Enya

13. juli 2009

MBAM

Klikk for å se/fjerne innholdet nedenfor

Malwarebytes' Anti-Malware 1.38

Databaseversjon: 2420

Windows 5.1.2600 Service Pack 2

13.07.2009 19:02:55

mbam-log-2009-07-13 (19-02-55).txt

Skanntype: Rask Skann

Objekter skannet: 98689

Tid tilbakelagt: 6 minute(s), 4 second(s)

Minneprosesser infisert: 0

Minnemoduler infisert: 0

Registernøkler infisert: 1

Registerverdier infisert: 0

Registerfiler infisert: 2

Mapper infisert: 0

Filer infisert: 0

Minneprosesser infisert:

(Ingen mistenkelige filer funnet)

Minnemoduler infisert:

(Ingen mistenkelige filer funnet)

Registernøkler infisert:

HKEY_CURRENT_USER\SOFTWARE\Trymedia Systems (Adware.Trymedia) -> Quarantined and deleted successfully.

Registerverdier infisert:

(Ingen mistenkelige filer funnet)

Registerfiler infisert:

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\AntiVirusDisableNotify (Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\FirewallDisableNotify (Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.

Mapper infisert:

(Ingen mistenkelige filer funnet)

Filer infisert:

(Ingen mistenkelige filer funnet)

Combofix

Klikk for å se/fjerne innholdet nedenfor

ComboFix 09-07-12.03 - Rolf Vidar 13.07.2009 19:23.1.1 - NTFSx86

Microsoft Windows XP Professional 5.1.2600.2.1252.47.1044.18.1023.515 [GMT 2:00]

Kjører fra: c:\documents and settings\Rolf Vidar\Skrivebord\ComboFix.exe

AV: Norman Security Suite *On-access scanning disabled* (Updated) {EB9EFB40-AE72-4C43-B204-0FCD0E92D5F1}

AV: Norton AntiVirus 2006 *On-access scanning disabled* (Outdated) {E10A9785-9598-4754-B552-92431C1C35F8}

FW: Norman Security Suite *disabled* {83B29CE9-9DE2-2CB5-9AB3-780D70FF12B0}

FW: Norton Internet Worm Protection *enabled* {990F9400-4CEE-43EA-A83A-D013ADD8EA6E}

.

((((((((((((((((((((((((((((((((((((((( Andre slettinger )))))))))))))))))))))))))))))))))))))))))))))))))

.

c:\windows\Installer\2634ceb.msp

.

((((((((((((((((((((((((((( Filer Opprettet Fra 2009-06-13 til 2009-07-13 )))))))))))))))))))))))))))))))))

.

2009-07-13 16:54 . 2009-06-17 09:27 38160 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys

2009-07-13 16:52 . 2009-07-13 16:52 -------- d-----w- c:\documents and settings\Rolf Vidar\Programdata\Malwarebytes

2009-07-13 16:50 . 2009-07-13 16:50 -------- d-----w- c:\documents and settings\All Users\Programdata\Malwarebytes

2009-07-13 16:50 . 2009-07-13 16:55 -------- d-----w- c:\programfiler\Malwarebytes' Anti-Malware

2009-07-13 16:50 . 2009-06-17 09:27 19096 ----a-w- c:\windows\system32\drivers\mbam.sys

2009-07-01 19:02 . 2009-07-01 19:02 -------- d-----w- c:\programfiler\Innovative Solutions

2009-06-28 17:37 . 2009-06-28 19:25 -------- d-----w- c:\documents and settings\Rolf Vidar\Programdata\FileZilla

2009-06-28 17:37 . 2009-06-28 17:37 -------- d-----w- c:\programfiler\FileZilla FTP Client

2009-06-24 16:46 . 2009-06-24 16:46 -------- d-----w- c:\documents and settings\LocalService\Start-meny

2009-06-24 16:45 . 2008-04-16 10:57 42552 ----a-w- c:\windows\system32\drivers\ale_nf.sys

2009-06-24 16:45 . 2008-02-07 10:12 74624 ----a-w- c:\windows\system32\drivers\tdi_rd.sys

2009-06-24 16:45 . 2008-02-07 10:12 79752 ----a-w- c:\windows\system32\drivers\ndis_rd.sys

2009-06-24 16:45 . 2009-01-22 10:41 19512 ----a-w- c:\windows\system32\drivers\nvcw32mf.sys

2009-06-24 16:45 . 2008-05-16 09:28 212024 ----a-w- c:\windows\system32\nscrnsav.scr

2009-06-24 16:45 . 2009-07-13 17:14 -------- d-----w- c:\programfiler\Norman

.

(((((((((((((((((((((((((((((((((((((((( Find3M Rapport ))))))))))))))))))))))))))))))))))))))))))))))))))))

.

2009-07-13 16:58 . 2007-05-17 16:59 -------- d-----w- c:\programfiler\Fellesfiler\Symantec Shared

2009-07-01 19:36 . 2007-01-25 21:00 -------- d-----w- c:\documents and settings\Rolf Vidar\Programdata\Launchy

2009-07-01 19:33 . 2007-05-30 16:32 -------- d-----w- c:\programfiler\NCH Swift Sound

2009-07-01 19:30 . 2006-10-07 10:44 -------- d-----w- c:\programfiler\project dogwaffle

2009-07-01 19:27 . 2008-08-19 15:46 -------- d-----w- c:\documents and settings\All Users\Programdata\Microsoft Help

2009-07-01 19:25 . 2007-10-05 17:58 -------- d-----w- c:\programfiler\Vstep

2009-07-01 19:24 . 2006-10-25 18:39 98304 ----a-w- c:\windows\system32\CmdLineExt.dll

2009-07-01 19:04 . 2009-07-01 19:04 -------- d-----w- c:\windows\Fonts\AdvUninstal

2009-07-01 14:56 . 2006-08-22 14:02 -------- d-----w- c:\documents and settings\Rolf Vidar\Programdata\OpenOffice.org2

2009-06-26 20:08 . 2009-03-07 10:02 -------- d-----w- c:\programfiler\Data7EDS

2009-06-26 20:00 . 2007-08-24 19:24 -------- d-----w- c:\documents and settings\Rolf Vidar\Programdata\AdobeAUM

2009-06-26 19:58 . 2006-08-21 14:21 -------- d-----w- c:\programfiler\Fellesfiler\Adobe

2009-06-26 19:34 . 2006-09-01 18:16 -------- d--h--w- c:\programfiler\InstallShield Installation Information

2009-06-19 14:27 . 2001-10-09 12:00 511998 ----a-w- c:\windows\system32\perfh014.dat

2009-06-19 14:27 . 2001-10-09 12:00 105034 ----a-w- c:\windows\system32\perfc014.dat

2009-06-17 09:27 . 2009-07-13 16:51 38160 ----a-w- c:\windows\system32\drivers\is-NUREU.tmp

2009-06-17 09:27 . 2009-07-13 16:50 38160 ----a-w- c:\windows\system32\drivers\is-AA9AT.tmp

2009-05-20 08:33 . 2007-02-24 16:29 -------- d-----w- c:\programfiler\EA GAMES

2009-05-07 15:44 . 2004-08-03 23:03 344576 ----a-w- c:\windows\system32\localspl.dll

2009-04-29 04:50 . 2004-08-03 23:03 827392 ----a-w- c:\windows\system32\wininet.dll

2009-04-29 04:49 . 2004-08-03 23:03 78336 ----a-w- c:\windows\system32\ieencode.dll

2009-04-19 20:12 . 2004-08-03 22:56 1846656 ----a-w- c:\windows\system32\win32k.sys

2009-04-15 15:18 . 2004-08-03 23:03 584192 ----a-w- c:\windows\system32\rpcrt4.dll

2009-03-07 10:02 . 2009-03-07 09:57 80 --sh--r- c:\windows\system32F41EED2AD.dll

2006-09-03 11:33 . 2006-09-03 11:33 848 --sha-w- c:\windows\system32\KGyGaAvL.sys

.

(((((((((((((((((((((((((((((((( Oppstartspunkter I Registeret )))))))))))))))))))))))))))))))))))))))))))))

.

*Merk* tomme oppføringer & gyldige standardoppføringer vises ikke

REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"SweetIM"="c:\programfiler\Macrogaming\SweetIM\SweetIM.exe" [2006-12-27 73840]

"ctfmon.exe"="c:\windows\system32\ctfmon.exe" [2004-08-03 15360]

"MSMSGS"="c:\programfiler\Messenger\msmsgs.exe" [2004-10-13 1694208]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"UserFaultCheck"="c:\windows\system32\dumprep 0 -u" [X]

"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2005-07-26 6803456]

"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2005-07-26 86016]

"SweetIM"="c:\programfiler\Macrogaming\SweetIM\SweetIM.exe" [2006-12-27 73840]

"ccApp"="c:\programfiler\Fellesfiler\Symantec Shared\ccApp.exe" [2007-01-22 52840]

"Symantec PIF AlertEng"="c:\programfiler\Fellesfiler\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe" [2007-03-12 517768]

"DAEMON Tools-1033"="c:\programfiler\D-Tools\daemon.exe" [2004-08-22 81920]

"SunJavaUpdateSched"="c:\programfiler\Java\jre6\bin\jusched.exe" [2009-03-07 148888]

"Norman ZANDA"="c:\programfiler\Norman\Npm\Bin\ZLH.EXE" [2009-02-11 187504]

"NPCTray"="c:\programfiler\Norman\npc\bin\npc_tray.exe" [2007-09-17 126008]

"nwiz"="nwiz.exe" - c:\windows\system32\nwiz.exe [2005-07-26 1519616]

"SoundMan"="SOUNDMAN.EXE" - c:\windows\SOUNDMAN.EXE [2005-04-15 77824]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]

"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2004-08-03 15360]

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]

"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]

"DisableMonitoring"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]

"EnableFirewall"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]

"%windir%\\system32\\sessmgr.exe"=

"c:\\Programfiler\\LimeWire\\LimeWire.exe"=

"c:\\Documents and Settings\\Rolf Vidar\\Mine dokumenter\\ANNE\\Roller Coaster Tycoon 2\\rct2.exe"=

"c:\\WINDOWS\\system32\\spoolsv.exe"=

"c:\\Programfiler\\HP\\Digital Imaging\\bin\\hpqtra08.exe"=

"c:\\Programfiler\\MSN Messenger\\msnmsgr.exe"=

"c:\\Programfiler\\MSN Messenger\\livecall.exe"=

"c:\\Programfiler\\Mozilla Firefox\\firefox.exe"=

"c:\\Programfiler\\iTunes\\iTunes.exe"=

"c:\\Programfiler\\Mamut Home\\mamutdtx.exe"=

"c:\\Programfiler\\Mamut\\Mamut.exe"=

"c:\\Programfiler\\HP\\Diagnostic Assistant\\bin\\hprbevwr.exe"=

"c:\\Programfiler\\HP\\Digital Imaging\\bin\\Hpqdirec.exe"=

"c:\\Programfiler\\HP\\Digital Imaging\\HP Print Screen\\prnsys.exe"=

"c:\\Programfiler\\HP\\HP Software Update\\HPWUCli.exe"=

"%windir%\\Network Diagnostic\\xpnetdiag.exe"=

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]

"3389:TCP"= 3389:TCP:@xpsp2res.dll,-22009

P2 NPFSvc32;Norman Personal Firewall Service;c:\programfiler\Norman\Npf\Bin\npfsvc32.exe [24.06.2009 18:45 597104]

R0 NDIS_RD;Norman Firewall NDIS driver;c:\windows\system32\drivers\ndis_rd.sys [24.06.2009 18:45 79752]

R1 NGS;Norman General Security Driver;c:\programfiler\Norman\Ngs\Bin\ngs.sys [24.06.2009 18:45 22712]

R1 NPROSEC;Norman Security driver;c:\programfiler\Norman\Ngs\Bin\nprosec.sys [24.06.2009 18:45 53816]

R1 TDI_RD;Norman Firewall TDI driver;c:\windows\system32\drivers\tdi_rd.sys [24.06.2009 18:45 74624]

R2 Ndiskio;Ndiskio;c:\programfiler\Norman\Nse\Bin\Ndiskio.sys [24.06.2009 18:45 20448]

R2 NPROSECSVC;Norman Security service;c:\programfiler\Norman\Ngs\Bin\nprosec.exe [24.06.2009 18:45 121912]

R2 NVOY;Norman Resource Provider;c:\programfiler\Norman\Npm\Bin\nvoy.exe [24.06.2009 18:45 126008]

R2 TomTomHOMEService;TomTomHOMEService;c:\documents and settings\Rolf Vidar\Mine dokumenter\TomTom HOME 2\TomTomHOMEService.exe [08.04.2009 12:38 92008]

R3 NPC;Norman Parental Control;c:\programfiler\Norman\Npc\Bin\npcsvc32.exe [24.06.2009 18:45 416880]

R3 nsesvc;Norman Scanner Engine Service;c:\programfiler\Norman\Nse\Bin\Nsesvc.exe [24.06.2009 18:45 310328]

R3 NUAA;Norman User Activity Agent;c:\programfiler\Norman\Npc\Bin\nuaa.exe [24.06.2009 18:45 121912]

R3 NvcMFlt;NvcMFlt;c:\windows\system32\drivers\nvcw32mf.sys [24.06.2009 18:45 19512]

R3 nvcoas;Norman Virus Control on-access component;c:\programfiler\Norman\nvc\bin\Nvcoas.exe [24.06.2009 18:45 195640]

R3 Scheduler;Norman Scheduler Service;c:\programfiler\Norman\Npm\Bin\scheduler.exe [24.06.2009 18:45 130104]

S3 cxbu0wdm;CardMan 3x21;c:\windows\system32\drivers\cxbu0wdm.sys [11.07.2006 09:03 84608]

S3 EraserUtilRebootDrv;EraserUtilRebootDrv;c:\programfiler\Fellesfiler\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [26.02.2009 20:33 101936]

S3 sea1bus;Sony Ericsson Device 0A1 driver (WDM);c:\windows\system32\drivers\sea1bus.sys [21.08.2007 20:00 61536]

S3 sea1mdfl;Sony Ericsson Device 0A1 USB WMC Modem Filter;c:\windows\system32\drivers\sea1mdfl.sys [27.10.2007 12:49 9360]

S3 sea1mdm;Sony Ericsson Device 0A1 USB WMC Modem Driver;c:\windows\system32\drivers\sea1mdm.sys [27.10.2007 12:49 97088]

S3 sea1mgmt;Sony Ericsson Device 0A1 USB WMC Device Management Drivers (WDM);c:\windows\system32\drivers\sea1mgmt.sys [27.10.2007 12:49 88624]

S3 sea1nd5;Sony Ericsson Device 0A1 USB Ethernet Emulation SEMCA1 (NDIS);c:\windows\system32\drivers\sea1nd5.sys [14.06.2008 18:12 18704]

S3 sea1obex;Sony Ericsson Device 0A1 USB WMC OBEX Interface;c:\windows\system32\drivers\sea1obex.sys [27.10.2007 12:49 86432]

S3 sea1unic;Sony Ericsson Device 0A1 USB Ethernet Emulation SEMCA1 (WDM);c:\windows\system32\drivers\sea1unic.sys [14.06.2008 18:11 90800]

S4 MSSQLServerADHelper100;SQL Active Directory Helper Service;c:\programfiler\Microsoft SQL Server\100\Shared\sqladhlp.exe [10.07.2008 17:28 47128]

S4 RsFx0102;RsFx0102 Driver;c:\windows\system32\drivers\RsFx0102.sys [10.07.2008 02:49 242712]

S4 SQLAgent$SQLEXPRESS;SQL Server Agent (SQLEXPRESS);c:\programfiler\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\SQLAGENT.EXE [10.07.2008 17:28 369688]

--- Andre tjenester/drivere lastet i minnet ---

*Deregistered* - mchInjDrv

.

Innholdet i mappen 'Scheduled Tasks' (planlagte oppgaver)

2009-06-21 c:\windows\Tasks\AppleSoftwareUpdate.job

- c:\programfiler\Apple Software Update\SoftwareUpdate.exe [2006-10-10 16:13]

2009-07-03 c:\windows\Tasks\Norton AntiVirus - Run Full System Scan - Rolf Vidar.job

- c:\progra~1\NORTON~1\Navw32.exe [2005-09-24 10:13]

2009-07-13 c:\windows\Tasks\Se etter oppdateringer for Windows Live Toolbar.job

- c:\programfiler\Windows Live Toolbar\MSNTBUP.EXE [2007-10-19 10:20]

.

- - - - TOMME PEKERE FJERNET - - - -

HKCU-Run-msnmsgr - ~c:\programfiler\MSN Messenger\msnmsgr.exe

.

------- Tilleggsskanning -------

.

uStart Page = hxxp://www.startsiden.no/

uSearchMigratedDefaultURL = hxxp://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8

IE: &Windows Live Search - c:\programfiler\Windows Live Toolbar\msntb.dll/search.htm

IE: E&ksporter til Microsoft Excel - c:\progra~1\MICROS~2\OFFICE11\EXCEL.EXE/3000

LSP: c:\programfiler\Norman\npc\bin\nlf.dll

DPF: {A92E0798-BFA4-4FEE-BB48-8E2C69B2B0C5} - hxxp://www.navigram.com/engine/v812/PageDive5.cab

FF - ProfilePath - c:\documents and settings\Rolf Vidar\Programdata\Mozilla\Firefox\Profiles\he6wbpl7.default\

FF - plugin: c:\programfiler\Mozilla Firefox\plugins\np-mswmp.dll

FF - plugin: c:\programfiler\Mozilla Firefox\plugins\npitunes.dll

FF - plugin: c:\programfiler\Unity\WebPlayer\loader\npUnity3D32.dll

FF - HiddenExtension: Java Console: No Registry Reference - c:\programfiler\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0001-ABCDEFFEDCBA}

FF - HiddenExtension: Java Console: No Registry Reference - c:\programfiler\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0012-ABCDEFFEDCBA}

---- FIREFOX POLICIES ----

c:\programfiler\Mozilla Firefox\defaults\pref\firefox-l10n.js - pref("browser.fixup.alternate.suffix", ".no");

.

**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net

Rootkit scan 2009-07-13 19:28

Windows 5.1.2600 Service Pack 2 NTFS

skanner skjulte prosesser ...

skanner skjulte autostart-oppføringer ...

skanner skjulte filer ...

skanning vellykket

skjulte filer: 0

**************************************************************************

.

Tidspunkt ferdig: 2009-07-13 19:31

ComboFix-quarantined-files.txt 2009-07-13 17:30

Pre-Run: 10 497 204 224 byte ledig

Post-Run: 10 998 353 920 byte ledig

WindowsXP-KB310994-SP2-Pro-BootDisk-NOR.exe

[boot loader]

timeout=2

default=multi(0)disk(0)rdisk(0)partition(2)\WINDOWS

[operating systems]

c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons

multi(0)disk(0)rdisk(0)partition(2)\WINDOWS="Microsoft Windows XP Professional" /noexecute=optin /fastdetect

187 --- E O F --- 2009-06-11 20:31

Takker for hjelp

20. juni 2009

Ikke at jeg er ekspert på emnet, men slik jeg ser det har du "hindret" trafikken viss vedkomende må bremse ned for å ikke ta rompen på bilen din, og da har du vel ikke holdt vikeplikten din. Uansett om han tar framskjermen eller baken på bilen.

Mitt synstpunkt

16. juni 2009

Ja, er liksom det jeg og har hørt. :/ Har bare gjort det skriftlig, skal ta en tlf i morgen og snakke med de.

Liker ikke helt forskjellen de kjører, to kompiser av meg hadde helt lik "søknad" som meg bare ni på ryggen.. de kom ikke inn. Merkelig prioritering..

15. juni 2009

Det at man ender opp som kaffikoker, kopisjef, etc. er bare skremselspropaganda altså?

Er klar over at jeg brenner alle broer for å få fullført førsteganstjeneste, er litt surt egentlig. :/

15. juni 2009

Jeg beklager at jeg må opprette enda en "dimme" tråd, men jeg trenger noen råd.

Jeg har egentlig lyst til å fullføre førstegangstjenesten, men har ikke lyst inn nå av forskjellige grunner. Søkte derfor utsettelse pga av studier, men dette gikk selvfølgelig ikke gjennom. Jeg blir veldig irritert av sånt når jeg egentlig har lyst inn, men ikke før om ett, eller to år.

Alternativet jeg ser på nå er å gå til legen for å få attest på dårlig rygg. Dette er noe jeg faktisk har, men til daglig ikke har veldig store problemer med, merker det av og til. Legen på sesjonen gav meg 5/9 på ryggen bare ved å se på den (skeiv rygg). Han spurde om jeg slet med ryggen, og om jeg hadde legeerklæring på dette. Legeerklæring er noe jeg ikke har sett på som nødvendig tidligere da de på arbeidsplassen, gymtimer etc. har akseptert at jeg får vondt i ryggen når den blir overbelastet. Sesjonslegen sa at viss jeg hadde dokumentasjon på dårlig rygg kunne han sette meg som ikke tjenestedyktig, siden jeg ikke hadde dette ble jeg da tjenestedyktig.

Det jeg lurer på nå er om jeg skal til legen for å få erklæring på dårlig/skeiv rygg, og få dimmet militæret pga det. Er redd jeg blir satt som "kopimaskinsjef", eller noe i den duren. Hva tror folk?

Det som er fryktelig irriterende er at jeg lett hadde fullført om jeg fikk ta det om ett, eller to år, men jeg får jo ikke fullført viss jeg søker fritak grunnet dårlig rygg.. Er som sagt flere grunner til dette, men VPV godtok ikke de.

15. juni 2009

Aasen og Knudsen sitt arbeid går vel mer under språkhistorie, jeg har kun om litteraturhistorien, men det skal nok nevenes

1970-1900 var nå en merkelig måte å dele det opp på. Da stopper du jo midt i nyromantikken (1890-1905).

Jeg sitter og lurer på om jeg skal gå for noe som "Den viktigste litterære epoken?" Og grunngje det med at i starten av denne epoken var kvinnene "bundet fast til kjøkkenet", men i slutten av epoken hadde mange av de jobb i industrien og det var mulig å ta utdanning.

Konklusjonen vil allikvel ende opp med "tja" siden f.eks krigslitteraturen spilte en viktig rolle for veldig mangen også..

Dette vil kanskje være enda mer aktuelt for deg enn for meg, siden du slipper unna romantikken?

Flere tips mottas med takk

15. juni 2009

Jeg trenger sårt noen tips til en god problemstilling som dekker hele denne perioden. Hadde perioden vert avgrenset til én litterær periode hadde det ikke vert så vanskelig, men jeg må jo innom romantikken, realismen og naturalismen.

Eneste jeg har komt på er å se nærmere på overgangene, "hvorfor og hvordan", men føler det blit litt for enkelt.

Noen som har forslag til en god problemstilling?

Takker og bukker for tips

4. juni 2009

Russ '09 :thumbup:

4. juni 2009

Jeg har en sterk følelse av at langsvarsoppgaven på del 1 heter " gjør rede for teknologisk bruk av induksjon"

Blir det noe sånt er jeg godt fornøyd. Problemstillingen min til prøveeksamen muntlig var ganske lik

4. juni 2009

Jeg tror Cern vil stå veldig sentralt med alt som skjer der nå Er i alle fall spådd av fysikklæreren min.

4. juni 2009

Aldri mer maskin, eller gillette høvler i mitt ansikt

Jeg ville ikke avskrevet Gillette helt enda. Hvis denne interessen tar av kommer du garantert til å saumfare ebay og andre barberfora for gamle Gillette DE-høvler fra 50-tallet (pluss minus noen tiår). Jeg har mange 50-60 år gamle høvler fra Gillette som er vel så bra som moderne saker fra Merkur. Gillette flerbladshøvler dermiot, det er en annen sak.

Pirke, pirke. Tenker du skjønte hva jeg mente Men er klart, du har helt rett.

3. juni 2009

Da var siste levering fra barbershop i hus. Kjøpt feather blader, Simpsons Commodore best badger kost og Anthony pre shave oil.

Nå gikk barberingen smertefritt, problemene jeg hadde på haken hvor det er tett skjegg er helt borte. Virker som feather blader og pre shave oil gjorde susen. Simpsons kosten er også i en helt anne klasse enn Proraso kosten av svinebust som jeg har brukt tidligere, det er rett og slett magisk deilig å smøre ut skum i ansiktet

Aldri mer maskin, eller gillette høvler i mitt ansikt

1. juni 2009

Takker for raskt svar norbat

Ser ut som det ble dedre. I utgangspunktet så var det "facebook virus" som var problemet, regner med du har hørt om dette? Er ikke min pc, men ser ut som det er bedre nå.

1. juni 2009

MBAM

Klikk for å se/fjerne innholdet nedenfor

Malwarebytes' Anti-Malware 1.37

Databaseversjon: 2201

Windows 5.1.2600 Service Pack 3

31.05.2009 19:21:48

mbam-log-2009-05-31 (19-21-48).txt

Skanntype: Rask Skann

Objekter skannet: 94957

Tid tilbakelagt: 8 minute(s), 37 second(s)

Minneprosesser infisert: 2

Minnemoduler infisert: 1

Registernøkler infisert: 15

Registerverdier infisert: 5

Registerfiler infisert: 0

Mapper infisert: 1

Filer infisert: 16

Minneprosesser infisert:

C:\Programfiler\websrvx\websrvx.exe (Trojan.Downloader) -> Unloaded process successfully.

C:\WINDOWS\mstre19.exe (Worm.KoobFace) -> Unloaded process successfully.

Minnemoduler infisert:

C:\Programfiler\GamesBar\oberontb.dll (Adware.Gamesbar) -> Delete on reboot.

Registernøkler infisert:

HKEY_CLASSES_ROOT\oberontb.band (Adware.Gamesbar) -> Quarantined and deleted successfully.

HKEY_CLASSES_ROOT\TypeLib\{ad76633e-e50d-4844-9e7f-4dfbc7c18467} (Adware.Gamesbar) -> Quarantined and deleted successfully.

HKEY_CLASSES_ROOT\Interface\{daa37aad-f156-4c2c-ac48-3c22ef92ae2f} (Adware.Gamesbar) -> Quarantined and deleted successfully.

