Re: EXE's won't run
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 21:22:20, on 11-08-2009
Platform: Windows Vista SP1 (WinNT 6.00.1905)
MSIE: Internet Explorer v8.00 (8.00.6001.18813)
Boot mode: Normal
Running processes:
C:\Windows\system32\Dwm.exe
c:\Program Files\Bioscrypt\VeriSoft\Bin\AsGHost.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskeng.exe
C:\Program Files\Norton 360\Engine\3.0.0.134\ccSvcHst.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\HP\QuickPlay\QPService.exe
C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QLBCTRL.exe
C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
C:\Program Files\Hewlett-Packard\HP Wireless Assistant\WiFiMsg.exe
C:\Program Files\HP\HP Software Update\hpwuSchd2.exe
C:\Program Files\Java\jre1.6.0\bin\jusched.exe
C:\Program Files\Corel\Corel Snapfire\Corel Photo Downloader.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\WINDOWS\System32\rundll32.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\WINDOWS\ehome\ehtray.exe
C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
C:\Windows\ehome\ehmsas.exe
C:\WINDOWS\System32\rundll32.exe
C:\Program Files\Hewlett-Packard\Shared\HpqToaster.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\WIDCOMM\Bluetooth Software\BtStackServer.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Users\Simone\Desktop\HiJackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = mitAOL | HP
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = mitAOL | HP
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Int ernet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O1 - Hosts: ::1 localhost
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Symantec NCO BHO - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files\Norton 360\Engine\3.0.0.134\coIEPlg.dll
O2 - BHO: Symantec Intrusion Prevention - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files\Norton 360\Engine\3.0.0.134\IPSBHO.DLL
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O2 - BHO: VeriSoft Access Manager - {DF21F1DB-80C6-11D3-9483-B03D0EC10000} - c:\Program Files\Bioscrypt\VeriSoft\Bin\ItIEAddIn.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O3 - Toolbar: Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Norton 360\Engine\3.0.0.134\coIEPlg.dll
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [QPService] "C:\Program Files\HP\QuickPlay\QPService.exe"
O4 - HKLM\..\Run: [QlbCtrl] %ProgramFiles%\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe /Start
O4 - HKLM\..\Run: [HP Health Check Scheduler] C:\Program Files\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe
O4 - HKLM\..\Run: [hpWirelessAssistant] %ProgramFiles%\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
O4 - HKLM\..\Run: [WAWifiMessage] %ProgramFiles%\Hewlett-Packard\HP Wireless Assistant\WiFiMsg.exe
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0\bin\jusched.exe"
O4 - HKLM\..\Run: [CognizanceTS] rundll32.exe c:\PROGRA~1\BIOSCR~1\VeriSoft\Bin\ASTSVCC.dll,Regi sterModule
O4 - HKLM\..\Run: [Corel Photo Downloader] C:\Program Files\Corel\Corel Snapfire\Corel Photo Downloader.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [NvSvc] RUNDLL32.EXE C:\Windows\system32\nvsvc.dll,nvsvcStart
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\RunOnce: [Launcher] %WINDIR%\SMINST\launcher.exe
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter
O4 - HKCU\..\Run: [LightScribe Control Panel] C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe -hidden
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - Global Startup: Adobe Reader Hurtigstart.lnk = C:\Program Files\Adobe\Reader 8.0\Reader\reader_sl.exe
O4 - Global Startup: Adobe Reader Synchronizer.lnk = C:\Program Files\Adobe\Reader 8.0\Reader\AdobeCollabSync.exe
O4 - Global Startup: BTTray.lnk = ?
O8 - Extra context menu item: Send billede til &Bluetooth-enhed... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
O8 - Extra context menu item: Send siden til &Bluetooth-enhed... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0\bin\ssv.dll
O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O13 - Gopher Prefix:
O16 - DPF: {2D8ED06D-3C30-438B-96AE-4D110FDC1FB8} (ActiveScan 2.0 Installer Class) - http://acs.pandasoftware.com/actives.../as2stubie.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/ge...sh/swflash.cab
O18 - Protocol: symres - {AA1061FE-6C41-421F-9344-69640C9732AB} - C:\Program Files\Norton 360\Engine\3.0.0.134\coIEPlg.dll
O20 - AppInit_DLLs: C:\WINDOWS\System32\APSHook.dll
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Automatisk LiveUpdate-planlægning - Unknown owner - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe (file missing)
O23 - Service: Bonjour-tjeneste (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: CyberLink Background Capture Service (CBCS) (CLCapSvc) - Unknown owner - C:\Program Files\HP\QuickPlay\Kernel\TV\CLCapSvc.exe
O23 - Service: CyberLink Task Scheduler (CTS) (CLSched) - Unknown owner - C:\Program Files\HP\QuickPlay\Kernel\TV\CLSched.exe
O23 - Service: HP Health Check Service - Hewlett-Packard - C:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe
O23 - Service: hpqwmiex - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: iPod-tjeneste (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: Norton 360 (N360) - Symantec Corporation - C:\Program Files\Norton 360\Engine\3.0.0.134\ccSvcHst.exe
O23 - Service: RoxMediaDB9 - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe
O23 - Service: stllssvr - MicroVision Development, Inc. - C:\Program Files\Common Files\SureThing Shared\stllssvr.exe
O23 - Service: XAudioService - Conexant Systems, Inc. - C:\Windows\system32\DRIVERS\xaudio.exe
--
End of file - 8892 bytes
ComboFix Log:
ComboFix 09-08-10.06 - Simone 11-08-2009 20:58.3.2 - NTFSx86
Microsoft® Windows Vista™ Home Premium 6.0.6001.1.1252.45.1030.18.2046.1219 [GMT 2:00]
Kører fra: c:\users\Simone\Desktop\ComboFix.exe
AV: Norton 360 *On-access scanning enabled* (Outdated) {E10A9785-9598-4754-B552-92431C1C35F8}
FW: Norton 360 *enabled* {7C21A4C9-F61F-4AC4-B722-A6E19C16F220}
SP: Norton 360 *enabled* (Updated) {CBB7EE13-8244-4DAB-8B55-D5C7AA91E59A}
SP: Windows Defender *disabled* (Updated) {D68DDC3A-831F-4FAE-9E44-DA132C1ACF46}
* Dannede nyt systemgendannelsespunkt
.
