CIO Tech Eksperten IT-JOB IT-Kurser Events Podcast Søg
Cookie ikon
Avatar billede drbest Nybegynder
07. januar 2007 - 20:59 Der er 29 kommentarer og
1 løsning

Windows Firewall deaktiveres

Hej
Kan nogen hjælpe mig med et problem;.)
Windows firewall bliver fra tid til anden deaktiveret/(slået fra). Nogle gange opdager jeg det tilfældigt, andre gange giver min norton antivirus besked om, at firewall´en er deaktiveret.
Hvor kan fejlen ligge ?
Tak for hjælpen...
Avatar billede old-faithful Praktikant
07. januar 2007 - 21:14 #1
Ikke et direkte svar, men jeg anbefaler at du skifter til en "rigtig" firewall. Windows' indbyggede er ikke den bedste.

Der findes heldigvis gratis firewalls. Brug evt. én af flg. (Comodo skulle være rigtig god, men der er flere gode i blandt):
  • Comodo Firewall  (http://www.personalfirewall.comodo.com/)
  • Kerio Personal Firewall 2.15  (http://www.321download.com/LastFreeware/page7.html)
  • ZoneAlarm  (http://www.zonelabs.com/)
  • Sygate Personal Firewall  (http://www.oldversion.com/program.php?n=sygate)
  • Goldtach; gratis tidsubegrænset demo (http://www.goldtach.com)
  • Jetico Personal Firewall (http://www.jetico.com/jpfirewall.htm)
Avatar billede ejvindh Ekspert
07. januar 2007 - 22:13 #2
Det kan også skyldes at computeren er inficeret. Prøv derfor dette:

Hent Oldtimer's WinPFind3 herfra:
http://download.bleepingcomputer.com/oldtimer/winpfind3u.exe

Dobbeltklik på WinPFind3u, som du hentede, og klik på Extract. Så udpakkes programmet i en særskilt mappe. Gå ind i denne mappe, og dobbeltklik på WinPFind3U.exe. Sæt så flueben og prikker på følgende måde:

Processes: Non-Microsoft
Win32 Services: Non-Microsoft
Driver Services: Non-Microsoft
Registry:  Non-Microsoft
Files Created Within: 30 Days, Non-Microsoft Only
Files Modified Within: 30 Days, Non-Microsoft Only
File String Search: Non-Microsoft

Klik herefter på "Run Scan". Efter noget tid vil der dukke en logfil op, som du gerne må paste herind. Muligvis vil loggen være så lang, at den ikke kan være i en enkelt post. Så må du lægge den ind i flere bider.
Avatar billede drbest Nybegynder
23. januar 2007 - 22:02 #3
HER KOMMER DEN SÅ - OMSIDER :-) GIVER NOGET AF DETTE MENING/ÅRSAG TIL PROBLEMERNE?

WinPFind3 logfile created on: 23-01-2007 19:46:17
WinPFind3U by OldTimer - Version 1.0.11    Folder = C:\Documents and Settings\Ejer\Skrivebord\WinPFind3u\
Microsoft Windows XP Service Pack 2 (Version = 5.1.2600)
Internet Explorer (Version = 7.0.5730.11)

515572 Kb Total Physical Memory | 199164 Kb Available Physical Memory | 38,63% Memory free
866540 Kb Paging File | 564864 Kb Available in Paging File | 65,19% Paging File free
Paging file location(s): C:\pagefile.sys 372 744;

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Programmer
Drive C: | 78140128 Kb Total Space | 57439604 Kb Free Space | 73,51% Space Free
D: Drive not present or media not loaded
E: Drive not present or media not loaded
F: Drive not present or media not loaded


[Processes - Non-Microsoft Only]
aluschedulersvc.exe -> %ProgramFiles%\Symantec\LiveUpdate\ALUSchedulerSvc.exe -> Symantec Corporation [Ver = 3.0.0.171 | Size = 100032 bytes | Modified Date = 03-08-2006 16:46:30 | Attr =    ]
ccapp.exe -> %CommonProgramFiles%\Symantec Shared\CCAPP.EXE -> Symantec Corporation [Ver = 103.0.7.2 | Size = 59040 bytes | Modified Date = 08-03-2006 14:58:00 | Attr =    ]
ccevtmgr.exe -> %CommonProgramFiles%\Symantec Shared\CCEVTMGR.EXE -> Symantec Corporation [Ver = 103.0.7.2 | Size = 198304 bytes | Modified Date = 08-03-2006 14:58:00 | Attr =    ]
ccproxy.exe -> %CommonProgramFiles%\Symantec Shared\CCPROXY.EXE -> Symantec Corporation [Ver = 103.0.8.2 | Size = 235168 bytes | Modified Date = 10-07-2006 13:44:14 | Attr =    ]
ccsetmgr.exe -> %CommonProgramFiles%\Symantec Shared\CCSETMGR.EXE -> Symantec Corporation [Ver = 103.0.7.2 | Size = 181920 bytes | Modified Date = 08-03-2006 14:58:04 | Attr =    ]
cvpnd.exe -> %ProgramFiles%\Cisco Systems\VPN Client\cvpnd.exe -> Cisco Systems, Inc. [Ver = 3.6.3 (B) | Size = 1290302 bytes | Modified Date = 31-01-2003 08:44:24 | Attr =    ]
hkcmd.exe -> %System32%\hkcmd.exe -> Intel Corporation [Ver = 3.0.0.4342 | Size = 126976 bytes | Modified Date = 21-06-2005 15:44:34 | Attr =    ]
hpqimzone.exe -> %ProgramFiles%\HP\Digital Imaging\bin\hpqimzone.exe -> Hewlett-Packard Co. [Ver = 053.000.013.000 | Size = 479232 bytes | Modified Date = 11-05-2005 23:33:52 | Attr =    ]
hpqste08.exe -> %ProgramFiles%\HP\Digital Imaging\bin\hpqste08.exe -> Hewlett-Packard Co. [Ver = 53.0.13.000 | Size = 204800 bytes | Modified Date = 11-05-2005 23:40:38 | Attr =    ]
hpqtra08.exe -> %ProgramFiles%\HP\Digital Imaging\bin\hpqtra08.exe -> Hewlett-Packard Co. [Ver = 53.0.13.000 | Size = 282624 bytes | Modified Date = 11-05-2005 22:23:26 | Attr =    ]
hprblog.exe -> %ProgramFiles%\HP\Digital Imaging\Product Assistant\bin\hprblog.exe -> Hewlett-Packard Co. [Ver = 53.0.13.000 | Size = 77824 bytes | Modified Date = 11-05-2005 22:16:22 | Attr =    ]
hpwuschd2.exe -> %ProgramFiles%\HP\HP Software Update\HPWuSchd2.exe -> Hewlett-Packard Co. [Ver = 53.0.13.000 | Size = 49152 bytes | Modified Date = 11-05-2005 22:12:54 | Attr =    ]
igfxtray.exe -> %System32%\igfxtray.exe -> Intel Corporation [Ver = 3.0.0.4342 | Size = 155648 bytes | Modified Date = 21-06-2005 15:48:18 | Attr =    ]
incdsrv.exe -> %ProgramFiles%\Ahead\InCD\InCDsrv.exe -> Nero AG [Ver = 4, 3, 12, 0 | Size = 856064 bytes | Modified Date = 27-01-2005 18:16:58 | Attr =    ]
ipodservice.exe -> %ProgramFiles%\iPod\bin\iPodService.exe -> Apple Computer, Inc. [Ver = 7.0.2.16 | Size = 492608 bytes | Modified Date = 30-10-2006 09:36:32 | Attr =    ]
issvc.exe -> %ProgramFiles%\Norton Internet Security\ISSVC.exe -> Symantec Corporation [Ver = 8.0.5.14 | Size = 83584 bytes | Modified Date = 18-04-2005 18:49:24 | Attr =    ]
ituneshelper.exe -> %ProgramFiles%\iTunes\iTunesHelper.exe -> Apple Computer, Inc. [Ver = 7.0.2.16 | Size = 256576 bytes | Modified Date = 30-10-2006 09:36:36 | Attr =    ]
jusched.exe -> %ProgramFiles%\Java\jre1.5.0_10\bin\jusched.exe -> Sun Microsystems, Inc. [Ver = 5.0.100.3 | Size = 49263 bytes | Modified Date = 09-11-2006 15:07:30 | Attr =    ]
navapsvc.exe -> %ProgramFiles%\Norton Internet Security\Norton AntiVirus\NAVAPSVC.EXE -> Symantec Corporation [Ver = 11.0.16.2 | Size = 177288 bytes | Modified Date = 29-11-2005 12:34:00 | Attr =    ]
pdvdserv.exe -> %ProgramFiles%\CyberLink\PowerDVD\PDVDServ.exe -> Cyberlink Corp. [Ver = 5.00.0000 | Size = 32768 bytes | Modified Date = 31-10-2003 19:42:40 | Attr =    ]
qttask.exe -> %ProgramFiles%\QuickTime\qttask.exe -> Apple Computer, Inc. [Ver = 7.1.3 | Size = 282624 bytes | Modified Date = 25-10-2006 18:58:18 | Attr =    ]
slserv.exe -> %System32%\slserv.exe ->  [Ver = 2.80.00(24Apr2000) | Size = 45056 bytes | Modified Date = 29-11-2001 15:10:28 | Attr =    ]
sndsrvc.exe -> %CommonProgramFiles%\Symantec Shared\SNDSrvc.exe -> Symantec Corporation [Ver = 5.5.1.6 | Size = 206552 bytes | Modified Date = 05-04-2005 10:17:22 | Attr =    ]
soundman.exe -> %SystemRoot%\SOUNDMAN.EXE -> Realtek Semiconductor Corp. [Ver = 5.1.10 | Size = 57344 bytes | Modified Date = 15-08-2003 15:34:50 | Attr =    ]
spbbcsvc.exe -> %CommonProgramFiles%\Symantec Shared\SPBBC\SPBBCSvc.exe -> Symantec Corporation [Ver = 1,0,1,47 | Size = 173160 bytes | Modified Date = 21-07-2004 15:24:04 | Attr =    ]
symlcsvc.exe -> %CommonProgramFiles%\Symantec Shared\CCPD-LC\symlcsvc.exe -> Symantec Corporation [Ver = 1.8.54.841 | Size = 826512 bytes | Modified Date = 11-10-2005 14:52:06 | Attr =    ]
ustorsrv.exe -> %System32%\UStorSrv.exe -> OTi [Ver = 2, 0, 0, 4 | Size = 139264 bytes | Modified Date = 17-02-2006 12:19:56 | Attr =    ]
winpfind3u.exe -> %UserDesktop%\WinPFind3u\WinPFind3U.exe -> Oldtimer Tools [Ver = 1.0.11.0 | Size = 306176 bytes | Modified Date = 18-01-2007 18:01:14 | Attr =    ]
wintab32.exe -> %System32%\wintab32.exe ->  [Ver =  | Size = 114688 bytes | Modified Date = 29-01-2002 01:05:00 | Attr =    ]
wtfunc.exe -> %System32%\wtfunc.exe -> ACE CAD Enterprise Co., Ltd. [Ver = 2, 0, 0, 0 | Size = 20480 bytes | Modified Date = 22-01-2002 10:30:08 | Attr =    ]