HKEY_CLASSES_ROOT\CLSID\{6f282b65-56bf-4bd1-a8b2-a4449a05863d} (Adware.Gamesbar) -> Quarantined and deleted successfully.

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{6f282b65-56bf-4bd1-a8b2-a4449a05863d} (Adware.Gamesbar) -> Quarantined and deleted successfully.

HKEY_CLASSES_ROOT\CLSID\{cb0d163c-e9f4-4236-9496-0597e24b23a5} (Adware.Gamesbar) -> Quarantined and deleted successfully.

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{cb0d163c-e9f4-4236-9496-0597e24b23a5} (Adware.Gamesbar) -> Quarantined and deleted successfully.

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{cb0d163c-e9f4-4236-9496-0597e24b23a5} (Adware.Gamesbar) -> Quarantined and deleted successfully.

HKEY_CLASSES_ROOT\oberontb.band.1 (Adware.Gamesbar) -> Quarantined and deleted successfully.

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{1d4db7d2-6ec9-47a3-bd87-1e41684e07bb} (Adware.MyWebSearch) -> Quarantined and deleted successfully.

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{1a93c934-025b-4c3a-b38e-9654a7003239} (Adware.Gamesbar) -> Quarantined and deleted successfully.

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{1a93c934-025b-4c3a-b38e-9654a7003239} (Adware.Gamesbar) -> Quarantined and deleted successfully.

HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\websrvx (Trojan.Downloader) -> Quarantined and deleted successfully.

HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\websrvx (Trojan.Downloader) -> Quarantined and deleted successfully.

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\websrvx (Trojan.Downloader) -> Quarantined and deleted successfully.

Registerverdier infisert:

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\pp (Worm.KoobFace) -> Quarantined and deleted successfully.

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar\{6f282b65-56bf-4bd1-a8b2-a4449a05863d} (Adware.Gamesbar) -> Quarantined and deleted successfully.

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\sysfbtray (Worm.KoobFace) -> Quarantined and deleted successfully.

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\sysmstray (Worm.KoobFace) -> Quarantined and deleted successfully.

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\sysldtray (Worm.Koobface) -> Quarantined and deleted successfully.

Registerfiler infisert:

(Ingen mistenkelige filer funnet)

Mapper infisert:

C:\Programfiler\websrvx (Trojan.Downloader) -> Quarantined and deleted successfully.

Filer infisert:

C:\WINDOWS\pp10.exe (Worm.KoobFace) -> Quarantined and deleted successfully.

C:\Programfiler\GamesBar\oberontb.dll (Adware.Gamesbar) -> Delete on reboot.

c:\programfiler\websrvx\websrvx.exe (Trojan.Downloader) -> Quarantined and deleted successfully.

c:\WINDOWS\freddy43.exe (Worm.KoobFace) -> Quarantined and deleted successfully.

c:\WINDOWS\freddy44.exe (Worm.KoobFace) -> Quarantined and deleted successfully.

C:\WINDOWS\msmark2.dat (Worm.KoobFace) -> Quarantined and deleted successfully.

C:\WINDOWS\mstre19.exe (Worm.KoobFace) -> Quarantined and deleted successfully.

C:\WINDOWS\ld08.exe (Worm.Koobface) -> Quarantined and deleted successfully.

c:\WINDOWS\9g2234wesdf3dfgjf23 (Worm.KoobFace) -> Quarantined and deleted successfully.

C:\WINDOWS\f5087.dat (Worm.KoobFace) -> Quarantined and deleted successfully.

C:\WINDOWS\f23567.dat (Worm.KoobFace) -> Quarantined and deleted successfully.

C:\WINDOWS\system32\sysloc\sysloc.dll (Trojan.BHO) -> Quarantined and deleted successfully.

c:\WINDOWS\sonce122712.dat (Worm.KoobFace) -> Quarantined and deleted successfully.

c:\WINDOWS\sonce122713.dat (Worm.KoobFace) -> Quarantined and deleted successfully.

c:\WINDOWS\sonce122739.dat (Worm.KoobFace) -> Quarantined and deleted successfully.

c:\WINDOWS\sonce123198.dat (Worm.KoobFace) -> Quarantined and deleted successfully.

Combofix

Klikk for å se/fjerne innholdet nedenfor

ComboFix 09-05-31.02 - suskol 01.06.2009 0:10.1 - NTFSx86

Microsoft Windows XP Professional 5.1.2600.3.1252.47.1044.18.2038.1385 [GMT 2:00]

Kjører fra: c:\documents and settings\suskol\Skrivebord\ComboFix.exe

AV: Symantec AntiVirus Corporate Edition *On-access scanning disabled* (Updated) {FB06448E-52B8-493A-90F3-E43226D3305C}

.

((((((((((((((((((((((((((((((((((((((( Andre slettinger )))))))))))))))))))))))))))))))))))))))))))))))))

.

c:\documents and settings\All Users\Programdata\Microsoft\Network\Downloader\qmgr0.dat

c:\documents and settings\All Users\Programdata\Microsoft\Network\Downloader\qmgr1.dat

c:\documents and settings\suskol\Programdata\inst.exe

c:\windows\system32\sysloc

----- BITS: Mulige infiserte sider -----

hxxp://ped-01wsus

.

((((((((((((((((((((((((((( Filer Opprettet Fra 2009-04-28 til 2009-05-31 )))))))))))))))))))))))))))))))))

.

2009-05-31 16:58 . 2009-05-31 16:58 -------- d-----w- c:\documents and settings\suskol\Programdata\Malwarebytes

2009-05-31 16:58 . 2009-05-26 11:20 40160 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys

2009-05-31 16:58 . 2009-05-31 16:58 -------- d-----w- c:\programfiler\Malwarebytes' Anti-Malware

2009-05-31 16:58 . 2009-05-31 16:58 -------- d-----w- c:\documents and settings\All Users\Programdata\Malwarebytes

2009-05-31 16:58 . 2009-05-26 11:19 19096 ----a-w- c:\windows\system32\drivers\mbam.sys

2009-05-29 22:52 . 2009-05-29 22:52 -------- d-----r- c:\documents and settings\LocalService\Favoritter

2009-05-13 07:39 . 2009-05-13 07:39 664 ----a-w- c:\windows\system32\d3d9caps.dat

2009-05-13 07:04 . 2001-10-06 12:02 5632 ----a-w- c:\windows\system32\ptpusb.dll

2009-05-13 07:04 . 2008-04-14 07:22 159232 ----a-w- c:\windows\system32\ptpusd.dll

2009-05-13 07:04 . 2008-04-13 09:45 15104 -c--a-w- c:\windows\system32\dllcache\usbscan.sys

2009-05-13 07:04 . 2008-04-13 09:45 15104 ----a-w- c:\windows\system32\drivers\usbscan.sys

2009-05-11 09:28 . 2009-05-10 08:00 259368 ----a-w- c:\documents and settings\All Users\Programdata\Symantec\Symantec AntiVirus Corporate Edition\7.5\I2_LDVP.VDB\vd2d5403.vdb\ECMSVR32.DLL

2009-05-11 09:28 . 2009-02-18 19:41 2414128 ----a-w- c:\documents and settings\All Users\Programdata\Symantec\Symantec AntiVirus Corporate Edition\7.5\I2_LDVP.VDB\vd2d5403.vdb\CCERASER.DLL

2009-05-11 09:28 . 2009-02-12 23:04 876144 ----a-w- c:\documents and settings\All Users\Programdata\Symantec\Symantec AntiVirus Corporate Edition\7.5\I2_LDVP.VDB\vd2d5403.vdb\NAVEX15.SYS

2009-05-11 09:28 . 2009-02-12 23:04 89104 ----a-w- c:\documents and settings\All Users\Programdata\Symantec\Symantec AntiVirus Corporate Edition\7.5\I2_LDVP.VDB\vd2d5403.vdb\NAVENG.SYS

2009-05-11 09:28 . 2009-02-12 23:03 1181040 ----a-w- c:\documents and settings\All Users\Programdata\Symantec\Symantec AntiVirus Corporate Edition\7.5\I2_LDVP.VDB\vd2d5403.vdb\NAVEX32A.DLL

2009-05-11 09:28 . 2009-02-12 23:03 177520 ----a-w- c:\documents and settings\All Users\Programdata\Symantec\Symantec AntiVirus Corporate Edition\7.5\I2_LDVP.VDB\vd2d5403.vdb\NAVENG32.DLL

2009-05-11 09:28 . 2009-02-06 19:26 101936 ----a-w- c:\documents and settings\All Users\Programdata\Symantec\Symantec AntiVirus Corporate Edition\7.5\I2_LDVP.VDB\vd2d5403.vdb\ERASER.SYS

2009-05-11 09:28 . 2009-02-06 19:26 371248 ----a-w- c:\documents and settings\All Users\Programdata\Symantec\Symantec AntiVirus Corporate Edition\7.5\I2_LDVP.VDB\vd2d5403.vdb\EECTRL.SYS

.

(((((((((((((((((((((((((((((((((((((((( Find3M Rapport ))))))))))))))))))))))))))))))))))))))))))))))))))))

.

2009-05-31 22:04 . 2008-04-29 08:37 -------- d-----w- c:\programfiler\Symantec AntiVirus

2009-05-31 17:23 . 2008-11-13 09:12 -------- d-----w- c:\programfiler\GamesBar

2009-05-27 21:03 . 2008-11-05 07:20 -------- d-----w- c:\documents and settings\All Users\Programdata\FLEXnet

2009-05-27 11:30 . 2008-05-06 07:19 -------- d-----w- c:\programfiler\Clue

2009-05-06 07:16 . 2009-01-23 12:05 -------- d-----w- c:\programfiler\Google

2009-04-28 11:13 . 2008-04-09 04:10 80620 ----a-w- c:\windows\system32\perfc014.dat

2009-04-28 11:13 . 2008-04-09 04:10 445362 ----a-w- c:\windows\system32\perfh014.dat

2009-04-28 11:12 . 2008-04-08 12:52 69696 ----a-w- c:\documents and settings\Administrator\Lokale innstillinger\Programdata\GDIPFONTCACHEV1.DAT

2009-04-28 11:11 . 2009-04-01 11:44 69696 ----a-w- c:\documents and settings\suskol\Lokale innstillinger\Programdata\GDIPFONTCACHEV1.DAT

2009-04-28 11:01 . 2008-04-08 11:25 86327 ----a-w- c:\windows\pchealth\helpctr\OfflineCache\index.dat

2009-03-06 14:24 . 2008-04-09 04:10 284160 ----a-w- c:\windows\system32\pdh.dll

2009-03-03 00:16 . 2008-04-09 04:10 826368 ----a-w- c:\windows\system32\wininet.dll

.

(((((((((((((((((((((((((((((((( Oppstartspunkter I Registeret )))))))))))))))))))))))))))))))))))))))))))))

.

*Merk* tomme oppføringer & gyldige standardoppføringer vises ikke

REGEDIT4

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{1F6C23D6-854C-497f-9275-439C89CF1F68}]

2007-10-23 23:47 282112 ----a-w- c:\windows\system32\mscoree.dll

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"MessengerPlus3"="c:\programfiler\MessengerPlus! 3\MsgPlus.exe" [2008-09-24 190024]

"msnmsgr"="c:\programfiler\Windows Live\Messenger\msnmsgr.exe" [2009-02-06 3885400]

"swg"="c:\programfiler\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2009-02-18 68856]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"TPHOTKEY"="c:\programfiler\Lenovo\HOTKEY\TPOSDSVC.exe" [2008-01-24 66928]

"IgfxTray"="c:\windows\system32\igfxtray.exe" [2008-03-05 141848]

"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2008-03-05 166424]

"Persistence"="c:\windows\system32\igfxpers.exe" [2008-03-05 137752]

"Apoint"="c:\programfiler\Apoint2K\Apoint.exe" [2007-08-20 172032]

"PSQLLauncher"="c:\programfiler\ThinkVantage Fingerprint Software\launcher.exe" [2007-08-14 48904]

"DLA"="c:\windows\System32\DLA\DLACTRLW.EXE" [2006-02-02 122940]

"PWRMGRTR"="c:\progra~1\ThinkPad\UTILIT~1\PWRMGRTR.DLL" [2008-01-10 294912]

"BLOG"="c:\progra~1\ThinkPad\UTILIT~1\BatLogEx.DLL" [2008-01-10 208896]

"TPFNF7"="c:\programfiler\Lenovo\NPDIRECT\TPFNF7SP.exe" [2008-03-26 59680]

"QuickTime Task"="c:\programfiler\QuickTime\qttask.exe" [2008-03-28 413696]

"LPManager"="c:\progra~1\THINKV~2\PrdCtr\LPMGR.exe" [2008-01-11 144728]

"LPMailChecker"="c:\progra~1\THINKV~2\PrdCtr\LPMLCHK.exe" [2008-01-11 124248]

"ccApp"="c:\programfiler\Fellesfiler\Symantec Shared\ccApp.exe" [2007-05-29 52840]

"vptray"="c:\progra~1\SYMANT~1\VPTray.exe" [2007-10-07 125368]

"Acrobat Assistant 8.0"="c:\programfiler\Adobe\Acrobat 8.0\Acrobat\Acrotray.exe" [2008-10-14 623992]

"Adobe Reader Speed Launcher"="c:\programfiler\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2008-10-14 39792]

"TpShocks"="TpShocks.exe" - c:\windows\system32\TpShocks.exe [2007-11-22 181536]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce]

"TSClientMSIUninstaller"="c:\windows\Installer\TSClientMsiTrans\tscuinst.vbs" [2007-10-30 13801]

"TSClientAXDisabler"="c:\windows\Installer\TSClientMsiTrans\tscdsbl.bat" [2008-01-18 2247]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\psfus]

2007-08-14 13:54 89600 ----a-w- c:\windows\system32\psqlpwd.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\tpfnf2]

2006-09-06 14:37 34344 ----a-w- c:\programfiler\Lenovo\HOTKEY\notifyf2.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\tphotkey]

2007-12-14 14:36 28672 ----a-w- c:\programfiler\Lenovo\HOTKEY\tphklock.dll

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]

Notification Packages REG_MULTI_SZ scecli psqlpwd

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\group policy\state\Machine\Scripts\Startup\0\0]

"Script"=pushprinterconnections.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\group policy\state\Machine\Scripts\Startup\1\0]

"Script"=Slett-Filer.cmd

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\group policy\state\S-1-5-21-489248529-1699838375-1845911597-313889\Scripts\Logon\0\0]

"Script"=Sym2Server.bat

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]

@="Driver"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend]

@="Service"

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]

"DisableMonitoring"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]

"EnableFirewall"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]

"%windir%\\system32\\sessmgr.exe"=

"%windir%\\Network Diagnostic\\xpnetdiag.exe"=

"c:\\Programfiler\\Windows Live\\Sync\\WindowsLiveSync.exe"=

"c:\\Programfiler\\Windows Live\\Messenger\\msnmsgr.exe"=

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]

"3389:TCP"= 3389:TCP:*:Disabled:@xpsp2res.dll,-22009

"53:TCP"= 53:TCP:websrvx

R0 Shockprf;Shockprf;c:\windows\system32\drivers\ApsX86.sys [16.10.2007 18:33 103472]

R0 TPDIGIMN;TPDIGIMN;c:\windows\system32\drivers\ApsHM86.sys [16.10.2007 18:32 19504]

R1 TPPWRIF;TPPWRIF;c:\windows\system32\drivers\TPPWRIF.SYS [22.04.2008 13:26 4442]

R2 fssfltr;FssFltr;c:\windows\system32\drivers\fssfltr_tdi.sys [10.03.2009 21:00 55152]

R2 smihlp;SMI Helper Driver (smihlp);c:\programfiler\Fellesfiler\ThinkVantage Fingerprint Software\Drivers\smihlp.sys [14.08.2007 15:46 10896]

R2 WinDefend;Windows Defender;c:\programfiler\Windows Defender\MsMpEng.exe [03.11.2006 19:19 13592]

R3 EraserUtilRebootDrv;EraserUtilRebootDrv;c:\programfiler\Fellesfiler\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [26.02.2009 13:04 101936]

R3 WSIMD;wsimd Service;c:\windows\system32\drivers\wsimd.sys [08.04.2008 18:57 57344]

S3 fsssvc;Windows Live Tryggere for familien;c:\programfiler\Windows Live\Family Safety\fsssvc.exe [06.02.2009 19:08 533360]

S3 SavRoam;SAVRoam;c:\programfiler\Symantec AntiVirus\SavRoam.exe [07.10.2007 20:48 116664]

--- Andre tjenester/drivere lastet i minnet ---

*Deregistered* - uphcleanhlp

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]

HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12

.

Innholdet i mappen 'Scheduled Tasks' (planlagte oppgaver)

2009-05-31 c:\windows\Tasks\MP Scheduled Scan.job

- c:\programfiler\Windows Defender\MpCmdRun.exe [2006-11-03 17:20]

2009-05-31 c:\windows\Tasks\PMTask.job

- c:\progra~1\ThinkPad\UTILIT~1\PWMIDTSK.EXE [2008-04-22 23:30]

.

- - - - TOMME PEKERE FJERNET - - - -

HKCU-RunOnce-Shockwave Updater - c:\windows\system32\Adobe\SHOCKW~1\SWHELP~1.EXE -Update -1103471 -Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 5.1; .NET CLR 1.1.4322; .NET CLR 2.0.50727; .NET CLR 3.0.04506.30; .NET

SafeBoot-procexp90.Sys

.

------- Tilleggsskanning -------

.

uStart Page = hxxp://fuv.hfk.no

mStart Page = hxxp://www.yahoo.com

uInternet Settings,ProxyOverride = *.local

IE: Append to existing PDF - c:\programfiler\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html

IE: Convert link target to Adobe PDF - c:\programfiler\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html

IE: Convert link target to existing PDF - c:\programfiler\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html

IE: Convert selected links to Adobe PDF - c:\programfiler\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html

IE: Convert selected links to existing PDF - c:\programfiler\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html

IE: Convert selection to Adobe PDF - c:\programfiler\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html

IE: Convert selection to existing PDF - c:\programfiler\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html

IE: Convert to Adobe PDF - c:\programfiler\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html

IE: E&ksporter til Microsoft Excel - c:\progra~1\MICROS~2\OFFICE11\EXCEL.EXE/3000

DPF: {BFF1950D-B1B4-4AE8-B842-B2CCF06D9A1B} - hxxp://game02.zylom.com/activex/zylomgamesplayer.cab

.

**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net

Rootkit scan 2009-06-01 00:12

Windows 5.1.2600 Service Pack 3 NTFS

skanner skjulte prosesser ...

skanner skjulte autostart-oppføringer ...

skanner skjulte filer ...

skanning vellykket

skjulte filer: 0

**************************************************************************

.

--------------------- DLL'er Lastet Av Kjørende Prosesser ---------------------

- - - - - - - > 'winlogon.exe'(1172)

c:\windows\system32\vrlogon.dll

c:\windows\system32\psqlpwd.dll

c:\programfiler\ThinkVantage Fingerprint Software\homefus2.dll

c:\programfiler\ThinkVantage Fingerprint Software\infra.dll

c:\programfiler\ThinkVantage Fingerprint Software\homepass.dll

c:\programfiler\ThinkVantage Fingerprint Software\bio.dll

c:\programfiler\ThinkVantage Fingerprint Software\ps2css.dll

c:\programfiler\ThinkVantage Fingerprint Software\remote.dll

c:\programfiler\Lenovo\HOTKEY\tphklock.dll

c:\programfiler\ThinkVantage Fingerprint Software\pscssint.dll

c:\programfiler\ThinkVantage Fingerprint Software\crypto.dll

- - - - - - - > 'lsass.exe'(1232)

c:\windows\system32\psqlpwd.dll

c:\programfiler\ThinkVantage Fingerprint Software\homefus2.dll

c:\programfiler\ThinkVantage Fingerprint Software\infra.dll

.

Tidspunkt ferdig: 2009-05-31 0:14

ComboFix-quarantined-files.txt 2009-05-31 22:14

Pre-Run: 89 752 694 784 byte ledig

Post-Run: 91 679 211 520 byte ledig

WindowsXP-KB310994-SP2-Pro-BootDisk-NOR.exe

[boot loader]

timeout=2

default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS

[operating systems]

c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons

multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Professional" /noexecute=optin /fastdetect

195 --- E O F --- 2009-05-19 10:06

30. mai 2009

Ettersom barbermaskinen min begynte å bli dårlig bestemte jeg meg for å prøve tradisjonell barbering. Kjøpte derfor det velkjente startsettet fra barbershop med Proraso produkter og Derby extra blader.

Etter å ha studert alle filmene til youtube mannen Mantic59 var jeg klar for å prøve på meg selv. Det gikk egentlig greit over alt uten de store kuttene, utenom på haken. Jeg tenkte at siden haken er den eneste plassen jeg har helt tett og stivt skjegg så trengte jeg mer trening for å få det bra til her.

Nå har jeg "trent" nesten hver dag i to uker, men jeg sliter fremdeles med hakepartiet der jeg har veldig tett og stivt skjegg. Har prøvd i alle mulige retninger og vinkler, men høvelen henger uansett igjen, og når jeg fortsetter å dra river jeg meg, og den begynner å blø (Jeg her også selvfølgelig ikke noe press på høvelen)

Tanken har slått meg at bladene ikke er skarpe nok, virker som derby bladene ikke klarer å kutte skjegget. Så jeg lurer på om det har noe for seg å kjøpe feather blader da disse er skarpere? Eller er teknikken min rett og slett for dårlig?

En annen ting jeg mislikte med startsettet er at kosten av svinebust er alt or stiv og virker veldig "billig", vil dere erfarne barbererer anbefale å legge noen ekstra hundre lapper i en dyrerer kost av grevling?

Håper noen med litt erfaring har noen råd til en som er lei barbermaskinen og ikke har lyst tilbake til flerbladshøvel.

16. april 2009

Symptom: Sender ut pakker når den er koblet til internett.

MBAM

Klikk for å se/fjerne innholdet nedenfor

Malwarebytes' Anti-Malware 1.36

Databaseversjon: 1988

Windows 5.1.2600 Service Pack 3

16.04.2009 08:08:13

mbam-log-2009-04-16 (08-08-13).txt

Skanntype: Rask Skann

Objekter skannet: 69129

Tid tilbakelagt: 3 minute(s), 39 second(s)

Minneprosesser infisert: 0

Minnemoduler infisert: 0

Registernøkler infisert: 0

Registerverdier infisert: 0

Registerfiler infisert: 0

Mapper infisert: 0

Filer infisert: 0

Minneprosesser infisert:

(Ingen mistenkelige filer funnet)

Minnemoduler infisert:

(Ingen mistenkelige filer funnet)

Registernøkler infisert:

(Ingen mistenkelige filer funnet)

Registerverdier infisert:

(Ingen mistenkelige filer funnet)

Registerfiler infisert:

(Ingen mistenkelige filer funnet)

Mapper infisert:

(Ingen mistenkelige filer funnet)

Filer infisert:

(Ingen mistenkelige filer funnet)

HJT

Klikk for å se/fjerne innholdet nedenfor

Logfile of Trend Micro HijackThis v2.0.2

Scan saved at 08:18:08, on 16.04.2009

Platform: Windows XP SP3 (WinNT 5.01.2600)

MSIE: Internet Explorer v6.00 SP3 (6.00.2900.5512)

Boot mode: Normal

Running processes:

C:\WINDOWS\System32\smss.exe

C:\WINDOWS\system32\winlogon.exe

C:\WINDOWS\system32\services.exe

C:\WINDOWS\system32\lsass.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\System32\svchost.exe

C:\WINDOWS\system32\spoolsv.exe

C:\Programfiler\Fellesfiler\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe

C:\Programfiler\Bonjour\mDNSResponder.exe

C:\Programfiler\NetLimiter 2 Pro\nlsvc.exe

C:\WINDOWS\system32\HPZipm12.exe

C:\WINDOWS\system32\svchost.exe

C:\Programfiler\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe

C:\Programfiler\Google\Update\GoogleUpdate.exe

C:\WINDOWS\system32\wscntfy.exe

C:\WINDOWS\system32\ctfmon.exe

C:\WINDOWS\system32\igfxtray.exe

C:\WINDOWS\system32\igfxsrvc.exe

C:\WINDOWS\system32\hkcmd.exe

C:\WINDOWS\system32\igfxpers.exe

C:\WINDOWS\RTHDCPL.EXE

C:\Programfiler\Synaptics\SynTP\SynTPEnh.exe

C:\Programfiler\Microsoft Office\Office12\GrooveMonitor.exe

C:\Programfiler\iTunes\iTunesHelper.exe

C:\Programfiler\DAEMON Tools Lite\daemon.exe

C:\Programfiler\Toshiba\Bluetooth Toshiba Stack\TosBtMng.exe

C:\Programfiler\Realtek\8187SE Wireless LAN Utility\RtWLan.exe

C:\Programfiler\iPod\bin\iPodService.exe

C:\Programfiler\Toshiba\Bluetooth Toshiba Stack\TosA2dp.exe

C:\Programfiler\Toshiba\Bluetooth Toshiba Stack\TosBtHid.exe

C:\Programfiler\Malwarebytes' Anti-Malware\mbam.exe

C:\Programfiler\Java\jre6\bin\jusched.exe

C:\Programfiler\Java\jre6\bin\jqs.exe

C:\WINDOWS\system32\wbem\wmiapsrv.exe

C:\WINDOWS\system32\NOTEPAD.EXE

C:\WINDOWS\explorer.exe

C:\WINDOWS\system32\notepad.exe

C:\Programfiler\Adobe\Reader 8.0\Reader\AcroRd32Info.exe

C:\Programfiler\Trend Micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.msi.com.tw

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896

R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://www.msi.com.tw/

R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koblinger

O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programfiler\Fellesfiler\Adobe\Acrobat\ActiveX\AcroIEHelper.dll

O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Programfiler\Microsoft Office\Office12\GrooveShellExtensions.dll

O2 - BHO: Påloggingshjelp for Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programfiler\Fellesfiler\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Programfiler\Google\GoogleToolbarNotifier\5.1.1309.3572\swg.dll

O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Programfiler\Java\jre6\bin\jp2ssv.dll

O2 - BHO: FlashFXP Helper for Internet Explorer - {E5A1691B-D188-4419-AD02-90002030B8EE} - C:\Programfiler\FlashFXP\IEFlash.dll

O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Programfiler\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll

O4 - HKLM\..\Run: [igfxTray] C:\WINDOWS\system32\igfxtray.exe

O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe

O4 - HKLM\..\Run: [Persistence] C:\WINDOWS\system32\igfxpers.exe

O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE

O4 - HKLM\..\Run: [synTPEnh] C:\Programfiler\Synaptics\SynTP\SynTPEnh.exe

O4 - HKLM\..\Run: [iTSecMng] %ProgramFiles%\TOSHIBA\Bluetooth Toshiba Stack\ItSecMng.exe /START

O4 - HKLM\..\Run: [GrooveMonitor] "C:\Programfiler\Microsoft Office\Office12\GrooveMonitor.exe"

O4 - HKLM\..\Run: [QuickTime Task] "C:\Programfiler\QuickTime\QTTask.exe" -atboottime

O4 - HKLM\..\Run: [iTunesHelper] "C:\Programfiler\iTunes\iTunesHelper.exe"

O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Programfiler\Adobe\Reader 8.0\Reader\Reader_sl.exe"

O4 - HKLM\..\Run: [MGSysCtrl] C:\Programfiler\System Control Manager\MGSysCtrl.exe

O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Programfiler\Java\jre6\bin\jusched.exe"

O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe

O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Programfiler\DAEMON Tools Lite\daemon.exe" -autorun

O4 - HKCU\..\Run: [swg] C:\Programfiler\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe

O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')

O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')

O4 - Global Startup: Bluetooth Manager.lnk = ?

