ComboFix 10-07-07.02 - Slawomir 08-07-2010 21:10:23.1.2 - x86
Microsoft Windows XP Professional 5.1.2600.3.1252.45.1033.18.2814.1824 [GMT 2:00]
Kører fra: c:\program files\gamigo AG\ComboFix.exe
Kommandoer benyttet :: c:\program files\gamigo AG\CFScript.txt
AV: avast! Antivirus *On-access scanning enabled* (Updated) {7591DB91-41F0-48A3-B128-1A293FD8233D}
AV: Microsoft Security Essentials *On-access scanning enabled* (Updated) {BCF43643-A118-4432-AEDE-D861FCBCFCDF}
FW: ZoneAlarm Firewall *enabled* {829BDA32-94B3-44F4-8446-F8FCFF809F8B}
advarsel -DENNE MASKINE HAR IKKE GENOPRETTELSESKONSOL INSTALLERET !!
.
((((((((((((((((((((((((((((( Filer skabt fra 2010-06-08 til 2010-07-08 )))))))))))))))))))))))))))))))))))
.
2010-07-07 15:13 . 2010-07-07 15:14 ———— d——-w- C:\Python31
2010-07-07 15:11 . 2010-07-07 15:11 ———— d——-w- c:\program files\Blender Foundation
2010-07-03 17:40 . 2010-07-03 17:40 ———— d——-w- c:\documents and settings\All Users\Application Data\NOS
2010-07-03 17:40 . 2010-07-03 17:40 ———— d——-w- c:\program files\NOS
2010-07-01 18:01 . 2010-07-01 18:01 ———— d——-w- c:\documents and settings\All Users\Application Data\FLEXnet
2010-07-01 17:52 . 2010-07-01 17:53 ———— d——-w- c:\program files\Common Files\Alias Shared
2010-07-01 17:32 . 2010-07-01 17:32 ———— d——-w- c:\program files\Common Files\Macrovision Shared
2010-07-01 17:32 . 2010-07-01 17:32 ———— d——-w- c:\program files\Common Files\en-US
2010-07-01 17:32 . 2010-07-01 17:32 ———— d——-w- c:\program files\Common Files\ja-JP
2010-07-01 17:32 . 2010-07-01 17:52 ———— d——-w- c:\program files\Common Files\Autodesk Shared
2010-07-01 17:23 . 2010-07-01 17:51 ———— d——-w- c:\program files\Autodesk
2010-07-01 17:11 . 2010-07-01 18:09 ———— d——-w- c:\documents and settings\Slawomir\Application Data\Autodesk
2010-07-01 17:11 . 2010-07-01 18:09 ———— d——-w- c:\documents and settings\All Users\Application Data\Autodesk
2010-07-01 17:02 . 2010-07-01 17:02 ———— d——-w- C:\Autodesk
2010-07-01 16:14 . 2010-07-01 16:14 ———— d——-w- c:\documents and settings\Slawomir\Application Data\Indigo Renderer
2010-07-01 16:01 . 2010-07-01 18:33 ———— d——-w- c:\program files\Maya
2010-07-01 16:01 . 2010-07-01 23:19 ———— d——-w- c:\program files\Common Files\Akamai
2010-07-01 15:59 . 2010-07-01 15:59 ———— d——-w- c:\documents and settings\Slawomir\Application Data\Geometric
2010-07-01 15:59 . 2010-07-01 15:59 ———— d——-w- c:\program files\3DPaintBrush
2010-06-30 22:20 . 2010-06-30 22:27 ———— d——-w- c:\program files\Truck_Racing_By_Renault_Trucks
2010-06-29 13:15 . 2010-06-28 20:57 38848 ——a-w- c:\windows\avastSS.scr
2010-06-29 06:55 . 2010-06-29 06:55 ———— d——-w- c:\program files\Common Files\Adobe AIR
2010-06-27 07:36 . 2010-06-27 07:36 ———— d——-w- c:\documents and settings\All Users\Application Data\HP Product Assistant
2010-06-27 07:33 . 2010-07-01 15:07 ———— d——-w- c:\documents and settings\Slawomir\Application Data\HpUpdate
2010-06-27 07:33 . 2010-06-27 07:33 ———— d——-w- c:\windows\Hewlett-Packard
2010-06-27 06:37 . 2010-06-27 06:45 ———— d——-w- c:\documents and settings\Slawomir\Local Settings\Application Data\ZoneAlarm
2010-06-27 06:37 . 2010-06-27 06:37 ———— d——-w- c:\program files\ZoneAlarm
2010-06-27 06:30 . 2010-07-08 19:23 ———— d——-w- c:\windows\Internet Logs
2010-06-27 06:05 . 2010-06-27 06:44 ———— d——-w- c:\documents and settings\Slawomir\Local Settings\Application Data\Conduit
2010-06-27 06:05 . 2010-06-27 06:05 ———— d——-w- c:\program files\Conduit
2010-06-24 20:54 . 2010-06-24 20:54 ———— d——-w- c:\windows\DEA314C409294250BC9298E4C105F28D.TMP
2010-06-24 08:11 . 2010-06-24 08:11 ———— d——-w- c:\windows\system32\winrm
2010-06-24 08:11 . 2010-06-24 08:12 ———— dc-h—w- c:\windows\$968930Uinstall_KB968930$
2010-06-23 10:05 . 2010-06-23 18:36 ———— d——-w- c:\documents and settings\Slawomir\Local Settings\Application Data\Unity
2010-06-23 09:43 . 2010-06-23 09:43 ———— d——-w- c:\program files\TurnTool
2010-06-23 09:43 . 2010-06-23 09:43 ———— d——-w- c:\documents and settings\Slawomir\Local Settings\Application Data\TurnTool
2010-06-22 19:48 . 2010-06-22 19:48 ———— d——-w- c:\documents and settings\Slawomir\Local Settings\Application Data\Kunos_Simulazioni
2010-06-22 19:38 . 2010-06-22 19:47 ———— d——-w- c:\program files\nkpro11
2010-06-20 08:22 . 2010-06-20 08:43 ———— d——-w- c:\documents and settings\Slawomir\Application Data\nHancer
2010-06-20 08:21 . 2010-06-20 08:26 ———— d——-w- c:\documents and settings\All Users\Application Data\NVIDIA
2010-06-20 08:21 . 2010-06-20 08:21 ———— d——-w- c:\documents and settings\All Users\Application Data\Caphyon
2010-06-20 08:21 . 2010-06-20 08:24 ———— d——-w- c:\documents and settings\All Users\Application Data\nHancer
2010-06-20 07:48 . 2010-06-20 07:48 16400 ——a-w- c:\windows\system32\drivers\LNonPnP.sys
2010-06-12 23:17 . 2010-06-23 17:51 ———— d——-w- c:\program files\Mohawk Voice
2010-06-11 11:53 . 2010-06-20 07:49 ———— d——-w- c:\documents and settings\All Users\Application Data\Logitech
2010-06-11 07:17 . 2010-06-11 07:17 ———— d——-w- c:\documents and settings\Slawomir\Application Data\Leadertech
2010-06-11 07:17 . 2010-06-11 07:17 ———— d——-w- c:\documents and settings\Slawomir\Local Settings\Application Data\Logishrd
2010-06-11 07:15 . 2010-06-11 07:17 ———— d——-w- c:\documents and settings\All Users\Application Data\Logishrd
2010-06-11 07:02 . 2010-06-11 07:03 ———— d——-w- c:\documents and settings\Slawomir\Application Data\Logishrd
2010-06-09 16:35 . 2010-06-09 16:57 ———— d——-w- C:\10fae33e86ed8159a4
2010-06-09 15:38 . 2010-05-06 10:41 743424 -c——w- c:\windows\system32\dllcache\iedvtool.dll
.