[Win32 Services - Non-Microsoft Only]
(Automatisk LiveUpdate-planlægning) Automatisk LiveUpdate-planlægning [Win32_Own | Auto | Running] -> %ProgramFiles%\Symantec\LiveUpdate\ALUSchedulerSvc.exe -> Symantec Corporation [Ver = 3.0.0.171 | Size = 100032 bytes | Modified Date = 03-08-2006 16:46:30 | Attr =    ]
(ccEvtMgr) Symantec Event Manager [Win32_Own | Auto | Running] -> %CommonProgramFiles%\Symantec Shared\CCEVTMGR.EXE -> Symantec Corporation [Ver = 103.0.7.2 | Size = 198304 bytes | Modified Date = 08-03-2006 14:58:00 | Attr =    ]
(ccProxy) Symantec Network Proxy [Win32_Own | Auto | Running] -> %CommonProgramFiles%\Symantec Shared\CCPROXY.EXE -> Symantec Corporation [Ver = 103.0.8.2 | Size = 235168 bytes | Modified Date = 10-07-2006 13:44:14 | Attr =    ]
(ccPwdSvc) Symantec Password Validation [Win32_Own | On_Demand | Stopped] -> %CommonProgramFiles%\Symantec Shared\CCPWDSVC.EXE -> Symantec Corporation [Ver = 103.0.7.2 | Size = 79520 bytes | Modified Date = 08-03-2006 14:58:04 | Attr =    ]
(ccSetMgr) Symantec Settings Manager [Win32_Own | Auto | Running] -> %CommonProgramFiles%\Symantec Shared\CCSETMGR.EXE -> Symantec Corporation [Ver = 103.0.7.2 | Size = 181920 bytes | Modified Date = 08-03-2006 14:58:04 | Attr =    ]
(CVPND) Cisco Systems, Inc. VPN Service [Win32_Own | Auto | Running] -> %ProgramFiles%\Cisco Systems\VPN Client\cvpnd.exe -> Cisco Systems, Inc. [Ver = 3.6.3 (B) | Size = 1290302 bytes | Modified Date = 31-01-2003 08:44:24 | Attr =    ]
(dmadmin) Logical Disk Manager Administrative Service [Win32_Shared | On_Demand | Stopped] -> %System32%\dmadmin.exe -> Microsoft Corp., Veritas Software [Ver = 2600.2180.503.0 | Size = 225280 bytes | Modified Date = 26-08-2004 16:53:50 | Attr =    ]
(IDriverT) InstallDriver Table Manager [Win32_Own | On_Demand | Stopped] -> %CommonProgramFiles%\InstallShield\Driver\11\Intel 32\IDriverT.exe -> Macrovision Corporation [Ver = 11.00.28844 | Size = 69632 bytes | Modified Date = 04-04-2005 00:41:10 | Attr =    ]
(InCDsrv) InCD Helper [Win32_Own | Auto | Running] -> %ProgramFiles%\Ahead\InCD\InCDsrv.exe -> Nero AG [Ver = 4, 3, 12, 0 | Size = 856064 bytes | Modified Date = 27-01-2005 18:16:58 | Attr =    ]
(iPod Service) iPod Service [Win32_Own | On_Demand | Running] -> %ProgramFiles%\iPod\bin\iPodService.exe -> Apple Computer, Inc. [Ver = 7.0.2.16 | Size = 492608 bytes | Modified Date = 30-10-2006 09:36:32 | Attr =    ]
(ISSVC) ISSVC [Win32_Own | Auto | Running] -> %ProgramFiles%\Norton Internet Security\ISSVC.exe -> Symantec Corporation [Ver = 8.0.5.14 | Size = 83584 bytes | Modified Date = 18-04-2005 18:49:24 | Attr =    ]
(LiveUpdate) LiveUpdate [Win32_Own | On_Demand | Stopped] -> %ProgramFiles%\Symantec\LiveUpdate\LuComServer_3_0.EXE -> Symantec Corporation [Ver = 3.0.0.171 | Size = 2119360 bytes | Modified Date = 03-08-2006 16:46:30 | Attr =    ]
(navapsvc) Norton AntiVirus Auto-Protect-tjeneste [Win32_Own | Auto | Running] -> %ProgramFiles%\Norton Internet Security\Norton AntiVirus\NAVAPSVC.EXE -> Symantec Corporation [Ver = 11.0.16.2 | Size = 177288 bytes | Modified Date = 29-11-2005 12:34:00 | Attr =    ]
(Pml Driver HPZ12) Pml Driver HPZ12 [Win32_Own | Auto | Stopped] -> %System32%\HPZipm12.exe -> HP [Ver = 9, 0, 0, 0 | Size = 69632 bytes | Modified Date = 29-09-2004 12:14:36 | Attr =    ]
(SAVScan) SAVScan [Win32_Own | On_Demand | Stopped] -> %ProgramFiles%\Norton Internet Security\Norton AntiVirus\SAVSCAN.EXE -> Symantec Corporation [Ver = 9.4.2.1 | Size = 198368 bytes | Modified Date = 07-03-2005 13:59:36 | Attr =    ]
(SBService) ScriptBlocking Service [Win32_Own | Auto | Stopped] -> %CommonProgramFiles%\Symantec Shared\Script Blocking\SBSERV.EXE -> Symantec Corporation [Ver = 11.0.16.2 | Size = 67184 bytes | Modified Date = 19-10-2005 19:55:00 | Attr =    ]
(SLService) SmartLinkService [Win32_Own | Auto | Running] -> %System32%\slserv.exe ->  [Ver = 2.80.00(24Apr2000) | Size = 45056 bytes | Modified Date = 29-11-2001 15:10:28 | Attr =    ]
(SNDSrvc) Symantec Network Drivers Service [Win32_Own | Auto | Running] -> %CommonProgramFiles%\Symantec Shared\SNDSrvc.exe -> Symantec Corporation [Ver = 5.5.1.6 | Size = 206552 bytes | Modified Date = 05-04-2005 10:17:22 | Attr =    ]
(SPBBCSvc) Symantec SPBBCSvc [Win32_Own | Auto | Running] -> %CommonProgramFiles%\Symantec Shared\SPBBC\SPBBCSvc.exe -> Symantec Corporation [Ver = 1,0,1,47 | Size = 173160 bytes | Modified Date = 21-07-2004 15:24:04 | Attr =    ]
(Symantec Core LC) Symantec Core LC [Win32_Own | Auto | Running] -> %CommonProgramFiles%\Symantec Shared\CCPD-LC\symlcsvc.exe -> Symantec Corporation [Ver = 1.8.54.841 | Size = 826512 bytes | Modified Date = 11-10-2005 14:52:06 | Attr =    ]
(UStorage Server Service) UStorage Server Service [Win32_Own | Auto | Running] -> %System32%\UStorSrv.exe -> OTi [Ver = 2, 0, 0, 4 | Size = 139264 bytes | Modified Date = 17-02-2006 12:19:56 | Attr =    ]
(Wintab32) Wintab32 [Win32_Own | Auto | Running] -> %System32%\wintab32.exe ->  [Ver =  | Size = 114688 bytes | Modified Date = 29-01-2002 01:05:00 | Attr =    ]
(WmcCds) WMC (Windows Media Connect) [Win32_Own | Unknown | Stopped] ->  -> File not found