O4 - Global Startup: REALTEK RTL8187SE Wireless LAN Utility.lnk = C:\Programfiler\Realtek\8187SE Wireless LAN Utility\RtWLan.exe

O8 - Extra context menu item: E&ksporter til Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000

O9 - Extra button: Send til OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll

O9 - Extra 'Tools' menuitem: S&end til OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll

O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL

O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe

O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe

O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programfiler\Messenger\msmsgs.exe

O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programfiler\Messenger\msmsgs.exe

O14 - IERESET.INF: START_PAGE_URL=http://www.msi.com.tw

O15 - Trusted Zone: http://asia.msi.com.tw

O15 - Trusted Zone: http://global.msi.com.tw

O15 - Trusted Zone: http://www.msi.com.tw

O16 - DPF: {8167C273-DF59-4416-B647-C8BB2C7EE83E} (WebSDev Control) - http://liveupdate.msi.com.tw/autobios/LOnline/install.cab

O16 - DPF: {D821DC4A-0814-435E-9820-661C543A4679} (CRLDownloadWrapper Class) - http://drmlicense.one.microsoft.com/crlupdate/en/crlocx.ocx

O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Programfiler\Microsoft Office\Office12\GrooveSystemServices.dll

O23 - Service: Apple Mobile Device - Apple Inc. - C:\Programfiler\Fellesfiler\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe

O23 - Service: Bonjour-tjeneste (Bonjour Service) - Apple Inc. - C:\Programfiler\Bonjour\mDNSResponder.exe

O23 - Service: Googles oppdateringstjeneste (gupdate1c9aa1df861930c) (gupdate1c9aa1df861930c) - Google Inc. - C:\Programfiler\Google\Update\GoogleUpdate.exe

O23 - Service: Google Software Updater (gusvc) - Google - C:\Programfiler\Google\Common\Google Updater\GoogleUpdaterService.exe

O23 - Service: iPod-tjeneste (iPod Service) - Apple Inc. - C:\Programfiler\iPod\bin\iPodService.exe

O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Programfiler\Java\jre6\bin\jqs.exe

O23 - Service: Micro Star SCM - Unknown owner - C:\Programfiler\System Control Manager\MSIService.exe (file missing)

O23 - Service: NetLimiter (nlsvc) - Locktime Software - C:\Programfiler\NetLimiter 2 Pro\nlsvc.exe

O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe

O23 - Service: TOSHIBA Bluetooth Service - TOSHIBA CORPORATION - C:\Programfiler\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe

--

End of file - 7941 bytes

Combofix

Klikk for å se/fjerne innholdet nedenfor

ComboFix 09-04-16.02 - Jørgen 16.04.2009 8:13.2 - NTFSx86

Microsoft Windows XP Home Edition 5.1.2600.3.1252.47.1044.18.2037.1537 [GMT 2:00]

Kjører fra: c:\documents and settings\Jørgen\Skrivebord\ComboFix.exe

* Opprettet nytt gjenopprettingspunkt

ADVARSEL -DENNE MASKINEN HAR IKKE GJENOPPRETTINGSKONSOLLEN INSTALLERT !!

.

((((((((((((((((((((((((((( Filer Opprettet Fra 2009-03-16 til 2009-04-16 )))))))))))))))))))))))))))))))))

.

2009-04-16 06:03 . 2009-04-16 06:03 -------- d-----w c:\windows\LastGood

2009-04-11 13:03 . 2009-04-11 13:03 -------- d-----w c:\documents and settings\Jørgen\Programdata\Locktime

2009-04-11 12:45 . 2009-04-11 12:45 -------- d-----w c:\documents and settings\All Users\Programdata\Locktime

2009-04-11 12:45 . 2009-04-11 12:45 -------- d-----w c:\programfiler\NetLimiter 2 Pro

2009-04-09 14:00 . 2009-04-09 14:00 -------- d-----w c:\programfiler\Advanced IP Scanner

2009-04-05 15:23 . 2009-04-05 15:23 -------- d-----w c:\programfiler\WinISD

2009-03-23 10:13 . 2009-03-23 10:13 -------- d-----w c:\documents and settings\NetworkService\Lokale innstillinger\Programdata\Google

2009-03-21 12:10 . 2009-03-21 12:10 -------- d-----w c:\documents and settings\LocalService\Lokale innstillinger\Programdata\Google

2009-03-21 12:09 . 2009-03-23 20:20 -------- d-----w c:\documents and settings\Jørgen\Lokale innstillinger\Programdata\Google

2009-03-21 12:09 . 2009-04-16 05:57 -------- d-----w c:\documents and settings\All Users\Programdata\Google Updater

2009-03-21 12:09 . 2009-03-21 12:11 -------- d-----w c:\programfiler\Google

2009-03-19 21:18 . 2009-03-19 21:18 -------- d-----w C:\_Diverse

.

(((((((((((((((((((((((((((((((((((((((( Find3M Rapport ))))))))))))))))))))))))))))))))))))))))))))))))))))

.

2009-04-16 06:05 . 2008-10-16 20:08 -------- d-----w c:\programfiler\Java

2009-04-16 06:03 . 2009-01-22 15:05 -------- d-----w c:\programfiler\Malwarebytes' Anti-Malware

2009-04-16 05:55 . 2008-06-12 15:55 72104 ----a-w c:\windows\system32\perfc014.dat

2009-04-16 05:55 . 2008-06-12 15:55 407662 ----a-w c:\windows\system32\perfh014.dat

2009-04-13 20:57 . 2008-10-16 20:11 -------- d-----w c:\documents and settings\Jørgen\Programdata\LimeWire

2009-04-11 16:27 . 2009-03-08 14:13 -------- d-----w c:\documents and settings\Jørgen\Programdata\Spotify

2009-04-09 14:25 . 2008-08-08 16:21 -------- d-----w c:\documents and settings\Jørgen\Programdata\uTorrent

2009-04-06 13:32 . 2009-01-22 15:05 38496 ----a-w c:\windows\system32\drivers\mbamswissarmy.sys

2009-04-06 13:32 . 2009-01-22 15:05 15504 ----a-w c:\windows\system32\drivers\mbam.sys

2009-03-13 09:35 . 2009-03-13 09:35 -------- d-----w c:\programfiler\Microsoft

2009-03-13 09:34 . 2009-03-13 09:34 -------- d-----w c:\programfiler\Windows Live SkyDrive

2009-03-13 09:34 . 2008-08-08 11:30 -------- d-----w c:\programfiler\Windows Live

2009-03-13 09:32 . 2009-03-13 09:32 -------- d-----w c:\programfiler\Fellesfiler\Windows Live

2009-03-11 23:21 . 2008-06-12 08:52 -------- d-----w c:\documents and settings\All Users\Programdata\Microsoft Help

2009-03-09 03:19 . 2008-12-06 12:18 410984 ----a-w c:\windows\system32\deploytk.dll

2009-03-08 14:13 . 2009-03-08 14:13 -------- d-----w c:\programfiler\Spotify

2009-02-25 17:39 . 2009-02-25 17:39 -------- d-----w c:\documents and settings\All Users\Programdata\Office Genuine Advantage

2009-02-20 20:41 . 2008-08-30 22:14 -------- d-----w c:\documents and settings\All Users\Programdata\TrackMania

2009-02-15 19:43 . 2009-02-15 19:43 -------- d-----w c:\programfiler\Lavalys

2009-02-15 18:28 . 2008-06-12 08:01 -------- d-----w c:\programfiler\System Control Manager

2009-02-15 18:19 . 2008-06-12 07:43 -------- d--h--w c:\programfiler\InstallShield Installation Information

2009-02-15 16:34 . 2008-09-30 16:04 -------- d-----w c:\programfiler\DB

2009-02-09 14:08 . 2008-06-12 15:55 1846784 ----a-w c:\windows\system32\win32k.sys

2009-02-06 17:52 . 2009-02-06 17:52 49504 ----a-w c:\windows\system32\sirenacm.dll

2009-01-07 20:13 . 2009-01-07 20:13 130 ----a-w c:\documents and settings\Jørgen\Lokale innstillinger\Programdata\fusioncache.dat

2008-10-23 13:40 . 2008-08-30 22:26 68456 ----a-w c:\documents and settings\Jørgen\Lokale innstillinger\Programdata\GDIPFONTCACHEV1.DAT

.

(((((((((((((((((((((((((((((((( Oppstartspunkter I Registeret )))))))))))))))))))))))))))))))))))))))))))))

.

*Merk* tomme oppføringer & gyldige standardoppføringer vises ikke

REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"CTFMON.EXE"="c:\windows\system32\ctfmon.exe" [2008-04-15 15360]

"DAEMON Tools Lite"="c:\programfiler\DAEMON Tools Lite\daemon.exe" [2008-08-08 490952]

"swg"="c:\programfiler\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2009-03-21 39408]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"IgfxTray"="c:\windows\system32\igfxtray.exe" [2007-12-20 135168]

"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2007-12-20 159744]

"Persistence"="c:\windows\system32\igfxpers.exe" [2007-12-20 131072]

"SynTPEnh"="c:\programfiler\Synaptics\SynTP\SynTPEnh.exe" [2008-01-12 1028096]

"ITSecMng"="c:\programfiler\TOSHIBA\Bluetooth Toshiba Stack\ItSecMng.exe" [2007-09-28 75136]

"GrooveMonitor"="c:\programfiler\Microsoft Office\Office12\GrooveMonitor.exe" [2007-08-24 33648]

"QuickTime Task"="c:\programfiler\QuickTime\QTTask.exe" [2008-09-06 413696]

"iTunesHelper"="c:\programfiler\iTunes\iTunesHelper.exe" [2008-10-01 289576]

"Adobe Reader Speed Launcher"="c:\programfiler\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2008-10-15 39792]

"MGSysCtrl"="c:\programfiler\System Control Manager\MGSysCtrl.exe" [2008-10-09 688128]

"SunJavaUpdateSched"="c:\programfiler\Java\jre6\bin\jusched.exe" [2009-03-09 148888]

"RTHDCPL"="RTHDCPL.EXE" - c:\windows\RTHDCPL.exe [2008-05-08 16862208]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]

"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-15 15360]

c:\documents and settings\All Users\Start-meny\Programmer\Oppstart\

Bluetooth Manager.lnk - c:\programfiler\Toshiba\Bluetooth Toshiba Stack\TosBtMng.exe [2008-2-22 2938184]

REALTEK RTL8187SE Wireless LAN Utility.lnk - c:\programfiler\Realtek\8187SE Wireless LAN Utility\RtWLan.exe [2008-9-5 880640]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]

"msacm.dvacm"= c:\progra~1\FELLES~1\ULEADS~1\vio\dvacm.acm

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]

"%windir%\\Network Diagnostic\\xpnetdiag.exe"=

"%windir%\\system32\\sessmgr.exe"=

"c:\\Programfiler\\uTorrent\\uTorrent.exe"=

"c:\\Programfiler\\Steam\\steamapps\\common\\trackmania nations forever\\TmForever.exe"=

"c:\\Programfiler\\Realtek\\8187SE Wireless LAN Utility\\RtWLan.exe"=

"c:\\Programfiler\\Microsoft Office\\Office12\\OUTLOOK.EXE"=

"c:\\Programfiler\\Microsoft Office\\Office12\\GROOVE.EXE"=

"c:\\Programfiler\\Microsoft Office\\Office12\\ONENOTE.EXE"=

"c:\\Documents and Settings\\Jørgen\\Skrivebord\\Diverse\\WD Discovery Software\\WD Discovery.exe"=

"c:\\Programfiler\\Bonjour\\mDNSResponder.exe"=

"c:\\Programfiler\\FlashFXP\\FlashFXP.exe"=

"c:\\Programfiler\\LimeWire\\LimeWire.exe"=

"c:\\Documents and Settings\\Jørgen\\Skrivebord\\Diverse\\TmNationsForever\\TmForever.exe"=

"c:\\Programfiler\\Spotify\\spotify.exe"=

"c:\\Programfiler\\Windows Live\\Messenger\\msnmsgr.exe"=

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]

"1542:TCP"= 1542:TCP:Realtek WPS TCP Prot

"1542:UDP"= 1542:UDP:Realtek WPS UDP Prot

R2 gupdate1c9aa1df861930c;Googles oppdateringstjeneste (gupdate1c9aa1df861930c);c:\programfiler\Google\Update\GoogleUpdate.exe [2009-03-21 133104]

R2 Micro Star SCM;Micro Star SCM; [x]

R3 EverestDriver;Lavalys EVEREST Kernel Driver;c:\programfiler\Lavalys\EVEREST Ultimate Edition\kerneld.wnt [2009-02-04 26224]

R3 PSI;PSI;c:\windows\system32\DRIVERS\psi_mf.sys [2008-11-18 7808]

R3 USBAAPL;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl.sys [2008-10-01 32000]

S1 nltdi;nltdi;c:\windows\system32\drivers\nltdi.sys [2007-04-23 82200]

S3 MBAMSwissArmy;MBAMSwissArmy;c:\windows\system32\drivers\mbamswissarmy.sys [2009-04-06 38496]

S3 RSUSBSTOR;RTS5121.Sys Realtek USB Card Reader;c:\windows\system32\Drivers\RTS5121.sys [2008-06-11 156160]

S3 rtl8187Se;Realtek RTL8187SE Wireless LAN PCIE Network Adapter;c:\windows\system32\DRIVERS\rtl8187Se.sys [2008-08-22 308608]

--- Andre tjenester/drivere lastet i minnet ---

*NewlyCreated* - JAVAQUICKSTARTERSERVICE

*NewlyCreated* - MBAMSWISSARMY

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{8cd5d22e-7b50-11dd-914a-001d92c7a17a}]

\Shell\AutoRun\command - E:\SETUP.EXE

\Shell\configure\command - E:\SETUP.EXE

\Shell\install\command - E:\SETUP.EXE

.

Innholdet i mappen 'Scheduled Tasks' (planlagte oppgaver)

2009-04-16 c:\windows\Tasks\Google Software Updater.job

- c:\programfiler\Google\Common\Google Updater\GoogleUpdaterService.exe [2009-03-21 12:09]

2009-04-16 c:\windows\Tasks\GoogleUpdateTaskMachine.job

- c:\programfiler\Google\Update\GoogleUpdate.exe [2009-03-21 12:09]

.

------- Tilleggsskanning -------

.

uStart Page = hxxp://www.msi.com.tw

uInternet Connection Wizard,ShellNext = hxxp://www.msi.com.tw/

uInternet Settings,ProxyOverride = *.local

IE: E&ksporter til Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000

Trusted Zone: com.tw\asia.msi

Trusted Zone: com.tw\global.msi

Trusted Zone: com.tw\www.msi

DPF: {8167C273-DF59-4416-B647-C8BB2C7EE83E} - hxxp://liveupdate.msi.com.tw/autobios/LOnline/install.cab

FF - ProfilePath - c:\documents and settings\Jørgen\Programdata\Mozilla\Firefox\Profiles\r9v34ft9.default\

FF - plugin: c:\programfiler\Google\Google Updater\2.4.1536.6592\npCIDetect13.dll

FF - plugin: c:\programfiler\Google\Update\1.2.141.5\npGoogleOneClick7.dll

FF - plugin: c:\programfiler\Mozilla Firefox\plugins\np-mswmp.dll

FF - plugin: c:\programfiler\Vizky\npVizky.dll

.

**************************************************************************

catchme 0.3.1375 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net

Rootkit scan 2009-04-16 08:16

Windows 5.1.2600 Service Pack 3 NTFS

skanner skjulte prosesser ...

skanner skjulte autostart-oppføringer ...

skanner skjulte filer ...

skanning vellykket

skjulte filer: 0

**************************************************************************

[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\EverestDriver]

"ImagePath"="\??\c:\programfiler\Lavalys\EVEREST Ultimate Edition\kerneld.wnt"

.

--------------------- DLL'er Lastet Av Kjørende Prosesser ---------------------

- - - - - - - > 'explorer.exe'(3936)

c:\progra~1\WINDOW~2\wmpband.dll

c:\windows\system32\WPDShServiceObj.dll

c:\windows\system32\PortableDeviceTypes.dll

c:\windows\system32\PortableDeviceApi.dll

.

Tidspunkt ferdig: 2009-04-16 8:17

ComboFix-quarantined-files.txt 2009-04-16 06:17

ComboFix2.txt 2009-04-09 14:31

Pre-Run: 34 081 214 464 byte ledig

Post-Run: 34 081 308 672 byte ledig

171 --- E O F --- 2009-03-15 22:52

27. mars 2009

Edit.. for sein..

15. mars 2009

Hei!

Jeg er en gutt på 17år som endelig har bestemt meg for å begynne med fast styrketrening igjen etter flere års pause fra aktiv idrett.

Jeg er en relativt tynn kar på 192cm og bare 67kg.. stort sett skinn og bein. Jeg har tidligere erfaring med utholdenhetsidrett så det har stort sett gått i kondisjonstrening når jeg var aktiv for noen år tilbake og lite styrke, men nå har jeg tenkt til å ta meg sammen for å bygge opp muskelmasse og øke kroppsvekten.

Jeg har ikke så veldig lyst til å gå rett på treningsstudio, ja, sier seg selv med så lite muskler som jeg har på kroppen. Det jeg har av utstyr er manualer opp til 2x10kg, dette må da være mulig å bruke i starten?

Når det kommer til kosthold vil jeg si jeg spiser normalt og sunt, men jeg kan egentlig spise akkurat det jeg vil uten å legge på meg...

Så det jeg egentlig trenger hjelp til er å få laget et treningsprogram som får opp kroppsvekten og bygger muskelmasse, i starten ved hjelp av de manualene jeg har. Er dette mulig?

Håper på hjelp

14. mars 2009

Dette må drikkes bort...

1. mars 2009

Har kjørt CCleaner nå. Var vel rundt 600 feil i registeret som ble fikset, men maskinen kjører fremdeles seint.

Er loggene rene?

1. mars 2009

Ja, nok en maskin som jeg tror er full av malware. Ikke noen andre symptomer enn at den jobber forferdelig sent. Dette skal vistnok har skjedd "plutselig". Har blant annet brukt fire timer på å få til å lage loggene.

MBAM

Klikk for å se/fjerne innholdet nedenfor

Malwarebytes' Anti-Malware 1.34

Databaseversjon: 1813

Windows 5.1.2600 Service Pack 3

01.03.2009 15:44:57

mbam-log-2009-03-01 (15-44-57).txt

Skanntype: Rask Skann

Objekter skannet: 119052

Tid tilbakelagt: 1 hour(s), 13 minute(s), 48 second(s)

Minneprosesser infisert: 0

Minnemoduler infisert: 0

Registernøkler infisert: 107

Registerverdier infisert: 7

Registerfiler infisert: 0

Mapper infisert: 103

Filer infisert: 266

Minneprosesser infisert:

(Ingen mistenkelige filer funnet)

Minnemoduler infisert:

(Ingen mistenkelige filer funnet)

Registernøkler infisert:

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{df780f87-ff2b-4df8-92d0-73db16a1543a} (Adware.PopCap) -> Quarantined and deleted successfully.

HKEY_CLASSES_ROOT\TypeLib\{3e720450-b472-4954-b7aa-33069eb53906} (Adware.MyWebSearch) -> Quarantined and deleted successfully.

HKEY_CLASSES_ROOT\Interface\{3e53e2cb-86db-4a4a-8bd9-ffeb7a64df82} (Adware.MyWebSearch) -> Quarantined and deleted successfully.

HKEY_CLASSES_ROOT\Interface\{1093995a-ba37-41d2-836e-091067c4ad17} (Adware.MyWebSearch) -> Quarantined and deleted successfully.

HKEY_CLASSES_ROOT\Interface\{bbabdc90-f3d5-4801-863a-ee6ae529862d} (Adware.MyWebSearch) -> Quarantined and deleted successfully.

HKEY_CLASSES_ROOT\Interface\{d6ff3684-ad3b-48eb-bbb4-b9e6c5a355c1} (Adware.MyWebSearch) -> Quarantined and deleted successfully.

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{1d4db7d2-6ec9-47a3-bd87-1e41684e07bb} (Adware.MyWebSearch) -> Quarantined and deleted successfully.

HKEY_CLASSES_ROOT\Interface\{247a115f-06c2-4fb3-967d-2d62d3cf4f0a} (Adware.MyWebSearch) -> Quarantined and deleted successfully.

HKEY_CLASSES_ROOT\funwebproducts.historykillerscheduler (Adware.MyWebSearch) -> Quarantined and deleted successfully.

HKEY_CLASSES_ROOT\CLSID\{c9d7be3e-141a-4c85-8cd6-32461f3df2c7} (Adware.MyWebSearch) -> Quarantined and deleted successfully.

HKEY_CLASSES_ROOT\Interface\{120927bf-1700-43bc-810f-fab92549b390} (Adware.MyWebSearch) -> Quarantined and deleted successfully.

HKEY_CLASSES_ROOT\CLSID\{0f8ecf4f-3646-4c3a-8881-8e138ffcaf70} (Adware.MyWebSearch) -> Quarantined and deleted successfully.

HKEY_CLASSES_ROOT\funwebproducts.historyswattercontrolbar (Adware.MyWebSearch) -> Quarantined and deleted successfully.

HKEY_CLASSES_ROOT\funwebproducts.historyswattercontrolbar.1 (Adware.MyWebSearch) -> Quarantined and deleted successfully.

HKEY_CLASSES_ROOT\funwebproducts.htmlmenu (Adware.MyWebSearch) -> Quarantined and deleted successfully.

HKEY_CLASSES_ROOT\funwebproducts.historykillerscheduler.1 (Adware.MyWebSearch) -> Quarantined and deleted successfully.

HKEY_CLASSES_ROOT\Interface\{991aac62-b100-47ce-8b75-253965244f69} (Adware.MyWebSearch) -> Quarantined and deleted successfully.

HKEY_CLASSES_ROOT\Interface\{3e1656ed-f60e-4597-b6aa-b6a58e171495} (Adware.MyWebSearch) -> Quarantined and deleted successfully.

HKEY_CLASSES_ROOT\Interface\{741de825-a6f0-4497-9aa6-8023cf9b0fff} (Adware.MyWebSearch) -> Quarantined and deleted successfully.

HKEY_CLASSES_ROOT\CLSID\{3dc201fb-e9c9-499c-a11f-23c360d7c3f8} (Adware.MyWebSearch) -> Quarantined and deleted successfully.

HKEY_CLASSES_ROOT\CLSID\{98d9753d-d73b-42d5-8c85-4469cda897ab} (Adware.MyWebSearch) -> Quarantined and deleted successfully.

HKEY_CLASSES_ROOT\funwebproducts.htmlmenu.1 (Adware.MyWebSearch) -> Quarantined and deleted successfully.

HKEY_CLASSES_ROOT\funwebproducts.htmlmenu.2 (Adware.MyWebSearch) -> Quarantined and deleted successfully.

HKEY_CLASSES_ROOT\funwebproducts.iecookiesmanager (Adware.MyWebSearch) -> Quarantined and deleted successfully.

HKEY_CLASSES_ROOT\funwebproducts.iecookiesmanager.1 (Adware.MyWebSearch) -> Quarantined and deleted successfully.

HKEY_CLASSES_ROOT\funwebproducts.killerobjmanager (Adware.MyWebSearch) -> Quarantined and deleted successfully.

HKEY_CLASSES_ROOT\funwebproducts.killerobjmanager.1 (Adware.MyWebSearch) -> Quarantined and deleted successfully.

HKEY_CLASSES_ROOT\funwebproducts.popswatterbarbutton (Adware.MyWebSearch) -> Quarantined and deleted successfully.

HKEY_CLASSES_ROOT\Interface\{90449521-d834-4703-bb4e-d3aa44042ff8} (Adware.MyWebSearch) -> Quarantined and deleted successfully.

HKEY_CLASSES_ROOT\TypeLib\{8e6f1830-9607-4440-8530-13be7c4b1d14} (Adware.MyWebSearch) -> Quarantined and deleted successfully.

HKEY_CLASSES_ROOT\Interface\{63d0ed2b-b45b-4458-8b3b-60c69bbbd83c} (Adware.MyWebSearch) -> Quarantined and deleted successfully.

HKEY_CLASSES_ROOT\Interface\{63d0ed2d-b45b-4458-8b3b-60c69bbbd83c} (Adware.MyWebSearch) -> Quarantined and deleted successfully.