(((((((((((((((((((((((((((((((((((((((( Find3M Rapport ))))))))))))))))))))))))))))))))))))))))))))))))))))
. 2010-07-08 19:10 . 2010-04-18 13:37 ———— d——-w- c:\program files\gamigo AG
2010-07-07 19:21 . 2010-04-21 08:27 ———— d——-w- c:\program files\Steam
2010-07-07 14:58 . 2010-07-01 07:13 3511816 ——a-w- c:\windows\Internet Logs\tvDebug.Zip
2010-07-06 15:43 . 2010-04-18 11:39 ———— d——-w- c:\documents and settings\Slawomir\Application Data\Skype
2010-07-06 14:43 . 2010-04-18 16:39 ———— d——-w- c:\documents and settings\Slawomir\Application Data\skypePM
2010-07-03 12:48 . 2010-04-18 13:06 ———— d——-w- c:\program files\rFactor
2010-07-02 13:32 . 2010-04-18 11:47 ———— d——-w- c:\program files\SUPERAntiSpyware
2010-06-29 16:26 . 2010-04-18 11:36 ———— d——-w- c:\program files\Microsoft Security Essentials
2010-06-28 20:57 . 2010-04-18 11:13 165032 ——a-w- c:\windows\system32\aswBoot.exe
2010-06-28 20:37 . 2010-04-18 11:14 46672 ——a-w- c:\windows\system32\drivers\aswTdi.sys
2010-06-28 20:37 . 2010-04-18 11:14 165456 ——a-w- c:\windows\system32\drivers\aswSP.sys
2010-06-28 20:33 . 2010-04-18 11:14 23376 ——a-w- c:\windows\system32\drivers\aswRdr.sys
2010-06-28 20:32 . 2010-04-18 11:14 100176 ——a-w- c:\windows\system32\drivers\aswmon2.sys
2010-06-28 20:32 . 2010-04-18 11:14 94544 ——a-w- c:\windows\system32\drivers\aswmon.sys
2010-06-28 20:32 . 2010-04-18 11:14 17744 ——a-w- c:\windows\system32\drivers\aswFsBlk.sys
2010-06-28 20:32 . 2010-04-18 11:14 28880 ——a-w- c:\windows\system32\drivers\aavmker4.sys
2010-06-27 07:35 . 2010-04-19 23:34 ———— d——-w- c:\program files\HP
2010-06-27 07:06 . 2010-04-18 14:03 ———— d——-w- c:\program files\Opera
2010-06-27 07:04 . 2010-04-26 08:20 ———— d——-w- c:\program files\BurnAware Free
2010-06-27 07:02 . 2010-04-26 08:17 ———— d——-w- c:\program files\Defraggler
2010-06-27 07:00 . 2010-04-18 11:51 ———— d——-w- c:\program files\CCleaner
2010-06-27 06:36 . 2010-04-19 14:56 4212 —-ha-w- c:\windows\system32\zllictbl.dat
2010-06-27 06:36 . 2010-06-27 06:36 ———— d——-w- c:\program files\Zone Labs
2010-06-24 20:53 . 2010-04-18 09:56 ———— d——-w- c:\program files\NVIDIA Corporation
2010-06-24 20:53 . 2010-04-18 09:57 ———— d——-w- c:\documents and settings\All Users\Application Data\NVIDIA Corporation
2010-06-23 18:35 . 2010-05-04 20:16 ———— d——-w- c:\program files\ZaZ Gp4 tools
2010-06-23 18:34 . 2010-04-26 13:27 ———— d——-w- c:\program files\FreeTrack
2010-06-23 18:34 . 2010-05-03 13:11 ———— d——-w- c:\program files\Race2Play
2010-06-23 18:27 . 2010-06-08 12:24 ———— d——-w- c:\program files\ui
2010-06-23 18:12 . 2010-06-08 12:24 1733 ——a-w- c:\program files\gmax.ini
2010-06-23 11:51 . 2010-06-27 06:36 1238528 ——a-w- c:\windows\system32\zpeng25.dll
2010-06-23 11:51 . 2010-06-27 06:36 69120 ——a-w- c:\windows\system32\zlcomm.dll
2010-06-23 11:51 . 2010-06-27 06:36 103936 ——a-w- c:\windows\system32\zlcommdb.dll
2010-06-22 07:05 . 2010-04-25 19:18 ———— d——-w- c:\program files\FlightGear
2010-06-11 07:36 . 2010-06-08 12:50 64 ——a-w- c:\program files\maxscrpt.dsk
2010-06-11 07:17 . 2010-04-18 16:29 ———— d——-w- c:\program files\Common Files\Logishrd
2010-06-11 07:16 . 2010-04-18 12:38 ———— d——-w- c:\program files\Logitech
2010-06-11 07:13 . 2010-04-18 12:38 ———— d——-w- c:\program files\Common Files\Logitech
2010-06-11 07:11 . 2010-04-18 09:50 ———— d—h—w- c:\program files\InstallShield Installation Information
2010-06-11 07:02 . 2010-04-18 12:46 ———— d——-w- c:\documents and settings\Slawomir\Application Data\Logitech
2010-06-11 06:42 . 2010-04-26 08:16 ———— d——-w- c:\documents and settings\Slawomir\Application Data\WinPatrol
2010-06-09 14:42 . 2010-04-18 11:37 ———— d——-w- c:\program files\TeamSpeak 3 Client
2010-06-08 13:04 . 2010-06-08 13:03 359 ——a-w- c:\program files\gmax.log
2010-06-08 12:41 . 2010-06-08 12:24 ———— d——-w- c:\program files\autoback
2010-06-08 12:27 . 2010-06-08 12:26 ———— d——-w- c:\program files\PlugCFG
2010-06-08 12:26 . 2010-06-08 12:26 124 ——a-w- c:\program files\plugin.ini
2010-06-08 12:26 . 2010-06-08 12:26 ———— d——-w- c:\program files\Help
2010-06-04 09:07 . 2010-06-04 09:07 ———— d——-w- c:\documents and settings\All Users\Application Data\e-Safekey
2010-06-04 08:47 . 2010-04-18 11:44 ———— d——-w- c:\program files\Microsoft Silverlight
2010-06-04 07:58 . 2010-06-04 07:58 ———— d——-w- c:\documents and settings\All Users\Application Data\Synetic
2010-06-04 07:57 . 2010-06-04 07:56 ———— d——-w- c:\program files\Ferrari Virtual Race
2010-06-04 07:56 . 2010-06-04 07:54 ———— d——-w- c:\program files\BMW M3 Challenge
