---

hej
når jeg trykker på et youtube link i et forum ender jeg på en forkert side (http://www.miaminews365.net/). Er der nogen der kender til dette problem?

det samme sker hvis jeg kopierer adressen ind i adresse linien

har kørt spyware doctor

fredeSplit

---

http://www.miaminews365.net/
BE APPY __ tror ikke de ligger flere dårlige film ud mere.


ELLER VAR DET DIT LINK DER VAR GALT MED

---

Ellers prøv disse sider_
OG VÆR GLAD FOR DU IKKE altid bliver VIDERESTILLET.

---

http://www.kandu.dk/tip16593.aspx

Det er ikke den du har prøvet

---

sIDEN KAN SIKKERT IKKE VISES, GRUNDET DIN EGEN SIKKERHED....----

Så alt i ALT, godt_nok

---

disken:
hvis en har lagt et link til youtube på feks en forumside og jeg klikker på det ender jeg på den side,
istedet for at komme til youtube.

ved godt man bare kan søge på youtune men undrede mig bare over det. og det er også lidt feder hvis man klikke på linket og komme det rigtige sted hen :)

det er ikke sket før

---

YouTube links i forums, kan meget vel være spamlinks, der går til sider der er fuld af virus, spyware, og anden malware. Så generelt, lade være med at klikke på dem. Det du har lagt ind, kan sagtens være sådan et, netop fordi det bliver omdirigeret.

TIL ANDRE BRUGERE: LAD VÆRE MED AT KLIKKE PÅ DET LINK

---

Kan du vil med at spille russisk roulette

---

disken
hvasd skulle jeg bruge de sider til,eller er du bare sjov

de youtube film jeg ser er stortset kun fodbold klip
undskyld tonen forstår bare ikke lige det indlæg

---

SGU da ikke mig der smider linket, retter det kun, og kan sige,
Kandu bliver langsommere for hvert KLIK.




Aner det IKKE, men som REGEL ==? bliver d viderestillet
Så er der som regel SKIDT PÅ SIDEB.

DER JEG VILLE HEN

Kan se DET ikke var kandu, der blev langsom, efter er
besøg på ovennævnte SIDE


C jar
Det tager lang tid at skrive nu___IGEN
LOL Tager/ lige 5 sek at skrive dette.

---

Vil nu nok sige efter endnu et PAR """genstartér ??? at kandu kører på lånte /genbrugs==scripst
Da min curser er langsom, og den fejlmelding fik jeg i Fredags.
FØRSTE GANG JEG SÅ DET _ men hvad
Ikke første GANG, der er nogen der leger med denne side.
Og ikke TILLOD at køre X ér+ JAVA+ andet , på denne, siden altså
Genstarter før den lukke ned af sig selv LOL

---

Du må ikke klikke på YouTube links nogensteder, banditterne misbruger Youtube for at logge intetanende internet brugere ind på deres befængte sider, gå ind på YouTube og find selv det du ønsker, der er en udmærket søgefunktion på siden: http://www.youtube.com og YouTube fejler ikke noget, det farlige er de links som man tror føre til en sjov film, men fylder computeren med skidt og møj, hvis du endelig vil ind på YouTube via links, så hold det ene øje på nederste værktøjs linje i browseren, når du holder musemarkøren over linket, vises den virkelige adresse dernede, og står der ikke det samme som der står på linjen du gerne vil klikke på, så lad være at klikke

---

TAGGERR


IT

MENNESKET___?? SIGER MANGE ____________________ TAGGER

SELV_____________________TÆNKENDE /// KAT
SÅ KUNNE JEG FÅ GANG I MIT too___________________LOL
ALT ANDET /// HAR gATES TABT på l--------------------------------------------------------------------------------
Du må ikke klikke på YouTube links nogensteder, banditterneo

upsssssssssssssssssssssssssssss KOM TIL AT KLIKKE PÅEN aDOBE


dos

---

tak for hjælpen
angående mit link så er jeg ked af at jeg postede det. det var selvfølgelig tankeløst

jeg skal åbenbart igang med noget "detektiv arbejde" da jeg ikke engang kan skrive youtube adressen selv uden at ende på den anden-forkerte- side

---

Det kan være en god ide at checke computeren, prøv med Hijackthis, vejledning og download link her: http://sptlarsenserious.googlepages.com/HijackThis så vil en af os hjælpe dig med at rense computeren, jeg kommer ikke ind igen før efter midnat, skal på arbejde om lidt

---

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 15:24:09, on 18-09-2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Programmer\Fælles filer\Symantec Shared\ccProxy.exe
C:\WINDOWS\Explorer.EXE
C:\Programmer\Fælles filer\Symantec Shared\ccSetMgr.exe
C:\Programmer\Norton Internet Security\ISSVC.exe
C:\Programmer\Fælles filer\Symantec Shared\SNDSrvc.exe
C:\Programmer\Fælles filer\Symantec Shared\SPBBC\SPBBCSvc.exe
C:\Programmer\Fælles filer\Symantec Shared\ccEvtMgr.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Programmer\Fælles filer\LogiShrd\LVMVFM\LVPrcSrv.exe
C:\Programmer\Symantec\LiveUpdate\ALUSchedulerSvc.exe
c:\APPS\Powercinema\Kernel\TV\CLCapSvc.exe
c:\APPS\Powercinema\Kernel\TV\CLSched.exe
c:\APPS\HIDSERVICE\HIDSERVICE.exe
C:\Programmer\Fælles filer\LogiShrd\LVCOMSER\LVComSer.exe
C:\Programmer\Norton Internet Security\Norton AntiVirus\navapsvc.exe
C:\Programmer\Spyware Doctor\sdhelp.exe
C:\WINDOWS\system32\svchost.exe
C:\Programmer\Fælles filer\LogiShrd\LVCOMSER\LVComSer.exe
C:\WINDOWS\System32\alg.exe
C:\WINDOWS\system32\VTTimer.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\Programmer\Java\jre1.6.0_01\bin\jusched.exe
C:\Programmer\Fælles filer\Symantec Shared\ccApp.exe
C:\Apps\Powercinema\PCMService.exe
C:\apps\ABoard\ABoard.exe
C:\apps\ABoard\AOSD.exe
C:\Programmer\Fælles filer\Real\Update_OB\realsched.exe
C:\Programmer\HP\HP Software Update\HPWuSchd2.exe
C:\Programmer\Fælles filer\LogiShrd\LComMgr\Communications_Helper.exe
C:\Programmer\Logitech\QuickCam\Quickcam.exe
C:\Programmer\HP\Digital Imaging\bin\hpqtra08.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Programmer\HP\Digital Imaging\bin\hpqimzone.exe
C:\Programmer\Fælles filer\Logishrd\LQCVFX\COCIManager.exe
C:\Programmer\HP\Digital Imaging\bin\hpqSTE08.exe
C:\Programmer\Java\jre1.6.0_01\bin\jucheck.exe
C:\Programmer\Internet Explorer\iexplore.exe
C:\Programmer\Fælles filer\Symantec Shared\AdBlocking\NSMdtr.exe
C:\Programmer\Fælles filer\Microsoft Shared\Windows Live\WLLoginProxy.exe
C:\Programmer\MSN Messenger\usnsvc.exe
C:\WINDOWS\system32\NOTEPAD.EXE
C:\Programmer\HJTrenamed.exe
C:\Programmer\Messenger\msmsgs.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://format.packardbell.com/cgi-bin/redirect/?country=DK&range=AD&phase=6&key=SEARCH
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.fck.dk/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = file://C:\APPS\IE\offline\dan.htm
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Packard Bell
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Hyperlinks
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programmer\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: ChangerBHO Class - {0edc6c20-a31c-11db-8ab9-0800200c9a66} - C:\WINDOWS\system32\adsldps.dll
O2 - BHO: PCTools Site Guard - {5C8B2A36-3DB1-42A4-A3CB-D426709BBFEB} - C:\PROGRA~1\SPYWAR~1\tools\iesdsg.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programmer\Java\jre1.6.0_01\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programmer\Fælles filer\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Norton Internet Security - {9ECB9560-04F9-4bbc-943D-298DDF1699E1} - C:\Programmer\Fælles filer\Symantec Shared\AdBlocking\NISShExt.dll
O2 - BHO: PCTools Browser Monitor - {B56A7D7D-6927-48C8-A975-17DF180C71AC} - C:\PROGRA~1\SPYWAR~1\tools\iesdpb.dll
O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Programmer\Norton Internet Security\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: Norton Internet Security - {0B53EAC3-8D69-4b9e-9B19-A37C9A5676A7} - C:\Programmer\Fælles filer\Symantec Shared\AdBlocking\NISShExt.dll
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Programmer\Norton Internet Security\Norton AntiVirus\NavShExt.dll
O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - HKLM\..\Run: [VTTimer] VTTimer.exe
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Programmer\Java\jre1.6.0_01\bin\jusched.exe"
O4 - HKLM\..\Run: [ccApp] "C:\Programmer\Fælles filer\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [PCMService] "c:\Apps\Powercinema\PCMService.exe"
O4 - HKLM\..\Run: [ACTIVBOARD] c:\apps\ABoard\ABoard.exe
O4 - HKLM\..\Run: [Symantec NetDriver Monitor] C:\PROGRA~1\SYMNET~1\SNDMon.exe /Consumer
O4 - HKLM\..\Run: [TkBellExe] "C:\Programmer\Fælles filer\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [QuickTime Task] "C:\Programmer\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [HP Software Update] C:\Programmer\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Programmer\Fælles filer\Ahead\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [LogitechCommunicationsManager] "C:\Programmer\Fælles filer\LogiShrd\LComMgr\Communications_Helper.exe"
O4 - HKLM\..\Run: [LogitechQuickCamRibbon] "C:\Programmer\Logitech\QuickCam\Quickcam.exe" /hide
O4 - HKCU\..\Run: [updateMgr] "C:\Programmer\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe" AcRdB7_0_8 -reboot 1
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOKAL TJENESTE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETVÆRKSTJENESTE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: Adobe Reader Hurtigstart.lnk = C:\Programmer\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Programmer\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: HP Photosmart Premier Hurtig start.lnk = C:\Programmer\HP\Digital Imaging\bin\hpqthb08.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Programmer\Microsoft Office\Office\OSA9.EXE
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programmer\Java\jre1.6.0_01\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programmer\Java\jre1.6.0_01\bin\ssv.dll
O9 - Extra button: Spyware Doctor - {2D663D1A-8670-49D9-A1A5-4C56B4E14E84} - C:\PROGRA~1\SPYWAR~1\tools\iesdpb.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programmer\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programmer\Messenger\msmsgs.exe
O14 - IERESET.INF: START_PAGE_URL=file://C:\APPS\IE\offline\dan.htm
O16 - DPF: {05CA9FB0-3E3E-4B36-BF41-0E3A5CAA8CD8} (Office Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=58813
O16 - DPF: {D216644A-C6DB-49D9-BBCF-D38FE7991BF2} (Util Class) - https://udstedelse.certifikat.tdc.dk/csp/authenticode/tdccsp-0506.exe
O16 - DPF: {D8575CE3-3432-4540-88A9-85A1325D3375} (e-Safekey) - https://netbank.danskebank.dk/html/activex/e-Safekey/DB/e-Safekey.cab
O23 - Service: Automatisk LiveUpdate-planlægning - Symantec Corporation - C:\Programmer\Symantec\LiveUpdate\ALUSchedulerSvc.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Programmer\Fælles filer\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Network Proxy (ccProxy) - Symantec Corporation - C:\Programmer\Fælles filer\Symantec Shared\ccProxy.exe
O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Programmer\Fælles filer\Symantec Shared\ccPwdSvc.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Programmer\Fælles filer\Symantec Shared\ccSetMgr.exe
O23 - Service: CyberLink Background Capture Service (CBCS) (CLCapSvc) - Unknown owner - c:\APPS\Powercinema\Kernel\TV\CLCapSvc.exe
O23 - Service: CyberLink Task Scheduler (CTS) (CLSched) - Unknown owner - c:\APPS\Powercinema\Kernel\TV\CLSched.exe
O23 - Service: Generic Service for HID Keyboard Input Collections (GenericHidService) - Unknown owner - c:\APPS\HIDSERVICE\HIDSERVICE.exe
O23 - Service: ISSvc (ISSVC) - Symantec Corporation - C:\Programmer\Norton Internet Security\ISSVC.exe
O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
O23 - Service: LVCOMSer - Logitech Inc. - C:\Programmer\Fælles filer\LogiShrd\LVCOMSER\LVComSer.exe
O23 - Service: Process Monitor (LVPrcSrv) - Logitech Inc. - C:\Programmer\Fælles filer\LogiShrd\LVMVFM\LVPrcSrv.exe
O23 - Service: LVSrvLauncher - Logitech Inc. - C:\Programmer\Fælles filer\LogiShrd\SrvLnch\SrvLnch.exe
O23 - Service: Norton AntiVirus Auto-Protect-tjeneste (navapsvc) - Symantec Corporation - C:\Programmer\Norton Internet Security\Norton AntiVirus\navapsvc.exe
O23 - Service: NBService - Nero AG - C:\Programmer\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Programmer\Fælles filer\Ahead\Lib\NMIndexingService.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: SAVScan - Symantec Corporation - C:\Programmer\Norton Internet Security\Norton AntiVirus\SAVScan.exe
O23 - Service: PC Tools Spyware Doctor (SDhelper) - PC Tools Research Pty Ltd - C:\Programmer\Spyware Doctor\sdhelp.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Programmer\Fælles filer\Symantec Shared\SNDSrvc.exe
O23 - Service: Symantec SPBBCSvc (SPBBCSvc) - Symantec Corporation - C:\Programmer\Fælles filer\Symantec Shared\SPBBC\SPBBCSvc.exe