((((((((((((((((((((((((((((( Filer skabt fra 2009-07-11 til 2009-08-11 )))))))))))))))))))))))))))))))))))
.
2009-08-11 19:04 . 2009-08-11 19:04 -------- d-----w- c:\users\Public\AppData\Local\temp
2009-08-11 19:04 . 2009-08-11 19:04 -------- d-----w- c:\users\Default\AppData\Local\temp
2009-08-11 18:29 . 2009-08-11 18:38 -------- d-s---w- C:\Combo-Fix
2009-08-11 16:40 . 2009-07-23 18:18 1181040 ----a-w- c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\VirusDefs\2009081 1.004\NAVEX32A.DLL
2009-08-11 16:40 . 2009-07-23 18:18 371248 ----a-w- c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\VirusDefs\2009081 1.004\EECTRL.SYS
2009-08-11 16:40 . 2009-07-23 18:18 101936 ----a-w- c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\VirusDefs\2009081 1.004\ERASER.SYS
2009-08-11 16:40 . 2009-07-23 18:18 177520 ----a-w- c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\VirusDefs\2009081 1.004\NAVENG32.DLL
2009-08-11 16:40 . 2009-07-23 18:18 259368 ----a-w- c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\VirusDefs\2009081 1.004\ECMSVR32.DLL
2009-08-11 16:40 . 2009-07-23 18:18 2414128 ----a-w- c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\VirusDefs\2009081 1.004\CCERASER.DLL
2009-08-11 16:40 . 2009-07-23 08:00 87888 ----a-w- c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\VirusDefs\2009081 1.004\NAVENG.SYS
2009-08-11 16:40 . 2009-07-23 08:00 875728 ----a-w- c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\VirusDefs\2009081 1.004\NAVEX15.SYS
2009-08-10 16:41 . 2009-08-10 16:41 -------- d-----w- c:\users\Simone\AppData\Roaming\Malwarebytes
2009-08-10 16:41 . 2009-08-03 11:36 38160 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2009-08-10 16:41 . 2009-08-10 16:41 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2009-08-10 16:41 . 2009-08-10 16:41 -------- d-----w- c:\programdata\Malwarebytes
2009-08-10 16:41 . 2009-08-03 11:36 19096 ----a-w- c:\windows\system32\drivers\mbam.sys
2009-08-08 20:57 . 2009-08-08 20:57 -------- d-----w- c:\programdata\WindowsSearch
2009-08-08 18:30 . 2009-08-08 18:30 -------- d-----w- c:\windows\system32\N360_BACKUP
2009-08-08 13:19 . 2008-06-19 15:24 28544 ----a-w- c:\windows\system32\drivers\pavboot.sys
2009-08-08 13:19 . 2009-08-08 13:19 -------- d-----w- c:\program files\Panda Security
2009-08-08 12:49 . 2008-04-26 08:26 891448 ----a-w- c:\windows\system32\drivers\tcpip.sys
2009-08-08 12:49 . 2008-04-05 01:21 72192 ----a-w- c:\windows\system32\drivers\pacer.sys
2009-08-08 12:49 . 2008-04-05 03:34 15360 ----a-w- c:\windows\system32\pacerprf.dll
2009-08-08 12:49 . 2008-09-18 04:56 125952 ----a-w- c:\windows\system32\wersvc.dll
2009-08-08 12:49 . 2008-09-18 04:56 147456 ----a-w- c:\windows\system32\Faultrep.dll
2009-08-08 12:49 . 2008-08-02 03:26 36864 ----a-w- c:\windows\system32\cdd.dll
2009-08-08 12:49 . 2008-08-02 01:01 625152 ----a-w- c:\windows\system32\drivers\dxgkrnl.sys
2009-08-08 12:49 . 2008-06-26 03:29 565248 ----a-w- c:\windows\system32\emdmgmt.dll
2009-08-08 12:49 . 2008-06-26 03:29 45056 ----a-w- c:\windows\system32\dataclen.dll
2009-08-08 12:49 . 2008-05-20 02:07 148480 ----a-w- c:\windows\system32\drivers\nwifi.sys
2009-08-08 12:48 . 2008-05-08 21:59 90112 ----a-w- c:\windows\system32\wshext.dll
2009-08-08 12:48 . 2008-05-08 21:59 180224 ----a-w- c:\windows\system32\scrobj.dll
2009-08-08 12:48 . 2008-05-08 21:59 172032 ----a-w- c:\windows\system32\scrrun.dll
2009-08-08 12:48 . 2008-05-08 21:59 155648 ----a-w- c:\windows\system32\wscript.exe