2010-06-03 15:15 . 2010-04-23 14:59 139920 ——a-w- c:\windows\system32\drivers\PnkBstrK.sys
2010-06-03 15:15 . 2010-05-14 19:34 214808 ——a-w- c:\windows\system32\PnkBstrB.exe
2010-06-03 14:38 . 2010-04-18 16:34 ———— d——-w- c:\program files\Electronic Arts
2010-06-02 09:06 . 2010-04-18 16:44 ———— d——-w- c:\documents and settings\Slawomir\Application Data\TS3Client
2010-06-02 08:34 . 2010-04-18 16:44 ———— d——-w- c:\documents and settings\All Users\Application Data\boost_interprocess
2010-06-02 02:55 . 2010-06-22 19:42 74072 ——a-w- c:\windows\system32\XAPOFX1_5.dll
2010-06-02 02:55 . 2010-06-22 19:42 527192 ——a-w- c:\windows\system32\XAudio2_7.dll
2010-06-02 02:55 . 2010-06-22 19:42 239960 ——a-w- c:\windows\system32\xactengine3_7.dll
2010-06-01 22:46 . 2010-06-01 22:46 ———— d——-w- c:\documents and settings\All Users\Application Data\Electronic Arts
2010-06-01 17:37 . 2010-04-18 11:34 221568 ———w- c:\windows\system32\MpSigStub.exe
2010-05-31 23:03 . 2010-05-31 23:03 ———— d——-w- c:\program files\IIS
2010-05-31 22:59 . 2010-04-18 11:42 ———— d——-w- c:\program files\Microsoft
2010-05-30 14:17 . 2010-05-29 11:52 ———— d——-w- c:\documents and settings\Slawomir\Application Data\FileZilla
2010-05-29 11:54 . 2010-04-26 08:16 ———— d——-w- c:\program files\FileZilla FTP Client
2010-05-28 10:58 . 2010-04-18 09:58 600680 ——a-w- c:\windows\system32\nvuninst.exe
2010-05-28 07:48 . 2010-04-18 16:28 ———— d—-a-w- c:\documents and settings\All Users\Application Data\TEMP
2010-05-28 07:47 . 2010-04-18 11:49 ———— d——-w- c:\program files\SpywareBlaster
2010-05-28 07:09 . 2010-04-18 11:50 ———— d——-w- c:\program files\Malwarebytes’ Anti-Malware
2010-05-26 20:34 . 2010-05-26 20:34 ———— d——-w- c:\documents and settings\All Users\Application Data\Codemasters
2010-05-26 20:08 . 2010-04-18 13:57 ———— d——-w- c:\program files\McAfee
2010-05-26 19:56 . 2010-04-19 19:41 444952 ——a-w- c:\windows\system32\wrap_oal.dll
2010-05-26 19:56 . 2010-04-19 19:41 109080 ——a-w- c:\windows\system32\OpenAL32.dll
2010-05-26 19:56 . 2010-05-26 19:55 ———— d——-w- c:\program files\OpenAL 1.1 SDK
2010-05-26 09:41 . 2010-06-22 19:42 2106216 ——a-w- c:\windows\system32\D3DCompiler_43.dll
2010-05-26 09:41 . 2010-06-22 19:42 1868128 ——a-w- c:\windows\system32\d3dcsx_43.dll
2010-05-26 09:41 . 2010-06-22 19:42 248672 ——a-w- c:\windows\system32\d3dx11_43.dll
2010-05-26 09:41 . 2010-06-22 19:42 470880 ——a-w- c:\windows\system32\d3dx10_43.dll
2010-05-26 09:41 . 2010-06-22 19:42 1998168 ——a-w- c:\windows\system32\D3DX9_43.dll
2010-05-24 17:56 . 2010-05-24 17:56 ———— d——-w- c:\program files\Audacity 1.3
2010-05-24 14:58 . 2010-04-27 11:01 449044 ——a-w- c:\documents and settings\LocalService\Local Settings\Application Data\WPFFontCache_v0400-S-1-5-21-507921405-1647877149-1801674531-1003-0.dat
2010-05-24 14:58 . 2010-04-27 11:01 161034 ——a-w- c:\documents and settings\LocalService\Local Settings\Application Data\WPFFontCache_v0400-System.dat
2010-05-24 09:16 . 2010-05-10 12:22 ———— d——-w- c:\program files\BobsTrackBuilder
2010-05-24 08:35 . 2010-05-11 13:00 43520 ——a-w- c:\windows\system32\CmdLineExt03.dll
2010-05-19 20:04 . 2010-04-18 11:38 ———— d——-w- c:\documents and settings\Slawomir\Application Data\TeamViewer
2010-05-19 17:45 . 2010-05-19 17:14 ———— d——-w- c:\program files\ACW
2010-05-19 15:23 . 2010-05-19 15:23 ———— d——-w- c:\program files\ETRON
2010-05-19 10:36 . 2010-05-19 10:36 ———— d——-w- c:\program files\Microsoft XNA
2010-05-19 10:36 . 2010-05-19 10:36 ———— d——-w- c:\program files\VRhome
2010-05-17 19:25 . 2010-05-17 19:25 151552 ——a-w- c:\windows\system32\nvRegDev.dll
2010-05-16 11:06 . 2010-04-18 13:56 ———— d——-w- c:\program files\Common Files\Adobe
2010-05-14 21:30 . 2010-05-14 21:30 ———— d——-w- c:\program files\Supertintin for Skype
2010-05-14 21:13 . 2010-04-18 11:39 ———— d——-r- c:\program files\Skype
2010-05-14 21:13 . 2010-04-18 11:38 ———— d——-w- c:\documents and settings\All Users\Application Data\Skype
2010-05-14 21:13 . 2010-05-14 21:13 ———— d——-w- c:\program files\Common Files\Skype
2010-05-14 19:33 . 2010-05-14 19:33 ———— d——-w- c:\documents and settings\Slawomir\Application Data\Need for Speed World Online
2010-05-14 19:33 . 2010-05-14 19:33 ———— d——-w- c:\documents and settings\Slawomir\Application Data\Need for Speed World
2010-05-14 18:23 . 2010-04-26 08:12 ———— d——-w- c:\program files\Google
2010-05-13 19:38 . 2010-04-18 14:00 ———— d——-w- c:\documents and settings\Slawomir\Application Data\Winamp
.
((((((((((((((((((((((((((((((((((( Start steder i reg.basen ))))))))))))))))))))))))))))))))))))))))))))))))
. .