[Driver Services - Non-Microsoft Only]
(Abiosdsk) Abiosdsk [Kernel | Disabled | Stopped] ->  -> File not found
(abp480n5) abp480n5 [Kernel | Disabled | Stopped] ->  -> File not found
(AdfuUd) ADFU USB Device [Kernel | On_Demand | Stopped] -> System32\Drivers\AdfuUd.sys -> File not found
(adpu160m) adpu160m [Kernel | Disabled | Stopped] ->  -> File not found
(Aha154x) Aha154x [Kernel | Disabled | Stopped] ->  -> File not found
(aic78u2) aic78u2 [Kernel | Disabled | Stopped] ->  -> File not found
(aic78xx) aic78xx [Kernel | Disabled | Stopped] ->  -> File not found
(ALCXSENS) Service for WDM 3D Audio Driver [Kernel | On_Demand | Running] -> %System32%\drivers\ALCXSENS.SYS -> Sensaura Ltd [Ver = 5.10.00.3508 | Size = 404736 bytes | Modified Date = 14-08-2003 23:16:38 | Attr =    ]
(ALCXWDM) Service for Realtek AC97 Audio (WDM) [Kernel | On_Demand | Running] -> %System32%\drivers\ALCXWDM.SYS -> Realtek Semiconductor Corp. [Ver = 5.10.5320 | Size = 462940 bytes | Modified Date = 21-08-2003 16:31:52 | Attr =    ]
(AliIde) AliIde [Kernel | Disabled | Stopped] ->  -> File not found
(amsint) amsint [Kernel | Disabled | Stopped] ->  -> File not found
(asc) asc [Kernel | Disabled | Stopped] ->  -> File not found
(asc3350p) asc3350p [Kernel | Disabled | Stopped] ->  -> File not found
(asc3550) asc3550 [Kernel | Disabled | Stopped] ->  -> File not found
(Atdisk) Atdisk [Kernel | Disabled | Stopped] ->  -> File not found
(cd20xrnt) cd20xrnt [Kernel | Disabled | Stopped] ->  -> File not found
(Changer) Changer [Kernel | System | Stopped] ->  -> File not found
(CmdIde) CmdIde [Kernel | Disabled | Stopped] ->  -> File not found
(Cpqarray) Cpqarray [Kernel | Disabled | Stopped] ->  -> File not found
(CVPNDRV) Cisco Systems IPsec Driver [Kernel | Auto | Running] -> %System32%\drivers\CVPNDrv.sys -> Cisco Systems, Inc. [Ver = 3.6.3 (B) | Size = 263749 bytes | Modified Date = 31-01-2003 08:46:10 | Attr =    ]
(dac960nt) dac960nt [Kernel | Disabled | Stopped] ->  -> File not found
(db6c4880-5365-4c07-b8ff-428632debf01) db6c4880-5365-4c07-b8ff-428632debf01 [Kernel | On_Demand | Stopped] -> D:\Player\cds300.dll -> File not found
(dmboot) dmboot [Kernel | Disabled | Stopped] -> %System32%\drivers\dmboot.sys -> Microsoft Corp., Veritas Software [Ver = 2600.2180.503.0 | Size = 800000 bytes | Modified Date = 26-08-2004 16:49:40 | Attr =    ]
(dmio) dmio [Kernel | Disabled | Stopped] -> %System32%\drivers\dmio.sys -> Microsoft Corp., Veritas Software [Ver = 2600.2180.503.0 | Size = 153600 bytes | Modified Date = 26-08-2004 16:49:40 | Attr =    ]
(dmload) dmload [Kernel | Disabled | Stopped] -> %System32%\drivers\dmload.sys -> Microsoft Corp., Veritas Software. [Ver = 2600.0.503.0 | Size = 5888 bytes | Modified Date = 25-04-2003 13:00:00 | Attr =    ]
(DNE) Deterministic Network Enhancer Miniport [Kernel | On_Demand | Running] -> %System32%\drivers\dne2000.sys -> Deterministic Networks, Inc. [Ver = 2.11.7.4 | Size = 128380 bytes | Modified Date = 09-01-2002 15:10:30 | Attr =    ]
(dpti2o) dpti2o [Kernel | Disabled | Stopped] ->  -> File not found
(GEARAspiWDM) GEARAspiWDM [Kernel | On_Demand | Running] -> %System32%\drivers\GEARAspiWDM.sys -> GEAR Software Inc. [Ver = 2.0.6.1 | Size = 15664 bytes | Modified Date = 19-09-2006 15:44:04 | Attr =    ]
(hpn) hpn [Kernel | Disabled | Stopped] ->  -> File not found
(HPZid412) IEEE-1284.4 Driver HPZid412 [Kernel | On_Demand | Stopped] -> %System32%\drivers\HPZid412.sys -> HP [Ver = 9, 0, 0, 0 | Size = 51120 bytes | Modified Date = 08-03-2005 05:52:26 | Attr = R  ]
(HPZipr12) Print Class Driver for IEEE-1284.4 HPZipr12 [Kernel | On_Demand | Stopped] -> %System32%\drivers\HPZipr12.sys -> HP [Ver = 9, 0, 0, 0 | Size = 16496 bytes | Modified Date = 08-03-2005 05:52:28 | Attr = R  ]
(HPZius12) USB to IEEE-1284.4 Translation Driver HPZius12 [Kernel | On_Demand | Stopped] -> %System32%\drivers\HPZius12.sys -> HP [Ver = 9, 0, 0, 0 | Size = 21744 bytes | Modified Date = 08-03-2005 05:52:28 | Attr = R  ]
(i2omgmt) i2omgmt [Kernel | System | Stopped] ->  -> File not found
(i2omp) i2omp [Kernel | Disabled | Stopped] ->  -> File not found
(ialm) ialm [Kernel | On_Demand | Running] -> %System32%\drivers\ialmnt5.sys -> Intel Corporation [Ver = 6.14.10.4342 | Size = 807998 bytes | Modified Date = 21-06-2005 17:12:34 | Attr =    ]
(InCDfs) InCD File System [File_System | Disabled | Running] -> %System32%\drivers\InCDfs.sys -> Nero AG [Ver = 4, 3, 12, 0 | Size = 99200 bytes | Modified Date = 27-01-2005 18:08:02 | Attr =    ]
(InCDPass) InCDPass [Kernel | System | Running] -> %System32%\drivers\InCDpass.sys -> Nero AG [Ver = 4, 3, 12, 0 | Size = 28928 bytes | Modified Date = 27-01-2005 18:07:34 | Attr =    ]