2009-08-08 12:48 . 2008-05-08 21:58 135168 ----a-w- c:\windows\system32\cscript.exe
2009-08-07 16:48 . 2009-08-07 16:48 -------- d-----w- C:\PerfLogs
2009-08-07 15:07 . 2009-07-11 19:34 276344 ----a-w- c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\IPSDefs\20090730. 003\IDSXpx86.sys
2009-08-07 15:07 . 2009-07-11 19:34 533880 ----a-w- c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\IPSDefs\20090730. 003\Scxpx86.dll
2009-08-07 15:07 . 2009-07-11 19:34 451960 ----a-w- c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\IPSDefs\20090730. 003\IDSxpx86.dll
2009-08-07 15:07 . 2009-07-11 19:34 293424 ----a-w- c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\IPSDefs\20090730. 003\IDSvix86.sys
2009-08-07 15:07 . 2009-07-11 19:34 397360 ----a-w- c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\IPSDefs\20090730. 003\IDSviA64.sys
2009-07-28 17:15 . 2009-07-11 19:34 276344 ----a-w- c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\IPSDefs\20090722. 001\IDSXpx86.sys
2009-07-28 17:15 . 2009-07-11 19:34 293424 ----a-w- c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\IPSDefs\20090722. 001\IDSvix86.sys
2009-07-28 17:15 . 2009-07-11 19:34 533880 ----a-w- c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\IPSDefs\20090722. 001\Scxpx86.dll
2009-07-28 17:15 . 2009-07-11 19:34 451960 ----a-w- c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\IPSDefs\20090722. 001\IDSxpx86.dll
2009-07-28 17:15 . 2009-07-11 19:34 397360 ----a-w- c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\IPSDefs\20090722. 001\IDSviA64.sys
2009-07-27 16:56 . 2009-07-27 16:56 -------- d-----w- c:\users\Simone\AppData\Roaming\CyberLink
2009-07-27 16:55 . 2009-07-27 16:55 -------- d-----w- c:\users\Simone\AppData\Roaming\HP
2009-07-27 11:46 . 2009-07-27 11:48 -------- d-----w- c:\users\Simone\AppData\Local\Adobe
2009-07-26 19:02 . 2009-07-26 19:14 952 --sha-w- c:\windows\system32\KGyGaAvL.sys
2009-07-26 19:02 . 2009-07-26 19:14 -------- d-----w- c:\users\Simone\AppData\Roaming\Corel
2009-07-26 18:36 . 2008-01-19 07:36 1541120 ----a-w- c:\windows\system32\onex.dll
2009-07-26 18:36 . 2008-01-19 07:33 2623488 ----a-w- c:\windows\system32\SLsvc.exe
2009-07-26 18:34 . 2008-01-19 07:36 1315328 ----a-w- c:\windows\system32\ole32.dll
2009-07-26 18:33 . 2008-01-19 07:36 418304 ----a-w- c:\windows\system32\wmdrmdev.dll
2009-07-26 18:32 . 2008-01-19 07:37 604672 ----a-w- c:\windows\system32\WMSPDMOD.DLL
2009-07-26 18:31 . 2008-01-19 07:36 71168 ----a-w- c:\windows\system32\rasman.dll
2009-07-26 18:30 . 2008-01-19 07:33 82944 ----a-w- c:\windows\system32\nslookup.exe
2009-07-26 18:29 . 2008-01-19 07:36 6656 ----a-w- c:\windows\system32\sdspres.dll
2009-07-26 18:28 . 2008-01-19 07:33 52736 ----a-w- c:\windows\system32\brcplsdw.dll
2009-07-26 18:27 . 2008-01-19 07:33 151040 ----a-w- c:\windows\system32\notepad.exe
2009-07-26 18:26 . 2009-07-26 18:26 -------- d-----w- c:\program files\Bonjour
2009-07-26 18:25 . 2008-01-19 07:35 450560 ----a-w- c:\windows\system32\msxbde40.dll
2009-07-26 18:24 . 2008-01-19 07:35 19456 ----a-w- c:\windows\system32\msisip.dll
2009-07-26 18:23 . 2008-01-19 06:01 14336 ----a-w- c:\windows\system32\tsddd.dll
2009-07-26 18:21 . 2009-07-26 18:21 -------- d-----w- c:\program files\Apple Software Update
2009-07-26 18:17 . 2008-01-19 07:34 102400 ----a-w- c:\windows\system32\wbem\mofinstall.dll
2009-07-26 18:16 . 2008-01-19 07:36 83968 ----a-w- c:\windows\system32\wbem\wmiutils.dll