*Bemærk* tomme linier & lovlige standard linier vises ikke
REGEDIT4
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
“{66f2e20d-0da8-4c11-a9c8-dd8477b88acd}”= “c:\program files\ZoneAlarm\tbZone.dll” [2010-05-09 2517088]
[HKEY_CLASSES_ROOT\clsid\{66f2e20d-0da8-4c11-a9c8-dd8477b88acd}]
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{66f2e20d-0da8-4c11-a9c8-dd8477b88acd}]
2010-05-09 09:50 2517088 ——a-w- c:\program files\ZoneAlarm\tbZone.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
“{66f2e20d-0da8-4c11-a9c8-dd8477b88acd}”= “c:\program files\ZoneAlarm\tbZone.dll” [2010-05-09 2517088]
[HKEY_CLASSES_ROOT\clsid\{66f2e20d-0da8-4c11-a9c8-dd8477b88acd}]
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser]
“{66F2E20D-0DA8-4C11-A9C8-DD8477B88ACD}”= “c:\program files\ZoneAlarm\tbZone.dll” [2010-05-09 2517088]
[HKEY_CLASSES_ROOT\clsid\{66f2e20d-0da8-4c11-a9c8-dd8477b88acd}]
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
“msnmsgr”=“c:\program files\Windows Live\Messenger\msnmsgr.exe” [2009-07-26 3883856]
“SUPERAntiSpyware”=“c:\program files\SUPERAntiSpyware\SUPERAntiSpyware.exe” [2010-07-02 2403568]
“LDM”=“c:\program files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe” [2010-04-18 32768]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
“ehTray”=“c:\windows\ehome\ehtray.exe” [2005-08-05 64512]
“High Definition Audio Property Page Shortcut”=“HDAShCut.exe” [2004-10-27 61952]
“SoundMAXPnP”=“c:\program files\Analog Devices\Core\smax4pnp.exe” [2005-05-20 925696]
“avast5”=“c:\progra~1\ALWILS~1\Avast5\avastUI.exe” [2010-06-28 2837864]
“Windows Defender”=“c:\program files\Windows Defender\MSASCui.exe” [2006-11-03 866584]
“MSSE”=“c:\program files\Microsoft Security Essentials\msseces.exe” [2010-06-01 1093208]
“Start WingMan Profiler”=“c:\program files\Logitech\Gaming Software\LWEMon.exe” [2009-09-16 153608]
“Launch LgDeviceAgent”=“c:\program files\Logitech\GamePanel Software\LgDevAgt.exe” [2010-02-18 357448]
“Launch LCDMon”=“c:\program files\Logitech\GamePanel Software\LCD Manager\LCDMon.exe” [2010-02-18 1573448]
“Launch LGDCore”=“c:\program files\Logitech\GamePanel Software\G-series Software\LGDCore.exe” [2010-02-18 3203144]
“HP Software Update”=“c:\program files\HP\HP Software Update\HPWuSchd2.exe” [2010-06-09 49208]
“LVCOMSX”=“c:\windows\system32\LVCOMSX.EXE” [2005-07-19 221184]
“WinPatrol”=“c:\program files\BillP Studios\WinPatrol\winpatrol.exe” [2010-05-31 323976]
“SunJavaUpdateSched”=“c:\program files\Common Files\Java\Java Update\jusched.exe” [2010-02-18 248040]
“EvtMgr6”=“c:\program files\Logitech\SetPointP\SetPoint.exe” [2010-05-18 1311312]
“NvMediaCenter”=“c:\windows\system32\NvMcTray.dll” [2010-04-03 110696]
“NvCplDaemon”=“c:\windows\system32\NvCpl.dll” [2010-04-03 13670504]
“ZoneAlarm Client”=“c:\program files\Zone Labs\ZoneAlarm\zlclient.exe” [2010-06-23 1043968]
“ISW”=“c:\program files\CheckPoint\ZAForceField\ForceField.exe” [2010-05-26 730600]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
“CTFMON.EXE”=“c:\windows\system32\CTFMON.EXE” [2008-04-14 15360]
c:\documents and settings\Slawomir\Start Menu\Programs\Startup\
Logitech . Produktregistrering.lnk - c:\program files\Common Files\Logishrd\eReg\SetPoint\eReg.exe [2009-11-16 517384]
Secunia PSI.lnk - c:\program files\Secunia\PSI\psi.exe [2009-8-21 900816]
c:\documents and settings\All Users\Start Menu\Programs\Startup\
Logitech Desktop Messenger.lnk - c:\program files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe [2010-4-18 450560]
Windows Search.lnk - c:\program files\Windows Desktop Search\WindowsSearch.exe [2008-5-26 123904]
[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
“{56F9679E-7826-4C84-81F3-532071A8BCC5}”= “c:\program files\Windows Desktop Search\MSNLNamespaceMgr.dll” [2009-05-24 304128]
“{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}”= “c:\program files\SUPERAntiSpyware\SASSEH.DLL” [2008-05-13 77824]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\!SASWinLogon]
2009-09-03 13:21 548352 ——a-w- c:\program files\SUPERAntiSpyware\SASWINLO.dll
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\LBTWlgn]
2010-05-06 09:29 64592 ——a-w- c:\program files\Common Files\Logishrd\Bluetooth\LBTWLgn.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
@=“Service”
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WdfLoadGroup]
@=”“
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend]
@=“Service”
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Adobe Gamma Loader.exe.lnk]
path=c:\documents and settings\All Users\Start Menu\Programs\Startup\Adobe Gamma Loader.exe.lnk
backup=c:\windows\pss\Adobe Gamma Loader.exe.lnkCommon Startup
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^BlueSoleil.lnk]
path=c:\documents and settings\All Users\Start Menu\Programs\Startup\BlueSoleil.lnk
backup=c:\windows\pss\BlueSoleil.lnkCommon Startup
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^HP Digital Imaging Monitor.lnk]
path=c:\documents and settings\All Users\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk
backup=c:\windows\pss\HP Digital Imaging Monitor.lnkCommon Startup
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^HP Photosmart Premier Hurtig start.lnk]
path=c:\documents and settings\All Users\Start Menu\Programs\Startup\HP Photosmart Premier Hurtig start.lnk
backup=c:\windows\pss\HP Photosmart Premier Hurtig start.lnkCommon Startup
[HKLM\~\startupfolder\C:^Documents and Settings^Slawomir^Start Menu^Programs^Startup^OpenOffice.org 3.2.lnk]
path=c:\documents and settings\Slawomir\Start Menu\Programs\Startup\OpenOffice.org 3.2.lnk
backup=c:\windows\pss\OpenOffice.org 3.2.lnkStartup
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\UserFaultCheck]
c:\windows\system32\dumprep 0 -u [X]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
2010-06-09 08:06 976832 ——a-w- c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
2010-04-04 05:42 36272 ——a-w- c:\program files\Adobe\Reader 9.0\Reader\reader_sl.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BluetoothAuthenticationAgent]
2008-04-14 00:12 110592 ——a-w- c:\windows\system32\bthprops.cpl
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\GAINWARD]
2009-10-05 16:03 2174976 ——a-w- c:\program files\EXPERTool\TBPANEL.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Pando Media Booster]
2010-04-18 12:28 2938552 ——a-w- c:\program files\Pando Networks\Media Booster\PMB.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype]
2008-11-07 12:31 21633320 ——a-r- c:\program files\Skype\Phone\Skype.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\supertintin_skype]
2010-01-10 10:23 1045504 ——a-w- c:\program files\Supertintin for Skype\supertintin_skype.exe