HKEY_CLASSES_ROOT\CLSID\{63d0ed2c-b45b-4458-8b3b-60c69bbbd83c} (Adware.MyWebSearch) -> Quarantined and deleted successfully.

HKEY_CLASSES_ROOT\CLSID\{8e6f1832-9607-4440-8530-13be7c4b1d14} (Adware.MyWebSearch) -> Quarantined and deleted successfully.

HKEY_CLASSES_ROOT\CLSID\{a9571378-68a1-443d-b082-284f960c6d17} (Adware.MyWebSearch) -> Quarantined and deleted successfully.

HKEY_CLASSES_ROOT\funwebproducts.popswatterbarbutton.1 (Adware.MyWebSearch) -> Quarantined and deleted successfully.

HKEY_CLASSES_ROOT\funwebproducts.popswattersettingscontrol (Adware.MyWebSearch) -> Quarantined and deleted successfully.

HKEY_CLASSES_ROOT\TypeLib\{8ca01f0e-987c-49c3-b852-2f1ac4a7094c} (Adware.MyWebSearch) -> Quarantined and deleted successfully.

HKEY_CLASSES_ROOT\mywebsearch.htmlpanel (Adware.MyWebSearch) -> Quarantined and deleted successfully.

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Explorer Bars\{2d51d869-c36b-42bd-ae68-0a81bc771fa5} (Adware.Starware) -> Quarantined and deleted successfully.

HKEY_CLASSES_ROOT\CLSID\{7bed0340-176b-44bc-915e-c21c1dd6f617} (Adware.Starware) -> Quarantined and deleted successfully.

HKEY_CLASSES_ROOT\Interface\{3e720451-b472-4954-b7aa-33069eb53906} (Adware.MyWebSearch) -> Quarantined and deleted successfully.

HKEY_CLASSES_ROOT\Interface\{3e720453-b472-4954-b7aa-33069eb53906} (Adware.MyWebSearch) -> Quarantined and deleted successfully.

HKEY_CLASSES_ROOT\CLSID\{3e720452-b472-4954-b7aa-33069eb53906} (Adware.MyWebSearch) -> Quarantined and deleted successfully.

HKEY_CLASSES_ROOT\mywebsearch.htmlpanel.1 (Adware.MyWebSearch) -> Quarantined and deleted successfully.

HKEY_CLASSES_ROOT\mywebsearch.outlookaddin (Adware.MyWebSearch) -> Quarantined and deleted successfully.

HKEY_CLASSES_ROOT\Interface\{eb9e5c1c-b1f9-4c2b-be8a-27d6446fdaf8} (Adware.MyWebSearch) -> Quarantined and deleted successfully.

HKEY_CLASSES_ROOT\CLSID\{adb01e81-3c79-4272-a0f1-7b2be7a782dc} (Adware.MyWebSearch) -> Quarantined and deleted successfully.

HKEY_CLASSES_ROOT\CLSID\{b813095c-81c0-4e40-aa14-67520372b987} (Adware.MyWebSearch) -> Quarantined and deleted successfully.

HKEY_CLASSES_ROOT\mywebsearchtoolbar.settingsplugin (Adware.MyWebSearch) -> Quarantined and deleted successfully.

HKEY_CLASSES_ROOT\CLSID\{cff4ce82-3aa2-451f-9b77-7165605fb835} (Adware.MyWebSearch) -> Quarantined and deleted successfully.

HKEY_CLASSES_ROOT\TypeLib\{07b18ea0-a523-4961-b6bb-170de4475cca} (Adware.MyWebSearch) -> Quarantined and deleted successfully.

HKEY_CLASSES_ROOT\Interface\{07b18eaa-a523-4961-b6bb-170de4475cca} (Adware.MyWebSearch) -> Quarantined and deleted successfully.

HKEY_CLASSES_ROOT\Interface\{07b18eac-a523-4961-b6bb-170de4475cca} (Adware.MyWebSearch) -> Quarantined and deleted successfully.

HKEY_CLASSES_ROOT\CLSID\{07b18ea1-a523-4961-b6bb-170de4475cca} (Adware.MyWebSearch) -> Quarantined and deleted successfully.

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{07b18ea1-a523-4961-b6bb-170de4475cca} (Adware.MyWebSearch) -> Quarantined and deleted successfully.

HKEY_CLASSES_ROOT\TypeLib\{e47caee0-deea-464a-9326-3f2801535a4d} (Adware.MyWebSearch) -> Quarantined and deleted successfully.

HKEY_CLASSES_ROOT\CLSID\{07b18ea3-a523-4961-b6bb-170de4475cca} (Adware.MyWebSearch) -> Quarantined and deleted successfully.

HKEY_CLASSES_ROOT\CLSID\{07b18ea9-a523-4961-b6bb-170de4475cca} (Adware.MyWebSearch) -> Quarantined and deleted successfully.

HKEY_CLASSES_ROOT\CLSID\{07b18eab-a523-4961-b6bb-170de4475cca} (Adware.MyWebSearch) -> Quarantined and deleted successfully.

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{07b18eab-a523-4961-b6bb-170de4475cca} (Adware.MyWebSearch) -> Quarantined and deleted successfully.

HKEY_CLASSES_ROOT\CLSID\{53ced2d0-5e9a-4761-9005-648404e6f7e5} (Adware.MyWebSearch) -> Quarantined and deleted successfully.

HKEY_CLASSES_ROOT\mywebsearchtoolbar.settingsplugin.1 (Adware.MyWebSearch) -> Quarantined and deleted successfully.

HKEY_CLASSES_ROOT\mywebsearchtoolbar.toolbarplugin (Adware.MyWebSearch) -> Quarantined and deleted successfully.

HKEY_CLASSES_ROOT\mywebsearchtoolbar.toolbarplugin.1 (Adware.MyWebSearch) -> Quarantined and deleted successfully.

HKEY_CLASSES_ROOT\screensavercontrol.screensaverinstaller (Adware.MyWebSearch) -> Quarantined and deleted successfully.

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\starware (Adware.Starware) -> Quarantined and deleted successfully.

HKEY_CLASSES_ROOT\TypeLib\{29d67d3c-509a-4544-903f-c8c1b8236554} (Adware.MyWebSearch) -> Quarantined and deleted successfully.

HKEY_CLASSES_ROOT\Interface\{2e3537fc-cf2f-4f56-af54-5a6a3dd375cc} (Adware.MyWebSearch) -> Quarantined and deleted successfully.

HKEY_CLASSES_ROOT\Interface\{2e9937fc-cf2f-4f56-af54-5a6a3dd375cc} (Adware.MyWebSearch) -> Quarantined and deleted successfully.

HKEY_CLASSES_ROOT\CLSID\{938aa51a-996c-4884-98ce-80dd16a5c9da} (Adware.MyWebSearch) -> Quarantined and deleted successfully.

HKEY_CLASSES_ROOT\CLSID\{9ff05104-b030-46fc-94b8-81276e4e27df} (Adware.MyWebSearch) -> Quarantined and deleted successfully.

HKEY_CLASSES_ROOT\screensavercontrol.screensaverinstaller.1 (Adware.MyWebSearch) -> Quarantined and deleted successfully.

HKEY_CLASSES_ROOT\Interface\{6e74766c-4d93-4cc0-96d1-47b8e07ff9ca} (Adware.MyWebSearch) -> Quarantined and deleted successfully.

HKEY_CLASSES_ROOT\Interface\{7473d291-b7bb-4f24-ae82-7e2ce94bb6a9} (Adware.MyWebSearch) -> Quarantined and deleted successfully.

HKEY_CLASSES_ROOT\Interface\{de38c398-b328-4f4c-a3ad-1b5e4ed93477} (Adware.MyWebSearch) -> Quarantined and deleted successfully.

HKEY_CLASSES_ROOT\CLSID\{00a6faf1-072e-44cf-8957-5838f569a31d} (Adware.MyWebSearch) -> Quarantined and deleted successfully.

HKEY_CLASSES_ROOT\funwebproducts.popswattersettingscontrol.1 (Adware.MyWebSearch) -> Quarantined and deleted successfully.

HKEY_CLASSES_ROOT\CLSID\{2d51d869-c36b-42bd-ae68-0a81bc771fa5} (Adware.Starware) -> Quarantined and deleted successfully.

HKEY_CLASSES_ROOT\CLSID\{00a6faf6-072e-44cf-8957-5838f569a31d} (Adware.MyWebSearch) -> Quarantined and deleted successfully.

HKEY_CLASSES_ROOT\CLSID\{147a976f-eee1-4377-8ea7-4716e4cdd239} (Adware.MyWebSearch) -> Quarantined and deleted successfully.

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Explorer Bars\{7bed0340-176b-44bc-915e-c21c1dd6f617} (Adware.Starware) -> Quarantined and deleted successfully.

HKEY_CLASSES_ROOT\CLSID\{ca356d79-679b-4b4c-8e49-5af97014f4c1} (Adware.Starware) -> Quarantined and deleted successfully.

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{ca356d79-679b-4b4c-8e49-5af97014f4c1} (Adware.Starware) -> Quarantined and deleted successfully.

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{ca356d79-679b-4b4c-8e49-5af97014f4c1} (Adware.Starware) -> Quarantined and deleted successfully.

HKEY_CLASSES_ROOT\CLSID\{d49e9d35-254c-4c6a-9d17-95018d228ff5} (Adware.Starware) -> Quarantined and deleted successfully.

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{d49e9d35-254c-4c6a-9d17-95018d228ff5} (Adware.Starware) -> Quarantined and deleted successfully.

HKEY_LOCAL_MACHINE\SOFTWARE\MyWebSearch (Adware.MyWebSearch) -> Quarantined and deleted successfully.

HKEY_CLASSES_ROOT\mywebsearch.outlookaddin.1 (Adware.MyWebSearch) -> Quarantined and deleted successfully.

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\Word\Addins\MyWebSearch.OutlookAddin (Adware.MyWebSearch) -> Quarantined and deleted successfully.

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{00a6faf1-072e-44cf-8957-5838f569a31d} (Adware.MyWebSearch) -> Quarantined and deleted successfully.

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{00a6faf1-072e-44cf-8957-5838f569a31d} (Adware.MyWebSearch) -> Quarantined and deleted successfully.

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\Outlook\Addins\MyWebSearch.OutlookAddin (Adware.MyWebSearch) -> Quarantined and deleted successfully.

HKEY_CLASSES_ROOT\TypeLib\{7473d290-b7bb-4f24-ae82-7e2ce94bb6a9} (Adware.MyWebSearch) -> Quarantined and deleted successfully.

HKEY_CLASSES_ROOT\CLSID\{1E0DE227-5CE4-4ea3-AB0C-8B03E1AA76BC} (Adware.MyWebSearch) -> Quarantined and deleted successfully.

HKEY_CLASSES_ROOT\CLSID\{7473d292-b7bb-4f24-ae82-7e2ce94bb6a9} (Adware.MyWebSearch) -> Quarantined and deleted successfully.

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{07b18ea1-a523-4961-b6bb-170de4475cca} (Adware.MyWebSearch) -> Quarantined and deleted successfully.

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Multimedia\WMPlayer\Schemes\f3pss (Adware.MyWebSearch) -> Quarantined and deleted successfully.

HKEY_CLASSES_ROOT\CLSID\{a4730ebe-43a6-443e-9776-36915d323ad3} (Adware.MyWebSearch) -> Quarantined and deleted successfully.

HKEY_CLASSES_ROOT\Typelib\{f42228fb-e84e-479e-b922-fbbd096e792c} (Adware.MyWebSearch) -> Quarantined and deleted successfully.

HKEY_LOCAL_MACHINE\SOFTWARE\Fun Web Products (Adware.MyWebSearch) -> Quarantined and deleted successfully.

HKEY_CURRENT_USER\SOFTWARE\MyWebSearch (Adware.MyWebSearch) -> Quarantined and deleted successfully.

HKEY_LOCAL_MACHINE\SOFTWARE\FocusInteractive (Adware.MyWebSearch) -> Quarantined and deleted successfully.

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\MyWebSearch bar Uninstall (Adware.MyWebSearch) -> Quarantined and deleted successfully.

HKEY_CURRENT_USER\SOFTWARE\starware (Adware.Starware) -> Quarantined and deleted successfully.

HKEY_LOCAL_MACHINE\SOFTWARE\FunWebProducts (Adware.MyWebSearch) -> Quarantined and deleted successfully.

HKEY_CURRENT_USER\SOFTWARE\Fun Web Products (Adware.MyWebSearch) -> Quarantined and deleted successfully.

Registerverdier infisert:

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar\{d49e9d35-254c-4c6a-9d17-95018d228ff5} (Adware.Starware) -> Quarantined and deleted successfully.

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows Media\WMSDK\Sources\f3PopularScreensavers (Adware.MyWebSearch) -> Quarantined and deleted successfully.

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks\{00a6faf6-072e-44cf-8957-5838f569a31d} (Adware.MyWebSearch) -> Quarantined and deleted successfully.

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\mywebsearch email plugin (Adware.MyWebSearch) -> Quarantined and deleted successfully.

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\mywebsearch email plugin (Adware.MyWebSearch) -> Quarantined and deleted successfully.

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\User Agent\Post Platform\FunWebProducts (Adware.MyWebSearch) -> Quarantined and deleted successfully.

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Search\searchassistant (Adware.Starware) -> Quarantined and deleted successfully.

Registerfiler infisert:

(Ingen mistenkelige filer funnet)

Mapper infisert:

C:\Documents and Settings\Veronica\Programdata\Starware\Toolbar (Adware.Starware) -> Quarantined and deleted successfully.

C:\Documents and Settings\Veronica\Programdata\Starware\ToolbarSearch (Adware.Starware) -> Quarantined and deleted successfully.

C:\Documents and Settings\Veronica\Programdata\Starware (Adware.Starware) -> Quarantined and deleted successfully.

C:\Documents and Settings\Veronica\Programdata\Starware\Reference (Adware.Starware) -> Quarantined and deleted successfully.

C:\Documents and Settings\Kristoffer\Programdata\Starware\Manager (Adware.Starware) -> Quarantined and deleted successfully.

C:\Programfiler\Starware (Adware.Starware) -> Quarantined and deleted successfully.

C:\Programfiler\MyWebSearch\bar\1.bin (Adware.MyWebSearch) -> Delete on reboot.

C:\Documents and Settings\Veronica\Programdata\Starware\TravelSearch (Adware.Starware) -> Quarantined and deleted successfully.

C:\Documents and Settings\Kristoffer\Programdata\Starware\Toolbar (Adware.Starware) -> Quarantined and deleted successfully.

C:\Programfiler\FunWebProducts\PopSwatr\History (Adware.MyWebSearch) -> Quarantined and deleted successfully.

C:\Documents and Settings\Kristoffer\Programdata\Starware\Maps (Adware.Starware) -> Quarantined and deleted successfully.

C:\Programfiler\MyWebSearch\bar\Cache (Adware.MyWebSearch) -> Quarantined and deleted successfully.

C:\Programfiler\MyWebSearch\bar\Game (Adware.MyWebSearch) -> Quarantined and deleted successfully.

C:\Documents and Settings\Veronica\Programdata\Starware\ErrorSearch (Adware.Starware) -> Quarantined and deleted successfully.

C:\Documents and Settings\Veronica\Programdata\Starware\ScreensaversMarketingSitePager (Adware.Starware) -> Quarantined and deleted successfully.

C:\Documents and Settings\Kristoffer\Programdata\Starware\TravelSearch (Adware.Starware) -> Quarantined and deleted successfully.

C:\Documents and Settings\All Users\Programdata\Starware\images (Adware.Starware) -> Quarantined and deleted successfully.

C:\Documents and Settings\Veronica\Programdata\Starware\Games (Adware.Starware) -> Quarantined and deleted successfully.

C:\Documents and Settings\Kristoffer\Programdata\Starware\Weather (Adware.Starware) -> Quarantined and deleted successfully.

C:\Programfiler\MyWebSearch\bar (Adware.MyWebSearch) -> Delete on reboot.

C:\Documents and Settings\Veronica\Programdata\Starware\SearchMatch (Adware.Starware) -> Quarantined and deleted successfully.

C:\Documents and Settings\Alicia\Programdata\Starware\Games (Adware.Starware) -> Quarantined and deleted successfully.

C:\Documents and Settings\Veronica\Programdata\Starware\BrowserSearch (Adware.Starware) -> Quarantined and deleted successfully.

C:\Documents and Settings\Alicia\Programdata\Starware\TravelSearch (Adware.Starware) -> Quarantined and deleted successfully.

C:\Documents and Settings\Veronica\Programdata\Starware\RelatedSearch (Adware.Starware) -> Quarantined and deleted successfully.

C:\Documents and Settings\Alicia\Programdata\Starware\BrowserSearch (Adware.Starware) -> Quarantined and deleted successfully.

C:\Documents and Settings\Kristoffer\Programdata\Starware\ToolbarSearch (Adware.Starware) -> Quarantined and deleted successfully.

C:\Documents and Settings\Veronica\Programdata\Starware\ToolbarLogo (Adware.Starware) -> Quarantined and deleted successfully.

C:\Documents and Settings\Kristoffer\Programdata\Starware\Movies (Adware.Starware) -> Quarantined and deleted successfully.

C:\Programfiler\FunWebProducts\ScreenSaver\Images (Adware.MyWebSearch) -> Quarantined and deleted successfully.

C:\Documents and Settings\All Users\Programdata\Starware (Adware.Starware) -> Quarantined and deleted successfully.

C:\Documents and Settings\Kristoffer\Programdata\Starware\Reference (Adware.Starware) -> Quarantined and deleted successfully.

C:\Documents and Settings\All Users\Programdata\Starware\SimpleUpdate (Adware.Starware) -> Quarantined and deleted successfully.

C:\Documents and Settings\Josefin\Programdata\Starware\ErrorSearch (Adware.Starware) -> Quarantined and deleted successfully.

C:\Documents and Settings\Kristoffer\Programdata\Starware\RelatedSearch (Adware.Starware) -> Quarantined and deleted successfully.

C:\Programfiler\MyWebSearch\SrchAstt (Adware.MyWebSearch) -> Quarantined and deleted successfully.

C:\Documents and Settings\Josefin\Programdata\Starware\Games (Adware.Starware) -> Quarantined and deleted successfully.

C:\Documents and Settings\Alicia\Programdata\Starware\Layouts (Adware.Starware) -> Quarantined and deleted successfully.

C:\Programfiler\FunWebProducts\PopSwatr (Adware.MyWebSearch) -> Quarantined and deleted successfully.

C:\Documents and Settings\Alicia\Programdata\Starware\Weather (Adware.Starware) -> Quarantined and deleted successfully.

C:\Documents and Settings\Kristoffer\Programdata\Starware\SearchAssistPlus (Adware.Starware) -> Quarantined and deleted successfully.

C:\Documents and Settings\Alicia\Programdata\Starware\RelatedSearch (Adware.Starware) -> Quarantined and deleted successfully.

C:\Documents and Settings\Veronica\Programdata\Starware\Maps (Adware.Starware) -> Quarantined and deleted successfully.

C:\Documents and Settings\Kristoffer\Programdata\Starware\SearchMatch (Adware.Starware) -> Quarantined and deleted successfully.

C:\Documents and Settings\Josefin\Programdata\Starware\Manager (Adware.Starware) -> Quarantined and deleted successfully.

C:\Programfiler\FunWebProducts\Shared\Cache (Adware.MyWebSearch) -> Quarantined and deleted successfully.

C:\Documents and Settings\Kristoffer\Programdata\Starware\SearchMatch\searchMatchPages (Adware.Starware) -> Quarantined and deleted successfully.

C:\Documents and Settings\Josefin\Programdata\Starware\Maps (Adware.Starware) -> Quarantined and deleted successfully.

C:\Documents and Settings\Veronica\Programdata\Starware\Movies (Adware.Starware) -> Quarantined and deleted successfully.

C:\Programfiler\Starware\icons (Adware.Starware) -> Quarantined and deleted successfully.

C:\Documents and Settings\Josefin\Programdata\Starware\Movies (Adware.Starware) -> Quarantined and deleted successfully.

C:\Programfiler\MyWebSearch\bar\History (Adware.MyWebSearch) -> Quarantined and deleted successfully.

C:\Documents and Settings\Josefin\Programdata\Starware\Layouts (Adware.Starware) -> Quarantined and deleted successfully.

C:\Documents and Settings\Josefin\Programdata\Starware\Reference (Adware.Starware) -> Quarantined and deleted successfully.

C:\Programfiler\MyWebSearch\bar\MSNBackgrounds (Adware.MyWebSearch) -> Quarantined and deleted successfully.

C:\Documents and Settings\Alicia\Programdata\Starware\Configurator (Adware.Starware) -> Quarantined and deleted successfully.

C:\Documents and Settings\Josefin\Programdata\Starware\RelatedSearch (Adware.Starware) -> Quarantined and deleted successfully.

C:\Documents and Settings\Alicia\Programdata\Starware\ToolbarLogo (Adware.Starware) -> Quarantined and deleted successfully.

C:\Documents and Settings\Veronica\Programdata\Starware\SearchAssistPlus (Adware.Starware) -> Quarantined and deleted successfully.

C:\Documents and Settings\Alicia\Programdata\Starware\ErrorSearch (Adware.Starware) -> Quarantined and deleted successfully.

C:\Documents and Settings\Alicia\Programdata\Starware\ToolbarSearch (Adware.Starware) -> Quarantined and deleted successfully.

C:\Documents and Settings\Josefin\Programdata\Starware\ToolbarSearch (Adware.Starware) -> Quarantined and deleted successfully.

C:\Documents and Settings\Josefin\Programdata\Starware\SearchAssistPlus (Adware.Starware) -> Quarantined and deleted successfully.

C:\Programfiler\MyWebSearch\SrchAstt\1.bin (Adware.MyWebSearch) -> Quarantined and deleted successfully.

C:\Programfiler\FunWebProducts (Adware.MyWebSearch) -> Quarantined and deleted successfully.

C:\Documents and Settings\All Users\Programdata\Starware\contexts (Adware.Starware) -> Quarantined and deleted successfully.

C:\Documents and Settings\Josefin\Programdata\Starware (Adware.Starware) -> Quarantined and deleted successfully.

C:\Documents and Settings\Josefin\Programdata\Starware\BrowserSearch (Adware.Starware) -> Quarantined and deleted successfully.

C:\Documents and Settings\Josefin\Programdata\Starware\Toolbar (Adware.Starware) -> Quarantined and deleted successfully.

C:\Programfiler\FunWebProducts\ScreenSaver (Adware.MyWebSearch) -> Quarantined and deleted successfully.

C:\Documents and Settings\Josefin\Programdata\Starware\Configurator (Adware.Starware) -> Quarantined and deleted successfully.

C:\Documents and Settings\Josefin\Programdata\Starware\ToolbarLogo (Adware.Starware) -> Quarantined and deleted successfully.

C:\Documents and Settings\All Users\Programdata\Starware\buttons (Adware.Starware) -> Quarantined and deleted successfully.

C:\Documents and Settings\Alicia\Programdata\Starware\Maps (Adware.Starware) -> Quarantined and deleted successfully.

C:\Documents and Settings\Kristoffer\Programdata\Starware\BrowserSearch (Adware.Starware) -> Quarantined and deleted successfully.

C:\Documents and Settings\Veronica\Programdata\Starware\Layouts (Adware.Starware) -> Quarantined and deleted successfully.

C:\Documents and Settings\Alicia\Programdata\Starware\Movies (Adware.Starware) -> Quarantined and deleted successfully.

C:\Documents and Settings\Josefin\Programdata\Starware\TravelSearch (Adware.Starware) -> Quarantined and deleted successfully.

C:\Documents and Settings\Josefin\Programdata\Starware\SearchMatch (Adware.Starware) -> Quarantined and deleted successfully.

C:\Documents and Settings\Alicia\Programdata\Starware\Reference (Adware.Starware) -> Quarantined and deleted successfully.

C:\Documents and Settings\Josefin\Programdata\Starware\Weather (Adware.Starware) -> Quarantined and deleted successfully.

C:\Documents and Settings\Veronica\Programdata\Starware\Manager (Adware.Starware) -> Quarantined and deleted successfully.

C:\Documents and Settings\Alicia\Programdata\Starware\Toolbar (Adware.Starware) -> Quarantined and deleted successfully.

C:\Documents and Settings\Kristoffer\Programdata\Starware\Games (Adware.Starware) -> Quarantined and deleted successfully.

C:\Documents and Settings\Kristoffer\Programdata\Starware (Adware.Starware) -> Quarantined and deleted successfully.

C:\Documents and Settings\Alicia\Programdata\Starware\ScreensaversMarketingSitePager (Adware.Starware) -> Quarantined and deleted successfully.

C:\Programfiler\MyWebSearch (Adware.MyWebSearch) -> Delete on reboot.

C:\Documents and Settings\Josefin\Programdata\Starware\ScreensaversMarketingSitePager (Adware.Starware) -> Quarantined and deleted successfully.

C:\Documents and Settings\Alicia\Programdata\Starware\SearchAssistPlus (Adware.Starware) -> Quarantined and deleted successfully.

C:\Programfiler\Starware\bin (Adware.Starware) -> Quarantined and deleted successfully.

C:\Documents and Settings\Kristoffer\Programdata\Starware\Configurator (Adware.Starware) -> Quarantined and deleted successfully.

C:\Documents and Settings\Alicia\Programdata\Starware\SearchMatch (Adware.Starware) -> Quarantined and deleted successfully.

C:\Documents and Settings\Alicia\Programdata\Starware (Adware.Starware) -> Quarantined and deleted successfully.

C:\Documents and Settings\Kristoffer\Programdata\Starware\ErrorSearch (Adware.Starware) -> Quarantined and deleted successfully.

C:\Documents and Settings\Alicia\Programdata\Starware\SearchMatch\searchMatchPages (Adware.Starware) -> Quarantined and deleted successfully.

C:\Documents and Settings\Kristoffer\Programdata\Starware\Layouts (Adware.Starware) -> Quarantined and deleted successfully.

C:\Documents and Settings\Veronica\Programdata\Starware\Configurator (Adware.Starware) -> Quarantined and deleted successfully.

C:\Programfiler\MyWebSearch\bar\Settings (Adware.MyWebSearch) -> Quarantined and deleted successfully.