2009-07-26 18:16 . 2008-01-19 07:36 30208 ----a-w- c:\windows\system32\wbem\wbemprox.dll
2009-07-26 18:16 . 2008-01-19 07:36 742912 ----a-w- c:\windows\system32\wbem\wbemcore.dll
2009-07-26 18:16 . 2008-01-19 07:34 191488 ----a-w- c:\windows\system32\wbem\mofd.dll
2009-07-26 18:16 . 2008-01-19 07:34 263168 ----a-w- c:\windows\system32\wbem\esscli.dll
2009-07-26 18:16 . 2008-01-19 07:36 357888 ----a-w- c:\windows\system32\wbemcomn.dll
2009-07-26 18:16 . 2008-01-19 07:36 264704 ----a-w- c:\windows\system32\wbem\repdrvfs.dll
2009-07-26 18:14 . 2008-01-19 07:36 129536 ----a-w- c:\windows\system32\sqmapi.dll
2009-07-26 18:14 . 2008-01-19 07:36 139264 ----a-w- c:\windows\system32\SmiInstaller.dll
2009-07-26 18:14 . 2008-01-19 07:36 704512 ----a-w- c:\windows\system32\SmiEngine.dll
2009-07-26 18:12 . 2008-01-19 07:36 218624 ----a-w- c:\windows\system32\wdscore.dll
2009-07-26 18:12 . 2008-01-19 07:33 130560 ----a-w- c:\windows\system32\PkgMgr.exe
2009-07-26 18:10 . 2008-01-19 07:34 246784 ----a-w- c:\windows\system32\drvstore.dll
2009-07-26 18:10 . 2008-01-19 07:35 35328 ----a-w- c:\windows\system32\mspatcha.dll
2009-07-26 18:10 . 2008-01-19 07:34 305152 ----a-w- c:\windows\system32\msdelta.dll
2009-07-26 18:10 . 2008-01-19 07:34 258560 ----a-w- c:\windows\system32\dpx.dll
2009-07-26 17:37 . 2009-08-07 19:49 -------- d-----w- c:\users\Simone\AppData\Local\Apple Computer
2009-07-26 17:37 . 2009-07-26 17:37 -------- d-----w- c:\users\Simone\AppData\Roaming\Apple Computer
2009-07-26 17:34 . 2009-07-26 17:34 440152 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCESpotlig ht\MCESpotlight\SpotlightResources.dll
2009-07-26 17:20 . 2009-07-26 18:29 -------- d-----w- c:\programdata\Apple Computer
2009-07-26 17:19 . 2009-07-26 17:19 -------- d-----w- c:\users\Simone\AppData\Local\Apple
2009-07-26 16:59 . 2009-07-26 18:29 -------- d-----w- c:\program files\Common Files\Apple
2009-07-26 16:59 . 2009-07-26 16:59 -------- d-----w- c:\programdata\Apple
2009-07-25 17:06 . 2009-07-25 17:06 61440 ----a-w- c:\windows\system32\winipsec.dll
2009-07-25 17:06 . 2009-07-25 17:06 361984 ----a-w- c:\windows\system32\IPSECSVC.DLL
2009-07-25 17:06 . 2009-07-25 17:06 28672 ----a-w- c:\windows\system32\FwRemoteSvr.dll
2009-07-25 17:06 . 2009-07-25 17:06 272896 ----a-w- c:\windows\system32\polstore.dll
2009-07-25 17:05 . 2009-07-25 17:05 94720 ----a-w- c:\windows\system32\PortableDeviceClassExtension.d ll
2009-07-25 17:05 . 2009-07-25 17:05 241152 ----a-w- c:\windows\system32\PortableDeviceApi.dll
2009-07-25 17:05 . 2009-07-25 17:05 160768 ----a-w- c:\windows\system32\PortableDeviceTypes.dll
2009-07-25 17:04 . 2009-07-25 17:04 428544 ----a-w- c:\windows\system32\EncDec.dll
2009-07-25 17:04 . 2009-07-25 17:04 293376 ----a-w- c:\windows\system32\psisdecd.dll
2009-07-25 17:02 . 2009-07-25 17:02 2033152 ----a-w- c:\windows\system32\win32k.sys
2009-07-25 17:01 . 2009-07-25 17:01 72704 ----a-w- c:\windows\system32\fontsub.dll
2009-07-25 17:01 . 2009-07-25 17:01 34304 ----a-w- c:\windows\system32\atmlib.dll
2009-07-25 17:01 . 2009-07-25 17:01 289792 ----a-w- c:\windows\system32\atmfd.dll
2009-07-25 17:01 . 2009-07-25 17:01 23552 ----a-w- c:\windows\system32\lpk.dll
2009-07-25 17:01 . 2009-07-25 17:01 156672 ----a-w- c:\windows\system32\t2embed.dll
2009-07-25 17:01 . 2009-07-25 17:01 10240 ----a-w- c:\windows\system32\dciman32.dll
2009-07-25 17:00 . 2009-07-25 17:00 376832 ----a-w- c:\windows\system32\winhttp.dll