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\ZoneLabsFirewall]
“DisableMonitoring”=dword:00000001
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
“EnableFirewall”= 0 (0x0)
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
“%windir%\\system32\\sessmgr.exe”=
“%windir%\\Network Diagnostic\\xpnetdiag.exe”=
“c:\\Program Files\\Ventrilo\\Ventrilo.exe”=
“c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe”=
“c:\\Program Files\\Windows Live\\Sync\\WindowsLiveSync.exe”=
“c:\\Program Files\\Pando Networks\\Media Booster\\PMB.exe”=
“c:\\Program Files\\Logitech\\Desktop Messenger\\8876480\\Program\\LogitechDesktopMessenger.exe”=
“c:\\Program Files\\Opera\\opera.exe”=
“c:\\Program Files\\gamigo AG\\LevelR\\LevelR.bin”=
“c:\\Program Files\\Skype\\Plugin Manager\\skypePM.exe”=
“c:\\Program Files\\IVT Corporation\\BlueSoleil\\BlueSoleil.exe”=
“c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqtra08.exe”=
“c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqste08.exe”=
“c:\\Program Files\\HP\\Digital Imaging\\bin\\hpofxm08.exe”=
“c:\\Program Files\\HP\\Digital Imaging\\bin\\hposfx08.exe”=
“c:\\Program Files\\HP\\Digital Imaging\\bin\\hposid01.exe”=
“c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqscnvw.exe”=
“c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqkygrp.exe”=
“c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqCopy.exe”=
“c:\\Program Files\\HP\\Digital Imaging\\bin\\hpfccopy.exe”=
“c:\\Program Files\\HP\\Digital Imaging\\bin\\hpzwiz01.exe”=
“c:\\Program Files\\HP\\Digital Imaging\\Unload\\HpqPhUnl.exe”=
“c:\\Program Files\\HP\\Digital Imaging\\Unload\\HpqDIA.exe”=
“c:\\Program Files\\HP\\Digital Imaging\\bin\\hpoews01.exe”=
“c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqnrs08.exe”=
“c:\\Program Files\\Steam\\Steam.exe”=
“c:\\WINDOWS\\system32\\PnkBstrA.exe”=
“c:\\WINDOWS\\system32\\PnkBstrB.exe”=
“c:\\Program Files\\THQ\\Juiced2_HIN\\Juiced2_HIN.exe”=
“c:\\Program Files\\Steam\\steamapps\\weblife499\\race\\Race_Steam.exe”=
“c:\\Program Files\\TmNationsForever\\TmForever.exe”=
“c:\\Program Files\\rFactor\\rFactor.exe”=
“c:\\Program Files\\Codemasters\\GRID\\GRID.exe”=
“c:\\Program Files\\Steam\\steamapps\\xvid970\\condition zero\\hl.exe”=
“c:\\Program Files\\Steam\\steamapps\\xvid970\\counter-strike\\hl.exe”=
“c:\\Program Files\\Steam\\steamapps\\common\\shattered_horizon\\client_exe\\shattered_horizon.exe”=
“c:\\Program Files\\TeamViewer\\Version5\\TeamViewer.exe”=
“c:\\WINDOWS\\system32\\ZoneLabs\\vsmon.exe”=
“c:\\Program Files\\Autodesk\\Backburner\\monitor.exe”=
“c:\\Program Files\\Autodesk\\Backburner\\manager.exe”=
“c:\\Program Files\\Autodesk\\Backburner\\server.exe”=
“c:\\Program Files\\Skype\\Phone\\Skype.exe”=
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
“56189:TCP”= 56189:TCP:Pando Media Booster
“56189:UDP”= 56189:UDP:Pando Media Booster
“5985:TCP”= 5985:TCP:*:Disabled:Windows Remote Management
R1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [18-04-2010 13:14 165456]
R1 SASDIFSV;SASDIFSV;c:\program files\SUPERAntiSpyware\sasdifsv.sys [17-02-2010 11:25 12872]
R1 SASKUTIL;SASKUTIL;c:\program files\SUPERAntiSpyware\SASKUTIL.SYS [17-02-2010 11:15 67656]
R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [18-04-2010 13:14 17744]
R2 ISWKL;ZoneAlarm Toolbar ISWKL;c:\program files\CheckPoint\ZAForceField\ISWKL.sys [26-05-2010 15:35 26352]
R2 IswSvc;ZoneAlarm Toolbar IswSvc;c:\program files\CheckPoint\ZAForceField\ISWSVC.exe [26-05-2010 15:35 493032]
R2 LBeepKE;Logitech Beep Suppression Driver;c:\windows\system32\drivers\LBeepKE.sys [18-04-2010 14:39 10448]
R2 McAfee SiteAdvisor Service;McAfee SiteAdvisor Service;c:\progra~1\mcafee\SITEAD~1\mcsacore.exe [18-04-2010 15:57 93320]
R2 Start BT in service;Start BT in service;c:\program files\IVT Corporation\BlueSoleil\StartSkysolSvc.exe [27-12-2007 15:39 51816]
R3 LGBusEnum;Logitech GamePanel Virtual Bus Enumerator Driver;c:\windows\system32\drivers\LGBusEnum.sys [23-11-2009 17:37 19720]
R3 LGVirHid;Logitech Gamepanel Virtual HID Device Driver;c:\windows\system32\drivers\LGVirHid.sys [18-04-2010 14:50 14856]
R3 NVHDA;Service for NVIDIA High Definition Audio Driver;c:\windows\system32\drivers\nvhda32.sys [18-04-2010 11:58 58600]
R3 PSI;PSI;c:\windows\system32\drivers\psi_mf.sys [17-06-2009 14:20 12648]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [18-03-2010 13:16 130384]
S2 gupdate;Google Update Service (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [26-04-2010 10:12 136176]
S2 LeverageService;LeverageService;c:\program files\Pragmatic Solutions Inc\LeverageService\LeverageService.exe [23-11-2009 15:25 44544]
S2 WinDefend;Windows Defender;c:\program files\Windows Defender\MsMpEng.exe [03-11-2006 19:19 13592]
S3 adxapie;adxapie;\??\c:\docume~1\Slawomir\LOCALS~1\Temp\adxapie.sys—> c:\docume~1\Slawomir\LOCALS~1\Temp\adxapie.sys [?]
S3 MsDepSvc;Web Deployment Agent Service;c:\program files\IIS\Microsoft Web Deploy\MsDepSvc.exe [19-01-2010 17:49 55184]
S3 SASENUM;SASENUM;c:\program files\SUPERAntiSpyware\SASENUM.SYS [17-02-2010 11:15 12872]
S3 WinRM;Windows Remote Management (WS-Management);c:\windows\system32\svchost.exe -k WINRM [10-08-2004 14:00 14336]
S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [18-03-2010 13:16 753504]
S4 0291061274904538mcinstcleanup;McAfee Application Installer Cleanup (0291061274904538);c:\windows\TEMP\029106~1.EXE c:\progra~1\COMMON~1\McAfee\INSTAL~1\cleanup.ini -cleanup -nolog -service—> c:\windows\TEMP\029106~1.EXE c:\progra~1\COMMON~1\McAfee\INSTAL~1\cleanup.ini -cleanup -nolog -service [?]
S4 Akamai;Akamai NetSession Interface;c:\windows\System32\svchost.exe -k Akamai [10-08-2004 14:00 14336]
S4 MSSQLServerADHelper100;SQL Active Directory Helper Service;c:\program files\Microsoft SQL Server\100\Shared\sqladhlp.exe [23-07-2009 05:08 47128]
S4 RsFx0103;RsFx0103 Driver;c:\windows\system32\drivers\RsFx0103.sys [30-03-2009 03:09 239336]
S4 SQLAgent$SQLEXPRESS;SQL Server Agent (SQLEXPRESS);c:\program files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\SQLAGENT.EXE [30-03-2009 03:23 366936]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
WINRM REG_MULTI_SZ WINRM
Akamai REG_MULTI_SZ Akamai
getPlusHelper REG_MULTI_SZ getPlusHelper
. Indhold af mappen ‘Planlagte Opgaver’
2010-07-08 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-04-26 08:12]
2010-07-08 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-04-26 08:12]
2010-07-08 c:\windows\Tasks\MP Scheduled Scan.job
- c:\program files\Microsoft Security Essentials\MpCmdRun.exe [2010-03-25 19:40]
2010-07-08 c:\windows\Tasks\User_Feed_Synchronization-{E4293555-C6BF-4EB9-A6B0-8A404BA40440}.job
- c:\windows\system32\msfeedssync.exe [2009-03-08 02:31]
. .