--
End of file - 10467 bytes

---

HJT viser ikke noget "snavs", men derfor kan der godt være noget alligevel. Lad os lige tage et grundigt tjek af din maskine:

------------------------------------------------------------------------------

Hent Combofix, og gem den på dit skrivebord:
http://download.bleepingcomputer.com/sUBs/ComboFix.exe

Kør så combofix.exe, og følg vejledningen i vinduet.

Du bør ikke klikke på vinduet imens værktøjet kører, idet det kan få din computer til at fryse.
Når combofix er færdig, og efter det har genstartet, skulle der gerne åbnes en logfil: combofix.txt som kan findes her-C:\combofix.txt

Kopier loggen her ind.

------------------------------------------------------------------------------

Hent og dobbeltklik denne fil. Den pakker sig ud til C:\SDFix:
http://downloads.andymanchesta.com/RemovalTools/SDFix.exe

Genstart i fejlsikret, hvis du ikke ved hvordan så kig her (Scroll ned til "Sådan får du adgang til fejlsikret tilstand") http://kimludvigsen.dk/tips-windows-fejlsikret.html


Gå så ind i mappen SDFix på C drevet. Dobbeltklik på filen RunThis.bat, for at starte værktøjet. Tryk "y" for at bekræfte, at du kører værktøjet på egen risiko. Så vil værktøjet gå i gang med at fjerne trojanservicen, og lave et par reparationer af registreringsdatabasen. På et tidspunkt vil det bede dig om at trykke en taste for at genstarte computeren. Det skal du gøre, hvorefter computeren vil genstarte efter 15 sekunder.

Genstarten vil tage lidt længere end sædvanligt, idet værktøjet skal have tid til at udføre sit arbejde. Når skrivebordet dukker op, vil værktøjet skrive "Finished". Tryk herefter en taste for at indlæse dine skrivebordsikoner igen.

Åben så SDFix-mappen, find filen Report.txt, og kopier indholdet af denne fil herind.

-----------------------------------------------------------------------------

Dit java er også lidt for gammelt, så det bør du opdatere til nyeste version. Se mere her http://www.malwarecheck.dk/forum/viewtopic.php?t=54

------------------------------------------------------------------------------

Jeg vil forslå, at du også lige renser ud med filen i Trin 5 her http://www.malwarecheck.dk/forum/viewtopic.php?t=11

---

er det normalt at Combofix tager så lang tid. det virker ikke som at der sker noget

---

Nej, den burde ikke tage ret lang tid. Prøv at køre den i fejlsikret tilstand.

---

ComboFix 07-09-18.4 - "bo" 2007-09-18 21:35:08.1 - NTFSx86 NETWORK
Microsoft Windows XP Home Edition 5.1.2600.2.1252.1.1030.18.276 [GMT 2:00]
.

((((((((((((((((((((((((( Files Created from 2007-08-18 to 2007-09-18 )))))))))))))))))))))))))))))))
.

2007-09-18 17:22   51,200   --a------   C:\WINDOWS\NirCmd.exe
2007-09-18 15:23   401,720   --a------   C:\Programmer\HJTrenamed.exe
2007-09-16 19:36   21,504   --a------   C:\WINDOWS\system32\adsldps.dll
2007-09-15 19:28   <DIR>   d--------   C:\Programmer\WMA-MP3.com
2007-09-15 18:16   <DIR>   d--------   C:\Converted
2007-09-15 18:13   513,152   --a------   C:\WINDOWS\system32\drivers\DrmCDriverV32.sys
2007-09-15 18:13   2,688   --a------   C:\WINDOWS\system32\drivers\DrmCVideo32.sys
2007-08-27 23:27   490,008   --a------   C:\WINDOWS\system32\LVUI2.dll
2007-08-27 23:27   465,432   --a------   C:\WINDOWS\system32\LVUI2RC.dll
2007-08-27 23:27   416,280   --a------   C:\WINDOWS\system32\lvcodec2.dll
2007-08-27 23:27   41,752   --a------   C:\WINDOWS\system32\drivers\LVUSBSta.sys
2007-08-27 23:27   3,599,000   --a------   C:\WINDOWS\system32\drivers\lvuvc.sys
2007-08-27 23:27   22,296   --a------   C:\WINDOWS\system32\drivers\lvuvcflt.sys
2007-08-27 23:27   195,096   --a------   C:\WINDOWS\system32\lvci1110.dll
2007-08-27 23:27   19,344   --a------   C:\WINDOWS\system32\Repository.reg
2007-08-27 23:27   1,920,920   --a------   C:\WINDOWS\system32\drivers\lvpopflt.sys
2007-08-27 23:25   <DIR>   d--------   C:\DOCUME~1\ALLUSE~1\APPLIC~1\Logitech
2007-08-27 23:25   <DIR>   d--------   C:\DOCUME~1\ALLUSE~1\APPLIC~1\Logishrd
2007-08-23 17:30   59,904   --a------   C:\WINDOWS\system32\Mscc2fr.dll
2007-08-23 17:30   32,768   --a------   C:\WINDOWS\system32\CMDLGFR.DLL
2007-08-23 17:30   21,504   --a------   C:\WINDOWS\system32\TABCTFR.DLL
2007-08-23 17:30   15,360   --a------   C:\WINDOWS\system32\inetfr.DLL
2007-08-23 17:30   141,312   --a------   C:\WINDOWS\system32\MSCMCFR.DLL
2007-08-23 17:30   119,568   --a------   C:\WINDOWS\system32\VB6FR.DLL
2007-08-23 17:30   101,888   --a------   C:\WINDOWS\system32\VB6STKIT.DLL

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2007-09-18 15:24   10469   --a------   C:\Programmer\hijackthis.log
2007-09-17 21:39   ---------   d-a------   C:\DOCUME~1\ALLUSE~1\APPLIC~1\TEMP
2007-09-16 23:45   ---------   d--------   C:\DOCUME~1\bo\APPLIC~1\uTorrent
2007-09-08 14:17   0   --a------   C:\WINDOWS\system32\drivers\lvuvc.hs
2007-08-27 23:25   ---------   d--------   C:\Programmer\Logitech
2007-08-26 16:00   ---------   d--------   C:\Programmer\DivX
2007-08-04 18:47   ---------   d--------   C:\DOCUME~1\ALLUSE~1\APPLIC~1\DVD Shrink
2007-07-30 19:19   92504   --a------   C:\WINDOWS\system32\dllcache\cdm.dll
2007-07-30 19:19   92504   --a------   C:\WINDOWS\system32\cdm.dll
2007-07-30 19:19   549720   --a------   C:\WINDOWS\system32\wuapi.dll
2007-07-30 19:19   549720   --a------   C:\WINDOWS\system32\dllcache\wuapi.dll
2007-07-30 19:19   53080   --a------   C:\WINDOWS\system32\wuauclt.exe
2007-07-30 19:19   53080   --a------   C:\WINDOWS\system32\dllcache\wuauclt.exe
2007-07-30 19:19   43352   --a------   C:\WINDOWS\system32\wups2.dll
2007-07-30 19:19   325976   --a------   C:\WINDOWS\system32\wucltui.dll
2007-07-30 19:19   325976   --a------   C:\WINDOWS\system32\dllcache\wucltui.dll
2007-07-30 19:19   203096   --a------   C:\WINDOWS\system32\wuweb.dll
2007-07-30 19:19   203096   --a------   C:\WINDOWS\system32\dllcache\wuweb.dll
2007-07-30 19:19   1712984   --a------   C:\WINDOWS\system32\wuaueng.dll
2007-07-30 19:19   1712984   --a------   C:\WINDOWS\system32\dllcache\wuaueng.dll
2007-07-30 19:18   33624   --a------   C:\WINDOWS\system32\wups.dll
2007-07-30 19:18   33624   --a------   C:\WINDOWS\system32\dllcache\wups.dll
2007-07-24 12:49   ---------   d--------   C:\Programmer\CD-Cover Editor
2007-07-20 18:40   ---------   d--------   C:\DOCUME~1\ALLUSE~1\APPLIC~1\Ahead
2007-07-20 18:35   ---------   d--------   C:\DOCUME~1\ALLUSE~1\APPLIC~1\Nero
2007-07-20 00:39   2142488   --a------   C:\WINDOWS\system32\drivers\LVMVdrv.sys
2007-07-20 00:37   2109592   --a------   C:\WINDOWS\system32\drivers\Lvckap.sys
2007-07-19 23:51   85302   --a------   C:\WINDOWS\system32\drivers\LVFeL002.cfg
2007-07-19 23:51   69592   --a------   C:\WINDOWS\system32\drivers\LVFaL000.cfg
2007-07-19 23:51   227172   --a------   C:\WINDOWS\system32\drivers\LVFeL000.cfg
2007-07-19 23:51   146680   --a------   C:\WINDOWS\system32\drivers\LVFeL001.cfg
2007-07-18 17:42   25624   --a------   C:\WINDOWS\system32\drivers\LVPr2Mon.sys
2007-06-27 19:05   972072   --a------   C:\WINDOWS\UNNeroMediaHome.exe
2007-06-26 14:12   972072   --a------   C:\WINDOWS\UNNeroVision.exe
2006-02-19 03:28   12288   --a------   C:\WINDOWS\Fonts\RandFont.dll
   ---------      C:\Programmer\Fælles filer\Symantec Shared
   ---------      C:\Programmer\Fælles filer\LogiShrd
   ---------      C:\Programmer\Fælles filer\Ahead
   ---------      C:\Programmer\Fælles filer
2007-01-03 09:01:14   88   --sh--r   C:\WINDOWS\system32\0D8863C8F7.sys
2007-01-03 09:01:16   2,516   --sha-w   C:\WINDOWS\system32\KGyGaAvL.sys
.

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.