C:\Documents and Settings\Alicia\Programdata\Starware\Manager (Adware.Starware) -> Quarantined and deleted successfully.

C:\Programfiler\FunWebProducts\Shared (Adware.MyWebSearch) -> Quarantined and deleted successfully.

C:\Documents and Settings\Kristoffer\Programdata\Starware\ScreensaversMarketingSitePager (Adware.Starware) -> Quarantined and deleted successfully.

C:\Documents and Settings\Veronica\Programdata\Starware\Weather (Adware.Starware) -> Quarantined and deleted successfully.

C:\Documents and Settings\Kristoffer\Programdata\Starware\ToolbarLogo (Adware.Starware) -> Quarantined and deleted successfully.

Filer infisert:

C:\Documents and Settings\Kristoffer\Programdata\Starware\Games\GamesOptions.xml.backup (Adware.Starware) -> Quarantined and deleted successfully.

C:\Programfiler\MyWebSearch\bar\1.bin\F3HISTSW.DLL (Adware.MyWebSearch) -> Quarantined and deleted successfully.

C:\Documents and Settings\Kristoffer\Programdata\Starware\Layouts\PreferencesLayout.xml (Adware.Starware) -> Quarantined and deleted successfully.

C:\Documents and Settings\Kristoffer\Programdata\Starware\Layouts\PreferencesLayout.xml.backup (Adware.Starware) -> Quarantined and deleted successfully.

C:\Documents and Settings\Kristoffer\Programdata\Starware\Layouts\ToolbarLayout.xml (Adware.Starware) -> Quarantined and deleted successfully.

C:\Documents and Settings\Kristoffer\Programdata\Starware\Layouts\ToolbarLayout.xml.backup (Adware.Starware) -> Quarantined and deleted successfully.

C:\Documents and Settings\Alicia\Programdata\Starware\ToolbarSearch\ToolbarSearchOptions.xml.backup (Adware.Starware) -> Quarantined and deleted successfully.

C:\Documents and Settings\Kristoffer\Programdata\Starware\Manager\ManagerOptions.xml (Adware.Starware) -> Quarantined and deleted successfully.

C:\Documents and Settings\Kristoffer\Programdata\Starware\Manager\ManagerOptions.xml.backup (Adware.Starware) -> Quarantined and deleted successfully.

C:\Documents and Settings\Alicia\Programdata\Starware\TravelSearch\TravelSearchOptions.xml.backup (Adware.Starware) -> Quarantined and deleted successfully.

C:\Documents and Settings\Kristoffer\Programdata\Starware\Maps\MapsOptions.xml (Adware.Starware) -> Quarantined and deleted successfully.

C:\Documents and Settings\Kristoffer\Programdata\Starware\Maps\MapsOptions.xml.backup (Adware.Starware) -> Quarantined and deleted successfully.

C:\Programfiler\MyWebSearch\bar\Cache006B2D8 (Adware.MyWebSearch) -> Quarantined and deleted successfully.

C:\Documents and Settings\Kristoffer\Programdata\Starware\Movies\MoviesOptions.xml (Adware.Starware) -> Quarantined and deleted successfully.

C:\Documents and Settings\Kristoffer\Programdata\Starware\Movies\MoviesOptions.xml.backup (Adware.Starware) -> Quarantined and deleted successfully.

C:\Programfiler\MyWebSearch\bar\Cache00CC46E.bin (Adware.MyWebSearch) -> Quarantined and deleted successfully.

C:\Documents and Settings\Kristoffer\Programdata\Starware\Reference\ReferenceOptions.xml (Adware.Starware) -> Quarantined and deleted successfully.

C:\Documents and Settings\Kristoffer\Programdata\Starware\Reference\ReferenceOptions.xml.backup (Adware.Starware) -> Quarantined and deleted successfully.

C:\Programfiler\MyWebSearch\bar\Cache0165902 (Adware.MyWebSearch) -> Quarantined and deleted successfully.

C:\Documents and Settings\Kristoffer\Programdata\Starware\RelatedSearch\RelatedSearchOptions.xml (Adware.Starware) -> Quarantined and deleted successfully.

C:\Programfiler\MyWebSearch\bar\1.bin\F3HTMLMU.DLL (Adware.MyWebSearch) -> Quarantined and deleted successfully.

C:\Programfiler\MyWebSearch\bar\Cache018F96E.bin (Adware.MyWebSearch) -> Quarantined and deleted successfully.

C:\Documents and Settings\Kristoffer\Programdata\Starware\ScreensaversMarketingSitePager\ScreensaversMarketingSitePagerOptions.xml (Adware.Starware) -> Quarantined and deleted successfully.

C:\Documents and Settings\Kristoffer\Programdata\Starware\ScreensaversMarketingSitePager\ScreensaversMarketingSitePagerOptions.xml.backup (Adware.Starware) -> Quarantined and deleted successfully.

C:\Programfiler\MyWebSearch\bar\Cache0227EBF.bin (Adware.MyWebSearch) -> Quarantined and deleted successfully.

C:\Documents and Settings\Kristoffer\Programdata\Starware\SearchAssistPlus\SearchAssistPlusOptions.xml (Adware.Starware) -> Quarantined and deleted successfully.

C:\Documents and Settings\Kristoffer\Programdata\Starware\SearchAssistPlus\SearchAssistPlusOptions.xml.backup (Adware.Starware) -> Quarantined and deleted successfully.

C:\Programfiler\MyWebSearch\bar\Cache0A4A23D.bin (Adware.MyWebSearch) -> Quarantined and deleted successfully.

C:\Documents and Settings\Kristoffer\Programdata\Starware\SearchMatch\SearchMatchOptions.xml (Adware.Starware) -> Quarantined and deleted successfully.

C:\Documents and Settings\Kristoffer\Programdata\Starware\SearchMatch\SearchMatchOptions.xml.backup (Adware.Starware) -> Quarantined and deleted successfully.

C:\Programfiler\MyWebSearch\bar\Cache18D7A26 (Adware.MyWebSearch) -> Quarantined and deleted successfully.

C:\Programfiler\MyWebSearch\bar\Cache\files.ini (Adware.MyWebSearch) -> Quarantined and deleted successfully.

C:\Documents and Settings\Kristoffer\Programdata\Starware\Toolbar\TBProductsOptions.xml (Adware.Starware) -> Quarantined and deleted successfully.

C:\Programfiler\MyWebSearch\bar\1.bin\F3POPSWT.DLL (Adware.MyWebSearch) -> Quarantined and deleted successfully.

C:\Programfiler\MyWebSearch\bar\Game\CHESS.F3S (Adware.MyWebSearch) -> Quarantined and deleted successfully.

C:\Documents and Settings\Kristoffer\Programdata\Starware\ToolbarLogo\ToolbarLogoOptions.xml (Adware.Starware) -> Quarantined and deleted successfully.

C:\Documents and Settings\Kristoffer\Programdata\Starware\ToolbarLogo\ToolbarLogoOptions.xml.backup (Adware.Starware) -> Quarantined and deleted successfully.

C:\Programfiler\MyWebSearch\bar\History\search (Adware.MyWebSearch) -> Quarantined and deleted successfully.

C:\Documents and Settings\Kristoffer\Programdata\Starware\ToolbarSearch\ToolbarSearchOptions.xml (Adware.Starware) -> Quarantined and deleted successfully.

C:\Documents and Settings\Kristoffer\Programdata\Starware\ToolbarSearch\ToolbarSearchOptions.xml.backup (Adware.Starware) -> Quarantined and deleted successfully.

C:\Programfiler\MyWebSearch\bar\MSNBackgrounds0792F21.jpeg (Adware.MyWebSearch) -> Quarantined and deleted successfully.

C:\Documents and Settings\Kristoffer\Programdata\Starware\TravelSearch\TravelSearchOptions.xml (Adware.Starware) -> Quarantined and deleted successfully.

C:\Documents and Settings\Kristoffer\Programdata\Starware\TravelSearch\TravelSearchOptions.xml.backup (Adware.Starware) -> Quarantined and deleted successfully.

C:\Programfiler\MyWebSearch\bar\Settings\settings.dat (Adware.MyWebSearch) -> Quarantined and deleted successfully.

C:\Programfiler\MyWebSearch\bar\1.bin\M3HTML.DLL (Adware.MyWebSearch) -> Quarantined and deleted successfully.

C:\Documents and Settings\Kristoffer\Programdata\Starware\Weather\WeatherOptions.xml (Adware.Starware) -> Quarantined and deleted successfully.

C:\Documents and Settings\Kristoffer\Programdata\Starware\Weather\WeatherOptions.xml.backup (Adware.Starware) -> Quarantined and deleted successfully.

C:\Documents and Settings\All Users\Programdata\Starware\SimpleUpdate\SimpleUpdateConfig.xml.backup (Adware.Starware) -> Quarantined and deleted successfully.

C:\Documents and Settings\All Users\Programdata\Starware\SimpleUpdate\TimerManagerConfig.xml (Adware.Starware) -> Quarantined and deleted successfully.

C:\Documents and Settings\Veronica\Programdata\Starware\BrowserSearch\BrowserSearch.xml (Adware.Starware) -> Quarantined and deleted successfully.

C:\Documents and Settings\Veronica\Programdata\Starware\BrowserSearch\BrowserSearch.xml.backup (Adware.Starware) -> Quarantined and deleted successfully.

C:\Programfiler\MyWebSearch\bar\1.bin\M3OUTLCN.DLL (Adware.MyWebSearch) -> Quarantined and deleted successfully.

C:\Documents and Settings\Veronica\Programdata\Starware\Configurator\ConfiguratorOptions.xml (Adware.Starware) -> Quarantined and deleted successfully.

C:\Documents and Settings\Veronica\Programdata\Starware\Configurator\ConfiguratorOptions.xml.backup (Adware.Starware) -> Quarantined and deleted successfully.

C:\Documents and Settings\Veronica\Programdata\Starware\ToolbarLogo\ToolbarLogoOptions.xml.backup (Adware.Starware) -> Quarantined and deleted successfully.

C:\Programfiler\MyWebSearch\bar\1.bin\MWSBAR.DLL (Adware.MyWebSearch) -> Quarantined and deleted successfully.

C:\Documents and Settings\Veronica\Programdata\Starware\ErrorSearch\ErrorSearchOptions.xml.backup (Adware.Starware) -> Quarantined and deleted successfully.

C:\Documents and Settings\Veronica\Programdata\Starware\ToolbarSearch\ToolbarSearchOptions.xml.backup (Adware.Starware) -> Quarantined and deleted successfully.

C:\Documents and Settings\Veronica\Programdata\Starware\Games\GamesOptions.xml (Adware.Starware) -> Quarantined and deleted successfully.

C:\Documents and Settings\Veronica\Programdata\Starware\Games\GamesOptions.xml.backup (Adware.Starware) -> Quarantined and deleted successfully.

C:\Programfiler\FunWebProducts\Shared\Cache\MailStampBtn.html (Adware.MyWebSearch) -> Quarantined and deleted successfully.

C:\Documents and Settings\Veronica\Programdata\Starware\Layouts\PreferencesLayout.xml (Adware.Starware) -> Quarantined and deleted successfully.

C:\Documents and Settings\Veronica\Programdata\Starware\Layouts\PreferencesLayout.xml.backup (Adware.Starware) -> Quarantined and deleted successfully.

C:\Documents and Settings\Veronica\Programdata\Starware\Layouts\ToolbarLayout.xml (Adware.Starware) -> Quarantined and deleted successfully.

C:\Documents and Settings\Veronica\Programdata\Starware\Layouts\ToolbarLayout.xml.backup (Adware.Starware) -> Quarantined and deleted successfully.

C:\Programfiler\FunWebProducts\Shared\Cache\MySignaturePreviewBtn.html (Adware.MyWebSearch) -> Quarantined and deleted successfully.

C:\Documents and Settings\Veronica\Programdata\Starware\Manager\ManagerOptions.xml (Adware.Starware) -> Quarantined and deleted successfully.

C:\Documents and Settings\Veronica\Programdata\Starware\Manager\ManagerOptions.xml.backup (Adware.Starware) -> Quarantined and deleted successfully.

C:\WINDOWS\SYSTEM32\f3PSSavr.scr (Adware.MyWebSearch) -> Quarantined and deleted successfully.

C:\Documents and Settings\Veronica\Programdata\Starware\Maps\MapsOptions.xml (Adware.Starware) -> Quarantined and deleted successfully.

C:\Documents and Settings\Veronica\Programdata\Starware\Maps\MapsOptions.xml.backup (Adware.Starware) -> Quarantined and deleted successfully.

C:\Programfiler\MyWebSearch\bar\1.bin\F3SCRCTR.DLL (Adware.MyWebSearch) -> Quarantined and deleted successfully.

C:\Documents and Settings\Veronica\Programdata\Starware\Movies\MoviesOptions.xml (Adware.Starware) -> Quarantined and deleted successfully.

C:\Documents and Settings\Veronica\Programdata\Starware\Movies\MoviesOptions.xml.backup (Adware.Starware) -> Quarantined and deleted successfully.

C:\Programfiler\MyWebSearch\bar\1.bin\F3CJPEG.DLL (Adware.MyWebSearch) -> Quarantined and deleted successfully.

C:\Documents and Settings\Veronica\Programdata\Starware\Reference\ReferenceOptions.xml (Adware.Starware) -> Quarantined and deleted successfully.

C:\Documents and Settings\Veronica\Programdata\Starware\Reference\ReferenceOptions.xml.backup (Adware.Starware) -> Quarantined and deleted successfully.

C:\Programfiler\MyWebSearch\bar\1.bin\F3RESTUB.DLL (Adware.MyWebSearch) -> Quarantined and deleted successfully.

C:\Documents and Settings\Veronica\Programdata\Starware\RelatedSearch\RelatedSearchOptions.xml (Adware.Starware) -> Quarantined and deleted successfully.

C:\Documents and Settings\Veronica\Programdata\Starware\RelatedSearch\RelatedSearchOptions.xml.backup (Adware.Starware) -> Quarantined and deleted successfully.

C:\Programfiler\MyWebSearch\bar\1.bin\F3WALLPP.DAT (Adware.MyWebSearch) -> Quarantined and deleted successfully.

C:\Documents and Settings\Veronica\Programdata\Starware\ScreensaversMarketingSitePager\ScreensaversMarketingSitePagerOptions.xml (Adware.Starware) -> Quarantined and deleted successfully.

C:\Programfiler\Starware\bin\Starware.dll (Adware.Starware) -> Quarantined and deleted successfully.

C:\Documents and Settings\Veronica\Programdata\Starware\ScreensaversMarketingSitePager\ScreensaversMarketingSitePagerOptions.xml.backup (Adware.Starware) -> Quarantined and deleted successfully.

C:\Documents and Settings\Veronica\Programdata\Starware\SearchAssistPlus\SearchAssistPlusOptions.xml (Adware.Starware) -> Quarantined and deleted successfully.

C:\Documents and Settings\Veronica\Programdata\Starware\SearchAssistPlus\SearchAssistPlusOptions.xml.backup (Adware.Starware) -> Quarantined and deleted successfully.

C:\Documents and Settings\Alicia\Programdata\Starware\ToolbarSearch\ToolbarSearchOptions.xml (Adware.Starware) -> Quarantined and deleted successfully.

C:\Documents and Settings\Veronica\Programdata\Starware\SearchMatch\SearchMatchOptions.xml (Adware.Starware) -> Quarantined and deleted successfully.

C:\Documents and Settings\Veronica\Programdata\Starware\SearchMatch\SearchMatchOptions.xml.backup (Adware.Starware) -> Quarantined and deleted successfully.

C:\Programfiler\MyWebSearch\bar\1.bin\NPMYWEBS.DLL (Adware.MyWebSearch) -> Quarantined and deleted successfully.

C:\Documents and Settings\Veronica\Programdata\Starware\Toolbar\TBProductsOptions.xml (Adware.Starware) -> Quarantined and deleted successfully.

C:\Documents and Settings\Veronica\Programdata\Starware\Toolbar\TBProductsOptions.xml.backup (Adware.Starware) -> Quarantined and deleted successfully.

C:\Documents and Settings\Alicia\Programdata\Starware\Layouts\ToolbarLayout.xml (Adware.Starware) -> Quarantined and deleted successfully.

C:\Programfiler\MyWebSearch\SrchAstt\1.bin\MWSSRCAS.DLL (Adware.MyWebSearch) -> Quarantined and deleted successfully.

C:\Programfiler\MyWebSearch\bar\Cache006C13F (Adware.MyWebSearch) -> Quarantined and deleted successfully.

C:\Documents and Settings\Alicia\Programdata\Starware\Manager\ManagerOptions.xml (Adware.Starware) -> Quarantined and deleted successfully.

C:\Documents and Settings\Veronica\Programdata\Starware\ToolbarSearch\ToolbarSearchOptions.xml (Adware.Starware) -> Quarantined and deleted successfully.

C:\Programfiler\MyWebSearch\bar\Cache00CCA79.bin (Adware.MyWebSearch) -> Quarantined and deleted successfully.

C:\Documents and Settings\Alicia\Programdata\Starware\Maps\MapsOptions.xml (Adware.Starware) -> Quarantined and deleted successfully.

C:\Documents and Settings\Veronica\Programdata\Starware\TravelSearch\TravelSearchOptions.xml (Adware.Starware) -> Quarantined and deleted successfully.

C:\Documents and Settings\Veronica\Programdata\Starware\TravelSearch\TravelSearchOptions.xml.backup (Adware.Starware) -> Quarantined and deleted successfully.

C:\Programfiler\MyWebSearch\bar\1.bin\M3SKIN.DLL (Adware.MyWebSearch) -> Quarantined and deleted successfully.

C:\Documents and Settings\Veronica\Programdata\Starware\Weather\AlertArchive.xml (Adware.Starware) -> Quarantined and deleted successfully.

C:\Documents and Settings\Veronica\Programdata\Starware\Weather\WeatherOptions.xml (Adware.Starware) -> Quarantined and deleted successfully.

C:\Documents and Settings\Veronica\Programdata\Starware\Weather\WeatherOptions.xml.backup (Adware.Starware) -> Quarantined and deleted successfully.

C:\Programfiler\MyWebSearch\bar\1.bin\MWSOEPLG.DLL (Adware.MyWebSearch) -> Quarantined and deleted successfully.

C:\Documents and Settings\Josefin\Programdata\Starware\Weather\WeatherOptions.xml (Adware.Starware) -> Quarantined and deleted successfully.

C:\Documents and Settings\Alicia\Programdata\Starware\RelatedSearch\RelatedSearchOptions.xml (Adware.Starware) -> Quarantined and deleted successfully.

C:\Documents and Settings\All Users\Programdata\Starware\buttons\maps.bmp (Adware.Starware) -> Quarantined and deleted successfully.

C:\Documents and Settings\Alicia\Programdata\setup_en[1].exe (Rogue.Installer) -> Quarantined and deleted successfully.

C:\Documents and Settings\Alicia\Programdata\Starware\ScreensaversMarketingSitePager\ScreensaversMarketingSitePagerOptions.xml (Adware.Starware) -> Quarantined and deleted successfully.

C:\Documents and Settings\Alicia\Programdata\Starware\ScreensaversMarketingSitePager\ScreensaversMarketingSitePagerOptions.xml.backup (Adware.Starware) -> Quarantined and deleted successfully.

C:\Documents and Settings\Kristoffer\Programdata\Starware\BrowserSearch\BrowserSearch.xml (Adware.Starware) -> Quarantined and deleted successfully.

C:\Programfiler\MyWebSearch\bar\1.bin\F3BKGERR.JPG (Adware.MyWebSearch) -> Quarantined and deleted successfully.

C:\Programfiler\MyWebSearch\bar\Game\CHECKERS.F3S (Adware.MyWebSearch) -> Quarantined and deleted successfully.

C:\Programfiler\MyWebSearch\bar\1.bin\F3PSSAVR.SCR (Adware.MyWebSearch) -> Quarantined and deleted successfully.

C:\Programfiler\MyWebSearch\bar\1.bin\F3REPROX.DLL (Adware.MyWebSearch) -> Quarantined and deleted successfully.

C:\Documents and Settings\Josefin\Programdata\Starware\Movies\MoviesOptions.xml.backup (Adware.Starware) -> Quarantined and deleted successfully.

C:\Programfiler\MyWebSearch\bar\1.bin\F3SCHMON.EXE (Adware.MyWebSearch) -> Quarantined and deleted successfully.

C:\Programfiler\MyWebSearch\bar\1.bin\F3SPACER.WMV (Adware.MyWebSearch) -> Quarantined and deleted successfully.

C:\Programfiler\MyWebSearch\bar\MSNBackgrounds074B707.jpeg (Adware.MyWebSearch) -> Quarantined and deleted successfully.

C:\Programfiler\MyWebSearch\bar\1.bin\F3WPHOOK.DLL (Adware.MyWebSearch) -> Quarantined and deleted successfully.

C:\Programfiler\MyWebSearch\bar\1.bin\M3FFXTBR.JAR (Adware.MyWebSearch) -> Quarantined and deleted successfully.

C:\Programfiler\MyWebSearch\bar\1.bin\M3NTSTBR.JAR (Adware.MyWebSearch) -> Quarantined and deleted successfully.

C:\Programfiler\MyWebSearch\bar\1.bin\M3PLUGIN.DLL (Adware.MyWebSearch) -> Quarantined and deleted successfully.

C:\Programfiler\MyWebSearch\bar\1.bin\MWSOEMON.EXE (Adware.MyWebSearch) -> Delete on reboot.

C:\Programfiler\MyWebSearch\bar\Settings\s_pid.dat (Adware.MyWebSearch) -> Quarantined and deleted successfully.

C:\Documents and Settings\All Users\Programdata\Starware\SimpleUpdate\SimpleUpdateConfig.xml (Adware.Starware) -> Quarantined and deleted successfully.

C:\Programfiler\MyWebSearch\bar\1.bin\MWSOESTB.DLL (Adware.MyWebSearch) -> Delete on reboot.

C:\Documents and Settings\Alicia\Programdata\Starware\Games\GamesOptions.xml.backup (Adware.Starware) -> Quarantined and deleted successfully.

C:\Documents and Settings\All Users\Programdata\Starware\SimpleUpdate\TimerManagerConfig.xml.backup (Adware.Starware) -> Quarantined and deleted successfully.

C:\Programfiler\MyWebSearch\bar\Cache003E8FA (Adware.MyWebSearch) -> Quarantined and deleted successfully.

C:\Programfiler\MyWebSearch\bar\Cache0040319 (Adware.MyWebSearch) -> Quarantined and deleted successfully.

C:\Documents and Settings\Alicia\Programdata\Starware\Weather\WeatherOptions.xml (Adware.Starware) -> Quarantined and deleted successfully.

C:\Documents and Settings\Josefin\Programdata\Starware\BrowserSearch\BrowserSearch.xml.backup (Adware.Starware) -> Quarantined and deleted successfully.

C:\Programfiler\MyWebSearch\bar\Cache006D275 (Adware.MyWebSearch) -> Quarantined and deleted successfully.

C:\Documents and Settings\All Users\Programdata\Starware\U0017DFF0.exe (Adware.Starware) -> Quarantined and deleted successfully.

C:\Documents and Settings\Josefin\Programdata\Starware\Configurator\ConfiguratorOptions.xml.backup (Adware.Starware) -> Quarantined and deleted successfully.

C:\Programfiler\MyWebSearch\bar\Cache00CCC2F.bin (Adware.MyWebSearch) -> Quarantined and deleted successfully.

C:\Documents and Settings\All Users\Programdata\Starware\buttons\FindItHot.bmp (Adware.Starware) -> Quarantined and deleted successfully.

C:\Programfiler\MyWebSearch\bar\Cache018F1DD.bin (Adware.MyWebSearch) -> Quarantined and deleted successfully.

C:\Programfiler\MyWebSearch\bar\Cache018F7B9.bin (Adware.MyWebSearch) -> Quarantined and deleted successfully.

C:\Documents and Settings\All Users\Programdata\Starware\buttons\Highlight.bmp (Adware.Starware) -> Quarantined and deleted successfully.

C:\Programfiler\MyWebSearch\bar\Cache0227AC8.bin (Adware.MyWebSearch) -> Quarantined and deleted successfully.

C:\Programfiler\MyWebSearch\bar\Cache0227CBC.bin (Adware.MyWebSearch) -> Quarantined and deleted successfully.

C:\Documents and Settings\All Users\Programdata\Starware\buttons\highlightxp.png (Adware.Starware) -> Quarantined and deleted successfully.

C:\Programfiler\MyWebSearch\bar\Cache0351DF6 (Adware.MyWebSearch) -> Quarantined and deleted successfully.

C:\Programfiler\MyWebSearch\bar\Cache05CC6CB (Adware.MyWebSearch) -> Quarantined and deleted successfully.

C:\Programfiler\FunWebProducts\Shared\Cache\SmileyCentralBtn.html (Adware.MyWebSearch) -> Quarantined and deleted successfully.

C:\Programfiler\MyWebSearch\bar\Cache0CE8E99 (Adware.MyWebSearch) -> Quarantined and deleted successfully.

C:\Programfiler\MyWebSearch\bar\Cache18D7515 (Adware.MyWebSearch) -> Quarantined and deleted successfully.

C:\Documents and Settings\All Users\Programdata\Starware\buttons\ReferenceHot.bmp (Adware.Starware) -> Quarantined and deleted successfully.

C:\Documents and Settings\All Users\Programdata\Starware\buttons\referencehotxp.png (Adware.Starware) -> Quarantined and deleted successfully.

C:\Documents and Settings\All Users\Programdata\Starware\buttons\referencexp.png (Adware.Starware) -> Quarantined and deleted successfully.

C:\Documents and Settings\Josefin\Programdata\Starware\Maps\MapsOptions.xml.backup (Adware.Starware) -> Quarantined and deleted successfully.

C:\Documents and Settings\All Users\Programdata\Starware\buttons\weatherhotxp.png (Adware.Starware) -> Quarantined and deleted successfully.

C:\Programfiler\MyWebSearch\bar\Game\REVERSI.F3S (Adware.MyWebSearch) -> Quarantined and deleted successfully.