———- Yderligere scanning———-
. uStart Page = hxxp://www.google.dk/
uInternet Connection Wizard,ShellNext = iexplore
IE: {{898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - c:\program files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
Handler: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - c:\program files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
DPF: {D8575CE3-3432-4540-88A9-85A1325D3375} - hxxps://netbank.danskebank.dk/html/acti ... afekey.cab
FF - ProfilePath - c:\documents and settings\Slawomir\Application Data\Mozilla\Firefox\Profiles\w34m32jy.default\
FF - component: c:\program files\McAfee\SiteAdvisor\components\McFFPlg.dll
FF - plugin: c:\documents and settings\Slawomir\Application Data\Mozilla\Firefox\Profiles\w34m32jy.default\extensions\{E2883E8F-472F-4fb0-9522-AC9BF37916A7}\plugins\np_gp.dll
FF - plugin: c:\program files\CheckPoint\ZAForceField\TrustChecker\bin\npFFApi.dll
FF - plugin: c:\program files\Google\Google Earth\plugin\npgeplugin.dll
FF - plugin: c:\program files\Google\Update\1.2.183.29\npGoogleOneClick8.dll
FF - plugin: c:\program files\Java\jre6\bin\new_plugin\npdeployJava1.dll
FF - plugin: c:\program files\Microsoft\Web Platform Installer\NPWPIDetector.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\np-mswmp.dll
FF - plugin: c:\program files\Opera\program\plugins\np_gp.dll
FF - plugin: c:\program files\Opera\program\plugins\NPJPI142_19.dll
FF - plugin: c:\program files\Pando Networks\Media Booster\npPandoWebPlugin.dll
FF - plugin: c:\program files\Virtual Earth 3D\npVE3D.dll
FF - plugin: c:\program files\Windows Live\Photo Gallery\NPWLPG.dll
FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
——FIREFOX POLITIKKER——
c:\program files\Mozilla Firefox\greprefs\all.js - pref(“ui.use_native_colors”, true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref(“network.IDN.whitelist.lu”, true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref(“network.IDN.whitelist.nu”, true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref(“network.IDN.whitelist.nz”, true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref(“network.IDN.whitelist.xn—mgberp4a5d4ar”, true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref(“network.IDN.whitelist.xn—p1ai”, true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref(“network.IDN.whitelist.xn—mgbayh7gpa”, true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref(“network.IDN.whitelist.tel”, true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref(“network.auth.force-generic-ntlm”, false);
c:\program files\Mozilla Firefox\greprefs\all.js - pref(“network.proxy.type”, 5);
c:\program files\Mozilla Firefox\greprefs\all.js - pref(“dom.ipc.plugins.timeoutSecs”, 45);
c:\program files\Mozilla Firefox\greprefs\all.js - pref(“svg.smil.enabled”, false);
c:\program files\Mozilla Firefox\greprefs\all.js - pref(“accelerometer.enabled”, true);
c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref(“security.ssl.allow_unrestricted_renego_everywhere__temporarily_available_pref”, true);
c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref(“security.ssl.renego_unrestricted_hosts”, “”);
c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref(“security.ssl.treat_unsafe_negotiation_as_broken”, false);
c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref(“security.ssl.require_safe_negotiation”, false);
c:\program files\Mozilla Firefox\defaults\pref\firefox-l10n.js - pref(“browser.fixup.alternate.suffix”, “.dk”);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref(“extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.name”, “chrome://browser/locale/browser.properties”);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref(“extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.description”, “chrome://browser/locale/browser.properties”);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref(“plugins.update.notifyUser”, false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref(“dom.ipc.plugins.enabled.nptest.dll”, true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref(“dom.ipc.plugins.enabled.npswf32.dll”, true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref(“dom.ipc.plugins.enabled.npctrl.dll”, true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref(“dom.ipc.plugins.enabled.npqtplugin.dll”, true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref(“dom.ipc.plugins.enabled”, false);
. - - - - TOMME GENVEJE FJERNET - - - -
HKLM-Run-nwiz - nwiz.exe
**************************************************************************
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2010-07-08 21:27
Windows 5.1.2600 Service Pack 3 NTFS
scanner skjulte processer ...
scanner skjulte autostarter ...
scanner skjulte filer ...
c:\windows\TEMP\TMP0000006B086C9B5EDF6B66CD 524288 bytes
scanning gennemført med succes
skjulte filer: 1
**************************************************************************
[HKEY_LOCAL_MACHINE\System\ControlSet003\Services\Akamai]
“ServiceDll”=“C:/Program Files/Common Files/Akamai/rswin_3725.dll”
—
[HKEY_LOCAL_MACHINE\System\ControlSet003\Services\MsDepSvc]
“ImagePath”=”\“c:\program files\IIS\Microsoft Web Deploy\MsDepSvc.exe\” -runService:MsDepSvc”
[HKEY_LOCAL_MACHINE\System\ControlSet003\Services\Akamai]
“ServiceDll”=“C:/Program Files/Common Files/Akamai/rswin_3725.dll”
.——————————- LÅSTE REGISTRERINGS NØGLER——————————-
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
@Denied: (A 2) (Everyone)
@=“FlashBroker”
“LocalizedString”=”@c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil10h_ActiveX.exe,-101”
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
“Enabled”=dword:00000001
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
@=“c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil10h_ActiveX.exe”
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
@=”{FAB3E735-69C7-453B-A446-B6823C6DF1C9}”
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
@Denied: (A 2) (Everyone)
@=“IFlashBroker4”
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
@=”{00020424-0000-0000-C000-000000000046}”
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
@=”{FAB3E735-69C7-453B-A446-B6823C6DF1C9}”
“Version”=“1.0”
.——————————- DLLs startet under kørende Processer——————————-
- - - - - - - > ‘winlogon.exe’(788)
c:\program files\SUPERAntiSpyware\SASWINLO.dll
c:\windows\system32\WININET.dll
c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll
c:\program files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll
c:\windows\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.4053_x-ww_e6967989\MSVCR80.dll
- - - - - - - > ‘lsass.exe’(844)
c:\program files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll
- - - - - - - > ‘explorer.exe’(5060)
c:\windows\system32\WININET.dll
c:\program files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll
c:\windows\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.4053_x-ww_e6967989\MSVCR80.dll
c:\docume~1\Slawomir\LOCALS~1\Temp\IadHide5.dll
c:\program files\BillP Studios\WinPatrol\PATROLPRO.DLL
c:\program files\Windows Desktop Search\deskbar.dll
c:\program files\Windows Desktop Search\en-us\dbres.dll.mui
c:\program files\Windows Desktop Search\dbres.dll
c:\program files\Windows Desktop Search\wordwheel.dll
c:\program files\Windows Desktop Search\en-us\msnlExtRes.dll.mui
c:\program files\Windows Desktop Search\msnlExtRes.dll
c:\windows\system32\msi.dll
c:\windows\system32\ieframe.dll
c:\windows\system32\webcheck.dll
c:\windows\system32\WPDShServiceObj.dll
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
.————————————Andre kørende processer————————————
. c:\windows\system32\nvsvc32.exe
c:\program files\Microsoft Security Essentials\MsMpEng.exe
c:\program files\Alwil Software\Avast5\AvastSvc.exe
c:\windows\system32\RUNDLL32.EXE
c:\program files\Logitech\GamePanel Software\Applets\LCDCountdown.exe
c:\program files\Logitech\GamePanel Software\Applets\LCDMedia.exe
c:\program files\Logitech\GamePanel Software\Applets\LCDClock.exe
c:\program files\Logitech\GamePanel Software\Applets\LCDPop3.exe
c:\program files\Logitech\GamePanel Software\Applets\LCDRSS.exe
c:\program files\Common Files\LogiShrd\KHAL3\KHALMNPR.EXE
c:\program files\IVT Corporation\BlueSoleil\BTNtService.exe