(incdrm) InCD Reader [Kernel | System | Running] -> %System32%\drivers\InCDrm.sys -> Nero AG [Ver = 4, 3, 12, 0 | Size = 27776 bytes | Modified Date = 27-01-2005 18:07:28 | Attr =    ]
(ini910u) ini910u [Kernel | Disabled | Stopped] ->  -> File not found
(lbrtfdc) lbrtfdc [Kernel | System | Stopped] ->  -> File not found
(MarvinBus) Pinnacle Marvin Bus [Kernel | On_Demand | Running] -> %System32%\drivers\MarvinBus.sys -> Pinnacle Systems GmbH [Ver = 2.0.1.007 | Size = 78976 bytes | Modified Date = 21-06-2004 15:03:22 | Attr =    ]
(mraid35x) mraid35x [Kernel | Disabled | Stopped] ->  -> File not found
(MTK) Media Technology Kernel Driver [File_System | On_Demand | Stopped] -> %System32%\drivers\MTK.SYS -> Media Technology Corporation [Ver = 1.00.0000.0001 | Size = 14495 bytes | Modified Date = 06-01-2003 10:11:02 | Attr =    ]
(Mtlmnt5) Mtlmnt5 [Kernel | On_Demand | Stopped] -> %System32%\drivers\mtlmnt5.sys ->  [Ver = 1.53 | Size = 172708 bytes | Modified Date = 29-11-2001 15:10:14 | Attr =    ]
(Mtlstrm) Mtlstrm [Kernel | On_Demand | Stopped] -> %System32%\drivers\mtlstrm.sys ->  [Ver = 0.98 | Size = 2383460 bytes | Modified Date = 29-11-2001 15:10:18 | Attr =    ]
(NAVENG) NAVENG [Kernel | On_Demand | Running] -> %CommonProgramFiles%\Symantec Shared\VirusDefs\20070122.041\NAVENG.SYS -> Symantec Corporation [Ver = 20071.1.0.15 | Size = 80472 bytes | Modified Date = 17-01-2007 10:00:00 | Attr =    ]
(NAVEX15) NAVEX15 [Kernel | On_Demand | Running] -> %CommonProgramFiles%\Symantec Shared\VirusDefs\20070122.041\NAVEX15.SYS -> Symantec Corporation [Ver = 20071.1.0.15 | Size = 852280 bytes | Modified Date = 17-01-2007 10:00:00 | Attr =    ]
(NtMtlFax) NtMtlFax [Kernel | On_Demand | Stopped] -> %System32%\drivers\ntmtlfax.sys ->  [Ver = 2.86.08 | Size = 607732 bytes | Modified Date = 29-11-2001 15:10:20 | Attr =    ]
(PCIDump) PCIDump [Kernel | System | Stopped] ->  -> File not found
(PCLEPCI) PCLEPCI [Kernel | System | Running] -> %System32%\drivers\Pclepci.sys -> Pinnacle Systems GmbH [Ver = 1.06 | Size = 14165 bytes | Modified Date = 19-03-2002 10:29:16 | Attr =    ]
(PDCOMP) PDCOMP [Kernel | On_Demand | Stopped] ->  -> File not found
(PDFRAME) PDFRAME [Kernel | On_Demand | Stopped] ->  -> File not found
(PDRELI) PDRELI [Kernel | On_Demand | Stopped] ->  -> File not found
(PDRFRAME) PDRFRAME [Kernel | On_Demand | Stopped] ->  -> File not found
(perc2) perc2 [Kernel | Disabled | Stopped] ->  -> File not found
(perc2hib) perc2hib [Kernel | Disabled | Stopped] ->  -> File not found
(Ptilink) Driver til direkte, parallel forbindelse [Kernel | On_Demand | Running] -> %System32%\drivers\ptilink.sys -> Parallel Technologies, Inc. [Ver = 1.10 (XPClient.010817-1148) | Size = 17792 bytes | Modified Date = 25-04-2003 13:00:00 | Attr =    ]
(PxHelp20) PxHelp20 [Kernel | Boot | Running] -> %System32%\drivers\pxhelp20.sys -> Sonic Solutions [Ver = 2.03.27a | Size = 20576 bytes | Modified Date = 26-01-2005 01:03:00 | Attr =    ]
(ql1080) ql1080 [Kernel | Disabled | Stopped] ->  -> File not found
(Ql10wnt) Ql10wnt [Kernel | Disabled | Stopped] ->  -> File not found
(ql12160) ql12160 [Kernel | Disabled | Stopped] ->  -> File not found
(ql1240) ql1240 [Kernel | Disabled | Stopped] ->  -> File not found
(ql1280) ql1280 [Kernel | Disabled | Stopped] ->  -> File not found
(rtl8139) NT-driver til Realtek RTL8139(A/B/C) PCI Fast Ethernet-netværkskort [Kernel | On_Demand | Running] -> %System32%\drivers\rtl8139.sys -> Realtek Semiconductor Corporation [Ver = 5.398.613.2003 built by: WinDDK | Size = 20992 bytes | Modified Date = 03-08-2004 21:31:34 | Attr =    ]
(SAVRT) SAVRT [Kernel | On_Demand | Running] -> %ProgramFiles%\Norton Internet Security\Norton AntiVirus\SAVRT.SYS -> Symantec Corporation [Ver = 9.4.2.1 | Size = 338056 bytes | Modified Date = 07-03-2005 13:59:44 | Attr =    ]
(SAVRTPEL) SAVRTPEL [Kernel | System | Running] -> %ProgramFiles%\Norton Internet Security\Norton AntiVirus\SAVRTPEL.SYS -> Symantec Corporation [Ver = 9.4.2.1 | Size = 50312 bytes | Modified Date = 07-03-2005 13:59:50 | Attr =    ]
(sdcplh) sdcplh [Kernel | System | Running] -> %System32%\drivers\sdcplh.sys -> Macrovision Europe Ltd [Ver = 1, 13, 0, 11 | Size = 55168 bytes | Modified Date = 19-10-2005 16:39:58 | Attr =    ]
(Secdrv) Secdrv [Kernel | Auto | Running] -> %System32%\drivers\secdrv.sys -> Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K. [Ver = 4.00.060 | Size = 163644 bytes | Modified Date = 18-11-2006 12:57:44 | Attr =    ]
(Simbad) Simbad [Kernel | Disabled | Stopped] ->  -> File not found
(Slntamr) NetoDragon AMR_PCI Driver [Kernel | On_Demand | Stopped] -> %System32%\drivers\slntamr.sys ->  [Ver = Jan 29 2002  12:28:21 | Size = 220432 bytes | Modified Date = 29-01-2002 11:28:28 | Attr = R  ]