*Note* empty entries & legit default entries are not shown

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IMJPMIG8.1"="C:\WINDOWS\IME\imjp8_1\IMJPMIG.exe" [2004-08-27 14:00]
"PHIME2002ASync"="C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.exe" [2004-08-27 14:00]
"PHIME2002A"="C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.exe" [2004-08-27 14:00]
"VTTimer"="VTTimer.exe" [2005-03-08 03:33 C:\WINDOWS\system32\VTTimer.exe]
"SoundMan"="SOUNDMAN.EXE" [2005-01-20 20:04 C:\WINDOWS\SOUNDMAN.EXE]
"SunJavaUpdateSched"="C:\Programmer\Java\jre1.6.0_01\bin\jusched.exe" [2007-03-14 03:43]
"ccApp"="C:\Programmer\Fælles filer\Symantec Shared\ccApp.exe" []
"PCMService"="c:\Apps\Powercinema\PCMService.exe" [2005-01-28 11:10]
"ACTIVBOARD"="c:\apps\ABoard\ABoard.exe" [2003-05-02 11:31]
"Symantec NetDriver Monitor"="C:\PROGRA~1\SYMNET~1\SNDMon.exe" [2006-11-30 18:56]
"TkBellExe"="C:\Programmer\Fælles filer\Real\Update_OB\realsched.exe" []
"QuickTime Task"="C:\Programmer\QuickTime\qttask.exe" [2007-02-16 10:54]
"HP Software Update"="C:\Programmer\HP\HP Software Update\HPWuSchd2.exe" [2006-02-19 02:41]
"NeroFilterCheck"="C:\Programmer\Fælles filer\Ahead\Lib\NeroCheck.exe" []
"LogitechCommunicationsManager"="C:\Programmer\Fælles filer\LogiShrd\LComMgr\Communications_Helper.exe" []
"LogitechQuickCamRibbon"="C:\Programmer\Logitech\QuickCam\Quickcam.exe" [2007-07-25 16:06]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"updateMgr"="C:\Programmer\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe" [2006-03-30 17:45]

[HKEY_USERS\.default\software\microsoft\windows\currentversion\run]
"Spyware Doctor"="C:\Programmer\Spyware Doctor\swdoctor.exe" /Q

C:\DOCUME~1\ALLUSE~1\MENUEN~1\PROGRA~1\Start\
Adobe Reader Hurtigstart.lnk - C:\Programmer\Adobe\Acrobat 7.0\Reader\reader_sl.exe [2005-09-23 23:05:26]
HP Digital Imaging Monitor.lnk - C:\Programmer\HP\Digital Imaging\bin\hpqtra08.exe [2006-02-19 04:21:22]
HP Photosmart Premier Hurtig start.lnk - C:\Programmer\HP\Digital Imaging\bin\hpqthb08.exe [2006-02-10 07:56:20]
Microsoft Office.lnk - C:\Programmer\Microsoft Office\Office\OSA9.EXE [1999-02-17 15:05:56]

R0 viamraid;viamraid;C:\WINDOWS\system32\DRIVERS\viamraid.sys
R0 viaagp;VIA AGP-busfilter;C:\WINDOWS\system32\DRIVERS\viaagp.sys
R0 viaagp1;VIA AGP Filter;C:\WINDOWS\system32\DRIVERS\viaagp1.sys
S2 Automatisk LiveUpdate-planlægning;Automatisk LiveUpdate-planlægning;"C:\Programmer\Symantec\LiveUpdate\ALUSchedulerSvc.exe"
S3 DrmCDriverV32;DrmCDriverV32;C:\WINDOWS\system32\drivers\DrmCDriverV32.sys
S3 DrmCVideo32;DrmCVideo32;C:\WINDOWS\system32\DRIVERS\DrmCVideo32.sys
S3 Via4in1;Via4in1;\??\C:\DOCUME~1\Ejer\Via4in1.sys

*Newly Created Service* - CATCHME
.
Contents of the 'Scheduled Tasks' folder
"2007-05-15 08:30:00 C:\WINDOWS\Tasks\AppleSoftwareUpdate.job"
"2007-09-18 17:30:00 C:\WINDOWS\Tasks\Konfigurer min PC.job"
- C:\Apps\SMP\PCSETUP.EXE
.
**************************************************************************

catchme 0.3.1061 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2007-09-18 22:16:41
Windows 5.1.2600 Service Pack 2 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************

[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\mchInjDrv]
"ImagePath"="\??\C:\WINDOWS\TEMP\mc21.tmp"
.
Completion time: 2007-09-18 22:17:25
.
   --- E O F ---

---

SDFix: Version 1.105

Run by bo on 18-09-2007 at 22:25

Microsoft Windows XP [version 5.1.2600]

Running From: C:\SDFix

Safe Mode:
Checking Services:


Restoring Windows Registry Values
Restoring Windows Default Hosts File

Rebooting...


Normal Mode:
Checking Files:

No Trojan Files Found




Removing Temp Files...

ADS Check:

C:\WINDOWS
No streams found.

C:\WINDOWS\system32
No streams found.

C:\WINDOWS\system32\svchost.exe
No streams found.

C:\WINDOWS\system32\ntoskrnl.exe
No streams found.



Final Check:

Remaining Services:
------------------




Authorized Application Key Export:

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

Remaining Files:
---------------


Files with Hidden Attributes:

C:\Documents and Settings\bo\Lokale indstillinger\Application Data\Microsoft\Messenger\cph-dreaming@hotmail.com\Sharing Folders\morten_john_olsen@hotmail.com\Thumbs.db
C:\Documents and Settings\bo\Dokumenter\works\MSDE2000\SQLRESLD.DLL
C:\WINDOWS\system32\0D8863C8F7.sys
C:\WINDOWS\system32\KGyGaAvL.sys
C:\Documents and Settings\All Users\DRM\Cache\Indiv02.tmp

Finished!

---

Bingo, der var den

Kopier nedenstående med fed skrift ind i Notesblok (kun Notesblok må anvendes)


File::
C:\WINDOWS\system32\adsldps.dll


Gem filen som en txt fil med navnet CFScript på samme sted som du har ComboFix.

Træk så CFScript.txt hen på Combofix ikonet, som vist her http://i204.photobucket.com/albums/bb106/Juliet702/CFScript-createdbyMiekiemoes.gif

Så vil Combofix starte, og måske genstarte maskinen.

Kopier indholdet af Combofix.txt her ind.

---

Hov, jeg overså da lige en

På den igen, sorry:


Kopier nedenstående med fed skrift ind i Notesblok (kun Notesblok må anvendes)


File::
C:\WINDOWS\TEMP\mc21.tmp

Registry::
[-HKEY_LOCAL_MACHINE\system\ControlSet001\Services\mchInjDrv]


Gem filen som en txt fil med navnet CFScript på samme sted som du har ComboFix.

Træk så CFScript.txt hen på Combofix ikonet, som vist her http://i204.photobucket.com/albums/bb106/Juliet702/CFScript-createdbyMiekiemoes.gif

Så vil Combofix starte, og måske genstarte maskinen.

Kopier indholdet af Combofix.txt her ind.

Kom også med en frisk HijackThis log

---

SE BORT FRA MIT INDLÆG 19-09-07 01:20

Det viser sig, at SpywareDoctor bruger nogle filer, der til forveksling ligner noget malware.

Så følg min vejledning, til og med 18-09-07 22:55

---

Kan du virkelig alle disse inficerede filer pr. refleks eller har du en liste du kan se hvilke som måske godt må være der det ville have taget flere dage for mig at analysere den Combofix log, linje efter linje

---

lidt forsinket men her er cobo log
har ignoreret din anden post som du har skrevet jeg skulle :)

ComboFix 07-09-18.4 - "bo" 2007-09-19 20:44:12.4 - NTFSx86 MINIMAL
Microsoft Windows XP Home Edition 5.1.2600.2.1252.1.1030.18.277 [GMT 2:00]
Command switches used :: C:\Documents and Settings\bo\Skrivebord\CFScript.txt

FILE::
C:\WINDOWS\system32\adsldps.dll
.

((((((((((((((((((((((((( Files Created from 2007-08-19 to 2007-09-19 )))))))))))))))))))))))))))))))
.

2007-09-19 16:47   271,224   --a------   C:\WINDOWS\system32\mucltui.dll
2007-09-18 23:51   <DIR>   d--------   C:\DOCUME~1\bo\APPLIC~1\Skype
2007-09-18 23:50   <DIR>   d--------   C:\Programmer\F‘lles filer\Skype
2007-09-18 23:50   <DIR>   d--------   C:\DOCUME~1\ALLUSE~1\APPLIC~1\Skype
2007-09-18 23:42   <DIR>   d--------   C:\Programmer\F‘lles filer\xing shared
2007-09-18 23:35   <DIR>   d--------   C:\Programmer\QuickTime
2007-09-18 23:33   <DIR>   d--------   C:\DOCUME~1\ALLUSE~1\APPLIC~1\Apple
2007-09-18 22:25   <DIR>   d--------   C:\WINDOWS\ERUNT
2007-09-18 17:22   51,200   --a------   C:\WINDOWS\NirCmd.exe
2007-09-18 15:23   401,720   --a------   C:\Programmer\HJTrenamed.exe
2007-09-15 19:28   <DIR>   d--------   C:\Programmer\WMA-MP3.com
2007-09-15 18:16   <DIR>   d--------   C:\Converted
2007-09-15 18:13   513,152   --a------   C:\WINDOWS\system32\drivers\DrmCDriverV32.sys
2007-09-15 18:13   2,688   --a------   C:\WINDOWS\system32\drivers\DrmCVideo32.sys
2007-08-27 23:27   490,008   --a------   C:\WINDOWS\system32\LVUI2.dll
2007-08-27 23:27   465,432   --a------   C:\WINDOWS\system32\LVUI2RC.dll
2007-08-27 23:27   416,280   --a------   C:\WINDOWS\system32\lvcodec2.dll
2007-08-27 23:27   41,752   --a------   C:\WINDOWS\system32\drivers\LVUSBSta.sys
2007-08-27 23:27   3,599,000   --a------   C:\WINDOWS\system32\drivers\lvuvc.sys
2007-08-27 23:27   22,296   --a------   C:\WINDOWS\system32\drivers\lvuvcflt.sys
2007-08-27 23:27   195,096   --a------   C:\WINDOWS\system32\lvci1110.dll
2007-08-27 23:27   19,344   --a------   C:\WINDOWS\system32\Repository.reg
2007-08-27 23:27   1,920,920   --a------   C:\WINDOWS\system32\drivers\lvpopflt.sys
2007-08-27 23:25   <DIR>   d--------   C:\DOCUME~1\ALLUSE~1\APPLIC~1\Logitech
2007-08-27 23:25   <DIR>   d--------   C:\DOCUME~1\ALLUSE~1\APPLIC~1\Logishrd
2007-08-23 17:30   59,904   --a------   C:\WINDOWS\system32\Mscc2fr.dll
2007-08-23 17:30   32,768   --a------   C:\WINDOWS\system32\CMDLGFR.DLL
2007-08-23 17:30   21,504   --a------   C:\WINDOWS\system32\TABCTFR.DLL
2007-08-23 17:30   15,360   --a------   C:\WINDOWS\system32\inetfr.DLL
2007-08-23 17:30   141,312   --a------   C:\WINDOWS\system32\MSCMCFR.DLL
2007-08-23 17:30   119,568   --a------   C:\WINDOWS\system32\VB6FR.DLL
2007-08-23 17:30   101,888   --a------   C:\WINDOWS\system32\VB6STKIT.DLL