C:\Documents and Settings\Alicia\Programdata\Starware\SearchMatch\SearchMatchOptions.xml (Adware.Starware) -> Quarantined and deleted successfully.

C:\Documents and Settings\All Users\Programdata\Starware\contexts\error.xml (Adware.Starware) -> Quarantined and deleted successfully.

C:\Documents and Settings\All Users\Programdata\Starware\contexts\Related.xml (Adware.Starware) -> Quarantined and deleted successfully.

C:\Documents and Settings\Alicia\Programdata\Starware\BrowserSearch\BrowserSearch.xml.backup (Adware.Starware) -> Quarantined and deleted successfully.

C:\Documents and Settings\Alicia\Programdata\Starware\Toolbar\TBProductsOptions.xml (Adware.Starware) -> Quarantined and deleted successfully.

C:\Documents and Settings\All Users\Programdata\Starware\images\walert.bmp (Adware.Starware) -> Quarantined and deleted successfully.

C:\Programfiler\MyWebSearch\bar\Settings\prevcfg.htm (Adware.MyWebSearch) -> Quarantined and deleted successfully.

C:\Documents and Settings\Alicia\Programdata\Starware\ToolbarLogo\ToolbarLogoOptions.xml (Adware.Starware) -> Quarantined and deleted successfully.

C:\Programfiler\MyWebSearch\bar\Settings\settings.htm (Adware.MyWebSearch) -> Quarantined and deleted successfully.

C:\Documents and Settings\Alicia\Programdata\Starware\ErrorSearch\ErrorSearchOptions.xml.backup (Adware.Starware) -> Quarantined and deleted successfully.

C:\Documents and Settings\All Users\Programdata\Starware\SimpleUpdate\ProductMessagingConfig.xml.backup (Adware.Starware) -> Quarantined and deleted successfully.

C:\Documents and Settings\Alicia\Programdata\Starware\Games\GamesOptions.xml (Adware.Starware) -> Quarantined and deleted successfully.

C:\Documents and Settings\Josefin\Programdata\Starware\SearchAssistPlus\SearchAssistPlusOptions.xml (Adware.Starware) -> Quarantined and deleted successfully.

C:\Documents and Settings\Alicia\Programdata\Starware\TravelSearch\TravelSearchOptions.xml (Adware.Starware) -> Quarantined and deleted successfully.

C:\Documents and Settings\Alicia\Programdata\Starware\Layouts\PreferencesLayout.xml (Adware.Starware) -> Quarantined and deleted successfully.

C:\Programfiler\FunWebProducts\PopSwatr\History\allowed (Adware.MyWebSearch) -> Quarantined and deleted successfully.

C:\Programfiler\FunWebProducts\PopSwatr\History\notallow (Adware.MyWebSearch) -> Quarantined and deleted successfully.

C:\Documents and Settings\Alicia\Programdata\Starware\Layouts\ToolbarLayout.xml.backup (Adware.Starware) -> Quarantined and deleted successfully.

C:\Documents and Settings\Josefin\Programdata\Starware\Toolbar\TBProductsOptions.xml.backup (Adware.Starware) -> Quarantined and deleted successfully.

C:\Programfiler\FunWebProducts\ScreenSaver\Images1310832.urr (Adware.MyWebSearch) -> Quarantined and deleted successfully.

C:\Documents and Settings\Alicia\Programdata\Starware\Manager\ManagerOptions.xml.backup (Adware.Starware) -> Quarantined and deleted successfully.

C:\Documents and Settings\Josefin\Programdata\Starware\ToolbarLogo\ToolbarLogoOptions.xml.backup (Adware.Starware) -> Quarantined and deleted successfully.

C:\Programfiler\FunWebProducts\Shared\Cache\CursorManiaBtn.html (Adware.MyWebSearch) -> Quarantined and deleted successfully.

C:\Programfiler\FunWebProducts\Shared\Cache\FunBuddyIconBtn.html (Adware.MyWebSearch) -> Quarantined and deleted successfully.

C:\Documents and Settings\Josefin\Programdata\Starware\ToolbarSearch\ToolbarSearchOptions.xml.backup (Adware.Starware) -> Quarantined and deleted successfully.

C:\Programfiler\FunWebProducts\Shared\Cache\MyFunCardsIMBtn.html (Adware.MyWebSearch) -> Quarantined and deleted successfully.

C:\Programfiler\FunWebProducts\Shared\Cache\MySignatureInsertBtn-new.html (Adware.MyWebSearch) -> Quarantined and deleted successfully.

C:\Programfiler\FunWebProducts\Shared\Cache\MySignatureInsertBtn.html (Adware.MyWebSearch) -> Quarantined and deleted successfully.

C:\Programfiler\FunWebProducts\Shared\Cache\MySignaturePreviewBtn-new.html (Adware.MyWebSearch) -> Quarantined and deleted successfully.

C:\Documents and Settings\Josefin\Programdata\Starware\Layouts\PreferencesLayout.xml.backup (Adware.Starware) -> Quarantined and deleted successfully.

C:\Programfiler\FunWebProducts\Shared\Cache\MyStationeryBtn.html (Adware.MyWebSearch) -> Quarantined and deleted successfully.

C:\Documents and Settings\Josefin\Programdata\Starware\Weather\WeatherOptions.xml.backup (Adware.Starware) -> Quarantined and deleted successfully.

C:\Documents and Settings\Alicia\Programdata\Starware\RelatedSearch\RelatedSearchOptions.xml.backup (Adware.Starware) -> Quarantined and deleted successfully.

C:\Programfiler\Starware\brand.bmp (Adware.Starware) -> Quarantined and deleted successfully.

C:\Programfiler\Starware\StarwareConfig.xml (Adware.Starware) -> Quarantined and deleted successfully.

C:\Programfiler\Starware\StarwareUninstall.exe (Adware.Starware) -> Quarantined and deleted successfully.

C:\Documents and Settings\Josefin\Programdata\Starware\Maps\MapsOptions.xml (Adware.Starware) -> Quarantined and deleted successfully.

C:\Documents and Settings\Alicia\Programdata\Starware\SearchAssistPlus\SearchAssistPlusOptions.xml (Adware.Starware) -> Quarantined and deleted successfully.

C:\Documents and Settings\Alicia\Programdata\Starware\SearchAssistPlus\SearchAssistPlusOptions.xml.backup (Adware.Starware) -> Quarantined and deleted successfully.

C:\Programfiler\Starware\icons\star_16.ico (Adware.Starware) -> Quarantined and deleted successfully.

C:\Documents and Settings\All Users\Programdata\Starware\buttons\weatherxp.png (Adware.Starware) -> Quarantined and deleted successfully.

C:\Documents and Settings\Alicia\Programdata\Starware\SearchMatch\SearchMatchOptions.xml.backup (Adware.Starware) -> Quarantined and deleted successfully.

C:\Documents and Settings\Alicia\Programdata\Starware\BrowserSearch\BrowserSearch.xml (Adware.Starware) -> Quarantined and deleted successfully.

C:\Documents and Settings\Kristoffer\Programdata\Starware\ErrorSearch\ErrorSearchOptions.xml.backup (Adware.Starware) -> Quarantined and deleted successfully.

C:\Documents and Settings\All Users\Programdata\Starware\contexts\Travel.xml (Adware.Starware) -> Quarantined and deleted successfully.

C:\Documents and Settings\Alicia\Programdata\Starware\Configurator\ConfiguratorOptions.xml (Adware.Starware) -> Quarantined and deleted successfully.

C:\Documents and Settings\Alicia\Programdata\Starware\Configurator\ConfiguratorOptions.xml.backup (Adware.Starware) -> Quarantined and deleted successfully.

C:\Documents and Settings\All Users\Programdata\Starware\images\walertXP.bmp (Adware.Starware) -> Quarantined and deleted successfully.

C:\Documents and Settings\Alicia\Programdata\Starware\ErrorSearch\ErrorSearchOptions.xml (Adware.Starware) -> Quarantined and deleted successfully.

C:\Documents and Settings\All Users\Programdata\Starware\SimpleUpdate\ProductMessagingConfig.xml (Adware.Starware) -> Quarantined and deleted successfully.

C:\Documents and Settings\Josefin\Programdata\Starware\ScreensaversMarketingSitePager\ScreensaversMarketingSitePagerOptions.xml.backup (Adware.Starware) -> Quarantined and deleted successfully.

C:\Documents and Settings\Kristoffer\Programdata\Starware\Weather\AlertArchive.xml (Adware.Starware) -> Quarantined and deleted successfully.

C:\Documents and Settings\Alicia\Programdata\Starware\Movies\MoviesOptions.xml (Adware.Starware) -> Quarantined and deleted successfully.

C:\Documents and Settings\Josefin\Programdata\Starware\SearchAssistPlus\SearchAssistPlusOptions.xml.backup (Adware.Starware) -> Quarantined and deleted successfully.

C:\Documents and Settings\Josefin\Programdata\Starware\TravelSearch\TravelSearchOptions.xml.backup (Adware.Starware) -> Quarantined and deleted successfully.

C:\Documents and Settings\Alicia\Programdata\Starware\Layouts\PreferencesLayout.xml.backup (Adware.Starware) -> Quarantined and deleted successfully.

C:\Documents and Settings\Alicia\Programdata\Starware\Weather\AlertArchive.xml (Adware.Starware) -> Quarantined and deleted successfully.

C:\Documents and Settings\Josefin\Programdata\Starware\BrowserSearch\BrowserSearch.xml (Adware.Starware) -> Quarantined and deleted successfully.

C:\Documents and Settings\Alicia\Programdata\Starware\Weather\WeatherOptions.xml.backup (Adware.Starware) -> Quarantined and deleted successfully.

C:\Documents and Settings\Veronica\Programdata\Starware\ToolbarLogo\ToolbarLogoOptions.xml (Adware.Starware) -> Quarantined and deleted successfully.

C:\Documents and Settings\Josefin\Programdata\Starware\Configurator\ConfiguratorOptions.xml (Adware.Starware) -> Quarantined and deleted successfully.

C:\Documents and Settings\Veronica\Programdata\Starware\ErrorSearch\ErrorSearchOptions.xml (Adware.Starware) -> Quarantined and deleted successfully.

C:\Documents and Settings\All Users\Programdata\Starware\buttons\FindIt.bmp (Adware.Starware) -> Quarantined and deleted successfully.

C:\Documents and Settings\Alicia\Programdata\Starware\Maps\MapsOptions.xml.backup (Adware.Starware) -> Quarantined and deleted successfully.

C:\Documents and Settings\All Users\Programdata\Starware\buttons\findithotxp.png (Adware.Starware) -> Quarantined and deleted successfully.

C:\Documents and Settings\All Users\Programdata\Starware\buttons\Weather.bmp (Adware.Starware) -> Quarantined and deleted successfully.

C:\Documents and Settings\Alicia\Programdata\Starware\Movies\MoviesOptions.xml.backup (Adware.Starware) -> Quarantined and deleted successfully.

C:\Documents and Settings\Josefin\Programdata\Starware\Movies\MoviesOptions.xml (Adware.Starware) -> Quarantined and deleted successfully.

C:\Documents and Settings\Alicia\Programdata\Starware\Reference\ReferenceOptions.xml (Adware.Starware) -> Quarantined and deleted successfully.

C:\Documents and Settings\Alicia\Programdata\Starware\Reference\ReferenceOptions.xml.backup (Adware.Starware) -> Quarantined and deleted successfully.

C:\Documents and Settings\All Users\Programdata\Starware\buttons\logo.bmp (Adware.Starware) -> Quarantined and deleted successfully.

C:\Documents and Settings\All Users\Programdata\Starware\buttons\logoxp.bmp (Adware.Starware) -> Quarantined and deleted successfully.

C:\Documents and Settings\Josefin\Programdata\Starware\Layouts\ToolbarLayout.xml.backup (Adware.Starware) -> Quarantined and deleted successfully.

C:\Documents and Settings\Kristoffer\Programdata\Starware\Tem835.tmp (Adware.Starware) -> Quarantined and deleted successfully.

C:\Documents and Settings\Kristoffer\Programdata\Starware\TemBAA.tmp (Adware.Starware) -> Quarantined and deleted successfully.

C:\Documents and Settings\Josefin\Programdata\Starware\Manager\ManagerOptions.xml.backup (Adware.Starware) -> Quarantined and deleted successfully.

C:\Documents and Settings\Josefin\Programdata\Starware\ScreensaversMarketingSitePager\ScreensaversMarketingSitePagerOptions.xml (Adware.Starware) -> Quarantined and deleted successfully.

C:\Documents and Settings\Josefin\Programdata\Starware\ErrorSearch\ErrorSearchOptions.xml (Adware.Starware) -> Quarantined and deleted successfully.

C:\Documents and Settings\Josefin\Programdata\Starware\ErrorSearch\ErrorSearchOptions.xml.backup (Adware.Starware) -> Quarantined and deleted successfully.

C:\Documents and Settings\Kristoffer\Programdata\Starware\Configurator\ConfiguratorOptions.xml (Adware.Starware) -> Quarantined and deleted successfully.

C:\Documents and Settings\Kristoffer\Programdata\Starware\RelatedSearch\RelatedSearchOptions.xml.backup (Adware.Starware) -> Quarantined and deleted successfully.

C:\Documents and Settings\Kristoffer\Programdata\Starware\Configurator\ConfiguratorOptions.xml.backup (Adware.Starware) -> Quarantined and deleted successfully.

C:\Documents and Settings\Kristoffer\Programdata\Starware\ErrorSearch\ErrorSearchOptions.xml (Adware.Starware) -> Quarantined and deleted successfully.

C:\Documents and Settings\Josefin\Programdata\Starware\Reference\ReferenceOptions.xml (Adware.Starware) -> Quarantined and deleted successfully.

C:\Documents and Settings\Josefin\Programdata\Starware\Reference\ReferenceOptions.xml.backup (Adware.Starware) -> Quarantined and deleted successfully.

C:\Documents and Settings\Alicia\Programdata\Starware\Toolbar\TBProductsOptions.xml.backup (Adware.Starware) -> Quarantined and deleted successfully.

C:\Documents and Settings\Josefin\Programdata\Starware\RelatedSearch\RelatedSearchOptions.xml (Adware.Starware) -> Quarantined and deleted successfully.

C:\Documents and Settings\Josefin\Programdata\Starware\RelatedSearch\RelatedSearchOptions.xml.backup (Adware.Starware) -> Quarantined and deleted successfully.

C:\Documents and Settings\Alicia\Programdata\Starware\ToolbarLogo\ToolbarLogoOptions.xml.backup (Adware.Starware) -> Quarantined and deleted successfully.

C:\Documents and Settings\Josefin\Programdata\Starware\Manager\ManagerOptions.xml (Adware.Starware) -> Quarantined and deleted successfully.

C:\Documents and Settings\All Users\Programdata\Starware\buttons\HighlightHot.bmp (Adware.Starware) -> Quarantined and deleted successfully.

C:\Documents and Settings\Josefin\Programdata\Starware\SearchMatch\SearchMatchOptions.xml (Adware.Starware) -> Quarantined and deleted successfully.

C:\Documents and Settings\All Users\Programdata\Starware\buttons\finditxp.png (Adware.Starware) -> Quarantined and deleted successfully.

C:\Documents and Settings\Kristoffer\Programdata\Starware\Toolbar\TBProductsOptions.xml.backup (Adware.Starware) -> Quarantined and deleted successfully.

C:\Documents and Settings\Josefin\Programdata\Starware\Toolbar\TBProductsOptions.xml (Adware.Starware) -> Quarantined and deleted successfully.

C:\Documents and Settings\Josefin\Programdata\Starware\Games\GamesOptions.xml (Adware.Starware) -> Quarantined and deleted successfully.

C:\Documents and Settings\Josefin\Programdata\Starware\SearchMatch\SearchMatchOptions.xml.backup (Adware.Starware) -> Quarantined and deleted successfully.

C:\Documents and Settings\Josefin\Programdata\Starware\Weather\AlertArchive.xml (Adware.Starware) -> Quarantined and deleted successfully.

C:\Documents and Settings\All Users\Programdata\Starware\buttons\Reference.bmp (Adware.Starware) -> Quarantined and deleted successfully.

C:\Documents and Settings\Josefin\Programdata\Starware\Layouts\ToolbarLayout.xml (Adware.Starware) -> Quarantined and deleted successfully.

C:\Documents and Settings\All Users\Programdata\Starware\buttons\maps_over.bmp (Adware.Starware) -> Quarantined and deleted successfully.

C:\Documents and Settings\Josefin\Programdata\Starware\ToolbarLogo\ToolbarLogoOptions.xml (Adware.Starware) -> Quarantined and deleted successfully.

C:\Documents and Settings\Josefin\Programdata\Starware\ToolbarSearch\ToolbarSearchOptions.xml (Adware.Starware) -> Quarantined and deleted successfully.

C:\Documents and Settings\All Users\Programdata\Starware\buttons\highlighthotxp.png (Adware.Starware) -> Quarantined and deleted successfully.

C:\Documents and Settings\Kristoffer\Programdata\Starware\BrowserSearch\BrowserSearch.xml.backup (Adware.Starware) -> Quarantined and deleted successfully.

C:\Documents and Settings\Josefin\Programdata\Starware\TravelSearch\TravelSearchOptions.xml (Adware.Starware) -> Quarantined and deleted successfully.

C:\Documents and Settings\Josefin\Programdata\Starware\Layouts\PreferencesLayout.xml (Adware.Starware) -> Quarantined and deleted successfully.

C:\Documents and Settings\Kristoffer\Programdata\Starware\Games\GamesOptions.xml (Adware.Starware) -> Quarantined and deleted successfully.

C:\Documents and Settings\Josefin\Programdata\Starware\Games\GamesOptions.xml.backup (Adware.Starware) -> Quarantined and deleted successfully.

HJT]

Klikk for å se/fjerne innholdet nedenfor

Logfile of Trend Micro HijackThis v2.0.2

Scan saved at 16:03:14, on 01.03.2009

Platform: Windows XP SP3 (WinNT 5.01.2600)

MSIE: Internet Explorer v7.00 (7.00.6000.16791)

Boot mode: Normal

Running processes:

C:\WINDOWS\System32\smss.exe

C:\WINDOWS\system32\winlogon.exe

C:\WINDOWS\system32\services.exe

C:\WINDOWS\system32\lsass.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\System32\svchost.exe

C:\WINDOWS\system32\LEXBCES.EXE

C:\WINDOWS\system32\spoolsv.exe

C:\WINDOWS\system32\LEXPPS.EXE

C:\WINDOWS\Explorer.EXE

C:\PROGRA~1\F-Secure\BackWeb\7681197\Program\SERVIC~1.EXE

C:\Programfiler\D-Link\Bluetooth-programvare\bin\btwdins.exe

C:\Programfiler\F-Secure\Anti-Virus\fsgk32st.exe

C:\Programfiler\F-Secure\Anti-Virus\FSGK32.EXE

C:\Programfiler\Java\jre6\bin\jqs.exe

C:\Programfiler\F-Secure\Anti-Virus\fssm32.exe

C:\Programfiler\Fellesfiler\Microsoft Shared\VS7Debug\mdm.exe

C:\WINDOWS\System32\svchost.exe

C:\Programfiler\F-Secure\BackWeb\7681197\Program\BackWeb-7681197.exe

C:\Programfiler\Eicon\Diva\DiTask.exe

C:\Programfiler\Eicon\Diva\Divamon.exe

C:\Programfiler\Eicon\Diva\watch.exe

C:\Programfiler\F-Secure\Common\FSMA32.EXE

C:\Programfiler\Eicon\Diva\cgserver.exe

C:\WINDOWS\System32\DSentry.exe

C:\Programfiler\Roxio\Easy CD Creator 5\DirectCD\DirectCD.exe

C:\Programfiler\Eicon\Diva\diinfo.exe

C:\Programfiler\F-Secure\Common\FSMB32.EXE

C:\PROGRA~1\Logitech\MOUSEW~1\SYSTEM\EM_EXEC.EXE

C:\Programfiler\F-Secure\Common\FCH32.EXE

C:\Programfiler\F-Secure\Common\FSM32.EXE

C:\Programfiler\QuickTime\qttask.exe

C:\Programfiler\F-Secure\Common\FAMEH32.EXE

C:\WINDOWS\System32\LVCOMSX.EXE

C:\Programfiler\Logitech\Video\LogiTray.exe

C:\Programfiler\NETGEAR\WG311TSU\Utility\Gear311T.exe

C:\Programfiler\HP\HP Software Update\HPWuSchd2.exe

C:\Programfiler\iTunes\iTunesHelper.exe

C:\Programfiler\Java\jre6\bin\jusched.exe

C:\WINDOWS\SYSTEM32\tbctray.exe

C:\PROGRA~1\SYSTEM~1\soap.exe

C:\Programfiler\Messenger\msmsgs.exe

C:\Programfiler\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe

C:\WINDOWS\system32\ctfmon.exe

C:\Programfiler\Logitech\VideoCall\VideoCall.exe

C:\Programfiler\Skype\Phone\Skype.exe

C:\Garmin\gStart.exe

C:\Programfiler\F-Secure\Common\FNRB32.EXE

C:\Programfiler\F-Secure\Common\FIH32.EXE

C:\Programfiler\F-Secure\Anti-Virus\fsav32.exe

C:\Programfiler\D-Link\Bluetooth-programvare\BTTray.exe

C:\Programfiler\iPod\bin\iPodService.exe

C:\Programfiler\HP\Digital Imaging\bin\hpqtra08.exe

C:\Programfiler\CASIO\Photo Loader\Plauto.exe

C:\Programfiler\Logitech\Video\FxSvr2.exe

C:\Programfiler\HP\Digital Imaging\bin\hpqSTE08.exe

C:\Programfiler\Trend Micro\HijackThis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.euro.dell.com/countries/no/nor/gen/default.htm

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://us.rd.yahoo.com/customize/ycomp/def.../search/ie.html

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://us.rd.yahoo.com/customize/ycomp/def...//www.yahoo.com

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.yahoo.com

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =

R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://us.rd.yahoo.com/customize/ycomp/def...//www.yahoo.com

R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koblinger

R3 - URLSearchHook: {1A03F196-9617-4CA0-842B-A83CEECB022B} - - (no file)

O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programfiler\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx

O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programfiler\Java\jre6\bin\ssv.dll

O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)

O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programfiler\Fellesfiler\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\programfiler\google\googletoolbar2.dll

O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Programfiler\Google\GoogleToolbarNotifier\3.0.1225.9868\swg.dll

O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Programfiler\Windows Live Toolbar\msntb.dll

O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Programfiler\Java\jre6\bin\jp2ssv.dll

O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Programfiler\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll

O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Programfiler\Windows Live Toolbar\msntb.dll

O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\programfiler\google\googletoolbar2.dll

O4 - HKLM\..\Run: [ATIModeChange] Ati2mdxx.exe

O4 - HKLM\..\Run: [ATIPTA] C:\Programfiler\ATI Technologies\ATI Control Panel\atiptaxx.exe

O4 - HKLM\..\Run: [DiTask.exe] "C:\Programfiler\Eicon\Diva\DiTask.exe"

O4 - HKLM\..\Run: [Divamon.exe] "C:\Programfiler\Eicon\Diva\Divamon.exe"

O4 - HKLM\..\Run: [Eicon TechnologyLAN_DAEMON] "C:\Programfiler\Eicon\Diva\watch.exe"

O4 - HKLM\..\Run: [CGServer] "C:\Programfiler\Eicon\Diva\cgserver.exe"

O4 - HKLM\..\Run: [DVDSentry] C:\WINDOWS\System32\DSentry.exe

O4 - HKLM\..\Run: [AdaptecDirectCD] "C:\Programfiler\Roxio\Easy CD Creator 5\DirectCD\DirectCD.exe"

O4 - HKLM\..\Run: [zBrowser Launcher] C:\Programfiler\Logitech\iTouch\iTouch.exe

O4 - HKLM\..\Run: [EM_EXEC] C:\PROGRA~1\Logitech\MOUSEW~1\SYSTEM\EM_EXEC.EXE

O4 - HKLM\..\Run: [F-Secure Manager] "C:\Programfiler\F-Secure\Common\FSM32.EXE" /splash

O4 - HKLM\..\Run: [QuickTime Task] "C:\Programfiler\QuickTime\qttask.exe" -atboottime

O4 - HKLM\..\Run: [iCQ Net] C:\WINDOWS\winlogon.exe -stealth

O4 - HKLM\..\Run: [avserve2.exe] C:\WINDOWS\avserve2.exe

O4 - HKLM\..\Run: [skynetave.exe] C:\WINDOWS\skynetave.exe

O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\System32\LVCOMSX.EXE

O4 - HKLM\..\Run: [LogitechVideoRepair] C:\Programfiler\Logitech\Video\ISStart.exe

O4 - HKLM\..\Run: [LogitechVideoTray] C:\Programfiler\Logitech\Video\LogiTray.exe

O4 - HKLM\..\Run: [AS00_Gear311T] C:\Programfiler\NETGEAR\WG311TSU\Utility\Gear311T.exe -hide

O4 - HKLM\..\Run: [HP Software Update] C:\Programfiler\HP\HP Software Update\HPWuSchd2.exe

O4 - HKLM\..\Run: [iTunesHelper] "C:\Programfiler\iTunes\iTunesHelper.exe"

O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Programfiler\Java\jre6\bin\jusched.exe"

O4 - HKLM\..\Run: [TraySantaCruz] C:\WINDOWS\SYSTEM32\tbctray.exe

O4 - HKCU\..\Run: [system Soap Pro] C:\PROGRA~1\SYSTEM~1\soap.exe min

O4 - HKCU\..\Run: [MSMSGS] "C:\Programfiler\Messenger\msmsgs.exe" /background

O4 - HKCU\..\Run: [LDM] C:\Programfiler\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe

O4 - HKCU\..\Run: [LogitechSoftwareUpdate] C:\Programfiler\Logitech\Video\ManifestEngine.exe boot

O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe

O4 - HKCU\..\Run: [VideoCall] "C:\Programfiler\Logitech\VideoCall\VideoCall.exe" -minimized

O4 - HKCU\..\Run: [skype] "C:\Programfiler\Skype\Phone\Skype.exe" /nosplash /minimized

O4 - HKCU\..\Run: [gStart] C:\Garmin\gStart.exe

O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'LOKAL TJENESTE')

O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'NETTVERKSTJENESTE')

O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')

O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')

O4 - Startup: MyWebSearch Email Plugin.lnk = C:\Programfiler\MyWebSearch\bar\1.bin\MWSOEMON.EXE

O4 - Global Startup: BTTray.lnk = ?