(SlNtHal) SlNtHal [Kernel | On_Demand | Stopped] -> %System32%\drivers\slnthal.sys ->  [Ver = 2.86.08 | Size = 175160 bytes | Modified Date = 29-11-2001 15:10:26 | Attr =    ]
(SlWdmSup) SlWdmSup [Kernel | On_Demand | Stopped] -> %System32%\drivers\slwdmsup.sys -> Vireo Software [Ver = 1.00 | Size = 33028 bytes | Modified Date = 29-11-2001 15:10:28 | Attr = R  ]
(SONYPVU1) Sony USB-filterdriver (SONYPVU1) [Kernel | On_Demand | Stopped] -> %System32%\drivers\SONYPVU1.SYS -> Sony Corporation [Ver = 1.3.0526.0 (XPClient.010817-1148) | Size = 7552 bytes | Modified Date = 17-08-2001 20:56:16 | Attr =    ]
(Sparrow) Sparrow [Kernel | Disabled | Stopped] ->  -> File not found
(SPBBCDrv) SPBBCDrv [Kernel | System | Running] -> %CommonProgramFiles%\Symantec Shared\SPBBC\SPBBCDrv.sys -> Symantec Corporation [Ver = 1,0,1,47 | Size = 341096 bytes | Modified Date = 21-07-2004 15:24:02 | Attr =    ]
(symc810) symc810 [Kernel | Disabled | Stopped] ->  -> File not found
(symc8xx) symc8xx [Kernel | Disabled | Stopped] ->  -> File not found
(SYMDNS) SYMDNS [Kernel | On_Demand | Running] -> %System32%\drivers\symdns.sys -> Symantec Corporation [Ver = 5.5.1.6 | Size = 11512 bytes | Modified Date = 05-04-2005 10:16:52 | Attr =    ]
(SymEvent) SymEvent [Kernel | On_Demand | Running] -> %ProgramFiles%\Symantec\SYMEVENT.SYS -> Symantec Corporation [Ver = 11.6.8.1 | Size = 124016 bytes | Modified Date = 15-09-2006 21:52:12 | Attr =    ]
(SYMFW) SYMFW [Kernel | On_Demand | Running] -> %System32%\drivers\symfw.sys -> Symantec Corporation [Ver = 5.5.1.6 | Size = 173208 bytes | Modified Date = 05-04-2005 10:16:54 | Attr =    ]
(SYMIDS) SYMIDS [Kernel | On_Demand | Running] -> %System32%\drivers\symids.sys -> Symantec Corporation [Ver = 5.5.1.6 | Size = 36984 bytes | Modified Date = 05-04-2005 10:16:58 | Attr =    ]
(SYMIDSCO) SYMIDSCO [Kernel | On_Demand | Running] -> %CommonProgramFiles%\Symantec Shared\SymcData\idsdefs\20070123.001\SymIDSCo.sys -> Symantec Corporation [Ver = 7.2.1.1 | Size = 185976 bytes | Modified Date = 16-01-2007 12:01:06 | Attr =    ]
(symlcbrd) symlcbrd [Kernel | Auto | Running] -> %System32%\drivers\symlcbrd.sys -> Symantec Corporation [Ver = 1.8.54.834 | Size = 10344 bytes | Modified Date = 11-10-2005 14:52:06 | Attr =    ]
(SYMNDIS) SYMNDIS [Kernel | On_Demand | Running] -> %System32%\drivers\symndis.sys -> Symantec Corporation [Ver = 5.5.1.6 | Size = 47192 bytes | Modified Date = 05-04-2005 10:16:56 | Attr =    ]
(SYMREDRV) SYMREDRV [Kernel | On_Demand | Running] -> %System32%\drivers\symredrv.sys -> Symantec Corporation [Ver = 5.5.1.6 | Size = 17976 bytes | Modified Date = 05-04-2005 10:17:00 | Attr =    ]
(SYMTDI) SYMTDI [Kernel | System | Running] -> %System32%\drivers\symtdi.sys -> Symantec Corporation [Ver = 5.5.1.6 | Size = 267192 bytes | Modified Date = 05-04-2005 10:17:02 | Attr =    ]
(sym_hi) sym_hi [Kernel | Disabled | Stopped] ->  -> File not found
(sym_u3) sym_u3 [Kernel | Disabled | Stopped] ->  -> File not found
(TosIde) TosIde [Kernel | Disabled | Stopped] ->  -> File not found
(TVICHW32) TVICHW32 [Kernel | On_Demand | Stopped] -> %System32%\drivers\TVICHW32.SYS -> EnTech Taiwan [Ver = 6.0 | Size = 23600 bytes | Modified Date = 09-10-2005 01:05:16 | Attr =    ]
(ultra) ultra [Kernel | Disabled | Stopped] ->  -> File not found
(V90drv) V90drv [Kernel | On_Demand | Stopped] -> %System32%\drivers\v90drv.sys ->  [Ver = 2.79.03 | Size = 1432836 bytes | Modified Date = 29-11-2001 15:10:32 | Attr =    ]
(ViaIde) ViaIde [Kernel | Disabled | Stopped] ->  -> File not found
(vsdatant) vsdatant [Kernel | On_Demand | Running] -> %System32%\vsdatant.sys -> Zone Labs Inc. [Ver = 3.1.399 | Size = 145800 bytes | Modified Date = 16-10-2002 13:40:26 | Attr =    ]
(W2acehid) Acecad HID [Kernel | On_Demand | Stopped] -> %System32%\drivers\w2acehid.sys -> LCS/Telegraphics [Ver = 1.00.02.00 | Size = 24064 bytes | Modified Date = 29-01-2002 01:05:00 | Attr =    ]
(WDICA) WDICA [Kernel | On_Demand | Stopped] ->  -> File not found
(Wtcls2k) Wtcls2k [Kernel | On_Demand | Stopped] -> %System32%\drivers\wtcls2k.sys -> LCS/Telegraphics [Ver = 1.00.00.07 | Size = 12800 bytes | Modified Date = 29-01-2002 01:05:00 | Attr =    ]
({6080A529-897E-4629-A488-ABA0C29B635E}) Intel(R) Graphics Platform (SoftBIOS) Driver [Kernel | System | Stopped] -> %System32%\drivers\ialmsbw.sys -> Intel Corporation [Ver = 6.13.01.3205 | Size = 91390 bytes | Modified Date = 31-07-2002 09:13:02 | Attr =    ]
({D31A0762-0CEB-444e-ACFF-B049A1F6FE91}) Intel(R) Graphics Chipset (KCH) Driver [Kernel | On_Demand | Stopped] -> %System32%\drivers\ialmkchw.sys -> Intel Corporation [Ver = 6.13.01.3205 | Size = 71258 bytes | Modified Date = 31-07-2002 09:13:12 | Attr =    ]