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2007-09-18 23:35   ---------   d--------   C:\DOCUME~1\ALLUSE~1\APPLIC~1\Apple Computer
2007-09-18 23:33   ---------   d--------   C:\Programmer\Apple Software Update
2007-09-18 15:24   10469   --a------   C:\Programmer\hijackthis.log
2007-09-17 21:39   ---------   d-a------   C:\DOCUME~1\ALLUSE~1\APPLIC~1\TEMP
2007-09-16 23:45   ---------   d--------   C:\DOCUME~1\bo\APPLIC~1\uTorrent
2007-09-08 14:17   0   --a------   C:\WINDOWS\system32\drivers\lvuvc.hs
2007-08-27 23:25   ---------   d--------   C:\Programmer\Logitech
2007-08-26 16:00   ---------   d--------   C:\Programmer\DivX
2007-08-04 18:47   ---------   d--------   C:\DOCUME~1\ALLUSE~1\APPLIC~1\DVD Shrink
2007-07-30 19:19   92504   --a------   C:\WINDOWS\system32\dllcache\cdm.dll
2007-07-30 19:19   92504   --a------   C:\WINDOWS\system32\cdm.dll
2007-07-30 19:19   549720   --a------   C:\WINDOWS\system32\wuapi.dll
2007-07-30 19:19   549720   --a------   C:\WINDOWS\system32\dllcache\wuapi.dll
2007-07-30 19:19   53080   --a------   C:\WINDOWS\system32\wuauclt.exe
2007-07-30 19:19   53080   --a------   C:\WINDOWS\system32\dllcache\wuauclt.exe
2007-07-30 19:19   43352   --a------   C:\WINDOWS\system32\wups2.dll
2007-07-30 19:19   325976   --a------   C:\WINDOWS\system32\wucltui.dll
2007-07-30 19:19   325976   --a------   C:\WINDOWS\system32\dllcache\wucltui.dll
2007-07-30 19:19   203096   --a------   C:\WINDOWS\system32\wuweb.dll
2007-07-30 19:19   203096   --a------   C:\WINDOWS\system32\dllcache\wuweb.dll
2007-07-30 19:19   1712984   --a------   C:\WINDOWS\system32\wuaueng.dll
2007-07-30 19:19   1712984   --a------   C:\WINDOWS\system32\dllcache\wuaueng.dll
2007-07-30 19:18   33624   --a------   C:\WINDOWS\system32\wups.dll
2007-07-30 19:18   33624   --a------   C:\WINDOWS\system32\dllcache\wups.dll
2007-07-30 19:18   207736   --a------   C:\WINDOWS\system32\muweb.dll
2007-07-24 12:49   ---------   d--------   C:\Programmer\CD-Cover Editor
2007-07-20 18:40   ---------   d--------   C:\DOCUME~1\ALLUSE~1\APPLIC~1\Ahead
2007-07-20 18:35   ---------   d--------   C:\DOCUME~1\ALLUSE~1\APPLIC~1\Nero
2007-07-20 00:39   2142488   --a------   C:\WINDOWS\system32\drivers\LVMVdrv.sys
2007-07-20 00:37   2109592   --a------   C:\WINDOWS\system32\drivers\Lvckap.sys
2007-07-19 23:51   85302   --a------   C:\WINDOWS\system32\drivers\LVFeL002.cfg
2007-07-19 23:51   69592   --a------   C:\WINDOWS\system32\drivers\LVFaL000.cfg
2007-07-19 23:51   227172   --a------   C:\WINDOWS\system32\drivers\LVFeL000.cfg
2007-07-19 23:51   146680   --a------   C:\WINDOWS\system32\drivers\LVFeL001.cfg
2007-06-27 19:05   972072   --a------   C:\WINDOWS\UNNeroMediaHome.exe
2007-06-27 15:34   317952   --a------   C:\WINDOWS\system32\dllcache\unregmp2.exe
2007-06-26 16:13   660480   ---------   C:\WINDOWS\system32\dllcache\wininet.dll
2007-06-26 15:57   851968   ---------   C:\WINDOWS\system32\dllcache\vgx.dll
2007-06-26 14:12   972072   --a------   C:\WINDOWS\UNNeroVision.exe
2007-06-26 08:10   1104896   --a------   C:\WINDOWS\system32\msxml3.dll
2007-06-26 08:10   1104896   ---------   C:\WINDOWS\system32\dllcache\msxml3.dll
2007-06-19 15:32   282112   --a------   C:\WINDOWS\system32\gdi32.dll
2007-06-19 15:32   282112   ---------   C:\WINDOWS\system32\dllcache\gdi32.dll
2006-02-19 03:28   12288   --a------   C:\WINDOWS\Fonts\RandFont.dll
   ---------      C:\Programmer\Fælles filer\xing shared
   ---------      C:\Programmer\Fælles filer\Symantec Shared
   ---------      C:\Programmer\Fælles filer\Skype
   ---------      C:\Programmer\Fælles filer\Real
   ---------      C:\Programmer\Fælles filer\LogiShrd
   ---------      C:\Programmer\Fælles filer\Ahead
   ---------      C:\Programmer\Fælles filer
2007-01-03 09:01:14   88   --sh--r   C:\WINDOWS\system32\0D8863C8F7.sys
2007-01-03 09:01:16   2,516   --sha-w   C:\WINDOWS\system32\KGyGaAvL.sys
.