O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Programfiler\HP\Digital Imaging\bin\hpqtra08.exe

O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Programfiler\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe

O4 - Global Startup: Microsoft Office.lnk = C:\Programfiler\Microsoft Office\Office10\OSA.EXE

O4 - Global Startup: MyWebSearch Email Plugin.lnk = C:\Programfiler\MyWebSearch\bar\1.bin\MWSOEMON.EXE

O4 - Global Startup: Photo Loader supervisory.lnk = C:\Programfiler\CASIO\Photo Loader\Plauto.exe

O8 - Extra context menu item: &Search - http://bar.mywebsearch.com/menusearch.html...NO_ZCxdm482YYNO

O8 - Extra context menu item: &Windows Live Search - res://C:\Programfiler\Windows Live Toolbar\msntb.dll/search.htm

O8 - Extra context menu item: Add to Windows &Live Favorites - http://favorites.live.com/quickadd.aspx

O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office10\EXCEL.EXE/3000

O8 - Extra context menu item: Send til &Bluetooth - C:\Programfiler\D-Link\Bluetooth-programvare\btsendto_ie_ctx.htm

O8 - Extra context menu item: Åpne i ny bakgrunnsflik - res://C:\Programfiler\Windows Live Toolbar\Components\nb-no\msntabres.dll.mui/229?41e6c77fb0d04f58bd68b43c9ffa2891

O8 - Extra context menu item: Åpne i ny forgrunnsflik - res://C:\Programfiler\Windows Live Toolbar\Components\nb-no\msntabres.dll.mui/230?41e6c77fb0d04f58bd68b43c9ffa2891

O9 - Extra button: Blog This - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Programfiler\Windows Live\Writer\WriterBrowserExtension.dll

O9 - Extra 'Tools' menuitem: &Blog This in Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Programfiler\Windows Live\Writer\WriterBrowserExtension.dll

O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Programfiler\D-Link\Bluetooth-programvare\btsendto_ie.htm

O9 - Extra 'Tools' menuitem: @btrez.dll,-4017 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Programfiler\D-Link\Bluetooth-programvare\btsendto_ie.htm

O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe

O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe

O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programfiler\Messenger\msmsgs.exe

O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programfiler\Messenger\msmsgs.exe

O12 - Plugin for .spop: C:\Programfiler\Internet Explorer\Plugins\NPDocBox.dll

O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab31267.cab

O16 - DPF: {14B87622-7E19-4EA8-93B3-97215F77A6BC} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Messe...nt.cab31267.cab

O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineS...er.cab31267.cab

O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx1.hotmail.com/mail/w2/resources/MSNPUpld.cab

O16 - DPF: {5C6698D9-7BE4-4122-8EC5-291D84DBD4A0} (Facebook Photo Uploader 4 Control) - http://upload.facebook.com/controls/Facebo...toUploader3.cab

O16 - DPF: {5CD4310E-88FB-43C1-BE24-5F3FA9C5C9D1} (KooPlayer Control) - http://www.tvlution.com/KooPlayer.ocx

O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://v5.windowsupdate.microsoft.com/v5co...b?1098552997250

O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Messe...nt.cab31267.cab

O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/msnmesse...pdownloader.cab

O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - http://messenger.zone.msn.com/binary/ZIntro.cab32846.cab

O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Messe...nt.cab56907.cab

O16 - DPF: {CA034DCC-A580-4333-B52F-15F98C42E04C} (Downloader Class) - https://www.stopzilla.com/_download/Auto_In...ller/dwnldr.cab

O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shoc...ash/swflash.cab

O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineS...er.cab56986.cab

O16 - DPF: {F6BF0D00-0B2A-4A75-BF7B-F385591623AF} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary/Solit...wn.cab31267.cab

O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Programfiler\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll

O23 - Service: F-Secure BackWeb (BackWeb Client - 7681197) - Unknown owner - C:\PROGRA~1\F-Secure\BackWeb\7681197\Program\SERVIC~1.EXE

O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Programfiler\D-Link\Bluetooth-programvare\bin\btwdins.exe

O23 - Service: F-Secure BackWeb LAN Access - Unknown owner - C:\Programfiler\F-Secure\BackWeb\7681197\Program\fsbwlan.exe

O23 - Service: F-Secure Gatekeeper Handler Starter - F-Secure Corp. - C:\Programfiler\F-Secure\Anti-Virus\fsgk32st.exe

O23 - Service: F-Secure Network Request Broker - F-Secure Corporation - C:\Programfiler\F-Secure\Common\FNRB32.EXE

O23 - Service: F-Secure Management Agent (FSMA) - F-Secure Corporation - C:\Programfiler\F-Secure\Common\FSMA32.EXE

O23 - Service: Google Updater Service (gusvc) - Google - C:\Programfiler\Google\Common\Google Updater\GoogleUpdaterService.exe

O23 - Service: iPod-tjeneste (iPod Service) - Apple Inc. - C:\Programfiler\iPod\bin\iPodService.exe

O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Programfiler\Java\jre6\bin\jqs.exe

O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINDOWS\system32\LEXBCES.EXE

O23 - Service: Intel® NMS (NMSSvc) - Intel Corporation - C:\WINDOWS\System32\NMSSvc.exe

O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe

--

End of file - 14902 bytes

Combofix

Klikk for å se/fjerne innholdet nedenfor

ComboFix 09-02-28.01 - Kristoffer 2009-03-01 17:00:40.2 - NTFSx86

Microsoft Windows XP Professional 5.1.2600.3.1252.47.1044.18.511.193 [GMT 1:00]

Kjører fra: c:\documents and settings\Kristoffer\Skrivebord\ComboFix.exe

* Resident AV is active

.

((((((((((((((((((((((((((((((((((((((( Andre slettinger )))))))))))))))))))))))))))))))))))))))))))))))))

.

---- Forrige skanning -------

.

c:\windows\IE4 Error Log.txt

.

((((((((((((((((((((((((((( Filer Opprettet Fra 2009-02-01 til 2009-03-01 )))))))))))))))))))))))))))))))))

.

2009-03-01 16:02 . 2009-03-01 16:02 <DIR> d-------- c:\programfiler\Trend Micro

2009-03-01 12:58 . 2008-04-13 19:45 10,368 --a------ c:\windows\SYSTEM32\DRIVERS\hidusb.sys

2009-03-01 12:58 . 2008-04-13 19:45 10,368 --a------ c:\windows\SYSTEM32\DLLCACHE\hidusb.sys

2009-02-28 18:54 . 2009-02-28 18:54 <DIR> d-------- c:\documents and settings\Kristoffer\Programdata\Malwarebytes

2009-02-28 18:53 . 2009-02-28 18:55 <DIR> d-------- c:\programfiler\Malwarebytes' Anti-Malware

2009-02-28 18:53 . 2009-02-28 18:53 <DIR> d-------- c:\documents and settings\All Users\Programdata\Malwarebytes

2009-02-28 18:53 . 2009-02-11 10:19 38,496 --a------ c:\windows\SYSTEM32\DRIVERS\mbamswissarmy.sys

2009-02-28 18:53 . 2009-02-11 10:19 15,504 --a------ c:\windows\SYSTEM32\DRIVERS\mbam.sys

.

(((((((((((((((((((((((((((((((((((((((( Find3M Rapport ))))))))))))))))))))))))))))))))))))))))))))))))))))

.

2009-03-01 16:11 --------- d-----w c:\documents and settings\Kristoffer\Programdata\Skype

2009-01-17 14:03 --------- d-----w c:\programfiler\Google

2009-01-16 20:31 3,594,752 ------w c:\windows\SYSTEM32\DLLCACHE\mshtml.dll

2009-01-16 09:06 410,984 ----a-w c:\windows\SYSTEM32\deploytk.dll

2009-01-16 09:05 --------- d-----w c:\programfiler\Java

2008-12-19 09:13 70,656 ------w c:\windows\SYSTEM32\DLLCACHE\ie4uinit.exe

2008-12-19 09:10 13,824 ------w c:\windows\SYSTEM32\DLLCACHE\ieudinit.exe

2008-12-19 05:25 634,024 ------w c:\windows\SYSTEM32\DLLCACHE\iexplore.exe

2008-12-19 05:23 161,792 ------w c:\windows\SYSTEM32\DLLCACHE\ieakui.dll

2008-12-11 10:57 333,952 ------w c:\windows\SYSTEM32\DLLCACHE\srv.sys

2006-07-11 18:33 45,416 -c--a-w c:\documents and settings\Kristoffer\Programdata\GDIPFONTCACHEV1.DAT

2006-06-01 05:36 45,416 -c--a-w c:\documents and settings\Alicia\Programdata\GDIPFONTCACHEV1.DAT

1998-10-14 09:19 10,000 -c--a-w c:\windows\INF\unregpn.exe

2008-11-21 17:59 32,768 --sha-w c:\windows\SYSTEM32\CONFIG\systemprofile\Lokale innstillinger\Logg\History.IE5\MSHist012008112120081122\index.dat

.

(((((((((((((((((((((((((((((((( Oppstartspunkter I Registeret )))))))))))))))))))))))))))))))))))))))))))))

.

*Merk* tomme oppføringer & gyldige standardoppføringer vises ikke

REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"System Soap Pro"="c:\progra~1\SYSTEM~1\soap.exe" [2003-08-21 777728]

"MSMSGS"="c:\programfiler\Messenger\msmsgs.exe" [2008-04-14 1695232]

"LDM"="c:\programfiler\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe" [2007-02-16 67128]

"LogitechSoftwareUpdate"="c:\programfiler\Logitech\Video\ManifestEngine.exe" [2004-10-08 196608]

"ctfmon.exe"="c:\windows\system32\ctfmon.exe" [2008-04-14 15360]

"VideoCall"="c:\programfiler\Logitech\VideoCall\VideoCall.exe" [2004-11-12 65602]

"Skype"="c:\programfiler\Skype\Phone\Skype.exe" [2006-07-21 20036648]

"gStart"="c:\garmin\gStart.exe" [2005-01-20 1896448]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"ATIPTA"="c:\programfiler\ATI Technologies\ATI Control Panel\atiptaxx.exe" [2002-08-14 290816]

"DiTask.exe"="c:\programfiler\Eicon\Diva\DiTask.exe" [2002-04-10 143360]

"Divamon.exe"="c:\programfiler\Eicon\Diva\Divamon.exe" [2002-04-10 32768]

"Eicon TechnologyLAN_DAEMON"="c:\programfiler\Eicon\Diva\watch.exe" [2002-04-10 192512]

"CGServer"="c:\programfiler\Eicon\Diva\cgserver.exe" [2002-04-10 40960]

"DVDSentry"="c:\windows\System32\DSentry.exe" [2002-08-14 28672]

"AdaptecDirectCD"="c:\programfiler\Roxio\Easy CD Creator 5\DirectCD\DirectCD.exe" [2002-04-10 679936]

"zBrowser Launcher"="c:\programfiler\Logitech\iTouch\iTouch.exe" [2002-07-22 577602]

"EM_EXEC"="c:\progra~1\Logitech\MOUSEW~1\SYSTEM\EM_EXEC.EXE" [2002-07-09 28672]

"F-Secure Manager"="c:\programfiler\F-Secure\Common\FSM32.EXE" [2002-06-06 106571]

"QuickTime Task"="c:\programfiler\QuickTime\qttask.exe" [2007-02-16 282624]

"LVCOMSX"="c:\windows\System32\LVCOMSX.EXE" [2004-10-08 221184]

"LogitechVideoRepair"="c:\programfiler\Logitech\Video\ISStart.exe" [2004-10-08 458752]

"LogitechVideoTray"="c:\programfiler\Logitech\Video\LogiTray.exe" [2004-10-08 217088]

"AS00_Gear311T"="c:\programfiler\NETGEAR\WG311TSU\Utility\Gear311T.exe" [2004-05-12 458752]

"HP Software Update"="c:\programfiler\HP\HP Software Update\HPWuSchd2.exe" [2005-05-11 49152]

"iTunesHelper"="c:\programfiler\iTunes\iTunesHelper.exe" [2007-03-02 257088]

"SunJavaUpdateSched"="c:\programfiler\Java\jre6\bin\jusched.exe" [2009-01-16 136600]

"TraySantaCruz"="c:\windows\SYSTEM32\tbctray.exe" [2002-04-03 290816]

"ATIModeChange"="Ati2mdxx.exe" [2002-08-19 c:\windows\SYSTEM32\Ati2mdxx.exe]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]

"CTFMON.EXE"="c:\windows\System32\CTFMON.EXE" [2008-04-14 15360]

c:\documents and settings\All Users\Start-meny\Programmer\Oppstart\

BTTray.lnk - c:\programfiler\D-Link\Bluetooth-programvare\BTTray.exe [2005-07-26 577597]

HP Digital Imaging Monitor.lnk - c:\programfiler\HP\Digital Imaging\bin\hpqtra08.exe [2005-05-11 282624]

Logitech Desktop Messenger.lnk - c:\programfiler\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe [2007-02-16 67128]

Microsoft Office.lnk - c:\programfiler\Microsoft Office\Office10\OSA.EXE [2001-02-13 83360]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]

"VIDC.VDOM"= vdowave.drv

[HKEY_LOCAL_MACHINE\software\microsoft\security center]

"AntiVirusOverride"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]

"%windir%\\system32\\sessmgr.exe"=

"c:\\Programfiler\\Eicon\\Diva\\watch.exe"=

"c:\\Programfiler\\Logitech\\VideoCall\\VideoCall.exe"=

"c:\\Programfiler\\Messenger\\msmsgs.exe"=

"c:\\WINDOWS\\PCHealth\\HelpCtr\\Binaries\\helpctr.exe"=

"c:\\Programfiler\\HP\\Digital Imaging\\bin\\hpqtra08.exe"=

"c:\\Programfiler\\HP\\Digital Imaging\\bin\\hpqste08.exe"=

"c:\\Programfiler\\HP\\Digital Imaging\\bin\\hpofxm08.exe"=

"c:\\Programfiler\\HP\\Digital Imaging\\bin\\hposfx08.exe"=

"c:\\Programfiler\\HP\\Digital Imaging\\bin\\hposid01.exe"=

"c:\\Programfiler\\HP\\Digital Imaging\\bin\\hpqscnvw.exe"=

"c:\\Programfiler\\HP\\Digital Imaging\\bin\\hpqkygrp.exe"=

"c:\\Programfiler\\HP\\Digital Imaging\\bin\\hpqCopy.exe"=

"c:\\Programfiler\\HP\\Digital Imaging\\bin\\hpfccopy.exe"=

"c:\\Programfiler\\HP\\Digital Imaging\\bin\\hpzwiz01.exe"=

"c:\\Programfiler\\HP\\Digital Imaging\\Unload\\HpqPhUnl.exe"=

"c:\\Programfiler\\HP\\Digital Imaging\\Unload\\HpqDIA.exe"=

"c:\\Programfiler\\HP\\Digital Imaging\\bin\\hpoews01.exe"=

"c:\\WINDOWS\\SYSTEM32\\LEXPPS.EXE"=

"c:\\Programfiler\\Logitech\\Desktop Messenger\\8876480\\Program\\LogitechDesktopMessenger.exe"=

"c:\\Programfiler\\iTunes\\iTunes.exe"=

"c:\\StubInstaller.exe"=

"%windir%\\Network Diagnostic\\xpnetdiag.exe"=

"c:\\Programfiler\\Windows Live\\Messenger\\msnmsgr.exe"=

"c:\\Programfiler\\Windows Live\\Messenger\\livecall.exe"=

"c:\\Programfiler\\Skype\\Phone\\Skype.exe"=

R0 DiMaint;Eicon Maintenance Driver;c:\windows\SYSTEM32\DRIVERS\DISDN\dimaint.sys [1980-01-01 91408]

R2 BackWeb Client - 7681197;F-Secure BackWeb;c:\progra~1\F-Secure\BackWeb\7681197\Program\SERVIC~1.EXE [2003-05-18 16384]

R2 DiCapi;Eicon CAPI 2.0 Driver;c:\windows\SYSTEM32\DRIVERS\DISDN\capi202k.sys [1980-01-01 181168]

R2 DiPort;Eicon Port Driver;c:\windows\SYSTEM32\DRIVERS\DISDN\diport40.sys [1980-01-01 206976]

R2 F-Secure Filter;F-Secure File System Filter;c:\programfiler\F-Secure\Anti-Virus\win2k\FSfilter.sys [2003-05-18 47280]

R2 F-Secure Gatekeeper;F-Secure Gatekeeper;c:\programfiler\F-Secure\Anti-Virus\win2k\fsgk.sys [2003-05-18 35152]

R2 F-Secure Recognizer;F-Secure File System Recognizer;c:\programfiler\F-Secure\Anti-Virus\win2k\FSrec.sys [2003-05-18 15984]

R2 FSpm;F-Secure Policy Manager;c:\programfiler\F-Secure\Common\FSpm.sys [2003-05-18 65328]

R3 AWINDIS5;AWINDIS5 Protocol Driver;c:\windows\SYSTEM32\AWINDIS5.SYS [2005-06-23 16194]

R3 DiWan;Eicon Driver for all Diva Client cards;c:\windows\SYSTEM32\DRIVERS\DISDN\Diwan.sys [1980-01-01 911920]

R3 NETGEAR_WG311T_SERVICE;NETGEAR WG311T Wireless Adapter Service;c:\windows\SYSTEM32\DRIVERS\wg311tn5.sys [2005-06-23 346784]

R3 tbcspud;Santa Cruz Driver;c:\windows\SYSTEM32\DRIVERS\tbcspud.sys [1980-01-01 144768]

R3 tbcwdm;Santa Cruz WDM Driver;c:\windows\SYSTEM32\DRIVERS\tbcwdm.sys [1980-01-01 545088]

S3 LCcfltr;Logitech USB Filter Driver;c:\windows\SYSTEM32\DRIVERS\LCCFLTR.SYS [2003-02-26 13724]

S3 vtdg46xx;vtdg46xx;c:\progra~1\TURTLE~1\SANTAC~1\CONTRO~1\vtdg46xx.sys [2003-02-06 19232]

.

Innholdet i mappen 'Scheduled Tasks' (planlagte oppgaver)

2007-10-01 c:\windows\Tasks\AppleSoftwareUpdate.job

- c:\programfiler\Apple Software Update\SoftwareUpdate.exe [2007-01-10 15:42]

2009-03-01 c:\windows\Tasks\Se etter oppdateringer for Windows Live Toolbar.job

- c:\programfiler\Windows Live Toolbar\MSNTBUP.EXE [2007-10-19 11:20]

.

- - - - TOMME PEKERE FJERNET - - - -

HKLM-Run-ICQ Net - c:\windows\winlogon.exe

HKLM-Run-avserve2.exe - c:\windows\avserve2.exe

HKLM-Run-skynetave.exe - c:\windows\skynetave.exe

.

------- Tilleggsskanning -------

.

uStart Page = hxxp://www.yahoo.com

uSearchMigratedDefaultURL = hxxp://search.yahoo.com/search?p={searchTerms}&ei=utf-8&fr=b1ie7

mStart Page = hxxp://www.yahoo.com

uInternet Connection Wizard,ShellNext = iexplore

uInternet Settings,ProxyOverride = localhost

uSearchURL,(Default) = hxxp://us.rd.yahoo.com/customize/ycomp/defaults/su/*http://www.yahoo.com

IE: &Search - http://bar.mywebsearch.com/menusearch.html...NO_ZCxdm482YYNO

IE: &Windows Live Search - c:\programfiler\Windows Live Toolbar\msntb.dll/search.htm

IE: Add to Windows &Live Favorites - http://favorites.live.com/quickadd.aspx

IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~3\Office10\EXCEL.EXE/3000

IE: Send til &Bluetooth - c:\programfiler\D-Link\Bluetooth-programvare\btsendto_ie_ctx.htm

IE: Åpne i ny bakgrunnsflik - c:\programfiler\Windows Live Toolbar\Components\nb-no\msntabres.dll.mui/229?41e6c77fb0d04f58bd68b43c9ffa2891

IE: Åpne i ny forgrunnsflik - c:\programfiler\Windows Live Toolbar\Components\nb-no\msntabres.dll.mui/230?41e6c77fb0d04f58bd68b43c9ffa2891

Handler: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - c:\programfiler\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll

DPF: DirectAnimation Java Classes - file://c:\windows\Java\classes\dajava.cab

DPF: Microsoft XML Parser for Java - file://c:\windows\Java\classes\xmldso.cab

DPF: {5CD4310E-88FB-43C1-BE24-5F3FA9C5C9D1} - hxxp://www.tvlution.com/KooPlayer.ocx

DPF: {CA034DCC-A580-4333-B52F-15F98C42E04C} - hxxps://www.stopzilla.com/_download/Auto_Installer/dwnldr.cab

.

**************************************************************************

catchme 0.3.1367 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net

Rootkit scan 2009-03-01 17:11:02

Windows 5.1.2600 Service Pack 3 NTFS

skanner skjulte prosesser ...

skanner skjulte autostart-oppføringer ...

skanner skjulte filer ...

**************************************************************************

.

Tidspunkt ferdig: 2009-03-01 17:17:09

ComboFix-quarantined-files.txt 2009-03-01 16:15:21

Pre-Run: 65,990,983,680 byte ledig

Post-Run: 65,974,534,144 byte ledig

174 --- E O F --- 2009-03-01 12:31:04

Håper noen tar seg tid til å se på de

15. februar 2009

Har nettopp ekprimentert litt med klokking av min U100. Har egentlig bare satt den opp til 24% boost i bios for å se om det ble noen merkbar ytelse i TMNF, noe det selvfølgelig gjorde . Så sjekket jeg temperaturer i Everest og lurer på om noen vet hva som er akseptabelt der?

Jeg har 82 grader på CPU diode og 64 på CPU under load.

12. februar 2009

Hmm, javel..

Takk for hjelp

12. februar 2009

Symptomer: Maskinen går tregt.

MBAM

Klikk for å se/fjerne innholdet nedenfor

Malwarebytes' Anti-Malware 1.34

Databaseversjon: 1753

Windows 6.0.6001 Service Pack 1

12.02.2009 10:15:18

mbam-log-2009-02-12 (10-15-18).txt

Skanntype: Rask Skann

Objekter skannet: 62062

Tid tilbakelagt: 15 minute(s), 8 second(s)

Minneprosesser infisert: 0

Minnemoduler infisert: 0

Registernøkler infisert: 0

Registerverdier infisert: 0

Registerfiler infisert: 0

Mapper infisert: 0

Filer infisert: 0

Minneprosesser infisert:

(Ingen mistenkelige filer funnet)

Minnemoduler infisert:

(Ingen mistenkelige filer funnet)

Registernøkler infisert:

(Ingen mistenkelige filer funnet)

Registerverdier infisert:

(Ingen mistenkelige filer funnet)

Registerfiler infisert:

(Ingen mistenkelige filer funnet)

Mapper infisert:

(Ingen mistenkelige filer funnet)

Filer infisert:

(Ingen mistenkelige filer funnet)

Combofix

Klikk for å se/fjerne innholdet nedenfor

ComboFix 09-02-11.02 - Hans Martin 2009-02-12 10:46:10.1 - NTFSx86

Microsoft® Windows Vista™ Home Premium 6.0.6001.1.1252.1.1044.18.3037.1965 [GMT 1:00]

Kjører fra: c:\users\Hans Martin\Downloads\ComboFix.exe

* Opprettet nytt gjenopprettingspunkt

* Resident AV is active

.

((((((((((((((((((((((((((((((((((((((( Andre slettinger )))))))))))))))))))))))))))))))))))))))))))))))))

.

c:\users\Hans Martin\AppData\Roaming\.#

.

((((((((((((((((((((((((((( Filer Opprettet Fra 2009-01-12 til 2009-02-12 )))))))))))))))))))))))))))))))))

.

2009-02-12 09:38 . 2009-02-12 09:38 <DIR> d-------- c:\users\Hans Martin\AppData\Roaming\Malwarebytes

2009-02-12 09:38 . 2009-02-12 09:38 <DIR> d-------- c:\users\All Users\Malwarebytes

2009-02-12 09:38 . 2009-02-12 09:38 <DIR> d-------- c:\programdata\Malwarebytes

2009-02-12 09:38 . 2009-02-12 09:38 <DIR> d-------- c:\program files\Malwarebytes' Anti-Malware

2009-02-12 09:38 . 2009-02-11 10:19 38,496 --a------ c:\windows\System32\drivers\mbamswissarmy.sys

2009-02-12 09:38 . 2009-02-11 10:19 15,504 --a------ c:\windows\System32\drivers\mbam.sys

2009-02-12 00:40 . 2009-02-12 00:40 <DIR> d-------- c:\users\Hans Martin\AppData\Roaming\Template

2009-02-12 00:39 . 2009-02-12 00:39 0 --a------ c:\users\Hans Martin\AppData\Roaming\wklnhst.dat

2009-02-11 20:48 . 2009-01-15 04:36 1,383,424 --a------ c:\windows\System32\mshtml.tlb

2009-02-11 20:48 . 2009-01-15 07:11 827,392 --a------ c:\windows\System32\wininet.dll

2009-02-09 20:23 . 2009-02-09 20:23 <DIR> d-------- c:\users\Hans Martin\AppData\Roaming\Uniblue

2009-02-09 20:23 . 2009-02-09 20:43 <DIR> d-------- c:\users\All Users\DriverScanner

2009-02-09 20:23 . 2009-02-09 20:43 <DIR> d-------- c:\programdata\DriverScanner

2009-02-09 20:23 . 2009-02-09 20:23 <DIR> d-------- c:\program files\Uniblue

2009-02-09 20:21 . 2009-02-09 20:23 <DIR> d--h-c--- c:\users\All Users\{148D8B8A-8F96-4822-81EC-D510B626B7D5}

2009-02-09 20:21 . 2009-02-09 20:23 <DIR> d--h-c--- c:\programdata\{148D8B8A-8F96-4822-81EC-D510B626B7D5}

2009-01-22 18:02 . 2009-01-22 18:02 <DIR> d-------- c:\windows\Sun

2009-01-22 13:05 . 2009-01-22 13:06 214,821,071 --a------ c:\windows\MEMORY.DMP

2009-01-15 18:31 . 2009-01-22 12:21 <DIR> d-------- c:\users\Hans Martin\AppData\Roaming\LimeWire

2009-01-15 18:30 . 2009-01-15 18:30 <DIR> d-------- c:\program files\Java

2009-01-15 18:30 . 2009-01-15 18:30 410,984 --a------ c:\windows\System32\deploytk.dll

2009-01-15 18:27 . 2009-01-15 18:27 <DIR> d-------- c:\program files\LimeWire

2009-01-14 23:59 . 2008-12-16 03:42 288,768 --a------ c:\windows\System32\drivers\srv.sys

.