2009-07-25 16:59 . 2009-07-25 16:59 296960 ----a-w- c:\windows\system32\gdi32.dll
2009-07-25 16:59 . 2009-07-25 16:59 212480 ----a-w- c:\windows\system32\drivers\mrxsmb10.sys
2009-07-25 16:58 . 2009-07-25 16:58 562176 ----a-w- c:\windows\system32\msdtcprx.dll
2009-07-25 16:58 . 2009-07-25 16:58 38912 ----a-w- c:\windows\system32\xolehlp.dll
2009-07-25 16:57 . 2009-07-25 16:57 28672 ----a-w- c:\windows\system32\Apphlpdm.dll
2009-07-25 16:57 . 2009-07-25 16:57 4240384 ----a-w- c:\windows\system32\GameUXLegacyGDFs.dll
2009-07-25 16:57 . 2009-07-25 16:57 1695744 ----a-w- c:\windows\system32\gameux.dll
2009-07-25 16:56 . 2009-07-25 16:56 303616 ----a-w- c:\windows\system32\wmpeffects.dll
2009-07-25 16:55 . 2009-07-25 16:55 1191936 ----a-w- c:\windows\system32\msxml3.dll
2009-07-25 16:55 . 2009-07-25 16:55 2048 ----a-w- c:\windows\system32\msxml3r.dll
2009-07-25 16:51 . 2009-07-25 16:51 2048 ----a-w- c:\windows\system32\tzres.dll
2009-07-25 16:49 . 2009-07-25 16:49 8147456 ----a-w- c:\windows\system32\wmploc.DLL
2009-07-25 16:48 . 2009-07-25 16:48 7680 ----a-w- c:\windows\system32\spwmp.dll
2009-07-25 16:48 . 2009-07-25 16:48 4096 ----a-w- c:\windows\system32\dxmasf.dll
2009-07-25 16:45 . 2009-07-25 16:45 636928 ----a-w- c:\windows\system32\localspl.dll
2009-07-25 16:43 . 2009-07-25 16:43 2927104 ----a-w- c:\windows\explorer.exe
2009-07-25 16:41 . 2008-01-19 07:34 15872 ----a-w- c:\windows\system32\hcrstco.dll
2009-07-25 16:41 . 2006-11-02 09:46 8704 ----a-w- c:\windows\system32\hccoin.dll
.
(((((((((((((((((((((((((((((((((((((((( Find3M Rapport )))))))))))))))))))))))))))))))))))))))))))))))))) ))
.
2009-08-11 18:50 . 2006-11-21 04:49 77202 ----a-w- c:\windows\system32\perfc006.dat
2009-08-11 18:50 . 2006-11-21 04:49 463344 ----a-w- c:\windows\system32\perfh006.dat
2009-08-11 16:50 . 2009-07-23 18:55 568 ----a-w- c:\users\Simone\AppData\Roaming\wklnhst.dat
2009-08-11 10:26 . 2009-08-11 10:26 0 ---ha-w- c:\windows\system32\drivers\Msft_User_WpdFs_01_00_ 00.Wdf
2009-08-07 16:50 . 2006-11-02 12:37 -------- d-----w- c:\program files\Windows Sidebar
2009-08-07 16:50 . 2006-11-02 12:37 -------- d-----w- c:\program files\Windows Calendar
2009-08-07 16:50 . 2006-11-02 12:37 -------- d-----w- c:\program files\Windows Photo Gallery
2009-08-07 16:50 . 2006-11-02 12:37 -------- d-----w- c:\program files\Windows Journal
2009-08-07 16:50 . 2006-11-02 12:37 -------- d-----w- c:\program files\Windows Collaboration
2009-08-07 16:50 . 2006-11-02 11:18 -------- d-----w- c:\program files\Windows Mail
2009-08-07 16:50 . 2006-11-02 12:37 -------- d-----w- c:\program files\Windows Defender
2009-08-07 16:48 . 2006-11-02 10:25 665600 ----a-w- c:\windows\inf\drvindex.dat
2009-08-07 16:14 . 2006-11-02 10:32 101888 ----a-w- c:\windows\system32\ifxcardm.dll
2009-08-07 16:14 . 2006-11-02 10:32 82432 ----a-w- c:\windows\system32\axaltocm.dll
2009-07-30 09:32 . 2009-07-25 16:37 27430 ----a-w- c:\users\Simone\AppData\Roaming\nvModes.dat
2009-07-27 16:55 . 2007-08-20 09:16 -------- d-----w- c:\programdata\HP
2009-07-26 18:30 . 2009-07-26 18:29 -------- d-----w- c:\programdata\{8CD7F5AF-ECFA-4793-BF40-D8F42DBFF906}
2009-07-26 18:30 . 2009-07-26 18:29 -------- d-----w- c:\program files\iTunes
2009-07-26 18:29 . 2009-07-26 18:29 -------- d-----w- c:\program files\iPod
2009-07-26 18:25 . 2009-07-26 18:24 -------- d-----w- c:\program files\QuickTime
2009-07-24 13:44 . 2009-07-24 13:44 5031936 ----a-w- c:\windows\system32\NlsLexicons0816.dll