((((((((((((((((((((((((((((( snapshot_2007-09-18_221652.71 )))))))))))))))))))))))))))))))))))))))))
.
----a-w 1,034,240 2007-06-13 13:22:35 C:\WINDOWS\explorer.exe
----a-w 14,560 2005-10-12 23:10:45 C:\WINDOWS\$hf_mig$\KB921503\spmsg.dll
----a-w 214,752 2005-10-12 23:10:46 C:\WINDOWS\$hf_mig$\KB921503\spuninst.exe
----a-w 549,888 2007-05-17 11:28:11 C:\WINDOWS\$hf_mig$\KB921503\SP2QFE\oleaut32.dll
----a-w 22,752 2005-10-12 23:10:45 C:\WINDOWS\$hf_mig$\KB921503\update\spcustom.dll
----a-w 721,120 2005-10-12 23:10:48 C:\WINDOWS\$hf_mig$\KB921503\update\update.exe
----a-w 383,200 2005-10-12 23:10:53 C:\WINDOWS\$hf_mig$\KB921503\update\updspapi.dll
----a-w 14,560 2007-03-06 01:10:55 C:\WINDOWS\$hf_mig$\KB933360\spmsg.dll
----a-w 214,752 2007-03-06 01:11:00 C:\WINDOWS\$hf_mig$\KB933360\spuninst.exe
----a-w 60,416 2007-07-18 10:33:06 C:\WINDOWS\$hf_mig$\KB933360\SP2QFE\tzchange.exe
----a-w 22,752 2007-03-06 01:10:53 C:\WINDOWS\$hf_mig$\KB933360\update\spcustom.dll
----a-w 721,120 2007-03-06 01:11:17 C:\WINDOWS\$hf_mig$\KB933360\update\update.exe
----a-w 383,200 2007-03-06 01:12:08 C:\WINDOWS\$hf_mig$\KB933360\update\updspapi.dll
----a-w 14,560 2005-10-12 23:10:45 C:\WINDOWS\$hf_mig$\KB936021\spmsg.dll
----a-w 214,752 2005-10-12 23:10:46 C:\WINDOWS\$hf_mig$\KB936021\spuninst.exe
----a-w 1,104,896 2007-06-26 06:06:57 C:\WINDOWS\$hf_mig$\KB936021\SP2QFE\msxml3.dll
----a-w 22,752 2005-10-12 23:10:45 C:\WINDOWS\$hf_mig$\KB936021\update\spcustom.dll
----a-w 721,120 2005-10-12 23:10:48 C:\WINDOWS\$hf_mig$\KB936021\update\update.exe
----a-w 383,200 2005-10-12 23:10:53 C:\WINDOWS\$hf_mig$\KB936021\update\updspapi.dll
----a-w 14,560 2007-03-06 01:10:55 C:\WINDOWS\$hf_mig$\KB937143\spmsg.dll
----a-w 214,752 2007-03-06 01:11:00 C:\WINDOWS\$hf_mig$\KB937143\spuninst.exe
----a-w 1,022,976 2007-06-15 08:14:12 C:\WINDOWS\$hf_mig$\KB937143\SP2QFE\browseui.dll
----a-w 151,552 2007-06-15 08:14:12 C:\WINDOWS\$hf_mig$\KB937143\SP2QFE\cdfview.dll
----a-w 1,056,256 2007-06-15 08:14:13 C:\WINDOWS\$hf_mig$\KB937143\SP2QFE\danim.dll
----a-w 357,888 2007-06-15 08:14:13 C:\WINDOWS\$hf_mig$\KB937143\SP2QFE\dxtmsft.dll
----a-w 205,824 2007-06-15 08:14:13 C:\WINDOWS\$hf_mig$\KB937143\SP2QFE\dxtrans.dll
----a-w 55,808 2007-06-15 08:14:13 C:\WINDOWS\$hf_mig$\KB937143\SP2QFE\extmgr.dll
----a-w 18,432 2007-06-14 10:32:36 C:\WINDOWS\$hf_mig$\KB937143\SP2QFE\iedw.exe
----a-w 251,904 2007-06-15 08:14:13 C:\WINDOWS\$hf_mig$\KB937143\SP2QFE\iepeers.dll
----a-w 96,768 2007-06-15 08:14:13 C:\WINDOWS\$hf_mig$\KB937143\SP2QFE\inseng.dll
----a-w 16,384 2007-06-15 08:14:13 C:\WINDOWS\$hf_mig$\KB937143\SP2QFE\jsproxy.dll
----a-w 3,085,312 2007-06-15 08:14:13 C:\WINDOWS\$hf_mig$\KB937143\SP2QFE\mshtml.dll
----a-w 449,024 2007-06-15 08:14:13 C:\WINDOWS\$hf_mig$\KB937143\SP2QFE\mshtmled.dll
----a-w 146,432 2007-06-15 08:14:14 C:\WINDOWS\$hf_mig$\KB937143\SP2QFE\msrating.dll
----a-w 532,480 2007-06-15 08:14:14 C:\WINDOWS\$hf_mig$\KB937143\SP2QFE\mstime.dll
----a-w 39,424 2007-06-15 08:14:14 C:\WINDOWS\$hf_mig$\KB937143\SP2QFE\pngfilt.dll
----a-w 1,498,112 2007-06-15 08:14:14 C:\WINDOWS\$hf_mig$\KB937143\SP2QFE\shdocvw.dll
----a-w 474,112 2007-06-15 08:14:14 C:\WINDOWS\$hf_mig$\KB937143\SP2QFE\shlwapi.dll
----a-w 359,936 2007-06-14 10:56:36 C:\WINDOWS\$hf_mig$\KB937143\SP2QFE\spru0406.dll
----a-w 619,008 2007-06-15 08:14:14 C:\WINDOWS\$hf_mig$\KB937143\SP2QFE\urlmon.dll
----a-w 667,136 2007-06-26 14:43:04 C:\WINDOWS\$hf_mig$\KB937143\SP2QFE\wininet.dll
----a-w 22,752 2007-03-06 01:10:53 C:\WINDOWS\$hf_mig$\KB937143\update\spcustom.dll
----a-w 721,120 2007-03-06 01:11:17 C:\WINDOWS\$hf_mig$\KB937143\update\update.exe
----a-w 383,200 2007-03-06 01:12:08 C:\WINDOWS\$hf_mig$\KB937143\update\updspapi.dll
----a-w 14,560 2005-10-12 23:10:45 C:\WINDOWS\$hf_mig$\KB938127\spmsg.dll
----a-w 214,752 2005-10-12 23:10:46 C:\WINDOWS\$hf_mig$\KB938127\spuninst.exe
----a-w 851,968 2007-06-26 14:46:13 C:\WINDOWS\$hf_mig$\KB938127\SP2QFE\vgx.dll
----a-w 22,752 2005-10-12 23:10:45 C:\WINDOWS\$hf_mig$\KB938127\update\spcustom.dll
----a-w 721,120 2005-10-12 23:10:48 C:\WINDOWS\$hf_mig$\KB938127\update\update.exe
----a-w 383,200 2005-10-12 23:10:53 C:\WINDOWS\$hf_mig$\KB938127\update\updspapi.dll
----a-w 14,560 2005-10-12 23:10:45 C:\WINDOWS\$hf_mig$\KB938828\spmsg.dll
----a-w 214,752 2005-10-12 23:10:46 C:\WINDOWS\$hf_mig$\KB938828\spuninst.exe
----a-w 1,034,240 2007-06-13 13:10:54 C:\WINDOWS\$hf_mig$\KB938828\SP2QFE\explorer.exe
----a-w 22,752 2005-10-12 23:10:45 C:\WINDOWS\$hf_mig$\KB938828\update\spcustom.dll
----a-w 721,120 2005-10-12 23:10:48 C:\WINDOWS\$hf_mig$\KB938828\update\update.exe
----a-w 383,200 2005-10-12 23:10:53 C:\WINDOWS\$hf_mig$\KB938828\update\updspapi.dll
----a-w 14,560 2006-01-19 19:29:12 C:\WINDOWS\$hf_mig$\KB938829\spmsg.dll
----a-w 214,752 2006-01-19 19:29:12 C:\WINDOWS\$hf_mig$\KB938829\spuninst.exe
----a-w 282,112 2007-06-19 13:41:31 C:\WINDOWS\$hf_mig$\KB938829\SP2QFE\gdi32.dll
----a-w 22,752 2006-01-19 19:29:12 C:\WINDOWS\$hf_mig$\KB938829\update\spcustom.dll
----a-w 721,120 2006-01-19 19:29:12 C:\WINDOWS\$hf_mig$\KB938829\update\update.exe
----a-w 383,200 2006-01-19 19:29:13 C:\WINDOWS\$hf_mig$\KB938829\update\updspapi.dll
-c----w 553,472 2004-08-27 12:00:00 C:\WINDOWS\$NtUninstallKB921503$\oleaut32.dll
-c----w 214,752 2005-10-12 23:10:46 C:\WINDOWS\$NtUninstallKB921503$\spuninst\spuninst.exe
-c----w 383,200 2005-10-12 23:10:53 C:\WINDOWS\$NtUninstallKB921503$\spuninst\updspapi.dll
-c----w 60,416 2007-01-29 08:58:06 C:\WINDOWS\$NtUninstallKB933360$\tzchange.exe
-c----w 214,752 2007-03-06 01:11:00 C:\WINDOWS\$NtUninstallKB933360$\spuninst\spuninst.exe
-c----w 383,200 2007-03-06 01:12:08 C:\WINDOWS\$NtUninstallKB933360$\spuninst\updspapi.dll
-c----w 1,084,416 2006-09-13 05:06:40 C:\WINDOWS\$NtUninstallKB936021$\msxml3.dll
-c----w 214,752 2005-10-12 23:10:46 C:\WINDOWS\$NtUninstallKB936021$\spuninst\spuninst.exe
-c----w 383,200 2005-10-12 23:10:53 C:\WINDOWS\$NtUninstallKB936021$\spuninst\updspapi.dll
-c----w 10,834,432 2006-10-18 20:47:20 C:\WINDOWS\$NtUninstallKB936782_WMP11$\wmp.dll
-c----w 214,752 2005-06-28 08:23:28 C:\WINDOWS\$NtUninstallKB936782_WMP11$\spuninst\spuninst.exe
-c----w 371,424 2005-06-28 08:23:54 C:\WINDOWS\$NtUninstallKB936782_WMP11$\spuninst\updspapi.dll
-c----w 1,023,488 2007-04-18 12:32:56 C:\WINDOWS\$NtUninstallKB937143$\browseui.dll
-c----w 151,552 2007-04-18 12:32:56 C:\WINDOWS\$NtUninstallKB937143$\cdfview.dll
-c----w 1,056,256 2007-04-18 12:32:56 C:\WINDOWS\$NtUninstallKB937143$\danim.dll
-c----w 357,888 2007-04-18 12:32:56 C:\WINDOWS\$NtUninstallKB937143$\dxtmsft.dll
-c----w 205,312 2007-04-18 12:32:56 C:\WINDOWS\$NtUninstallKB937143$\dxtrans.dll
-c----w 55,808 2007-04-18 12:32:56 C:\WINDOWS\$NtUninstallKB937143$\extmgr.dll
-c----w 18,432 2007-04-18 10:22:13 C:\WINDOWS\$NtUninstallKB937143$\iedw.exe
-c----w 251,392 2007-04-18 12:32:56 C:\WINDOWS\$NtUninstallKB937143$\iepeers.dll
-c----w 96,768 2007-04-18 12:32:56 C:\WINDOWS\$NtUninstallKB937143$\inseng.dll
-c----w 16,384 2007-04-18 12:32:56 C:\WINDOWS\$NtUninstallKB937143$\jsproxy.dll
-c----w 3,079,680 2007-05-04 12:36:30 C:\WINDOWS\$NtUninstallKB937143$\mshtml.dll
-c----w 449,024 2007-04-18 12:32:57 C:\WINDOWS\$NtUninstallKB937143$\mshtmled.dll
-c----w 146,432 2007-04-18 12:32:57 C:\WINDOWS\$NtUninstallKB937143$\msrating.dll
-c----w 532,480 2007-04-18 12:32:57 C:\WINDOWS\$NtUninstallKB937143$\mstime.dll
-c----w 39,424 2007-04-18 12:32:57 C:\WINDOWS\$NtUninstallKB937143$\pngfilt.dll
-c----w 1,494,528 2007-04-18 12:32:58 C:\WINDOWS\$NtUninstallKB937143$\shdocvw.dll
-c----w 474,112 2007-04-18 12:32:58 C:\WINDOWS\$NtUninstallKB937143$\shlwapi.dll
-c----w 617,472 2007-04-18 12:32:58 C:\WINDOWS\$NtUninstallKB937143$\urlmon.dll
-c----w 660,480 2007-04-18 12:32:58 C:\WINDOWS\$NtUninstallKB937143$\wininet.dll
-c----w 118,272 2007-04-18 10:27:32 C:\WINDOWS\$NtUninstallKB937143$\xpsp3res.dll
-c----w 214,752 2007-03-06 01:11:00 C:\WINDOWS\$NtUninstallKB937143$\spuninst\spuninst.exe
-c----w 383,200 2007-03-06 01:12:08 C:\WINDOWS\$NtUninstallKB937143$\spuninst\updspapi.dll
-c----w 852,480 2006-12-19 18:09:39 C:\WINDOWS\$NtUninstallKB938127$\vgx.dll
-c----w 214,752 2005-10-12 23:10:46 C:\WINDOWS\$NtUninstallKB938127$\spuninst\spuninst.exe
-c----w 383,200 2005-10-12 23:10:53 C:\WINDOWS\$NtUninstallKB938127$\spuninst\updspapi.dll
-c----w 1,033,216 2004-08-27 12:00:00 C:\WINDOWS\$NtUninstallKB938828$\explorer.exe
-c----w 214,752 2005-10-12 23:10:46 C:\WINDOWS\$NtUninstallKB938828$\spuninst\spuninst.exe
-c----w 383,200 2005-10-12 23:10:53 C:\WINDOWS\$NtUninstallKB938828$\spuninst\updspapi.dll
-c----w 281,600 2007-03-08 15:38:16 C:\WINDOWS\$NtUninstallKB938829$\gdi32.dll
-c----w 214,752 2006-01-19 19:29:12 C:\WINDOWS\$NtUninstallKB938829$\spuninst\spuninst.exe
-c----w 383,200 2006-01-19 19:29:13 C:\WINDOWS\$NtUninstallKB938829$\spuninst\updspapi.dll
-c----w 316,416 2006-11-15 09:29:24 C:\WINDOWS\$NtUninstallKB939683$\unregmp2.exe
-c----w 214,752 2005-06-28 08:23:28 C:\WINDOWS\$NtUninstallKB939683$\spuninst\spuninst.exe
-c----w 371,424 2005-06-28 08:23:54 C:\WINDOWS\$NtUninstallKB939683$\spuninst\updspapi.dll
----a-w 163,328 2007-09-17 13:25:00 C:\WINDOWS\ERUNT\SDFIX\ERDNT.EXE
----a-w 6,234,112 2007-09-18 20:25:33 C:\WINDOWS\ERUNT\SDFIX\Users\00000001\NTUSER.DAT
----a-w 167,936 2007-09-18 20:25:33 C:\WINDOWS\ERUNT\SDFIX\Users\00000002\UsrClass.dat
----a-w 163,328 2007-09-17 13:25:00 C:\WINDOWS\ERUNT\SDFIX_First_Run\ERDNT.EXE
----a-w 6,234,112 2007-09-18 20:25:31 C:\WINDOWS\ERUNT\SDFIX_First_Run\Users\00000001\NTUSER.DAT
----a-w 167,936 2007-09-18 20:25:31 C:\WINDOWS\ERUNT\SDFIX_First_Run\Users\00000002\UsrClass.dat
----a-w 317,952 2007-06-27 13:34:24 C:\WINDOWS\inf\unregmp2.exe
----a-r 27,136 2007-09-18 21:33:34 C:\WINDOWS\Installer\{74EC78BC-B379-4E29-9006-8F161DCAABA6}\AppleSoftwareUpdateIco.exe
----a-r 65,536 2007-09-18 20:57:38 C:\WINDOWS\Installer\{A654A805-41D9-40C7-AA46-4AF04F044D61}\ARPPRODUCTICON.exe
----a-r 65,536 2007-09-18 20:57:39 C:\WINDOWS\Installer\{A654A805-41D9-40C7-AA46-4AF04F044D61}\NewShortcut2_4BDFD2CE632942E498019B3D1F10D79B.exe
----a-r 65,536 2007-09-18 20:57:39 C:\WINDOWS\Installer\{A654A805-41D9-40C7-AA46-4AF04F044D61}\NewShortcut3_4BDFD2CE632942E498019B3D1F10D79B.exe
----a-r 295,606 2007-09-18 21:03:13 C:\WINDOWS\Installer\{AC76BA86-7AD7-1033-7B44-A81000000003}\SC_Reader.exe
----a-r 32,768 2007-09-18 21:04:44 C:\WINDOWS\Installer\{C04E32E0-0416-434D-AFB9-6969D703A9EF}\icon.exe
----a-w 150,346 2007-09-15 17:34:23 C:\WINDOWS\pchealth\helpctr\Config\Cache\Personal_32_1030.dat