[Registry - Non-Microsoft Only]
< Run [HKLM] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
ccApp -> %CommonProgramFiles%\Symantec Shared\CCAPP.EXE -> Symantec Corporation [Ver = 103.0.7.2 | Size = 59040 bytes | Modified Date = 08-03-2006 14:58:00 | Attr =    ]
HotKeysCmds -> %System32%\hkcmd.exe -> Intel Corporation [Ver = 3.0.0.4342 | Size = 126976 bytes | Modified Date = 21-06-2005 15:44:34 | Attr =    ]
HP Software Update -> %ProgramFiles%\HP\HP Software Update\HPWuSchd2.exe -> Hewlett-Packard Co. [Ver = 53.0.13.000 | Size = 49152 bytes | Modified Date = 11-05-2005 22:12:54 | Attr =    ]
IgfxTray -> %System32%\igfxtray.exe -> Intel Corporation [Ver = 3.0.0.4342 | Size = 155648 bytes | Modified Date = 21-06-2005 15:48:18 | Attr =    ]
iTunesHelper -> %ProgramFiles%\iTunes\iTunesHelper.exe -> Apple Computer, Inc. [Ver = 7.0.2.16 | Size = 256576 bytes | Modified Date = 30-10-2006 09:36:36 | Attr =    ]
NeroFilterCheck -> %System32%\NeroCheck.exe -> Ahead Software Gmbh [Ver = 1, 0, 0, 2 | Size = 155648 bytes | Modified Date = 09-07-2001 10:50:42 | Attr =    ]
QuickTime Task -> %ProgramFiles%\QuickTime\qttask.exe -> Apple Computer, Inc. [Ver = 7.1.3 | Size = 282624 bytes | Modified Date = 25-10-2006 18:58:18 | Attr =    ]
RemoteControl -> %ProgramFiles%\CyberLink\PowerDVD\PDVDServ.exe -> Cyberlink Corp. [Ver = 5.00.0000 | Size = 32768 bytes | Modified Date = 31-10-2003 19:42:40 | Attr =    ]
SoundMan -> %SystemRoot%\SOUNDMAN.EXE -> Realtek Semiconductor Corp. [Ver = 5.1.10 | Size = 57344 bytes | Modified Date = 15-08-2003 15:34:50 | Attr =    ]
SunJavaUpdateSched -> %ProgramFiles%\Java\jre1.5.0_10\bin\jusched.exe -> Sun Microsystems, Inc. [Ver = 5.0.100.3 | Size = 49263 bytes | Modified Date = 09-11-2006 15:07:30 | Attr =    ]
Symantec NetDriver Monitor -> %ProgramFiles%\SymNetDrv\SNDMon.exe -> Symantec Corporation [Ver = 5.5.1.6 | Size = 100056 bytes | Modified Date = 11-10-2005 15:02:44 | Attr =    ]
Wintab Functions -> %System32%\wtfunc.exe -> ACE CAD Enterprise Co., Ltd. [Ver = 2, 0, 0, 0 | Size = 20480 bytes | Modified Date = 22-01-2002 10:30:08 | Attr =    ]
< OptionalComponents [HKLM] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\OptionalComponents\
IMAIL -> Installed = 1 ->
MAPI -> Installed = 1 ->
MSFS -> Installed = 1 ->
< Run [HKCU] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
updateMgr -> %ProgramFiles%\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe -> Adobe Systems Incorporated [Ver = 3.1.0.10 | Size = 313472 bytes | Modified Date = 30-03-2006 15:45:08 | Attr =    ]
< Common Startup > -> C:\Documents and Settings\All Users\Menuen Start\Programmer\Start
%AllUsersStartup%\Adobe Reader Hurtigstart.lnk -> %ProgramFiles%\Adobe\Acrobat 7.0\Reader\reader_sl.exe -> Adobe Systems Incorporated [Ver = 7.0.5.2005092300 | Size = 29696 bytes | Modified Date = 23-09-2005 22:05:26 | Attr =    ]
%AllUsersStartup%\Cisco Systems VPN Client.lnk -> %ProgramFiles%\Cisco Systems\VPN Client\ipsecdialer.exe -> Cisco Systems, Inc. [Ver = 3.6.3 (B) | Size = 1282122 bytes | Modified Date = 31-01-2003 08:39:40 | Attr =    ]
%AllUsersStartup%\Firebird Server.lnk -> %ProgramFiles%\aFirebird\Bin\fbguard.exe -> File not found
%AllUsersStartup%\HP Digital Imaging Monitor.lnk -> %ProgramFiles%\HP\Digital Imaging\bin\hpqtra08.exe -> Hewlett-Packard Co. [Ver = 53.0.13.000 | Size = 282624 bytes | Modified Date = 11-05-2005 22:23:26 | Attr =    ]
%AllUsersStartup%\HP Image Zone Hurtig start.lnk -> %ProgramFiles%\HP\Digital Imaging\bin\hpqthb08.exe -> Hewlett-Packard Co. [Ver = 053.000.013.000 | Size = 73728 bytes | Modified Date = 11-05-2005 23:49:24 | Attr =    ]
< Disabled MSConfig Registry Items [HKLM] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\
InCD -> %ProgramFiles%\Ahead\InCD\InCD.exe -> Nero AG [Ver = 4, 3, 12, 0 | Size = 1381376 bytes | Modified Date = 27-01-2005 18:17:32 | Attr =    ]
QuickTime Task -> %ProgramFiles%\QuickTime\qttask.exe -> Apple Computer, Inc. [Ver = 7.1.3 | Size = 282624 bytes | Modified Date = 25-10-2006 18:58:18 | Attr =    ]
< SecurityProviders [HKLM] > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders\\SecurityProviders
< Winlogon settings [HKLM] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon
*VMApplet* -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\\VMApplet ->
Control_RunDLL ->  -> File not found
< Winlogon settings [HKCU] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon
< Winlogon\Notify settings [HKLM] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\
< Policy Settings [HKLM] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\ ->  ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\NonEnum\ ->  ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\NonEnum\\{BDEADF00-C265-11D0-BCED-00A0C90AB50F} -> 1 ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\NonEnum\\{6DFD7C5C-2451-11d3-A299-00C04F8EF6AF} -> 1073741857 ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\NonEnum\\{0DF44EAA-FF21-4412-828E-260A8728E7F1} -> 32 ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system\ ->  ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system\\dontdisplaylastusername -> 0 ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system\\legalnoticecaption ->  ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system\\legalnoticetext ->  ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system\\shutdownwithoutlogon -> 1 ->
< Policy Settings [HKCU] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\ ->  ->
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\ ->  ->
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\NoDriveTypeAutoRun -> 145 ->
-> HKEY_CURRENT_USER\Software\Policies\Microsoft\Internet Explorer not found. ->
< Desktop Components > -> HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Desktop\Components\
0 -> [Key] ->
0 -> FriendlyName = Min aktuelle startside ->
0 -> Source = About:Home ->
0 -> SubscribedURL = About:Home ->
< HOSTS File > -> C:\WINDOWS\System32\drivers\etc\Hosts
< Internet Explorer Settings > ->
