a-w-    c:\windows\inf\infstor.dat
2010-05-12 09:21:16    270208    ------w-    c:\windows\system32\MpSigStub.exe
2010-04-21 17:35:16    525792    ----a-w-    c:\windows\DIFxAPI.dll
2010-04-16 15:32:41    455680    ----a-w-    c:\windows\system32\deployJava1.dll
2010-04-16 15:31:08    411368    ----a-w-    c:\windows\syswow64\deployJava1.dll
2010-04-16 15:31:08    153376    ----a-w-    c:\windows\syswow64\javaws.exe
2010-04-16 15:31:08    145184    ----a-w-    c:\windows\syswow64\javaw.exe
2010-04-16 15:31:08    145184    ----a-w-    c:\windows\syswow64\java.exe
2010-04-12 11:26:26    265992    ----a-w-    c:\windows\system32\PDBoot.exe
2010-04-07 04:22:04    138256    ----a-w-    c:\windows\system32\drivers\DefragFs.sys
2010-04-03 16:42:00    159336    ----a-w-    c:\windows\system32\nvvsvc.exe
2010-04-03 16:42:00    14828648    ----a-w-    c:\windows\system32\nvcpl.dll
2010-04-03 16:42:00    116328    ----a-w-    c:\windows\system32\nvmctray.dll
2010-04-03 16:42:00    1067624    ----a-w-    c:\windows\system32\nvsvc64.dll
2010-03-16 14:35:38    15688    ----a-w-    c:\windows\system32\lsdelete.exe
2010-03-05 14:32:42    612864    ----a-w-    c:\windows\system32\vbscript.dll
2010-03-05 14:01:02    420352    ----a-w-    c:\windows\syswow64\vbscript.dll
2010-03-05 08:13:40    947472    ----a-w-    c:\windows\syswow64\msjava.dll
2010-03-04 15:27:14    411480    ----a-w-    c:\windows\syswow64\tsccvid.dll
2009-11-17 17:02:03    665600    ----a-w-    c:\windows\inf\drvindex.dat
2009-04-18 20:55:57    36364    ----a-w-    c:\windows\inf\perflib\0406\perfd.dat
2009-04-18 20:55:57    36364    ----a-w-    c:\windows\inf\perflib\0406\perfc.dat
2009-04-18 20:55:57    300302    ----a-w-    c:\windows\inf\perflib\0406\perfi.dat
2009-04-18 20:55:57    300302    ----a-w-    c:\windows\inf\perflib\0406\perfh.dat
2008-01-21 03:21:14    174    --sha-w-    c:\program files\desktop.ini
2008-01-21 03:21:14    174    --sha-w-    c:\program files (x86)\desktop.ini
2006-11-02 15:14:32    30674    ----a-w-    c:\windows\inf\perflib\0409\perfd.dat
2006-11-02 15:14:32    30674    ----a-w-    c:\windows\inf\perflib\0409\perfc.dat
2006-11-02 15:14:32    287440    ----a-w-    c:\windows\inf\perflib\0409\perfi.dat
2006-11-02 15:14:32    287440    ----a-w-    c:\windows\inf\perflib\0409\perfh.dat
2006-11-02 10:52:12    287440    ----a-w-    c:\windows\inf\perflib\0000\perfi.dat
2006-11-02 10:52:12    287440    ----a-w-    c:\windows\inf\perflib\0000\perfh.dat
2006-11-02 10:52:10    30674    ----a-w-    c:\windows\inf\perflib\0000\perfd.dat
2006-11-02 10:52:10    30674    ----a-w-    c:\windows\inf\perflib\0000\perfc.dat
2009-05-12 13:25:19    245760    --sha-w-    c:\windows\serviceprofiles\localservice\appdata\roaming\microsoft\windows\ietldcache\index.dat
2009-11-06 07:20:07    245760    --sha-w-    c:\windows\serviceprofiles\networkservice\appdata\roaming\microsoft\windows\ietldcache\index.dat