----a-w 14,560 2007-03-06 01:10:55 C:\WINDOWS\SoftwareDistribution\Download\1c2b146e9060643ebf81b08d9ad13e44\spmsg.dll
----a-w 214,752 2007-03-06 01:11:00 C:\WINDOWS\SoftwareDistribution\Download\1c2b146e9060643ebf81b08d9ad13e44\spuninst.exe
----a-w 60,416 2007-07-18 12:42:22 C:\WINDOWS\SoftwareDistribution\Download\1c2b146e9060643ebf81b08d9ad13e44\sp2gdr\tzchange.exe
----a-w 60,416 2007-07-18 10:33:06 C:\WINDOWS\SoftwareDistribution\Download\1c2b146e9060643ebf81b08d9ad13e44\sp2qfe\tzchange.exe
----a-w 22,752 2007-03-06 01:10:53 C:\WINDOWS\SoftwareDistribution\Download\1c2b146e9060643ebf81b08d9ad13e44\update\spcustom.dll
----a-w 721,120 2007-03-06 01:11:17 C:\WINDOWS\SoftwareDistribution\Download\1c2b146e9060643ebf81b08d9ad13e44\update\update.exe
----a-w 383,200 2007-03-06 01:12:08 C:\WINDOWS\SoftwareDistribution\Download\1c2b146e9060643ebf81b08d9ad13e44\update\updspapi.dll
----a-w 13,536 2005-06-28 08:20:24 C:\WINDOWS\SoftwareDistribution\Download\1c8eba29eecae19a0f375f19b47eeb3e\spmsg.dll
----a-w 214,752 2005-06-28 08:23:28 C:\WINDOWS\SoftwareDistribution\Download\1c8eba29eecae19a0f375f19b47eeb3e\spuninst.exe
----a-w 22,752 2005-06-28 08:21:34 C:\WINDOWS\SoftwareDistribution\Download\1c8eba29eecae19a0f375f19b47eeb3e\spupdsvc.exe
----a-w 10,834,944 2007-06-11 21:51:12 C:\WINDOWS\SoftwareDistribution\Download\1c8eba29eecae19a0f375f19b47eeb3e\wmp.dll
----a-w 721,120 2005-06-28 08:24:56 C:\WINDOWS\SoftwareDistribution\Download\1c8eba29eecae19a0f375f19b47eeb3e\update\update.exe
----a-w 371,424 2005-06-28 08:23:54 C:\WINDOWS\SoftwareDistribution\Download\1c8eba29eecae19a0f375f19b47eeb3e\update\updspapi.dll
----a-w 14,560 2005-10-12 23:10:45 C:\WINDOWS\SoftwareDistribution\Download\31007daf22b50f691603431b31bce81c\spmsg.dll
----a-w 214,752 2005-10-12 23:10:46 C:\WINDOWS\SoftwareDistribution\Download\31007daf22b50f691603431b31bce81c\spuninst.exe
----a-w 1,104,896 2007-06-26 06:10:32 C:\WINDOWS\SoftwareDistribution\Download\31007daf22b50f691603431b31bce81c\sp2gdr\msxml3.dll
----a-w 1,104,896 2007-06-26 06:06:57 C:\WINDOWS\SoftwareDistribution\Download\31007daf22b50f691603431b31bce81c\sp2qfe\msxml3.dll
----a-w 22,752 2005-10-12 23:10:45 C:\WINDOWS\SoftwareDistribution\Download\31007daf22b50f691603431b31bce81c\update\spcustom.dll
----a-w 721,120 2005-10-12 23:10:48 C:\WINDOWS\SoftwareDistribution\Download\31007daf22b50f691603431b31bce81c\update\update.exe
----a-w 383,200 2005-10-12 23:10:53 C:\WINDOWS\SoftwareDistribution\Download\31007daf22b50f691603431b31bce81c\update\updspapi.dll
----a-w 14,560 2007-03-06 01:10:55 C:\WINDOWS\SoftwareDistribution\Download\69066e2b03b99942f2fd78abbeed27a6\spmsg.dll
----a-w 214,752 2007-03-06 01:11:00 C:\WINDOWS\SoftwareDistribution\Download\69066e2b03b99942f2fd78abbeed27a6\spuninst.exe
----a-w 1,023,488 2007-06-14 18:11:16 C:\WINDOWS\SoftwareDistribution\Download\69066e2b03b99942f2fd78abbeed27a6\sp2gdr\browseui.dll
----a-w 151,552 2007-06-14 18:11:16 C:\WINDOWS\SoftwareDistribution\Download\69066e2b03b99942f2fd78abbeed27a6\sp2gdr\cdfview.dll
----a-w 1,056,256 2007-06-14 18:11:16 C:\WINDOWS\SoftwareDistribution\Download\69066e2b03b99942f2fd78abbeed27a6\sp2gdr\danim.dll
----a-w 357,888 2007-06-14 18:11:16 C:\WINDOWS\SoftwareDistribution\Download\69066e2b03b99942f2fd78abbeed27a6\sp2gdr\dxtmsft.dll
----a-w 205,312 2007-06-14 18:11:16 C:\WINDOWS\SoftwareDistribution\Download\69066e2b03b99942f2fd78abbeed27a6\sp2gdr\dxtrans.dll
----a-w 55,808 2007-06-14 18:11:16 C:\WINDOWS\SoftwareDistribution\Download\69066e2b03b99942f2fd78abbeed27a6\sp2gdr\extmgr.dll
----a-w 18,432 2007-06-14 14:07:24 C:\WINDOWS\SoftwareDistribution\Download\69066e2b03b99942f2fd78abbeed27a6\sp2gdr\iedw.exe
----a-w 251,392 2007-06-14 18:11:16 C:\WINDOWS\SoftwareDistribution\Download\69066e2b03b99942f2fd78abbeed27a6\sp2gdr\iepeers.dll
----a-w 96,768 2007-06-14 18:11:16 C:\WINDOWS\SoftwareDistribution\Download\69066e2b03b99942f2fd78abbeed27a6\sp2gdr\inseng.dll
----a-w 16,384 2007-06-14 18:11:16 C:\WINDOWS\SoftwareDistribution\Download\69066e2b03b99942f2fd78abbeed27a6\sp2gdr\jsproxy.dll
----a-w 3,079,680 2007-06-14 18:11:18 C:\WINDOWS\SoftwareDistribution\Download\69066e2b03b99942f2fd78abbeed27a6\sp2gdr\mshtml.dll
----a-w 449,024 2007-06-14 18:11:17 C:\WINDOWS\SoftwareDistribution\Download\69066e2b03b99942f2fd78abbeed27a6\sp2gdr\mshtmled.dll
----a-w 146,432 2007-06-14 18:11:17 C:\WINDOWS\SoftwareDistribution\Download\69066e2b03b99942f2fd78abbeed27a6\sp2gdr\msrating.dll
----a-w 532,480 2007-06-14 18:11:17 C:\WINDOWS\SoftwareDistribution\Download\69066e2b03b99942f2fd78abbeed27a6\sp2gdr\mstime.dll
----a-w 39,424 2007-06-14 18:11:17 C:\WINDOWS\SoftwareDistribution\Download\69066e2b03b99942f2fd78abbeed27a6\sp2gdr\pngfilt.dll
----a-w 1,494,528 2007-06-14 18:11:17 C:\WINDOWS\SoftwareDistribution\Download\69066e2b03b99942f2fd78abbeed27a6\sp2gdr\shdocvw.dll
----a-w 474,112 2007-06-14 18:11:17 C:\WINDOWS\SoftwareDistribution\Download\69066e2b03b99942f2fd78abbeed27a6\sp2gdr\shlwapi.dll
----a-w 118,272 2007-06-14 14:24:30 C:\WINDOWS\SoftwareDistribution\Download\69066e2b03b99942f2fd78abbeed27a6\sp2gdr\spru0406.dll
----a-w 617,472 2007-06-14 18:11:17 C:\WINDOWS\SoftwareDistribution\Download\69066e2b03b99942f2fd78abbeed27a6\sp2gdr\urlmon.dll
----a-w 660,480 2007-06-26 14:13:00 C:\WINDOWS\SoftwareDistribution\Download\69066e2b03b99942f2fd78abbeed27a6\sp2gdr\wininet.dll
----a-w 1,022,976 2007-06-15 08:14:12 C:\WINDOWS\SoftwareDistribution\Download\69066e2b03b99942f2fd78abbeed27a6\sp2qfe\browseui.dll
----a-w 151,552 2007-06-15 08:14:12 C:\WINDOWS\SoftwareDistribution\Download\69066e2b03b99942f2fd78abbeed27a6\sp2qfe\cdfview.dll
----a-w 1,056,256 2007-06-15 08:14:13 C:\WINDOWS\SoftwareDistribution\Download\69066e2b03b99942f2fd78abbeed27a6\sp2qfe\danim.dll
----a-w 357,888 2007-06-15 08:14:13 C:\WINDOWS\SoftwareDistribution\Download\69066e2b03b99942f2fd78abbeed27a6\sp2qfe\dxtmsft.dll
----a-w 205,824 2007-06-15 08:14:13 C:\WINDOWS\SoftwareDistribution\Download\69066e2b03b99942f2fd78abbeed27a6\sp2qfe\dxtrans.dll
----a-w 55,808 2007-06-15 08:14:13 C:\WINDOWS\SoftwareDistribution\Download\69066e2b03b99942f2fd78abbeed27a6\sp2qfe\extmgr.dll
----a-w 18,432 2007-06-14 10:32:36 C:\WINDOWS\SoftwareDistribution\Download\69066e2b03b99942f2fd78abbeed27a6\sp2qfe\iedw.exe
----a-w 251,904 2007-06-15 08:14:13 C:\WINDOWS\SoftwareDistribution\Download\69066e2b03b99942f2fd78abbeed27a6\sp2qfe\iepeers.dll
----a-w 96,768 2007-06-15 08:14:13 C:\WINDOWS\SoftwareDistribution\Download\69066e2b03b99942f2fd78abbeed27a6\sp2qfe\inseng.dll
----a-w 16,384 2007-06-15 08:14:13 C:\WINDOWS\SoftwareDistribution\Download\69066e2b03b99942f2fd78abbeed27a6\sp2qfe\jsproxy.dll
----a-w 3,085,312 2007-06-15 08:14:13 C:\WINDOWS\SoftwareDistribution\Download\69066e2b03b99942f2fd78abbeed27a6\sp2qfe\mshtml.dll
----a-w 449,024 2007-06-15 08:14:13 C:\WINDOWS\SoftwareDistribution\Download\69066e2b03b99942f2fd78abbeed27a6\sp2qfe\mshtmled.dll
----a-w 146,432 2007-06-15 08:14:14 C:\WINDOWS\SoftwareDistribution\Download\69066e2b03b99942f2fd78abbeed27a6\sp2qfe\msrating.dll
----a-w 532,480 2007-06-15 08:14:14 C:\WINDOWS\SoftwareDistribution\Download\69066e2b03b99942f2fd78abbeed27a6\sp2qfe\mstime.dll
----a-w 39,424 2007-06-15 08:14:14 C:\WINDOWS\SoftwareDistribution\Download\69066e2b03b99942f2fd78abbeed27a6\sp2qfe\pngfilt.dll
----a-w 1,498,112 2007-06-15 08:14:14 C:\WINDOWS\SoftwareDistribution\Download\69066e2b03b99942f2fd78abbeed27a6\sp2qfe\shdocvw.dll
----a-w 474,112 2007-06-15 08:14:14 C:\WINDOWS\SoftwareDistribution\Download\69066e2b03b99942f2fd78abbeed27a6\sp2qfe\shlwapi.dll
----a-w 359,936 2007-06-14 10:56:36 C:\WINDOWS\SoftwareDistribution\Download\69066e2b03b99942f2fd78abbeed27a6\sp2qfe\spru0406.dll
----a-w 619,008 2007-06-15 08:14:14 C:\WINDOWS\SoftwareDistribution\Download\69066e2b03b99942f2fd78abbeed27a6\sp2qfe\urlmon.dll
----a-w 667,136 2007-06-26 14:43:04 C:\WINDOWS\SoftwareDistribution\Download\69066e2b03b99942f2fd78abbeed27a6\sp2qfe\wininet.dll
----a-w 22,752 2007-03-06 01:10:53 C:\WINDOWS\SoftwareDistribution\Download\69066e2b03b99942f2fd78abbeed27a6\update\spcustom.dll
----a-w 721,120 2007-03-06 01:11:17 C:\WINDOWS\SoftwareDistribution\Download\69066e2b03b99942f2fd78abbeed27a6\update\update.exe
----a-w 383,200 2007-03-06 01:12:08 C:\WINDOWS\SoftwareDistribution\Download\69066e2b03b99942f2fd78abbeed27a6\update\updspapi.dll
----a-w 14,560 2005-10-12 23:10:45 C:\WINDOWS\SoftwareDistribution\Download\71273146b5d15fb6349058d25cc328cf\spmsg.dll
----a-w 214,752 2005-10-12 23:10:46 C:\WINDOWS\SoftwareDistribution\Download\71273146b5d15fb6349058d25cc328cf\spuninst.exe
----a-w 549,376 2007-05-17 11:29:55 C:\WINDOWS\SoftwareDistribution\Download\71273146b5d15fb6349058d25cc328cf\sp2gdr\oleaut32.dll
----a-w 549,888 2007-05-17 11:28:11 C:\WINDOWS\SoftwareDistribution\Download\71273146b5d15fb6349058d25cc328cf\sp2qfe\oleaut32.dll
----a-w 22,752 2005-10-12 23:10:45 C:\WINDOWS\SoftwareDistribution\Download\71273146b5d15fb6349058d25cc328cf\update\spcustom.dll
----a-w 721,120 2005-10-12 23:10:48 C:\WINDOWS\SoftwareDistribution\Download\71273146b5d15fb6349058d25cc328cf\update\update.exe
----a-w 383,200 2005-10-12 23:10:53 C:\WINDOWS\SoftwareDistribution\Download\71273146b5d15fb6349058d25cc328cf\update\updspapi.dll
----a-w 14,560 2005-10-12 23:10:45 C:\WINDOWS\SoftwareDistribution\Download\7c18cb8751bfa74a20a8207a7524f4af\spmsg.dll
----a-w 214,752 2005-10-12 23:10:46 C:\WINDOWS\SoftwareDistribution\Download\7c18cb8751bfa74a20a8207a7524f4af\spuninst.exe
----a-w 851,968 2007-06-26 13:57:26 C:\WINDOWS\SoftwareDistribution\Download\7c18cb8751bfa74a20a8207a7524f4af\sp2gdr\vgx.dll
----a-w 851,968 2007-06-26 14:46:13 C:\WINDOWS\SoftwareDistribution\Download\7c18cb8751bfa74a20a8207a7524f4af\sp2qfe\vgx.dll
----a-w 22,752 2005-10-12 23:10:45 C:\WINDOWS\SoftwareDistribution\Download\7c18cb8751bfa74a20a8207a7524f4af\update\spcustom.dll
----a-w 721,120 2005-10-12 23:10:48 C:\WINDOWS\SoftwareDistribution\Download\7c18cb8751bfa74a20a8207a7524f4af\update\update.exe
----a-w 383,200 2005-10-12 23:10:53 C:\WINDOWS\SoftwareDistribution\Download\7c18cb8751bfa74a20a8207a7524f4af\update\updspapi.dll
----a-w 14,560 2005-10-12 23:10:45 C:\WINDOWS\SoftwareDistribution\Download\bc384bd7999ff950ebc04633c020e882\spmsg.dll
----a-w 214,752 2005-10-12 23:10:46 C:\WINDOWS\SoftwareDistribution\Download\bc384bd7999ff950ebc04633c020e882\spuninst.exe
----a-w 1,034,240 2007-06-13 13:22:35 C:\WINDOWS\SoftwareDistribution\Download\bc384bd7999ff950ebc04633c020e882\sp2gdr\explorer.exe
----a-w 1,034,240 2007-06-13 13:10:54 C:\WINDOWS\SoftwareDistribution\Download\bc384bd7999ff950ebc04633c020e882\sp2qfe\explorer.exe