HKLM: Default_Page_URL -> http://go.microsoft.com/fwlink/?LinkId=69157 ->
HKLM: Main\\Default_Search_URL -> http://go.microsoft.com/fwlink/?LinkId=54896 ->
HKLM: Local Page -> %SystemRoot%\system32\blank.htm ->
HKLM: Search Page -> http://go.microsoft.com/fwlink/?LinkId=54896 ->
HKLM: Start Page -> http://go.microsoft.com/fwlink/?LinkId=69157 ->
HKLM: CustomizeSearch -> http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm ->
HKLM: SearchAssistant -> http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm ->
HKCU: Local Page -> C:\WINDOWS\system32\blank.htm ->
HKCU: Search Page -> http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch ->
HKCU: Start Page -> http://www.google.dk/ ->
HKCU: ProxyEnable -> 0 ->
< Trusted Sites > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\
msn.com [ - ] ->  ->
< Trusted Sites > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\
www_dtfnet.dk [https] ->  ->
< BHO's > -> HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\
{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} [HKLM] -> %ProgramFiles%\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll [Adobe PDF Reader Link Helper] -> Adobe Systems Incorporated [Ver = 7.0.7.2006011200 | Size = 63128 bytes | Modified Date = 12-01-2006 20:38:22 | Attr =    ]
{761497BB-D6F0-462C-B6EB-D4DAF1D92D43} [HKLM] -> %ProgramFiles%\Java\jre1.5.0_10\bin\ssv.dll [SSVHelper Class] -> Sun Microsystems, Inc. [Ver = 5.0.100.3 | Size = 440056 bytes | Modified Date = 09-11-2006 15:21:52 | Attr =    ]
{9ECB9560-04F9-4bbc-943D-298DDF1699E1} [HKLM] -> %CommonProgramFiles%\Symantec Shared\AdBlocking\NISShExt.dll [CNisExtBho Class] -> Symantec Corporation [Ver = 8.0.5.14 | Size = 104048 bytes | Modified Date = 20-06-2005 13:19:04 | Attr =    ]
{BDF3E430-B101-42AD-A544-FADC6B084872} [HKLM] -> %ProgramFiles%\Norton Internet Security\Norton AntiVirus\NAVSHEXT.DLL [CNavExtBho Class] -> Symantec Corporation [Ver = 11.0.16.2 | Size = 218760 bytes | Modified Date = 29-11-2005 12:34:02 | Attr =    ]
< Internet Explorer Bars [HKCU] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Explorer Bars\
{32683183-48a0-441b-a342-7c2a440a9478} [HKLM] -> Reg Data - Key not found [Reg Data - Key not found] -> File not found
< Internet Explorer ToolBars [HKLM] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ToolBar
{0B53EAC3-8D69-4b9e-9B19-A37C9A5676A7} [HKLM] -> %CommonProgramFiles%\Symantec Shared\AdBlocking\NISShExt.dll [Norton Internet Security] -> Symantec Corporation [Ver = 8.0.5.14 | Size = 104048 bytes | Modified Date = 20-06-2005 13:19:04 | Attr =    ]
{42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} [HKLM] -> %ProgramFiles%\Norton Internet Security\Norton AntiVirus\NAVSHEXT.DLL [Norton AntiVirus] -> Symantec Corporation [Ver = 11.0.16.2 | Size = 218760 bytes | Modified Date = 29-11-2005 12:34:02 | Attr =    ]
< Internet Explorer ToolBars [HKCU] > -> HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\
ShellBrowser\\{42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} [HKLM] -> %ProgramFiles%\Norton Internet Security\Norton AntiVirus\NAVSHEXT.DLL [Norton AntiVirus] -> Symantec Corporation [Ver = 11.0.16.2 | Size = 218760 bytes | Modified Date = 29-11-2005 12:34:02 | Attr =    ]
WebBrowser\\{0B53EAC3-8D69-4B9E-9B19-A37C9A5676A7} [HKLM] -> %CommonProgramFiles%\Symantec Shared\AdBlocking\NISShExt.dll [Norton Internet Security] -> Symantec Corporation [Ver = 8.0.5.14 | Size = 104048 bytes | Modified Date = 20-06-2005 13:19:04 | Attr =    ]
WebBrowser\\{42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} [HKLM] -> %ProgramFiles%\Norton Internet Security\Norton AntiVirus\NAVSHEXT.DLL [Norton AntiVirus] -> Symantec Corporation [Ver = 11.0.16.2 | Size = 218760 bytes | Modified Date = 29-11-2005 12:34:02 | Attr =    ]
< Internet Explorer CmdMapping [HKCU] > -> HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Extensions\CmdMapping
{02011FE3-C22B-451d-9A25-BF4DBB38B8E7} -> 8197 - Reg Data - Value does not exist ->
{08B0E5C0-4FCB-11CF-AAA5-00401C608501} -> 8199 - Sun Java Console ->
{0AD5A451-967F-46BD-9F5E-39247D7FC77F} -> 8198 - Reg Data - Key not found ->
{92780B25-18CC-41C8-B9BE-3C9C571A8263} -> 8194 - Reg Data - Value does not exist ->
{CE000992-A58C-4441-8938-744CD72AB27F} -> 8195 - Reg Data - Key not found ->
{CE000996-A58C-4441-8938-744CD72AB27F} -> 8196 - Reg Data - Key not found ->
{FB5F1910-F110-11d2-BB9E-00C04F795683} -> 8193 - Windows Messenger ->
NextId -> 8200 ->
< Internet Explorer Extensions [HKLM] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\
{02011FE3-C22B-451d-9A25-BF4DBB38B8E7} -> Reg Data - Value does not exist [ButtonText: FirstClass®] -> File not found
{08B0E5C0-4FCB-11CF-AAA5-00401C608501} [HKLM] -> %ProgramFiles%\Java\jre1.5.0_10\bin\npjpi150_10.dll [MenuText: Sun Java Console] -> Sun Microsystems, Inc. [Ver = 5.0.100.3 | Size = 75528 bytes | Modified Date = 09-11-2006 15:21:54 | Attr =    ]
{08B0E5C0-4FCB-11CF-AAA5-00401C608501} [HKCU] -> %ProgramFiles%\Java\jre1.5.0_10\bin\ssv.dll [MenuText: Sun Java Console] -> Sun Microsystems, Inc. [Ver = 5.0.100.3 | Size = 440056 bytes | Modified Date = 09-11-2006 15:21:52 | Attr =    ]
{92780B25-18CC-41C8-B9BE-3C9C571A8263} -> Reg Data - Value does not exist [ButtonText: Opslag] -> File not found
{e2e2dd38-d088-4134-82b7-f2ba38496583} [HKLM] -> Reg Data - Key not found [MenuText: @xpsp3res.dll,-20001] -> File not found
{FB5F1910-F110-11d2-BB9E-00C04F795683} -> Reg Data - Value does not exist [ButtonText: Messenger] -> File not found
< Internet Explorer Menu Extensions [HKCU] > -> HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\MenuExt\
E&ksporter til Microsoft Excel ->  -> File not found
< Approved Shell Extensions [HKLM] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved
{0DF44EAA-FF21-4412-828E-260A8728E7F1} [HKLM] -> Reg Data - Key not found [Proceslinje og menuen Start] -> File not found
{2A947D7C-8B9F-457d-95B6-5D76CC1B7804} [HKLM] -> %SystemRoot%\Downloaded Program Files\fcplugin.dll [FC &Explorer Bar] ->  [Ver =  | Size = 7232842 bytes | Modified Date = 02-05-2005 10:13:48 | Attr =    ]