============= FINISH:  8:38:23,96 ===============
Avatar billede Computer Hjælp (Gratis) Mester
30. maj 2010 - 12:03 #1
Under alle omstændigheder så skal du opgradere din gamle AVAST4 til AVAST5
http://www.avast.com/uninstall-utility
http://www.spywarefri.dk/download/avast-antivirus-home-edition/

---

Gennemfør denne 'pakke' ->

Hent og instalér CCleaner http://www.ccleaner.com/ + http://www.spywarefri.dk/manualer/manual-for-installation-og-brug-af-ccleaner/
Under installationen får du tilbudt [Yahoo Toolbar]. Du kan sige ja eller *NEJ* til den.
http://vistaguide.dk/?Artikler/CCleaner-GuideTilOptimeringAfVista/763
Lad programmet foretage en oprydning...

--------

Hent Malwarebytes Anti-Malware herfra:
http://www.besttechie.net/tools/mbam-setup.exe

Installer programmet - når det er gjort skal du lade programmet opdatere sig. Herefter åbner et vindue, hvor du skal flytte prikken til "Kør et fuldstændigt systemscan" - klik på Skan Knappen - lad programmet arbejde. Når det er færdig (det tager lidt tid afhængig af hvor meget du har på computeren).
Derefter - Tryk på "Vis resultater" knappen efter scanningen - og herefter tryk på "Fjern det valgte" - nu åbnes log'en og du skal gemme den et sted, hvor du kan finde den igen.
Kopier indholdet herind sammen med en frisk log fra HiJackThis...

...og her er omtalte HiJackThis ->
http://www.spywareinfo.dk/index.htm#/manualer/hijackthis.htm

Bemærk at HiJackThis.exe programmet skal gemmes i en dertil oprettet mappe og IKKE køres direkte fra nettet...

PS: Brug denne version af HJT -> http://www.trendsecure.com/portal/en-US/_download/HiJackThis.exe

Mht.: Vista/Win7 - HøjreMusseTast - "Kør som Administrator..."

------------------
Avatar billede Keld Nielsen Professor
30. maj 2010 - 12:49 #2
Har udskiftet Avast til vers. 5

Resten er kørt - både CCleaner og Malwarebytes

og her er ny kørsel fra HiJackThis:

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 12:47:30, on 30-05-2010
Platform: Windows Vista SP2 (WinNT 6.00.1906)
MSIE: Internet Explorer v8.00 (8.00.6001.18904)
Boot mode: Normal