----a-w 22,752 2005-10-12 23:10:45 C:\WINDOWS\SoftwareDistribution\Download\bc384bd7999ff950ebc04633c020e882\update\spcustom.dll
----a-w 721,120 2005-10-12 23:10:48 C:\WINDOWS\SoftwareDistribution\Download\bc384bd7999ff950ebc04633c020e882\update\update.exe
----a-w 383,200 2005-10-12 23:10:53 C:\WINDOWS\SoftwareDistribution\Download\bc384bd7999ff950ebc04633c020e882\update\updspapi.dll
----a-w 13,536 2005-06-28 08:20:24 C:\WINDOWS\SoftwareDistribution\Download\c4eb9a8926321daf714548ee10d7c103\spmsg.dll
----a-w 214,752 2005-06-28 08:23:28 C:\WINDOWS\SoftwareDistribution\Download\c4eb9a8926321daf714548ee10d7c103\spuninst.exe
----a-w 317,952 2007-06-27 13:34:24 C:\WINDOWS\SoftwareDistribution\Download\c4eb9a8926321daf714548ee10d7c103\unregmp2.exe
----a-w 721,120 2005-06-28 08:24:56 C:\WINDOWS\SoftwareDistribution\Download\c4eb9a8926321daf714548ee10d7c103\update\update.exe
----a-w 371,424 2005-06-28 08:23:54 C:\WINDOWS\SoftwareDistribution\Download\c4eb9a8926321daf714548ee10d7c103\update\updspapi.dll
----a-w 1,485,696 2007-04-24 09:32:06 C:\WINDOWS\SoftwareDistribution\Download\d219c5aa727ee8fc0f9eb775006e580a\legitcheckcontrol.dll
----a-w 14,640 2006-11-17 14:14:30 C:\WINDOWS\SoftwareDistribution\Download\d219c5aa727ee8fc0f9eb775006e580a\spmsg.dll
----a-w 742,192 2006-11-17 14:14:30 C:\WINDOWS\SoftwareDistribution\Download\d219c5aa727ee8fc0f9eb775006e580a\update\update.exe
----a-w 379,184 2006-11-17 14:14:30 C:\WINDOWS\SoftwareDistribution\Download\d219c5aa727ee8fc0f9eb775006e580a\update\updspapi.dll
----a-w 70,528 2007-04-24 09:30:24 C:\WINDOWS\SoftwareDistribution\Download\d219c5aa727ee8fc0f9eb775006e580a\update\wgacustom.dll
----a-w 14,560 2006-01-19 19:29:12 C:\WINDOWS\SoftwareDistribution\Download\ecdd8537cefadf98e572acc3194ae958\spmsg.dll
----a-w 214,752 2006-01-19 19:29:12 C:\WINDOWS\SoftwareDistribution\Download\ecdd8537cefadf98e572acc3194ae958\spuninst.exe
----a-w 282,112 2007-06-19 13:32:41 C:\WINDOWS\SoftwareDistribution\Download\ecdd8537cefadf98e572acc3194ae958\sp2gdr\gdi32.dll
----a-w 282,112 2007-06-19 13:41:31 C:\WINDOWS\SoftwareDistribution\Download\ecdd8537cefadf98e572acc3194ae958\sp2qfe\gdi32.dll
----a-w 22,752 2006-01-19 19:29:12 C:\WINDOWS\SoftwareDistribution\Download\ecdd8537cefadf98e572acc3194ae958\update\spcustom.dll
----a-w 721,120 2006-01-19 19:29:12 C:\WINDOWS\SoftwareDistribution\Download\ecdd8537cefadf98e572acc3194ae958\update\update.exe
----a-w 383,200 2006-01-19 19:29:13 C:\WINDOWS\SoftwareDistribution\Download\ecdd8537cefadf98e572acc3194ae958\update\updspapi.dll
----a-w 1,023,488 2007-06-14 18:11:16 C:\WINDOWS\system32\browseui.dll
----a-w 151,552 2007-06-14 18:11:16 C:\WINDOWS\system32\cdfview.dll
----a-w 1,056,256 2007-06-14 18:11:16 C:\WINDOWS\system32\danim.dll
----a-w 357,888 2007-06-14 18:11:16 C:\WINDOWS\system32\dxtmsft.dll
----a-w 205,312 2007-06-14 18:11:16 C:\WINDOWS\system32\dxtrans.dll
----a-w 55,808 2007-06-14 18:11:16 C:\WINDOWS\system32\extmgr.dll
----a-w 208,896 2007-09-18 21:17:35 C:\WINDOWS\system32\FNTCACHE.DAT
----a-w 251,392 2007-06-14 18:11:16 C:\WINDOWS\system32\iepeers.dll
----a-w 96,768 2007-06-14 18:11:16 C:\WINDOWS\system32\inseng.dll
----a-w 135,168 2007-07-11 23:22:00 C:\WINDOWS\system32\java.exe
----a-w 135,168 2007-07-11 23:22:04 C:\WINDOWS\system32\javaw.exe
----a-w 139,264 2007-07-12 00:22:38 C:\WINDOWS\system32\javaws.exe
----a-w 16,384 2007-06-14 18:11:16 C:\WINDOWS\system32\jsproxy.dll
----a-w 1,485,696 2007-04-24 09:32:06 C:\WINDOWS\system32\LegitCheckControl.dll
----a-w 17,474,680 2007-09-05 17:50:44 C:\WINDOWS\system32\MRT.exe
----a-w 3,079,680 2007-06-14 18:11:18 C:\WINDOWS\system32\mshtml.dll
----a-w 449,024 2007-06-14 18:11:17 C:\WINDOWS\system32\mshtmled.dll
----a-w 146,432 2007-06-14 18:11:17 C:\WINDOWS\system32\msrating.dll
----a-w 532,480 2007-06-14 18:11:17 C:\WINDOWS\system32\mstime.dll
----a-w 1,275,392 2007-05-08 13:03:04 C:\WINDOWS\system32\msxml4.dll
----a-w 549,376 2007-05-17 11:29:55 C:\WINDOWS\system32\oleaut32.dll
----a-w 6,656 2007-09-18 21:41:48 C:\WINDOWS\system32\pndx5016.dll
----a-w 5,632 2007-09-18 21:41:48 C:\WINDOWS\system32\pndx5032.dll
----a-w 39,424 2007-06-14 18:11:17 C:\WINDOWS\system32\pngfilt.dll
----a-w 185,688 2007-09-18 21:42:03 C:\WINDOWS\system32\rmoc3260.dll
----a-w 1,494,528 2007-06-14 18:11:17 C:\WINDOWS\system32\shdocvw.dll
----a-w 474,112 2007-06-14 18:11:17 C:\WINDOWS\system32\shlwapi.dll
------w 14,640 2006-11-17 14:14:30 C:\WINDOWS\system32\spmsg.dll
------w 60,416 2007-07-18 12:42:22 C:\WINDOWS\system32\tzchange.exe
----a-w 617,472 2007-06-14 18:11:17 C:\WINDOWS\system32\urlmon.dll
----a-w 660,480 2007-06-26 14:13:00 C:\WINDOWS\system32\wininet.dll
----a-w 10,834,944 2007-06-11 21:51:12 C:\WINDOWS\system32\wmp.dll
----a-w 118,272 2007-06-14 14:24:30 C:\WINDOWS\system32\xpsp3res.dll
------w 1,023,488 2007-06-14 18:11:16 C:\WINDOWS\system32\dllcache\browseui.dll
------w 151,552 2007-06-14 18:11:16 C:\WINDOWS\system32\dllcache\cdfview.dll
------w 1,056,256 2007-06-14 18:11:16 C:\WINDOWS\system32\dllcache\danim.dll
------w 357,888 2007-06-14 18:11:16 C:\WINDOWS\system32\dllcache\dxtmsft.dll
------w 205,312 2007-06-14 18:11:16 C:\WINDOWS\system32\dllcache\dxtrans.dll
------w 1,034,240 2007-06-13 13:22:35 C:\WINDOWS\system32\dllcache\explorer.exe
------w 55,808 2007-06-14 18:11:16 C:\WINDOWS\system32\dllcache\extmgr.dll
------w 18,432 2007-06-14 14:07:24 C:\WINDOWS\system32\dllcache\iedw.exe
------w 251,392 2007-06-14 18:11:16 C:\WINDOWS\system32\dllcache\iepeers.dll
------w 96,768 2007-06-14 18:11:16 C:\WINDOWS\system32\dllcache\inseng.dll
------w 16,384 2007-06-14 18:11:16 C:\WINDOWS\system32\dllcache\jsproxy.dll
------w 3,079,680 2007-06-14 18:11:18 C:\WINDOWS\system32\dllcache\mshtml.dll
------w 449,024 2007-06-14 18:11:17 C:\WINDOWS\system32\dllcache\mshtmled.dll
------w 146,432 2007-06-14 18:11:17 C:\WINDOWS\system32\dllcache\msrating.dll
------w 532,480 2007-06-14 18:11:17 C:\WINDOWS\system32\dllcache\mstime.dll
------w 549,376 2007-05-17 11:29:55 C:\WINDOWS\system32\dllcache\oleaut32.dll
------w 39,424 2007-06-14 18:11:17 C:\WINDOWS\system32\dllcache\pngfilt.dll
------w 1,494,528 2007-06-14 18:11:17 C:\WINDOWS\system32\dllcache\shdocvw.dll
------w 474,112 2007-06-14 18:11:17 C:\WINDOWS\system32\dllcache\shlwapi.dll
------w 617,472 2007-06-14 18:11:17 C:\WINDOWS\system32\dllcache\urlmon.dll
----a-w 10,834,944 2007-06-11 21:51:12 C:\WINDOWS\system32\dllcache\wmp.dll
----a-r 190,696 2007-06-11 20:04:36 C:\WINDOWS\system32\Macromed\Flash\FlashUtil9d.exe
----a-w 48,749 2007-09-18 21:44:55 C:\WINDOWS\system32\Macromed\Flash\uninstall_activeX.exe
----a-w 1,275,392 2007-05-08 13:06:44 C:\WINDOWS\WinSxS\x86_Microsoft.MSXML2_6bd6b9abf345378f_4.20.9848.0_x-ww_1b897e9a\msxml4.dll
.
----a-w 1,033,216 2004-08-27 12:00:00 C:\WINDOWS\explorer.exe
----a-w 316,416 2006-11-15 09:29:24 C:\WINDOWS\inf\unregmp2.exe
----a-w 1,023,488 2007-04-18 12:32:56 C:\WINDOWS\system32\browseui.dll
----a-w 151,552 2007-04-18 12:32:56 C:\WINDOWS\system32\cdfview.dll
----a-w 1,056,256 2007-04-18 12:32:56 C:\WINDOWS\system32\danim.dll
----a-w 357,888 2007-04-18 12:32:56 C:\WINDOWS\system32\dxtmsft.dll
----a-w 205,312 2007-04-18 12:32:56 C:\WINDOWS\system32\dxtrans.dll
----a-w 55,808 2007-04-18 12:32:56 C:\WINDOWS\system32\extmgr.dll
----a-w 204,920 2007-05-31 05:07:10 C:\WINDOWS\system32\FNTCACHE.DAT
----a-w 251,392 2007-04-18 12:32:56 C:\WINDOWS\system32\iepeers.dll
----a-w 96,768 2007-04-18 12:32:56 C:\WINDOWS\system32\inseng.dll
----a-w 135,168 2007-03-13 22:31:24 C:\WINDOWS\system32\java.exe
----a-w 135,168 2007-03-13 22:31:28 C:\WINDOWS\system32\javaw.exe
----a-w 139,264 2007-03-14 00:04:46 C:\WINDOWS\system32\javaws.exe
----a-w 16,384 2007-04-18 12:32:56 C:\WINDOWS\system32\jsproxy.dll
----a-w 1,476,992 2007-03-15 16:19:28 C:\WINDOWS\system32\LegitCheckControl.dll
----a-w 16,256,984 2007-06-28 07:57:27 C:\WINDOWS\system32\MRT.exe
----a-w 3,079,680 2007-05-04 12:36:30 C:\WINDOWS\system32\mshtml.dll
----a-w 449,024 2007-04-18 12:32:57 C:\WINDOWS\system32\mshtmled.dll
----a-w 146,432 2007-04-18 12:32:57 C:\WINDOWS\system32\msrating.dll
----a-w 532,480 2007-04-18 12:32:57 C:\WINDOWS\system32\mstime.dll
----a-w 1,245,696 2006-11-04 13:14:00 C:\WINDOWS\system32\msxml4.dll
----a-w 553,472 2004-08-27 12:00:00 C:\WINDOWS\system32\oleaut32.dll
----a-w 6,656 2005-10-17 13:51:13 C:\WINDOWS\system32\pndx5016.dll
----a-w 5,632 2005-10-17 13:51:13 C:\WINDOWS\system32\pndx5032.dll
----a-w 39,424 2007-04-18 12:32:57 C:\WINDOWS\system32\pngfilt.dll
----a-w 176,167 2005-10-17 13:51:17 C:\WINDOWS\system32\rmoc3260.dll
----a-w 1,494,528 2007-04-18 12:32:58 C:\WINDOWS\system32\shdocvw.dll
----a-w 474,112 2007-04-18 12:32:58 C:\WINDOWS\system32\shlwapi.dll
------w 15,152 2006-12-10 12:10:02 C:\WINDOWS\system32\spmsg.dll
------w 60,416 2007-01-29 08:58:06 C:\WINDOWS\system32\tzchange.exe
----a-w 617,472 2007-04-18 12:32:58 C:\WINDOWS\system32\urlmon.dll
----a-w 660,480 2007-04-18 12:32:58 C:\WINDOWS\system32\wininet.dll
----a-w 10,834,432 2006-10-18 20:47:20 C:\WINDOWS\system32\wmp.dll
----a-w 118,272 2007-04-18 10:27:32 C:\WINDOWS\system32\xpsp3res.dll
------w 1,023,488 2007-04-18 12:32:56 C:\WINDOWS\system32\dllcache\browseui.dll
------w 151,552 2007-04-18 12:32:56 C:\WINDOWS\system32\dllcache\cdfview.dll
------w 1,056,256 2007-04-18 12:32:56 C:\WINDOWS\system32\dllcache\danim.dll
------w 357,888 2007-04-18 12:32:56 C:\WINDOWS\system32\dllcache\dxtmsft.dll
------w 205,312 2007-04-18 12:32:56 C:\WINDOWS\system32\dllcache\dxtrans.dll
------w 55,808 2007-04-18 12:32:56 C:\WINDOWS\system32\dllcache\extmgr.dll
------w 18,432 2007-04-18 10:22:13 C:\WINDOWS\system32\dllcache\iedw.exe
------w 251,392 2007-04-18 12:32:56 C:\WINDOWS\system32\dllcache\iepeers.dll
------w 96,768 2007-04-18 12:32:56 C:\WINDOWS\system32\dllcache\inseng.dll
------w 16,384 2007-04-18 12:32:56 C:\WINDOWS\system32\dllcache\jsproxy.dll
------w 3,079,680 2007-05-04 12:36:30 C:\WINDOWS\system32\dllcache\mshtml.dll
------w 449,024 2007-04-18 12:32:57 C:\WINDOWS\system32\dllcache\mshtmled.dll
------w 146,432 2007-04-18 12:32:57 C:\WINDOWS\system32\dllcache\msrating.dll
------w 532,480 2007-04-18 12:32:57 C:\WINDOWS\system32\dllcache\mstime.dll
------w 39,424 2007-04-18 12:32:57 C:\WINDOWS\system32\dllcache\pngfilt.dll
------w 1,494,528 2007-04-18 12:32:58 C:\WINDOWS\system32\dllcache\shdocvw.dll
------w 474,112 2007-04-18 12:32:58 C:\WINDOWS\system32\dllcache\shlwapi.dll
------w 617,472 2007-04-18 12:32:58 C:\WINDOWS\system32\dllcache\urlmon.dll
----a-w 10,834,432 2006-10-18 20:47:20 C:\WINDOWS\system32\dllcache\wmp.dll
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.