c:\windows\eHome\ehRecvr.exe
c:\windows\eHome\ehSched.exe
c:\program files\Java\jre6\bin\jqs.exe
c:\program files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\sqlservr.exe
c:\windows\system32\HPZipm12.exe
c:\windows\system32\PnkBstrA.exe
c:\windows\system32\PnkBstrB.exe
c:\program files\Microsoft SQL Server\90\Shared\sqlwriter.exe
c:\windows\ehome\mcrdsvc.exe
c:\windows\system32\SearchIndexer.exe
c:\windows\system32\dllhost.exe
c:\windows\eHome\ehmsas.exe
. **************************************************************************
. Gennemført tid: 2010-07-08 21:35:36 - maskinen blev genstartet
ComboFix-quarantined-files.txt 2010-07-08 19:35
Pre-Kørsel: 131.367.288.832 bytes free
Post-Kørsel: 131.533.238.272 byte ledig
- - End Of File - - 405F54FB9A2A45DBDBC39BB44F8B9D86
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 20:37:39, on 09-07-2010
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\svchost.exe
c:\Program Files\Microsoft Security Essentials\MsMpEng.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\ZoneLabs\vsmon.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\CheckPoint\ZAForceField\IswSvc.exe
C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
C:\Program Files\CheckPoint\ZAForceField\ForceField.exe
C:\WINDOWS\ehome\ehtray.exe
C:\Program Files\Analog Devices\Core\smax4pnp.exe
C:\PROGRA~1\ALWILS~1\Avast5\avastUI.exe
C:\Program Files\Microsoft Security Essentials\msseces.exe
C:\Program Files\Logitech\Gaming Software\LWEMon.exe
C:\Program Files\Logitech\GamePanel Software\LgDevAgt.exe
C:\Program Files\Logitech\GamePanel Software\LCD Manager\LCDMon.exe
C:\Program Files\Logitech\GamePanel Software\G-series Software\LGDCore.exe
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
C:\WINDOWS\system32\LVCOMSX.EXE
C:\Program Files\BillP Studios\WinPatrol\winpatrol.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\Logitech\SetPointP\SetPoint.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
C:\Program Files\Logitech\GamePanel Software\Applets\LCDCountdown.exe
C:\Program Files\Logitech\GamePanel Software\Applets\LCDMedia.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Logitech\GamePanel Software\Applets\LCDClock.exe
C:\Program Files\Logitech\GamePanel Software\Applets\LCDPop3.exe
C:\Program Files\Logitech\GamePanel Software\Applets\LCDRSS.exe
C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Common Files\LogiShrd\KHAL3\KHALMNPR.EXE
C:\Program Files\Windows Desktop Search\WindowsSearch.exe
C:\Program Files\Secunia\PSI\psi.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\IVT Corporation\BlueSoleil\BTNtService.exe
C:\WINDOWS\eHome\ehRecvr.exe
C:\WINDOWS\eHome\ehSched.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Pragmatic Solutions Inc\LeverageService\LeverageService.exe
c:\PROGRA~1\mcafee\SITEAD~1\mcsacore.exe
C:\WINDOWS\system32\HPZipm12.exe
C:\WINDOWS\system32\PnkBstrA.exe
C:\WINDOWS\system32\PnkBstrB.exe
c:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
C:\Program Files\IVT Corporation\BlueSoleil\StartSkysolSvc.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\SearchIndexer.exe
C:\WINDOWS\eHome\ehmsas.exe
C:\WINDOWS\system32\dllhost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Winamp\winamp.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\WINDOWS\system32\notepad.exe
C:\WINDOWS\system32\msiexec.exe
C:\Program Files\Trend Micro\HiJackThis\HiJackThis.exe
C:\WINDOWS\system32\SearchProtocolHost.exe
C:\Program Files\Skype\Toolbars\Shared\SkypeNames2.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.dk/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R3 - URLSearchHook: McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll
R3 - URLSearchHook: ZoneAlarm Toolbar - {66f2e20d-0da8-4c11-a9c8-dd8477b88acd} - C:\Program Files\ZoneAlarm\tbZone.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: ZoneAlarm Toolbar - {66f2e20d-0da8-4c11-a9c8-dd8477b88acd} - C:\Program Files\ZoneAlarm\tbZone.dll
O2 - BHO: ZoneAlarm Security Engine Registrar - {8A4A36C2-0535-4D2C-BD3D-496CB7EED6E3} - C:\Program Files\CheckPoint\ZAForceField\TrustChecker\bin\TrustCheckerIEPlugin.dll
O2 - BHO: Hjælp til tilmelding til Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O2 - BHO: McAfee SiteAdvisor BHO - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll
O3 - Toolbar: ZoneAlarm Toolbar - {66f2e20d-0da8-4c11-a9c8-dd8477b88acd} - C:\Program Files\ZoneAlarm\tbZone.dll
O3 - Toolbar: ZoneAlarm Security Engine - {EE2AC4E5-B0B0-4EC6-88A9-BCA1A32AB107} - C:\Program Files\CheckPoint\ZAForceField\TrustChecker\bin\TrustCheckerIEPlugin.dll
O4 - HKLM\..\Run: [ehTray] C:\WINDOWS\ehome\ehtray.exe
O4 - HKLM\..\Run: [High Definition Audio Property Page Shortcut] HDAShCut.exe
O4 - HKLM\..\Run: [SoundMAXPnP] C:\Program Files\Analog Devices\Core\smax4pnp.exe
O4 - HKLM\..\Run: [avast5] C:\PROGRA~1\ALWILS~1\Avast5\avastUI.exe /nogui
O4 - HKLM\..\Run: [Windows Defender] “C:\Program Files\Windows Defender\MSASCui.exe” -hide
O4 - HKLM\..\Run: [MSSE] “c:\Program Files\Microsoft Security Essentials\msseces.exe” -hide -runkey
O4 - HKLM\..\Run: [Start WingMan Profiler] C:\Program Files\Logitech\Gaming Software\LWEMon.exe /noui
O4 - HKLM\..\Run: [Launch LgDeviceAgent] “C:\Program Files\Logitech\GamePanel Software\LgDevAgt.exe”
O4 - HKLM\..\Run: [Launch LCDMon] “C:\Program Files\Logitech\GamePanel Software\LCD Manager\LCDMon.exe”
O4 - HKLM\..\Run: [Launch LGDCore] “C:\Program Files\Logitech\GamePanel Software\G-series Software\LGDCore.exe” /SHOWHIDE
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE
O4 - HKLM\..\Run: [WinPatrol] C:\Program Files\BillP Studios\WinPatrol\winpatrol.exe -expressboot
O4 - HKLM\..\Run: [SunJavaUpdateSched] “C:\Program Files\Common Files\Java\Java Update\jusched.exe”
O4 - HKLM\..\Run: [EvtMgr6] C:\Program Files\Logitech\SetPointP\SetPoint.exe /launchGaming
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [ZoneAlarm Client] “C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe”
O4 - HKLM\..\Run: [ISW] “C:\Program Files\CheckPoint\ZAForceField\ForceField.exe” /icon=“hidden”
O4 - HKCU\..\Run: [msnmsgr] “C:\Program Files\Windows Live\Messenger\msnmsgr.exe” /background
O4 - HKCU\..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User ‘SYSTEM’)
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User ‘Default user’)
O4 - Startup: Logitech . Produktregistrering.lnk = C:\Program Files\Common Files\Logishrd\eReg\SetPoint\eReg.exe
O4 - Startup: Secunia PSI.lnk = C:\Program Files\Secunia\PSI\psi.exe
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
O4 - Global Startup: Windows Search.lnk = C:\Program Files\Windows Desktop Search\WindowsSearch.exe
O9 - Extra button: Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra ‘Tools’ menuitem: Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra ‘Tools’ menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra ‘Tools’ menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {5ED80217-570B-4DA9-BF44-BE107C0EC166} (Windows Live Safety Center Base Module) - http://cdn.scan.onecare.live.com/resour ... se6087.cab
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/microso ... 1593759156
O16 - DPF: {C5E28B9D-0A68-4B50-94E9-E8F6B4697514} (NsvPlayX Control) - http://www.nullsoft.com/nsv/embed/nsvplayx_vp3_mp3.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/s ... wflash.cab
O16 - DPF: {D8575CE3-3432-4540-88A9-85A1325D3375} (e-Safekey) - https://netbank.danskebank.dk/html/acti ... afekey.cab