(((((((((((((((((((((((((((((((((((((((( Find3M Rapport ))))))))))))))))))))))))))))))))))))))))))))))))))))

.

2009-02-12 06:48 --------- d-----w c:\program files\Windows Mail

2009-02-05 11:32 --------- d-----w c:\program files\McAfee

2009-01-23 07:52 --------- d-----w c:\programdata\TrackMania

2009-01-17 02:22 --------- d-----w c:\program files\Google

2009-01-11 14:10 --------- d-----w c:\program files\SiteAdvisor

2009-01-01 14:13 --------- d-----w c:\program files\Steam

2008-12-31 18:22 --------- d-----w c:\users\Hans Martin\AppData\Roaming\CyberLink

2008-12-31 18:22 --------- d-----w c:\programdata\CyberLink

2008-12-31 14:22 --------- d-----w c:\users\Hans Martin\AppData\Roaming\vlc

2008-12-30 22:39 0 ---ha-w c:\windows\system32\drivers\Msft_User_WpdFs_01_00_00.Wdf

2008-12-30 22:09 --------- d-----w c:\programdata\Microsoft Help

2008-12-30 21:53 --------- d-----w c:\program files\MSXML 4.0

2008-12-30 21:53 --------- d-----w c:\program files\Microsoft Works

2008-12-30 21:25 --------- d-----w c:\programdata\SiteAdvisor

2008-12-30 21:25 --------- d-----w c:\programdata\McAfee

2008-12-30 18:58 --------- d-----w c:\program files\Common Files\Steam

2008-12-30 18:38 --------- d-----w c:\program files\VideoLAN

2008-12-30 18:34 --------- d-----w c:\users\Hans Martin\AppData\Roaming\Apple Computer

2008-12-30 18:33 --------- d-----w c:\programdata\Apple Computer

2008-12-30 18:33 --------- d-----w c:\programdata\{3276BE95_AF08_429F_A64F_CA64CB79BCF6}

2008-12-30 18:33 --------- d-----w c:\program files\iTunes

2008-12-30 18:33 --------- d-----w c:\program files\iPod

2008-12-30 18:33 --------- d-----w c:\program files\Common Files\Apple

2008-12-30 18:32 --------- d-----w c:\program files\QuickTime

2008-12-30 18:32 --------- d-----w c:\program files\Bonjour

2008-12-30 18:20 --------- d-----w c:\program files\Apple Software Update

2008-12-30 18:19 --------- d-----w c:\programdata\Apple

2008-12-30 16:14 --------- dcsh--w c:\program files\Common Files\WindowsLiveInstaller

2008-12-30 16:14 --------- d-----w c:\program files\Windows Live

2008-12-30 16:11 --------- d-----w c:\programdata\WLInstaller

2008-12-30 15:04 --------- d--h--w c:\program files\InstallShield Installation Information

2008-12-30 15:04 --------- d-----w c:\programdata\Temp

2008-12-30 15:03 --------- d-----w c:\program files\Acer GameZone

2008-12-30 15:02 --------- d-----w c:\users\Hans Martin\AppData\Roaming\ATI

2008-12-30 15:02 --------- d-----w c:\programdata\ATI

2008-12-30 01:38 --------- d-----w c:\program files\AMD

2008-12-29 21:20 --------- d-----w c:\program files\Acer Incorporated

2008-12-29 21:19 --------- d-----w c:\program files\Acer Arcade Deluxe

2008-12-29 20:46 0 ---ha-w c:\windows\system32\drivers\Msft_Kernel_Apfiltr_01005.Wdf

2008-12-29 20:46 --------- d-----w c:\program files\Acer Inc

2008-12-29 20:45 --------- d-----w c:\program files\Apoint2K

2008-12-29 20:40 --------- d-----w c:\program files\Launch Manager

2008-12-29 20:37 --------- d-----w c:\program files\ATI Technologies

2008-12-29 20:18 --------- d-----w c:\program files\ATI

2008-12-29 19:54 --------- d-----w c:\program files\Acer

2008-12-29 19:51 --------- d-sh--w c:\programdata\Start-meny

2008-12-29 19:51 --------- d-sh--w c:\programdata\Skrivebord

2008-12-29 19:51 --------- d-sh--w c:\programdata\Programdata

2008-12-29 19:51 --------- d-sh--w c:\programdata\Maler

2008-12-29 19:51 --------- d-sh--w c:\programdata\Favoritter

2008-12-29 19:51 --------- d-sh--w c:\programdata\Dokumenter

2008-12-29 19:51 --------- d-sh--w c:\program files\Fellesfiler

2008-01-21 02:43 174 --sha-w c:\program files\desktop.ini

.

(((((((((((((((((((((((((((((((( Oppstartspunkter I Registeret )))))))))))))))))))))))))))))))))))))))))))))

.

*Merk* tomme oppføringer & gyldige standardoppføringer vises ikke

REGEDIT4

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\egisPSDP]

@="{30A0A3F6-38AC-4C53-BB8B-0D95238E25BA}"

[HKEY_CLASSES_ROOT\CLSID\{30A0A3F6-38AC-4C53-BB8B-0D95238E25BA}]

2008-03-04 22:38 121392 --a------ c:\program files\Acer\Empowering Technology\eDataSecurity\x86\PSDProtect.dll

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"WMPNSCFG"="c:\program files\Windows Media Player\WMPNSCFG.exe" [2008-01-21 202240]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"Windows Defender"="c:\program files\Windows Defender\MSASCui.exe" [2008-01-21 1008184]

"mcagent_exe"="c:\program files\McAfee.com\Agent\mcagent.exe" [2007-08-03 582992]

"ePower_DMC"="c:\program files\Acer\Empowering Technology\ePower\ePower_DMC.exe" [2008-05-09 397312]

"eDataSecurity Loader"="c:\program files\Acer\Empowering Technology\eDataSecurity\x86\eDSloader.exe" [2008-03-04 526896]

"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2007-03-08 40048]

"BkupTray"="c:\program files\NewTech Infosystems\NTI Backup Now 5\BkupTray.exe" [2008-04-25 28672]

"PLFSetI"="c:\windows\PLFSetI.exe" [2007-10-23 200704]

"WarReg_PopUp"="c:\program files\Acer\WR_PopUp\WarReg_PopUp.exe" [2008-01-29 303104]

"Google Desktop Search"="c:\program files\Google\Google Desktop Search\GoogleDesktop.exe" [2008-12-29 24064]

"StartCCC"="c:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2008-01-21 61440]

"LManager"="c:\progra~1\LAUNCH~1\LManager.exe" [2008-05-27 850440]

"Apoint"="c:\program files\Apoint2K\Apoint.exe" [2007-07-21 159744]

"eAudio"="c:\program files\Acer\Empowering Technology\eAudio\eAudio.exe" [2008-05-30 544768]

"ArcadeDeluxeAgent"="c:\program files\Acer Arcade Deluxe\Acer Arcade Deluxe\ArcadeDeluxeAgent.exe" [2008-05-12 147456]

"PlayMovie"="c:\program files\Acer Arcade Deluxe\PlayMovie\PMVService.exe" [2008-05-12 167936]

"CLMLServer"="c:\program files\Acer Arcade Deluxe\Acer Arcade Deluxe\Kernel\CLML\CLMLSvc.exe" [2008-05-12 167936]

"SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2009-01-15 136600]

"RtHDVCpl"="RtHDVCpl.exe" [2008-04-28 c:\windows\RtHDVCpl.exe]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]

"EnableUIADesktopToggle"= 0 (0x0)

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]

"AppInit_DLLs"=c:\progra~1\Google\GOOGLE~1\GOEC62~1.DLL

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]

SetupExecute REG_MULTI_SZ \0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]

@="Driver"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper]

--a------ 2008-11-20 13:20 290088 c:\program files\iTunes\iTunesHelper.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]

--a------ 2008-11-04 10:30 413696 c:\program files\QuickTime\QTTask.exe

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\McAfeeAntiSpyware]

"DisableMonitoring"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\DomainProfile]

"EnableFirewall"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\FirewallRules]

"{88BF001A-9987-4DD2-9B09-0D1250DCB920}"= Profile=Private|Profile=Public|c:\program files\Common Files\Mcafee\MNA\McNaSvc.exe:McAfee Network Agent

"{211A2D2F-B9CE-4DA3-BEE1-44529DE3BAA0}"= UDP:c:\program files\Microsoft Office\Office12\ONENOTE.EXE:Microsoft Office OneNote

"{4CEEF326-38AE-436A-AD07-37F30156BDE2}"= TCP:c:\program files\Microsoft Office\Office12\ONENOTE.EXE:Microsoft Office OneNote

"{B9E66FE4-6D43-43F7-9A2D-DE44F7B2F57F}"= c:\program files\Cyberlink\PowerDirector\PDR.EXE:CyberLink PowerDirector

"{0CF90B2C-0E12-4B0C-A7FC-035E5E4B4B24}"= UDP:c:\program files\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe:SchedulerSvc.exe

"{54A8E449-C730-4705-922D-01AF15F3DEAF}"= TCP:c:\program files\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe:SchedulerSvc.exe

"{74918C60-6D94-47F5-A813-2CF39A5672AA}"= UDP:c:\program files\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe:BackupSvc.exe

"{1CEA23D8-6EA7-4FC2-8681-E994B5BE7D8A}"= UDP:c:\program files\NewTech Infosystems\NTI Backup Now 5\Client\Agentsvc.exe:AgentSvc.exe

"{D9FAD534-8285-4065-9AA4-3556434FB2B0}"= TCP:c:\program files\NewTech Infosystems\NTI Backup Now 5\Client\Agentsvc.exe:AgentSvc.exe

"{3987C1E3-04CB-4619-9D5B-2A88EA3BE5DC}"= TCP:c:\program files\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe:BackupSvc.exe

"{9F6DCD7E-DBD8-4FA9-9BDA-C1AFE17822D9}"= c:\program files\Acer Arcade Deluxe\Acer Arcade Deluxe\Acer Arcade Deluxe.exe:Acer Arcade Deluxe

"{8CCB968A-AA72-4E72-B5C8-3D78BCA50F9B}"= c:\program files\Acer Arcade Deluxe\PlayMovie\PlayMovie.exe:Acer Play Movie

"{09871E04-1BD7-406A-9EB5-B65EA982FF3F}"= c:\program files\Acer Arcade Deluxe\PlayMovie\PMVService.exe:Acer Play Movie Resident Program

"{E32FD8C3-FD1B-4A6E-BA89-2C453029D234}"= c:\program files\Acer Arcade Deluxe\HomeMedia\HomeMedia.exe:Acer HomeMedia

"{EBEC2E1A-0234-4577-A003-137F5E901AF4}"= c:\program files\Windows Live\Messenger\livecall.exe:Windows Live Messenger (Phone)

"{B6E3983C-B1B8-48EA-9495-804A3EBE471C}"= UDP:c:\program files\Bonjour\mDNSResponder.exe:Bonjour

"{43D6A6D3-4C5D-43B7-B340-B9C863AD45BC}"= TCP:c:\program files\Bonjour\mDNSResponder.exe:Bonjour

"{035F5CF9-8374-48E5-93F9-3C82A57AA27F}"= UDP:c:\program files\iTunes\iTunes.exe:iTunes

"{F9197454-8898-404D-90F0-97AE07DBB148}"= TCP:c:\program files\iTunes\iTunes.exe:iTunes

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\PublicProfile]

"EnableFirewall"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\StandardProfile]

"EnableFirewall"= 0 (0x0)

R2 {49DE1C67-83F8-4102-99E0-C16DCC7EEC796};{49DE1C67-83F8-4102-99E0-C16DCC7EEC796};c:\program files\Acer Arcade Deluxe\PlayMovie\000.fcl [2008-12-29 22:13:08 61424]

R2 BUNAgentSvc;NTI Backup Now 5 Agent Service;c:\program files\NewTech Infosystems\NTI Backup Now 5\Client\Agentsvc.exe [2008-03-03 16384]

R2 CLHNService;CLHNService;c:\program files\Acer Arcade Deluxe\HomeMedia\Kernel\DMP\CLHNService.exe [2008-12-29 81504]

R2 ETService;Empowering Technology Service;c:\program files\Acer\Empowering Technology\Service\ETService.exe [2008-05-22 24576]

R2 McAfee SiteAdvisor Service;McAfee SiteAdvisor Service;c:\program files\McAfee\SiteAdvisor\McSACore.exe [2008-12-30 203280]

R2 NTIBackupSvc;NTI Backup Now 5 Backup Service;c:\program files\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe [2008-04-25 45056]

R2 NTIPPKernel;NTIPPKernel;c:\program files\Acer Arcade Deluxe\HomeMedia\Kernel\DMP\NTIPPKernel.sys [2008-12-29 122368]

R2 NTISchedulerSvc;NTI Backup Now 5 Scheduler Service;c:\program files\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe [2008-04-25 131072]

R3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0;c:\windows\System32\drivers\b57nd60x.sys [2008-05-23 210432]

R3 enecir;ENE CIR Receiver;c:\windows\System32\drivers\enecir.sys [2008-05-23 54784]

R3 usbfilter;AMD USB Filter Driver;c:\windows\System32\drivers\usbfilter.sys [2008-12-30 22072]

S3 GoogleDesktopManager-080708-050100;Google Desktop Manager 5.7.808.7150;c:\program files\Google\Google Desktop Search\GoogleDesktop.exe [2008-12-29 24064]

S3 JMCR;JMCR;c:\windows\System32\drivers\jmcr.sys [2008-05-22 93968]

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{0c20a596-d6c2-11dd-8cfd-001eecc91e83}]

\shell\AutoRun\command - G:\LaunchU3.exe -a

.

Innholdet i mappen 'Scheduled Tasks' (planlagte oppgaver)

2008-05-22 c:\windows\Tasks\McDefragTask.job

- c:\progra~1\mcafee\mqc\QcConsol.exe [2007-12-04 13:32]

2008-05-22 c:\windows\Tasks\McQcTask.job

- c:\progra~1\mcafee\mqc\QcConsol.exe [2007-12-04 13:32]

.

- - - - TOMME PEKERE FJERNET - - - -

HKLM-Run-eRecoveryService - (no file)

.

------- Tilleggsskanning -------

.

mStart Page = hxxp://no.intl.acer.yahoo.com

mDefault_Page_URL = hxxp://no.intl.acer.yahoo.com

uInternet Settings,ProxyOverride = *.local

IE: E&ksporter til Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000

FF - ProfilePath - c:\users\Hans Martin\AppData\Roaming\Mozilla\Firefox\Profiles\g8ahkw8y.default\

FF - component: c:\program files\McAfee\SiteAdvisor\components\McFFPlg.dll

---- FIREFOX POLICIES ----

c:\program files\Mozilla Firefox\defaults\pref\firefox-l10n.js - pref("browser.fixup.alternate.suffix", ".no");

.

**************************************************************************

catchme 0.3.1367 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net

Rootkit scan 2009-02-12 10:53:59

Windows 6.0.6001 Service Pack 1 NTFS

skanner skjulte prosesser ...

skanner skjulte autostart-oppføringer ...

skanner skjulte filer ...

skanning vellykket

skjulte filer: 0

**************************************************************************

.

--------------------- DLL'er Lastet Av Kjørende Prosesser ---------------------

- - - - - - - > 'Explorer.exe'(3968)

c:\program files\McAfee\SiteAdvisor\saHook.dll

c:\program files\Acer\Empowering Technology\eDataSecurity\x86\PSDProtect.dll

c:\program files\Acer\Empowering Technology\eDataSecurity\x86\sysenv.dll

c:\windows\System32\SysHook.dll

.

Tidspunkt ferdig: 2009-02-12 10:59:13

ComboFix-quarantined-files.txt 2009-02-12 09:58:57

Pre-Run: 68 828 147 712 byte ledig

Post-Run: 71,253,327,872 byte ledig

220 --- E O F --- 2009-02-12 07:07:43

HJT

Klikk for å se/fjerne innholdet nedenfor

Logfile of Trend Micro HijackThis v2.0.2

Scan saved at 11:02:52, on 12.02.2009

Platform: Windows Vista SP1 (WinNT 6.00.1905)

MSIE: Internet Explorer v7.00 (7.00.6001.18000)

Boot mode: Normal

Running processes:

c:\PROGRA~1\mcafee.com\agent\mcagent.exe

C:\Windows\system32\Dwm.exe

C:\Windows\system32\taskeng.exe

C:\Windows\RtHDVCpl.exe

C:\Program Files\Acer\Empowering Technology\ePower\ePower_DMC.exe

C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDSLoader.exe

C:\Program Files\NewTech Infosystems\NTI Backup Now 5\BkupTray.exe

C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe

C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe

C:\Program Files\Apoint2K\Apoint.exe

C:\Program Files\Acer\Empowering Technology\eAudio\eAudio.exe

C:\Program Files\Acer Arcade Deluxe\Acer Arcade Deluxe\ArcadeDeluxeAgent.exe

C:\Program Files\Acer Arcade Deluxe\PlayMovie\PMVService.exe

C:\Program Files\Acer Arcade Deluxe\Acer Arcade Deluxe\Kernel\CLML\CLMLSvc.exe

C:\Program Files\Java\jre6\bin\jusched.exe

C:\Program Files\Acer\Empowering Technology\eAudio\eAudio.exe

C:\Program Files\Windows Media Player\wmpnscfg.exe

C:\Windows\system32\wbem\unsecapp.exe

C:\Program Files\Apoint2K\Apntex.exe

C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe

C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe

C:\Windows\Explorer.exe

C:\Program Files\Mozilla Firefox\firefox.exe

c:\PROGRA~1\mcafee\VIRUSS~1\mcvsshld.exe

C:\Windows\explorer.exe

C:\Users\Hans Martin\Downloads\test.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://homepage.acer.com/rdr.aspx?b=ACAW&a...p;m=aspire_5530

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://no.intl.acer.yahoo.com

R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =

O1 - Hosts: ::1 localhost

O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - (no file)

O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll

O2 - BHO: McAntiPhishingBHO - {377C180E-6F0E-4D4C-980F-F45BD3D40CF4} - c:\PROGRA~1\mcafee\msk\mcapbho.dll

O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll

O2 - BHO: scriptproxy - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files\McAfee\VirusScan\scriptsn.dll

O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)

O2 - BHO: ShowBarObj Class - {83A2F9B1-01A2-4AA5-87D1-45B6B8505E96} - C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\ActiveToolBand.dll

O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll

O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.0.926.3450\swg.dll

O2 - BHO: McAfee SiteAdvisor BHO - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll

O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_219B3E1547538286.dll

O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll

O3 - Toolbar: Acer eDataSecurity Management - {5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDStoolbar.dll

O3 - Toolbar: McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll

O3 - Toolbar: &Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll

O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe

O4 - HKLM\..\Run: [mcagent_exe] C:\Program Files\McAfee.com\Agent\mcagent.exe /runkey

O4 - HKLM\..\Run: [ePower_DMC] C:\Program Files\Acer\Empowering Technology\ePower\ePower_DMC.exe

O4 - HKLM\..\Run: [eDataSecurity Loader] C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDSloader.exe

O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"

O4 - HKLM\..\Run: [bkupTray] "C:\Program Files\NewTech Infosystems\NTI Backup Now 5\BkupTray.exe"

O4 - HKLM\..\Run: [PLFSetI] C:\Windows\PLFSetI.exe

O4 - HKLM\..\Run: [WarReg_PopUp] C:\Program Files\Acer\WR_PopUp\WarReg_PopUp.exe

O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup

O4 - HKLM\..\Run: [startCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun

O4 - HKLM\..\Run: [LManager] C:\PROGRA~1\LAUNCH~1\LManager.exe

O4 - HKLM\..\Run: [Apoint] C:\Program Files\Apoint2K\Apoint.exe

O4 - HKLM\..\Run: [eAudio] "C:\Program Files\Acer\Empowering Technology\eAudio\eAudio.exe"

O4 - HKLM\..\Run: [ArcadeDeluxeAgent] "C:\Program Files\Acer Arcade Deluxe\Acer Arcade Deluxe\ArcadeDeluxeAgent.exe"

O4 - HKLM\..\Run: [PlayMovie] "C:\Program Files\Acer Arcade Deluxe\PlayMovie\PMVService.exe"

O4 - HKLM\..\Run: [CLMLServer] "C:\Program Files\Acer Arcade Deluxe\Acer Arcade Deluxe\Kernel\CLML\CLMLSvc.exe"

O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"

O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe

O8 - Extra context menu item: E&ksporter til Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000

O9 - Extra button: Send til OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll

O9 - Extra 'Tools' menuitem: S&end til OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll

O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL

O13 - Gopher Prefix:

O18 - Protocol: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll

O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~1\GOEC62~1.DLL

O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe

O23 - Service: Ati External Event Utility - ATI Technologies Inc. - C:\Windows\system32\Ati2evxx.exe

O23 - Service: Bonjour-tjeneste (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe

O23 - Service: NTI Backup Now 5 Agent Service (BUNAgentSvc) - NewTech Infosystems, Inc. - C:\Program Files\NewTech Infosystems\NTI Backup Now 5\Client\Agentsvc.exe

O23 - Service: CLHNService - Unknown owner - C:\Program Files\Acer Arcade Deluxe\HomeMedia\Kernel\DMP\CLHNService.exe

O23 - Service: eDataSecurity Service - Egis Incorporated - C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDSService.exe

O23 - Service: Empowering Technology Service (ETService) - Unknown owner - C:\Program Files\Acer\Empowering Technology\Service\ETService.exe

O23 - Service: Google Desktop Manager 5.7.808.7150 (GoogleDesktopManager-080708-050100) - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe

O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe

O23 - Service: iPod-tjeneste (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe

O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe

O23 - Service: McAfee SiteAdvisor Service - Unknown owner - C:\Program Files\McAfee\SiteAdvisor\McSACore.exe

O23 - Service: McAfee Services (mcmscsvc) - McAfee, Inc. - C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe

O23 - Service: McAfee Network Agent (McNASvc) - McAfee, Inc. - c:\PROGRA~1\COMMON~1\mcafee\mna\mcnasvc.exe

O23 - Service: McAfee Scanner (McODS) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcods.exe

O23 - Service: McAfee Proxy Service (McProxy) - McAfee, Inc. - c:\PROGRA~1\COMMON~1\mcafee\mcproxy\mcproxy.exe

O23 - Service: McAfee Real-time Scanner (McShield) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe

O23 - Service: McAfee SystemGuards (McSysmon) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe

O23 - Service: MobilityService - Unknown owner - C:\Acer\Mobility Center\MobilityService.exe

O23 - Service: McAfee Personal Firewall Service (MpfService) - McAfee, Inc. - C:\Program Files\McAfee\MPF\MPFSrv.exe

O23 - Service: McAfee Anti-Spam Service (MSK80Service) - McAfee, Inc. - C:\Program Files\McAfee\MSK\MskSrver.exe

O23 - Service: NTI Backup Now 5 Backup Service (NTIBackupSvc) - NewTech InfoSystems, Inc. - C:\Program Files\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe

O23 - Service: NTI Backup Now 5 Scheduler Service (NTISchedulerSvc) - Unknown owner - C:\Program Files\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe

O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\Cyberlink\Shared files\RichVideo.exe

O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files\Common Files\Steam\SteamService.exe

O23 - Service: XAudioService - Conexant Systems, Inc. - C:\Windows\system32\DRIVERS\xaudio.exe

--

End of file - 9667 bytes

11. februar 2009

Hadde et ganske likt scenario selv for noen mnd siden. Forskjellen var vel at jeg tok steget å kysset henne. Dagen etterpå turde jeg ikke å ta kontakt Angrer bittert på dette da jeg er ganske sikker på at det kunne blitt noe mer.

Så nå noen mnd senere går det ikke en dag uten at jeg tenker på henne, men nå føler jeg liksom at det blir for sent.

Så mitt råd til deg er å ikke vente, du vil angre på det. Svarer hun ikke på mld, så ringer du, da får du vertfall "sannheten".

Logg inn

Enya

Innlegg

Ble med

Besøkte siden sist

Innholdstype

Profiler

Forum

Hendelser

Blogger

Om forumet

Innlegg skrevet av Enya

Kan noen se over loggene?

Påkjørt bakfra, men med vikeplikt?

Dimme pga dårlig rygg?

Dimme pga dårlig rygg?

Dimme pga dårlig rygg?

Eksamen, norsk muntlig - Litteraturhistorie 1800-1890. Tips til problemstilling?

Eksamen, norsk muntlig - Litteraturhistorie 1800-1890. Tips til problemstilling?

Hva savner du akkurat no?

Eksamen i Fysikk 2 våren 2009

Eksamen i Fysikk 2 våren 2009

Tradisjonell barbering og utstyr

Tradisjonell barbering og utstyr

Noen som gidder å se over loggene?

Noen som gidder å se over loggene?

Tradisjonell barbering og utstyr

Har jeg malware?

[Løst]Finne cosV med cosinussetningen

Tips til program..

Manchester United

Analysering av logger

Analysering av logger

MSI Wind Notebook tråden

Virus, logger er med.

Virus, logger er med.

Ta kontakt dagen etter?