2009-07-24 13:30 . 2007-08-20 08:51 -------- d-----w- c:\program files\Common Files\Symantec Shared
2009-07-23 18:18 . 2009-07-23 18:19 805 ----a-w- c:\windows\system32\drivers\SYMEVENT.INF
2009-07-23 18:18 . 2009-07-23 18:19 7386 ----a-w- c:\windows\system32\drivers\SYMEVENT.CAT
2009-07-23 18:17 . 2007-08-20 08:51 -------- d-----w- c:\programdata\Symantec
2009-07-23 18:03 . 2009-07-23 18:03 0 --sha-r- c:\windows\system32\drivers\103C_HP_cNB_Pavilion dv6500 Notebook PC_Y5335KV_0U_QCNF7505MN1_E445841-DH3_4A_I30D0_SQuanta_V85.24_F.25_T071129_WV3-0_L406_M2047_J160_7AMD_8F82_91.90_#090723_N10DE045 0_(KA051EA
UW)_XMOBILE_CN10_Z_2Rev 1.MRK2009-07-23 17:53 . 2009-07-23 17:53 -------- d-sh--we c:\programdata\Skrivebord
2009-07-23 17:53 . 2009-07-23 17:53 -------- d-sh--we c:\programdata\Skabeloner
2009-07-23 17:53 . 2009-07-23 17:53 -------- d-sh--we c:\programdata\Menuen Start
2009-07-23 17:53 . 2009-07-23 17:53 -------- d-sh--we c:\programdata\Favoritter
2009-07-23 17:53 . 2009-07-23 17:53 -------- d-sh--we c:\programdata\Dokumenter
2009-07-23 17:53 . 2009-07-23 17:53 -------- d-sh--we c:\program files\Fælles filer
2009-07-21 21:52 . 2009-07-29 19:01 915456 ----a-w- c:\windows\system32\wininet.dll
2009-07-21 21:47 . 2009-07-29 19:01 109056 ----a-w- c:\windows\system32\iesysprep.dll
2009-07-21 21:47 . 2009-07-29 19:01 71680 ----a-w- c:\windows\system32\iesetup.dll
2009-07-21 20:13 . 2009-07-29 19:01 133632 ----a-w- c:\windows\system32\ieUnatt.exe
2009-07-11 19:34 . 2009-07-11 19:34 276344 ----a-w- c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\IPSDefs\BinHub\ID SXpx86.sys
2009-07-11 19:34 . 2009-07-11 19:34 293424 ----a-w- c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\IPSDefs\BinHub\ID Svix86.sys
2009-07-11 19:34 . 2009-07-11 19:34 533880 ----a-w- c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\IPSDefs\BinHub\Sc xpx86.dll
2009-07-11 19:34 . 2009-07-11 19:34 451960 ----a-w- c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\IPSDefs\BinHub\ID Sxpx86.dll
2009-07-11 19:34 . 2009-07-11 19:34 397360 ----a-w- c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\IPSDefs\BinHub\ID SviA64.sys
.
((((((((((((((((((((((((((((( SnapShot_2009-08-11_18.35.24 )))))))))))))))))))))))))))))))))))))))))
.
+ 2007-08-20 08:23 . 2009-08-11 18:45 37758 c:\windows\System32\WDI\ShutdownPerformanceDiagnos tics_SystemData.bin
+ 2006-11-02 13:05 . 2009-08-11 18:45 65722 c:\windows\System32\WDI\BootPerformanceDiagnostics _SystemData.bin
+ 2009-07-23 17:58 . 2009-08-11 18:45 7254 c:\windows\System32\WDI\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\S-1-5-21-4192116215-2757282675-2967604751-1000_UserData.bin
- 2009-08-11 18:07 . 2009-08-11 18:07 2048 c:\windows\ServiceProfiles\LocalService\AppData\Lo cal\lastalive1.dat
+ 2009-08-11 18:42 . 2009-08-11 18:42 2048 c:\windows\ServiceProfiles\LocalService\AppData\Lo cal\lastalive1.dat
+ 2009-08-11 18:42 . 2009-08-11 18:42 2048 c:\windows\ServiceProfiles\LocalService\AppData\Lo cal\lastalive0.dat
- 2009-08-11 18:07 . 2009-08-11 18:07 2048 c:\windows\ServiceProfiles\LocalService\AppData\Lo cal\lastalive0.dat
+ 2006-11-02 10:33 . 2009-08-11 18:50 587178 c:\windows\System32\perfh009.dat
- 2006-11-02 10:33 . 2009-08-11 18:15 587178 c:\windows\System32\perfh009.dat
+ 2006-11-02 10:33 . 2009-08-11 18:50 101250 c:\windows\System32\perfc009.dat
- 2006-11-02 10:33 . 2009-08-11 18:15 101250 c:\windows\System32\perfc009.dat
.