*Note* empty entries & legit default entries are not shown

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IMJPMIG8.1"="C:\WINDOWS\IME\imjp8_1\IMJPMIG.exe" [2004-08-27 14:00]
"PHIME2002ASync"="C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.exe" [2004-08-27 14:00]
"PHIME2002A"="C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.exe" [2004-08-27 14:00]
"VTTimer"="VTTimer.exe" [2005-03-08 03:33 C:\WINDOWS\system32\VTTimer.exe]
"SoundMan"="SOUNDMAN.EXE" [2005-01-20 20:04 C:\WINDOWS\SOUNDMAN.EXE]
"ccApp"="C:\Programmer\Fælles filer\Symantec Shared\ccApp.exe" []
"PCMService"="c:\Apps\Powercinema\PCMService.exe" [2005-01-28 11:10]
"ACTIVBOARD"="c:\apps\ABoard\ABoard.exe" [2003-05-02 11:31]
"Symantec NetDriver Monitor"="C:\PROGRA~1\SYMNET~1\SNDMon.exe" [2006-11-30 18:56]
"HP Software Update"="C:\Programmer\HP\HP Software Update\HPWuSchd2.exe" [2006-02-19 02:41]
"NeroFilterCheck"="C:\Programmer\Fælles filer\Ahead\Lib\NeroCheck.exe" []
"LogitechCommunicationsManager"="C:\Programmer\Fælles filer\LogiShrd\LComMgr\Communications_Helper.exe" []
"LogitechQuickCamRibbon"="C:\Programmer\Logitech\QuickCam\Quickcam.exe" [2007-07-25 16:06]
"Adobe Photo Downloader"="C:\Programmer\Adobe\Photoshop Album Starter Edition\3.2\Apps\apdproxy.exe" [2007-03-09 11:09]
"Adobe Reader Speed Launcher"="C:\Programmer\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2007-05-11 03:06]
"SunJavaUpdateSched"="C:\Programmer\Java\jre1.6.0_02\bin\jusched.exe" [2007-07-12 04:00]
"QuickTime Task"="C:\Programmer\QuickTime\QTTask.exe" [2007-06-29 06:24]
"TkBellExe"="C:\Programmer\Fælles filer\Real\Update_OB\realsched.exe" []

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"updateMgr"="C:\Programmer\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe" []

[HKEY_USERS\.default\software\microsoft\windows\currentversion\run]
"Spyware Doctor"="C:\Programmer\Spyware Doctor\swdoctor.exe" /Q

C:\DOCUME~1\ALLUSE~1\MENUEN~1\PROGRA~1\Start\
HP Digital Imaging Monitor.lnk - C:\Programmer\HP\Digital Imaging\bin\hpqtra08.exe [2006-02-19 04:21:22]
HP Photosmart Premier Hurtig start.lnk - C:\Programmer\HP\Digital Imaging\bin\hpqthb08.exe [2006-02-10 07:56:20]
Microsoft Office.lnk - C:\Programmer\Microsoft Office\Office\OSA9.EXE [1999-02-17 15:05:56]

R0 viamraid;viamraid;C:\WINDOWS\system32\DRIVERS\viamraid.sys
R0 viaagp;VIA AGP-busfilter;C:\WINDOWS\system32\DRIVERS\viaagp.sys
R0 viaagp1;VIA AGP Filter;C:\WINDOWS\system32\DRIVERS\viaagp1.sys
S2 Automatisk LiveUpdate-planlægning;Automatisk LiveUpdate-planlægning;"C:\Programmer\Symantec\LiveUpdate\ALUSchedulerSvc.exe"
S3 DrmCDriverV32;DrmCDriverV32;C:\WINDOWS\system32\drivers\DrmCDriverV32.sys
S3 DrmCVideo32;DrmCVideo32;C:\WINDOWS\system32\DRIVERS\DrmCVideo32.sys
S3 Via4in1;Via4in1;\??\C:\DOCUME~1\Ejer\Via4in1.sys

.
Contents of the 'Scheduled Tasks' folder
"2007-09-18 21:33:33 C:\WINDOWS\Tasks\AppleSoftwareUpdate.job"
- C:\Programmer\Apple Software Update\SoftwareUpdate.exe
"2007-09-19 17:30:00 C:\WINDOWS\Tasks\Konfigurer min PC.job"
- C:\Apps\SMP\PCSETUP.EXE
.
**************************************************************************

catchme 0.3.1061 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2007-09-19 20:46:23
Windows 5.1.2600 Service Pack 2 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************

[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\mchInjDrv]
"ImagePath"="\??\C:\WINDOWS\TEMP\mc21.tmp"
.
Completion time: 2007-09-19 20:47:13
C:\ComboFix-quarantined-files.txt ... 2007-09-19 20:46
C:\ComboFix2.txt ... 2007-09-18 22:17
.
   --- E O F ---

---

Det ser fint ud. Har det hjulpet ?

---

ja
og kan godt se det med links der viser en sær adresse............

dem skal jeg aldrig!!!!!!!! i nærheden af længere

---

Tak for hjælpen

---

Godt det virkede . For god ordens skyld, så kør lige punkt 5 og 6 her http://www.malwarecheck.dk/forum/viewtopic.php?t=11

Eftersom du ikke er logget ind i systemet, kan du ikke skrive et indlæg til dette spørgsmål.

Hvis du ikke allerede er registreret, kan du gratis blive medlem, ved at trykke på "Bliv medlem" ude i menuen.