Running processes:
C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe
C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files (x86)\Adobe\Adobe Bridge CS5\Bridge.exe
C:\Program Files (x86)\Google\Google Calendar Sync\GoogleCalendarSync.exe
E:\Program Files (x86)\Stardock\ObjectDock\ObjectDock.exe
C:\Program Files (x86)\Common Files\LogiShrd\LComMgr\LVComSX.exe
C:\Program Files (x86)\Google\Quick Search Box\GoogleQuickSearchBox.exe
E:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
C:\Program Files (x86)\Spyware Doctor\pctsTray.exe
C:\Program Files\Alwil Software\Avast5\AvastUI.exe
C:\Users\Keld\AppData\Local\Temp\DCOM.exe
C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
e:\Program Files (x86)\Adobe\Photoshop Elements 7.0\PhotoshopElementsFileAgent.exe
E:\Program Files (x86)\Adobe\Elements Organizer 8.0\PhotoshopElementsFileAgent.exe
C:\Program Files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe
C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Windows\SysWOW64\astsrv.exe
E:\Program Files (x86)\IVT Corporation\BlueSoleil\BlueSoleilCS.exe
C:\Program Files (x86)\Bonjour\mDNSResponder.exe
C:\Program Files (x86)\Spyware Doctor\BDT\BDTUpdateService.exe
E:\Program Files (x86)\IVT Corporation\BlueSoleil\BsMobileCS.exe
C:\Windows\SysWOW64\fsproflt.exe
C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE
C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe
E:\Program Files (x86)\Norton Ghost\Agent\VProSvc.exe
C:\Program Files (x86)\Packard Bell\Software Suite\PowerSave\PSPBSSS.exe
c:\Program Files (x86)\Photodex\ProShowProducer\ScsiAccess.exe
C:\Program Files (x86)\Spyware Doctor\pctsAuxs.exe
C:\Program Files (x86)\Spyware Doctor\pctsSvc.exe
e:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe
E:\Program Files\Logitech\SetPoint\x86\SetPoint32.exe
E:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe
C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
C:\Users\Keld\Downloads\HiJackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = Preserve
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.nixat.com/
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = http=127.0.0.1:5555
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O1 - Hosts: ::1 localhost
O2 - BHO: SnagIt Toolbar Loader - {00C6482D-C502-44C8-8409-FCE54AD9C208} - E:\Program Files (x86)\TechSmith\SnagIt 9\SnagitBHO.dll
O2 - BHO: ContributeBHO Class - {074C1DC5-9320-4A9A-947D-C042949C6216} - C:\Program Files (x86)\Adobe\Adobe Contribute CS5\Plugins\IEPlugin\contributeieplugin.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Browser Defender BHO - {2A0F3D1B-0909-4FF4-B272-609CCE6054E7} - C:\Program Files (x86)\Spyware Doctor\BDT\PCTBrowserDefender.dll
O2 - BHO: Canon Easy-WebPrint EX BHO - {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexbho.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - e:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.5.5126.1836\swg.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
O2 - BHO: ChromeFrame BHO - {ECB3C477-1A0A-44BD-BB57-78F9EFE34FA7} - C:\Program Files (x86)\Google\Chrome Frame\Application\5.0.375.62\npchrome_frame.dll
O2 - BHO: SmartSelect - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
O3 - Toolbar: Contribute Toolbar - {517BDDE4-E3A7-4570-B21E-2B52B6139FC7} - C:\Program Files (x86)\Adobe\Adobe Contribute CS5\Plugins\IEPlugin\contributeieplugin.dll
O3 - Toolbar: Snagit - {8FF5E183-ABDE-46EB-B09E-D2AAB95CABE3} - E:\Program Files (x86)\TechSmith\SnagIt 9\SnagitIEAddin.dll
O3 - Toolbar: Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
O3 - Toolbar: PC Tools Browser Guard - {472734EA-242A-422B-ADF8-83D1E48CC825} - C:\Program Files (x86)\Spyware Doctor\BDT\PCTBrowserDefender.dll
O4 - HKLM\..\Run: [JMB36X IDE Setup] C:\Windows\RaidTool\xInsIDE.exe
O4 - HKLM\..\Run: [] C:\Users\Keld\AppData\Local\Temp\DCOM.exe
O4 - HKLM\..\Run: [LVCOMSX] "C:\Program Files (x86)\Common Files\LogiShrd\LComMgr\LVComSX.exe"
O4 - HKLM\..\Run: [Google Quick Search Box] "C:\Program Files (x86)\Google\Quick Search Box\GoogleQuickSearchBox.exe"  /autorun