((((((((((((((((((((((((((((((((((( Start steder i reg.basen ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Bemærk* tomme linier & lovlige standard linier vises ikke
REGEDIT4
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\Curre ntVersion\Run]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2008-01-19 1233920]
"LightScribe Control Panel"="c:\program files\Common Files\LightScribe\LightScribeControlPanel.exe" [2007-04-19 484904]
"msnmsgr"="c:\program files\MSN Messenger\msnmsgr.exe" [2007-01-19 5674352]
"ehTray.exe"="c:\windows\ehome\ehTray.exe" [2008-01-19 125952]
"WindowsWelcomeCenter"="oobefldr.dll" - c:\windows\System32\oobefldr.dll [2008-01-19 2153472]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr entVersion\Run]
"Windows Defender"="c:\program files\Windows Defender\MSASCui.exe" [2008-01-19 1008184]
"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2007-01-13 827392]
"QPService"="c:\program files\HP\QuickPlay\QPService.exe" [2007-04-23 176128]
"QlbCtrl"="c:\program files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe" [2007-02-13 159744]
"HP Health Check Scheduler"="c:\program files\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe" [2007-03-12 50696]
"hpWirelessAssistant"="c:\program files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe" [2007-03-01 472776]
"WAWifiMessage"="c:\program files\Hewlett-Packard\HP Wireless Assistant\WiFiMsg.exe" [2007-01-10 317128]
"HP Software Update"="c:\program files\Hp\HP Software Update\HPWuSchd2.exe" [2005-02-16 49152]
"SunJavaUpdateSched"="c:\program files\Java\jre1.6.0\bin\jusched.exe" [2007-08-20 77824]
"CognizanceTS"="c:\progra~1\BIOSCR~1\VeriSoft\Bin\ ASTSVCC.dll" [2003-12-22 17920]
"Corel Photo Downloader"="c:\program files\Corel\Corel Snapfire\Corel Photo Downloader.exe" [2006-08-04 462336]
"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2009-05-26 413696]
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2009-07-13 292128]
"NvSvc"="c:\windows\system32\nvsvc.dll" [2007-07-09 86016]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2007-07-09 8433664]
"NvMediaCenter"="c:\windows\system32\NvMcTray. dll" [2007-07-09 81920]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr entVersion\RunOnce]
"Launcher"="c:\windows\SMINST\launcher.exe" [2006-11-07 44128]
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Adobe Reader Hurtigstart.lnk - c:\program files\Adobe\Reader 8.0\Reader\reader_sl.exe [2006-10-23 40048]
Adobe Reader Synchronizer.lnk - c:\program files\Adobe\Reader 8.0\Reader\AdobeCollabSync.exe [2006-10-23 734872]
BTTray.lnk - c:\program files\WIDCOMM\Bluetooth Software\BTTray.exe [2007-3-29 719664]
[HKEY_LOCAL_MACHINE\software\microsoft\windows\curr entversion\policies\system]
"EnableUIADesktopToggle"= 0 (0x0)
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=c:\windows\System32\APSHook.dll
[HKEY_LOCAL_MACHINE\system\currentcontrolset\contro l\lsa]
Notification Packages REG_MULTI_SZ scecli ASWLNPkg
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Contro l\SafeBoot\Minimal\SymEFA.sys]
@="FSFilter Activity Monitor"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Contro l\SafeBoot\Minimal\WinDefend]
@="Service"
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring]
"DisableMonitoring"=dword:00000001
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]
"DisableMonitoring"=dword:00000001
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]
"DisableMonitoring"=dword:00000001
[HKLM\~\services\sharedaccess\parameters\firewallpo licy\DomainProfile]
"EnableFirewall"= 0 (0x0)
[HKLM\~\services\sharedaccess\parameters\firewallpo licy\FirewallRules]
"{74FBF85F-9FB0-4CAB-A008-F649DC4F8779}"= c:\program files\MSN Messenger\livecall.exe:Windows Live Messenger 8.1 (Phone)
"{0F175ECB-2122-43AE-88B0-4E1B548F92F7}"= c:\program files\HP\QuickPlay\QP.exe:Quick Play
"{2E2EC380-6ADD-41A9-AD3A-4BDB300D61CC}"= c:\program files\HP\QuickPlay\QPService.exe:Quick Play Resident Program
"{A0BCB1D4-C68E-452D-87B4-BD2FEFCDED8E}"= UDP:c:\program files\Bonjour\mDNSResponder.exe:Bonjour