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} (get_atlcom Class) - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O18 - Protocol: bw+0 - {C541EBC6-4638-4F16-826A-6AC9D6929352} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw+0s - {C541EBC6-4638-4F16-826A-6AC9D6929352} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0 - {C541EBC6-4638-4F16-826A-6AC9D6929352} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0s - {C541EBC6-4638-4F16-826A-6AC9D6929352} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00 - {C541EBC6-4638-4F16-826A-6AC9D6929352} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00s - {C541EBC6-4638-4F16-826A-6AC9D6929352} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10 - {C541EBC6-4638-4F16-826A-6AC9D6929352} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10s - {C541EBC6-4638-4F16-826A-6AC9D6929352} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20 - {C541EBC6-4638-4F16-826A-6AC9D6929352} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20s - {C541EBC6-4638-4F16-826A-6AC9D6929352} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30 - {C541EBC6-4638-4F16-826A-6AC9D6929352} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30s - {C541EBC6-4638-4F16-826A-6AC9D6929352} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40 - {C541EBC6-4638-4F16-826A-6AC9D6929352} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40s - {C541EBC6-4638-4F16-826A-6AC9D6929352} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50 - {C541EBC6-4638-4F16-826A-6AC9D6929352} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50s - {C541EBC6-4638-4F16-826A-6AC9D6929352} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60 - {C541EBC6-4638-4F16-826A-6AC9D6929352} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60s - {C541EBC6-4638-4F16-826A-6AC9D6929352} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70 - {C541EBC6-4638-4F16-826A-6AC9D6929352} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70s - {C541EBC6-4638-4F16-826A-6AC9D6929352} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80 - {C541EBC6-4638-4F16-826A-6AC9D6929352} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80s - {C541EBC6-4638-4F16-826A-6AC9D6929352} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90 - {C541EBC6-4638-4F16-826A-6AC9D6929352} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90s - {C541EBC6-4638-4F16-826A-6AC9D6929352} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0 - {C541EBC6-4638-4F16-826A-6AC9D6929352} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0s - {C541EBC6-4638-4F16-826A-6AC9D6929352} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0 - {C541EBC6-4638-4F16-826A-6AC9D6929352} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0s - {C541EBC6-4638-4F16-826A-6AC9D6929352} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0 - {C541EBC6-4638-4F16-826A-6AC9D6929352} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0s - {C541EBC6-4638-4F16-826A-6AC9D6929352} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0 - {C541EBC6-4638-4F16-826A-6AC9D6929352} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0s - {C541EBC6-4638-4F16-826A-6AC9D6929352} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0 - {C541EBC6-4638-4F16-826A-6AC9D6929352} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0s - {C541EBC6-4638-4F16-826A-6AC9D6929352} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0 - {C541EBC6-4638-4F16-826A-6AC9D6929352} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0s - {C541EBC6-4638-4F16-826A-6AC9D6929352} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: bwg0 - {C541EBC6-4638-4F16-826A-6AC9D6929352} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwg0s - {C541EBC6-4638-4F16-826A-6AC9D6929352} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0 - {C541EBC6-4638-4F16-826A-6AC9D6929352} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0s - {C541EBC6-4638-4F16-826A-6AC9D6929352} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0 - {C541EBC6-4638-4F16-826A-6AC9D6929352} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0s - {C541EBC6-4638-4F16-826A-6AC9D6929352} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0 - {C541EBC6-4638-4F16-826A-6AC9D6929352} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0s - {C541EBC6-4638-4F16-826A-6AC9D6929352} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0 - {C541EBC6-4638-4F16-826A-6AC9D6929352} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0s - {C541EBC6-4638-4F16-826A-6AC9D6929352} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0 - {C541EBC6-4638-4F16-826A-6AC9D6929352} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0s - {C541EBC6-4638-4F16-826A-6AC9D6929352} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0 - {C541EBC6-4638-4F16-826A-6AC9D6929352} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0s - {C541EBC6-4638-4F16-826A-6AC9D6929352} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0 - {C541EBC6-4638-4F16-826A-6AC9D6929352} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0s - {C541EBC6-4638-4F16-826A-6AC9D6929352} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0 - {C541EBC6-4638-4F16-826A-6AC9D6929352} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0s - {C541EBC6-4638-4F16-826A-6AC9D6929352} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0 - {C541EBC6-4638-4F16-826A-6AC9D6929352} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0s - {C541EBC6-4638-4F16-826A-6AC9D6929352} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0 - {C541EBC6-4638-4F16-826A-6AC9D6929352} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0s - {C541EBC6-4638-4F16-826A-6AC9D6929352} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0 - {C541EBC6-4638-4F16-826A-6AC9D6929352} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0s - {C541EBC6-4638-4F16-826A-6AC9D6929352} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0 - {C541EBC6-4638-4F16-826A-6AC9D6929352} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0s - {C541EBC6-4638-4F16-826A-6AC9D6929352} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0 - {C541EBC6-4638-4F16-826A-6AC9D6929352} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0s - {C541EBC6-4638-4F16-826A-6AC9D6929352} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0 - {C541EBC6-4638-4F16-826A-6AC9D6929352} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0s - {C541EBC6-4638-4F16-826A-6AC9D6929352} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0 - {C541EBC6-4638-4F16-826A-6AC9D6929352} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0s - {C541EBC6-4638-4F16-826A-6AC9D6929352} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0 - {C541EBC6-4638-4F16-826A-6AC9D6929352} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0s - {C541EBC6-4638-4F16-826A-6AC9D6929352} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0 - {C541EBC6-4638-4F16-826A-6AC9D6929352} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0s - {C541EBC6-4638-4F16-826A-6AC9D6929352} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0 - {C541EBC6-4638-4F16-826A-6AC9D6929352} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0s - {C541EBC6-4638-4F16-826A-6AC9D6929352} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0 - {C541EBC6-4638-4F16-826A-6AC9D6929352} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0s - {C541EBC6-4638-4F16-826A-6AC9D6929352} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll
O18 - Protocol: offline-8876480 - {C541EBC6-4638-4F16-826A-6AC9D6929352} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: avast! Mail Scanner - AVAST Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: avast! Web Scanner - AVAST Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: BlueSoleil Hid Service - Unknown owner - C:\Program Files\IVT Corporation\BlueSoleil\BTNtService.exe
O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: HP Port Resolver - Hewlett-Packard Company - C:\WINDOWS\system32\spool\drivers\w32x86\3\HPBPRO.EXE
O23 - Service: HP Status Server - Hewlett-Packard Company - C:\WINDOWS\system32\spool\drivers\w32x86\3\HPBOID.EXE
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: ZoneAlarm Toolbar IswSvc (IswSvc) - Check Point Software Technologies - C:\Program Files\CheckPoint\ZAForceField\IswSvc.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: Logitech Bluetooth Service (LBTServ) - Logitech, Inc. - C:\Program Files\Common Files\LogiShrd\Bluetooth\lbtserv.exe
O23 - Service: LeverageService - Unknown owner - C:\Program Files\Pragmatic Solutions Inc\LeverageService\LeverageService.exe
O23 - Service: McAfee SiteAdvisor Service - McAfee, Inc. - c:\PROGRA~1\mcafee\SITEAD~1\mcsacore.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe
O23 - Service: PnkBstrB - Unknown owner - C:\WINDOWS\system32\PnkBstrB.exe
O23 - Service: Start BT in service - Unknown owner - C:\Program Files\IVT Corporation\BlueSoleil\StartSkysolSvc.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Check Point Software Technologies LTD - C:\WINDOWS\system32\ZoneLabs\vsmon.exe
—
End of file - 25418 bytes