O4 - HKLM\..\Run: [IJNetworkScanUtility] "C:\Program Files (x86)\Canon\Canon IJ Network Scan Utility\CNMNSUT.exe"
O4 - HKLM\..\Run: [SwitchBoard] "C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe"
O4 - HKLM\..\Run: [AdobeCS5ServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe" -launchedbylogin
O4 - HKLM\..\Run: [Malwarebytes' Anti-Malware] "e:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray
O4 - HKLM\..\Run: [ISTray] "C:\Program Files (x86)\Spyware Doctor\pctsTray.exe"
O4 - HKLM\..\Run: [avast5] C:\PROGRA~1\ALWILS~1\Avast5\avastUI.exe /nogui
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [swg] "C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
O4 - HKCU\..\Run: [AdobeBridge] "C:\Program Files (x86)\Adobe\Adobe Bridge CS5\Bridge.exe" -stealth
O4 - HKCU\..\Run: [] C:\Users\Keld\AppData\Local\Temp\DCOM.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOKAL TJENESTE')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOKAL TJENESTE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETVÆRKSTJENESTE')
O4 - Startup: Stardock ObjectDock.lnk = E:\Program Files (x86)\Stardock\ObjectDock\ObjectDock.exe
O4 - Global Startup: Google Calendar Sync.lnk = C:\Program Files (x86)\Google\Google Calendar Sync\GoogleCalendarSync.exe
O4 - Global Startup: Logitech SetPoint.lnk = E:\Program Files\Logitech\SetPoint\SetPoint.exe
O4 - Global Startup: Logo Calibration Loader.lnk = E:\Program Files (x86)\GretagMacbeth\i1\Eye-One Match 3\CalibrationLoader\CalibrationLoader.exe
O4 - Global Startup: ProfileReminder.lnk = E:\Program Files (x86)\GretagMacbeth\i1\Eye-One Match 3\ProfileReminder.exe
O4 - Global Startup: Send Crash Reports to FotoWare.lnk = ?
O8 - Extra context menu item: Google Sidewiki ... - res://C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_2EC7709873947E87.dll/cmsidewiki.html
O9 - Extra button: Send til OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: S&end til OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~3\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - e:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - e:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll
O13 - Gopher Prefix:
O15 - Trusted Zone: *.danskebank.dk
O16 - DPF: {0D6709DD-4ED8-40CA-B459-2757AEEF7BEE} (Dldrv2 Control) - http://download.gigabyte.com.tw/object/Dldrv.ocx
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: gcf - {9875BFAF-B04D-445E-8A69-BE36838CDE3E} - C:\Program Files (x86)\Google\Chrome Frame\Application\5.0.375.62\npchrome_frame.dll
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O20 - AppInit_DLLs: e:\PROGRA~1\DVDXST~1\DVDXUT~1.83\DVDGhost\DVDGHO~1.DLL
O23 - Service: ArcSoft Connect Daemon (ACDaemon) - ArcSoft Inc. - C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
O23 - Service: Acronis Scheduler2 Service (AcrSch2Svc) - Acronis - C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe
O23 - Service: Adobe Version Cue CS4 - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\Adobe Version Cue CS4\Server\bin\VersionCueCS4.exe
O23 - Service: Adobe Active File Monitor V7 (AdobeActiveFileMonitor7.0) - Adobe Systems Incorporated - e:\Program Files (x86)\Adobe\Photoshop Elements 7.0\PhotoshopElementsFileAgent.exe
O23 - Service: Adobe Active File Monitor V8 (AdobeActiveFileMonitor8.0) - Adobe Systems Incorporated - E:\Program Files (x86)\Adobe\Elements Organizer 8.0\PhotoshopElementsFileAgent.exe
O23 - Service: Acronis Nonstop Backup service (afcdpsrv) - Acronis - C:\Program Files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: AST Service (astcc) - Nalpeiron Ltd. - C:\Windows\system32\astsrv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: BlueSoleilCS - Unknown owner - E:\Program Files (x86)\IVT Corporation\BlueSoleil\BlueSoleilCS.exe
O23 - Service: Bonjour-tjeneste (Bonjour Service) - Apple Inc. - C:\Program Files (x86)\Bonjour\mDNSResponder.exe
O23 - Service: Browser Defender Update Service - Threat Expert Ltd. - C:\Program Files (x86)\Spyware Doctor\BDT\BDTUpdateService.exe
O23 - Service: BsHelpCS - Unknown owner - E:\Program Files (x86)\IVT Corporation\BlueSoleil\BsHelpCS.exe
O23 - Service: BsMobileCS - Unknown owner - E:\Program Files (x86)\IVT Corporation\BlueSoleil\BsMobileCS.exe