"{204B5DD4-3262-4FEC-AD30-8026F401E2E0}"= TCP:c:\program files\Bonjour\mDNSResponder.exe:Bonjour
"{3EAC24AF-45D5-4CE8-9E8C-060E985CF4ED}"= UDP:c:\program files\iTunes\iTunes.exe:iTunes
"{4579E3C5-7A5A-4813-A873-7CB91CEBC31A}"= TCP:c:\program files\iTunes\iTunes.exe:iTunes
[HKLM\~\services\sharedaccess\parameters\firewallpo licy\PublicProfile]
"EnableFirewall"= 0 (0x0)
[HKLM\~\services\sharedaccess\parameters\firewallpo licy\StandardProfile]
"EnableFirewall"= 0 (0x0)
R0 pavboot;pavboot;c:\windows\System32\drivers\pavboo t.sys [08-08-2009 15:19 28544]
R0 SymEFA;Symantec Extended File Attributes;c:\windows\System32\drivers\N360\030000 0.086\SymEFA.sys [23-07-2009 20:18 310320]
R1 BHDrvx86;Symantec Heuristics Driver;c:\windows\System32\drivers\N360\0300000.08 6\BHDrvx86.sys [23-07-2009 20:18 258608]
R1 ccHP;Symantec Hash Provider;c:\windows\System32\drivers\N360\0300000. 086\cchpx86.sys [23-07-2009 20:18 482352]
R1 IDSVix86;IDSVix86;c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\IPSDefs\20090730. 003\IDSvix86.sys [07-08-2009 17:07 293424]
R2 ASBroker;Logon Session Broker;c:\windows\System32\svchost.exe -k Cognizance [26-07-2009 20:29 21504]
R2 ASChannel;Local Communication Channel;c:\windows\System32\svchost.exe -k Cognizance [26-07-2009 20:29 21504]
R2 N360;Norton 360;c:\program files\Norton 360\Engine\3.0.0.134\ccSvcHst.exe [23-07-2009 20:18 115560]
R3 EraserUtilRebootDrv;EraserUtilRebootDrv;c:\program files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [24-07-2009 11:58 101936]
R3 SYMNDISV;Symantec Network Filter Driver;c:\windows\System32\drivers\N360\0300000.08 6\symndisv.sys [23-07-2009 20:18 39984]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
bthsvcs REG_MULTI_SZ BthServ
Cognizance REG_MULTI_SZ ASBroker ASChannel
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\>{60B49E34-C7CC-11D0-8953-00A0C90347FF}]
"c:\windows\System32\rundll32.exe" "c:\windows\System32\iedkcs32.dll",BrandIEActiveSe tup SIGNUP
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{10880D85-AAD9-4558-ABDC-2AB1552D831F}]
"c:\program files\Common Files\LightScribe\LSRunOnce.exe"
.
.
------- Yderligere scanning -------
.
uStart Page = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=DA_DK&c=73&bd=Pavilion &pf=laptop
mStart Page = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=DA_DK&c=73&bd=Pavilion &pf=laptop
uInternet Settings,ProxyOverride = *.local
IE: Send billede til &Bluetooth-enhed... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
IE: Send siden til &Bluetooth-enhed... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
.
************************************************** ************************
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, GMER - Rootkit Detector and Remover
Rootkit scan 2009-08-11 21:04
Windows 6.0.6001 Service Pack 1 NTFS
scanner skjulte processer ...
scanner skjulte autostarter ...
scanner skjulte filer ...
scanning gennemført med succes
skjulte filer: 0
************************************************** ************************
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\N 360]
"ImagePath"="\"c:\program files\Norton 360\Engine\3.0.0.134\ccSvcHst.exe\" /s \"N360\" /m \"c:\program files\Norton 360\Engine\3.0.0.134\diMaster.dll\" /prefetch:1"
.
--------------------- LÅSTE REGISTRERINGS NØGLER ---------------------
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Cl ***\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
--------------------- DLLs startet under kørende Processer ---------------------
- - - - - - - > 'lsass.exe'(740)
c:\program files\Bioscrypt\VeriSoft\bin\ASWLNPkg.dll
c:\program files\Bioscrypt\VeriSoft\bin\ItMsg.dll
- - - - - - - > 'Explorer.exe'(1536)
c:\windows\system32\APSHook.dll
c:\program files\Bioscrypt\VeriSoft\Bin\ItClient.dll
c:\windows\system32\btmmhook.dll
c:\windows\system32\ieframe.dll
.
Gennemført tid: 2009-08-11 21:07
ComboFix-quarantined-files.txt 2009-08-11 19:07
ComboFix2.txt 2009-08-11 18:37
ComboFix3.txt 2009-08-08 20:31
Pre-Kørsel: 121.043.808.256 byte ledig
Post-Kørsel: 120.692.158.464 byte ledig
322 --- E O F --- 2009-08-08 20:43
Linear Mode