O23 - Service: @%systemroot%\system32\CISVC.EXE,-1 (CISVC) - Unknown owner - C:\Windows\system32\CISVC.EXE (file missing)
O23 - Service: @dfsrres.dll,-101 (DFSR) - Unknown owner - C:\Windows\system32\DFSR.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: FLEXnet Licensing Service 64 - Acresso Software Inc. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe
O23 - Service: FSPro Filter Service (fsproflt) - FSPro Labs - C:\Windows\SysWOW64\fsproflt.exe
O23 - Service: GenericMount Helper Service - Symantec - E:\Program Files (x86)\Norton Ghost\Shared\Drivers\GenericMountHelper.exe
O23 - Service: GEST Service for program management. (GEST Service) - Unknown owner - C:\Program Files (x86)\GIGABYTE\EnergySaver\GSvr.exe
O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Canon Inkjet Printer/Scanner/Fax Extended Survey Program (IJPLMSVC) - Unknown owner - C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE
O23 - Service: iPod-tjeneste (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Lavasoft Ad-Aware Service - Lavasoft - C:\Program Files (x86)\Lavasoft\Ad-Aware\AAWService.exe
O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~2\Symantec\LIVEUP~1\LUCOMS~1.EXE
O23 - Service: MBAMService - Malwarebytes Corporation - e:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: Nero BackItUp Scheduler 4.0 - Nero AG - C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Nalpeiron X64 Service (nlscc) - Unknown owner - C:\Windows\system32\nlsInterface.exe (file missing)
O23 - Service: Norton Ghost - Symantec Corporation - E:\Program Files (x86)\Norton Ghost\Agent\VProSvc.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: PDAgent - Raxco Software, Inc. - e:\Program Files\Raxco\PerfectDisk10\PDAgent.exe
O23 - Service: PDEngine - Raxco Software, Inc. - e:\Program Files\Raxco\PerfectDisk10\PDEngine.exe
O23 - Service: PowerSave Service (PowerSave) - Packard Bell Services - C:\Program Files (x86)\Packard Bell\Software Suite\PowerSave\PSPBSSS.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: SiSoftware Deployment Agent Service (SandraAgentSrv) - SiSoftware - e:\Program Files\SiSoftware\SiSoftware Sandra Professional Business 2009.SP3c\RpcAgentSrv.exe
O23 - Service: SBSD Security Center Service (SBSDWSCService) - Safer Networking Ltd. - E:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe
O23 - Service: ScsiAccess - Unknown owner - c:\Program Files (x86)\Photodex\ProShowProducer\ScsiAccess.exe
O23 - Service: PC Tools Auxiliary Service (sdAuxService) - PC Tools - C:\Program Files (x86)\Spyware Doctor\pctsAuxs.exe
O23 - Service: PC Tools Security Service (sdCoreService) - PC Tools - C:\Program Files (x86)\Spyware Doctor\pctsSvc.exe
O23 - Service: ServiceLayer - Nokia - C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: @%SystemRoot%\system32\SLsvc.exe,-101 (slsvc) - Unknown owner - C:\Windows\system32\SLsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: SwitchBoard - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O23 - Service: SymSnapService - Symantec - E:\Program Files (x86)\Norton Ghost\Shared\Drivers\SymSnapServicex64.exe
O23 - Service: TabletServiceWacom - Unknown owner - C:\Windows\system32\Wacom_Tablet.exe (file missing)
O23 - Service: TomTomHOMEService - TomTom - e:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe
O23 - Service: @C:\Program Files (x86)\TuneUp Utilities 2010\TuneUpDefragService.exe,-1 (TuneUp.Defrag) - TuneUp Software - C:\Program Files (x86)\TuneUp Utilities 2010\TuneUpDefragService.exe
O23 - Service: @%SystemRoot%\System32\TUProgSt.exe,-1 (TuneUp.ProgramStatisticsSvc) - Unknown owner - C:\Windows\System32\TUProgSt.exe (file missing)
O23 - Service: TuneUp Utilities Service (TuneUp.UtilitiesSvc) - TuneUp Software - C:\Program Files (x86)\TuneUp Utilities 2010\TuneUpUtilitiesService64.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 19505 bytes
Avatar billede Computer Hjælp (Gratis) Mester
30. maj 2010 - 13:04 #3
Vil gerne se loggen fra [Malwarebytes] ...
Avatar billede Keld Nielsen Professor
30. maj 2010 - 15:58 #4
Som du kan se - intet at bemærke!:

Malwarebytes' Anti-Malware 1.46
www.malwarebytes.org

Database version: 4052

Windows 6.0.6002 Service Pack 2 (Safe Mode)
Internet Explorer 8.0.6001.18904

28-05-2010 21:44:00
mbam-log-2010-05-28 (21-44-00).txt

Skanningstype: Fuldstændig skanning (C:\|E:\|)
Objekter skannet: 944191
Tid gået: 1 time(e), 30 minut(ter), 1 sekund(er)

Hukommelses Processorer Inficeret: 0
Hukommelses Moduler Inficeret: 0
Registreringsdatabasenøgler Inficeret: 0
Registreringsdatabaseværdier Inficeret: 0
Registreringsdatabasedata Objekter Inficeret: 0
Inficerede Mapper: 0
Inficerede Filer: 0

Hukommelses Processorer Inficeret:
(Ingen skadelige objekter blev fundet)

Hukommelses Moduler Inficeret:
(Ingen skadelige objekter blev fundet)

Registreringsdatabasenøgler Inficeret:
(Ingen skadelige objekter blev fundet)

Registreringsdatabaseværdier Inficeret:
(Ingen skadelige objekter blev fundet)

Registreringsdatabasedata Objekter Inficeret:
(Ingen skadelige objekter blev fundet)

Inficerede Mapper:
(Ingen skadelige objekter blev fundet)

Inficerede Filer:
(Ingen skadelige objekter blev fundet)
Avatar billede Keld Nielsen Professor
30. maj 2010 - 16:09 #5
Med Spyware Doctor får jeg flg. fejl:

30-05-2010 16:05:30:699    
Infektion renset
Trussel Navn - Application.TrackingCookies
Type - Cookie
Risiko niveau - Lav
Infektion - track.adform.net/ track.adform.net
30-05-2010 16:05:30:700    
Infektion renset
Trussel Navn - Application.TrackingCookies
Type - Cookie
Risiko niveau - Lav
Infektion - track.adform.net/ track.adform.net
30-05-2010 16:05:30:700    
Infektion renset
Trussel Navn - Application.TrackingCookies
Type - Cookie
Risiko niveau - Lav
Infektion - hit.gemius.pl/ hit.gemius.pl
Avatar billede Computer Hjælp (Gratis) Mester
30. maj 2010 - 17:22 #6
Jeg vil lade andre om at bedøme [dds.scr] loggen...

---
Avatar billede Keld Nielsen Professor
30. maj 2010 - 17:53 #7
Hvad med den fra HiJackThis - siger den dig intet!
Avatar billede Computer Hjælp (Gratis) Mester
30. maj 2010 - 18:22 #8
Umiddelbart kan jeg ikke li' denne ->

O4 - HKLM\..\Run: [] C:\Users\Keld\AppData\Local\Temp\DCOM.exe

Men vil lige have andres mening først!
Avatar billede patrick14 Nybegynder
31. maj 2010 - 14:18 #9
Når at det gælder dds, så vil jeg anbefale dig at spørge på www.spywarefri.dk/forum
Avatar billede Keld Nielsen Professor
16. juni 2010 - 08:22 #10
smid nogle svar - så jeg kan få lukket spørgsmålet!

-formaterede ;-(
Avatar billede patrick14 Nybegynder
16. juni 2010 - 11:25 #11
Ping
Avatar billede Computer Hjælp (Gratis) Mester
16. juni 2010 - 11:50 #12
Ping2 ...
Avatar billede Ny bruger Nybegynder

Din løsning...

Tilladte BB-code-tags: [b]fed[/b] [i]kursiv[/i] [u]understreget[/u] Web- og emailadresser omdannes automatisk til links. Der sættes "nofollow" på alle links.

Loading billede Opret Preview
Kategori
Se alle it-kurser fra Computerworld Kurser
IT-kurser om Microsoft 365, sikkerhed, personlig vækst, udvikling, digital markedsføring, grafisk design, SAP og forretningsanalyse.
Se alle it-kurser

Flere spørgsmål fra Virus kategorien

Titel Indlæg Oprettet Seneste aktivitet
Ukendte filer på min Pc Af jonpet i Virus 10 03/02/202514:20 04/02/202511:05
mulig ukendt virus Af jackie18 i Virus 3 18/01/202514:07 18/01/202516:39
virus popper op med jævne mellemrum Af Malm i Virus 13 18/01/202511:40 20/01/202517:53
Total AV Af Malm i Virus 10 16/01/202516:48 17/01/202520:47
pop up black friday Af Malm i Virus 12 22/11/202420:49 03/12/202411:04
Se alle spørgsmål i kategorien Opret spørgsmål

Log ind eller opret profil

Hov!

For at kunne deltage på Computerworld Eksperten skal du være logget ind.

Det er heldigvis nemt at oprette en bruger: Det tager to minutter og du kan vælge at bruge enten e-mail, Facebook eller Google som login.

Opret Log ind

Du kan også logge ind via nedenstående tjenester



Alle kategorier på Eksperten
Seneste spørgsmål Seneste aktivitet
I dag 12:40 SUM hvis ikke Af RazzP i Excel
I går 18:41 Beregning af køretid Af Boe i Excel
02/0614:13 alfabetisk rækkefølge i word på ipad Af PAN i Word
02/0609:22 Min Ipad “ringer” Af nu_igen i Apps til iOS
01/0613:20 Hvad gør et @ før en funktion Af KurtG i PHP
White papers
Flere white papers »


Premium
Teaser billede
Ukraines spektakulære drone-angreb brugte software, der trækker spor hele vejen til Billund: “Jeg ville jo bare bygge flyvende robotter”
Læs mere »
AWS i europæisk storsats: Lancerer spritny EU-cloud ejet af nystiftet Amazon-selskab
Microsofts europæiske chef Brad Smith udstikker nye løfter for cybersikkerheden: Men undviger stadigvæk helt centralt spørgsmål
Advarsel fra Max Schrems: Ny dom redder ikke dataaftale med USA
Se alle »
Computerworld
Teaser billede
Microsoft annoncerer ændringer i Windows for at leve op til stor EU-lovpakke: Se de nye funktioner
Læs mere »
Danmark i hjemmearbejdsbund: Kun Kina og Sydkorea er mere kontorpligtige
Open Source-eksperimentet: Zangenberg og Ørnø vil leve uden amerikansk software - læs argumenterne her
Nørgaard: "Lommeregnere?!? Så lærer I jo ALDRIG at tænke selv!"
Se alle »
CIO
Teaser billede
Her er Per Koguts nye liv efter 14 år som topchef i NNIT: "Jeg føler, at jeg er født på ny"
Læs mere »
Open Source-eksperimentet: Zangenberg og Ørnø vil leve uden amerikansk software - læs argumenterne her
Kommunerne København og Aarhus med over 80.000 ansatte vil droppe Microsoft: Frygter en nedlukning
Tirsdag aften kåres Årets CIO 2025: Læs, hvad landets fem dygtigste CIO'er gør, hvis Trump lukker for cloud
Se alle »
Job & Karriere
Teaser billede
Fungerede ikke: Dropper AI som erstatning for kundeservice-medarbejdere - har nu brug for nye folk
Læs mere »
NNIT har fyret 100 medarbejdere - nedjusterer markant
It-chef og halv it-afdeling fyret i forsikringsselskab på grund af kommentar om potteplante
Har fælles fortid i Devoteam: Nu etablerer disse fire tunge it-profiler nyt dansk konsulenthus - ser et hul i markedet
Se alle »
White paper
Teaser billede
Revolutionér kundeoplevelsen med AI og automatisering
Læs mere »
Undgå at printeren bliver svageste led i sikkerheden
Udnyt Genesys Cloud CX optimalt og styrk kundeoplevelsen
Sikkerhed gjort enkelt: Beskyt din virksomhed direkte i browseren
Se alle »

Events
Flere events »
White papers
Flere white papers »
IT-Kurser
Se alle vores it-kurser »