{32683183-48a0-441b-a342-7c2a440a9478} [HKLM] -> Reg Data - Key not found [Media Band] -> File not found
{42071714-76d4-11d1-8b24-00a0c9068ff3} [HKLM] -> Reg Data - Key not found [Kontrolpanel-udvidelse til skærmpanorering] -> File not found
{764BF0E1-F219-11ce-972D-00AA00A14F56} [HKLM] -> Reg Data - Key not found [Grænsefladeudvidelser til filkomprimering] -> File not found
{7A9D77BD-5403-11d2-8785-2E0420524153} [HKLM] -> Reg Data - Key not found [Brugerkonti] -> File not found
{853FE2B1-B769-11d0-9C4E-00C04FB6C6FA} [HKLM] -> Reg Data - Key not found [Kontekstmenu til kryptering] -> File not found
{88895560-9AA2-1069-930E-00AA0030EBC8} [HKLM] -> %System32%\hticons.dll [HyperTerminal-ikon] -> Hilgraeve, Inc. [Ver = 5.1.2600.0 | Size = 44544 bytes | Modified Date = 25-04-2003 13:00:00 | Attr =    ]
{950FF917-7A57-46BC-8017-59D9BF474000} [HKLM] -> %ProgramFiles%\Ahead\InCD\incdshx.dll [Shell Extension for CDRW] -> Nero AG [Ver = 4, 3, 12, 0 | Size = 103424 bytes | Modified Date = 27-01-2005 18:18:04 | Attr =    ]
{B9E1D2CB-CCFF-4AA6-9579-D7A4754030EF} [HKLM] -> %ProgramFiles%\iTunes\iTunesMiniPlayer.dll [iTunes] -> Apple Computer, Inc. [Ver = 7.0.2.16 | Size = 132672 bytes | Modified Date = 30-10-2006 09:36:36 | Attr =    ]
{CE000992-A58C-4441-8938-744CD72AB27F} [HKLM] -> Reg Data - Key not found [i-Nav IDN Resolver] -> File not found
{CE000994-A58C-4441-8938-744CD72AB27F} [HKLM] -> Reg Data - Key not found [i-Nav IDN SearchHook] -> File not found
< ContextMenuHandlers - * [HKLM] > -> HKEY_LOCAL_MACHINE\Software\Classes\*\shellex\ContextMenuHandlers\
{5345A4D5-41EB-4A2F-9616-CE1D4F6C35B2} [HKLM] -> %ProgramFiles%\Norton Internet Security\Norton AntiVirus\NAVSHEXT.DLL [Symantec.Norton.Antivirus.IEContextMenu] -> Symantec Corporation [Ver = 11.0.16.2 | Size = 218760 bytes | Modified Date = 29-11-2005 12:34:02 | Attr =    ]
< ContextMenuHandlers - Directory\Background [HKLM] > -> HKEY_LOCAL_MACHINE\Software\Classes\Directory\Background\shellex\ContextMenuHandlers\
{3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} [HKLM] -> %System32%\igfxpph.dll [igfxcui] -> Intel Corporation [Ver = 3.0.0.4342 | Size = 225280 bytes | Modified Date = 21-06-2005 16:47:56 | Attr =    ]
{950FF917-7A57-46BC-8017-59D9BF474000} [HKLM] -> %ProgramFiles%\Ahead\InCD\incdshx.dll [InCDMenu] -> Nero AG [Ver = 4, 3, 12, 0 | Size = 103424 bytes | Modified Date = 27-01-2005 18:18:04 | Attr =    ]
< ContextMenuHandlers - Folder [HKLM] > -> HKEY_LOCAL_MACHINE\Software\Classes\Folder\shellex\ContextMenuHandlers\
{5345A4D5-41EB-4A2F-9616-CE1D4F6C35B2} [HKLM] -> %ProgramFiles%\Norton Internet Security\Norton AntiVirus\NAVSHEXT.DLL [Symantec.Norton.Antivirus.IEContextMenu] -> Symantec Corporation [Ver = 11.0.16.2 | Size = 218760 bytes | Modified Date = 29-11-2005 12:34:02 | Attr =    ]
< ColumnHandlers - Folder [HKLM] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Folder\shellex\ColumnHandlers\
{F9DB5320-233E-11D1-9F84-707F02C10627} [HKLM] -> %ProgramFiles%\Adobe\Acrobat 7.0\ActiveX\pdfshell.dll [PDF Shell Extension] -> Adobe Systems, Inc. [Ver = 7.0.0.0 | Size = 110592 bytes | Modified Date = 14-12-2004 02:20:02 | Attr =    ]
< DNS Name Servers [HKLM] > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Adapters\
{269D2DD1-D63E-47A1-88E9-7367747F9FBC} ->    () ->
{5EA69F36-79D1-4CBF-9B4E-078DB909BBF7} ->    (Realtek RTL8139 Family PCI Fast Ethernet NIC) ->
{BA088BDD-FB96-45D9-B636-15E5A50B1AA7} ->    (1394-netværkskort) ->
< Protocol Handlers [HKLM] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\
fcp -> %SystemRoot%\Downloaded Program Files\fcplugin.dll ->  [Ver =  | Size = 7232842 bytes | Modified Date = 02-05-2005 10:13:48 | Attr =    ]
ipp -> Reg Data - Key not found -> File not found
msdaipp -> Reg Data - Key not found -> File not found
< Downloaded Program Files > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\
{05CA9FB0-3E3E-4B36-BF41-0E3A5CAA8CD8} -> Office Genuine Advantage Validation Tool - CodeBase = http://go.microsoft.com/fwlink/?linkid=67633 ->
{166B1BCA-3F9C-11CF-8075-444553540000} -> Shockwave ActiveX Control - CodeBase = http://download.macromedia.com/pub/shockwave/cabs/director/sw.cab ->
{17492023-C23A-453E-A040-C7C580BBF700} -> Windows Genuine Advantage Validation Tool - CodeBase = http://go.microsoft.com/fwlink/?linkid=39204 ->
{6E32070A-766D-4EE6-879C-DC1FA91D2FC3} -> MUWebControl Class - CodeBase = http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1138445231625 ->
{8AD9C840-044E-11D1-B3E9-00805F499D93} -> Java Plug-in 1.5.0_10 - CodeBase = http://java.sun.com/update/1.5.0/jinstall-1_5_0_10-windows-i586.cab ->
{9C196458-4145-46AF-8A77-1506878DFECA} -> FirstClass® Control - CodeBase = ftp://ftp.sektornet.dk/sektornet/skolekom/fcplugin.cab ->
{CAFEEFAC-0015-0000-0009-ABCDEFFEDCBA} -> Java Plug-in 1.5.0_09 - CodeBase = http://java.sun.com/update/1.5.0/jinstall-1_5_0_09-windows-i586.cab ->
{CAFEEFAC-0015-0000-0010-ABCDEFFEDCBA} -> Java Plug-in 1.5.0_10 - CodeBase = http://java.sun.com/update/1.5.0/jinstall-1_5_0_10-windows-i586.cab ->
{D27CDB6E-AE6D-11CF-96B8-444553540000} -> Shockwave Flash Object - CodeBase = http://fpdownload.macromedia.com/pub/shockwave/cabs/flash/swflash.cab ->
{D8575CE3-3432-4540-88A9-85A1325D3375} -> e-Safekey - CodeBase = https://netpension.danicapension.dk/html/activex/e-Safekey/DB/e-Safekey.cab ->
{E8F628B5-259A-4734-97EE-BA914D7BE941} -> Driver Agent ActiveX Control - CodeBase = http://driveragent.com/files/driveragent.cab ->
Microsoft XML Parser for Java ->  - CodeBase = file://C:\WINDOWS\Java\classes\xmldso.cab ->


[Files - Created Within 30 days]
outbreak.chw -> %CommonProgramFiles%\Symantec Shared\Help\outbreak.chw ->  [Ver =  | Size = 127286 bytes | Created Date = 22-01-2007 22:05:19 | Attr =    ]
CATALOG.DAT -> %CommonProgramFiles%\Symantec Shared\VirusDefs\20070117.019\CATALOG.DAT ->  [Ver =  | Size = 2504 bytes | Created Date = 18-01-2007 07:20:44 | Attr =    ]
DefInst.exe -> %CommonProgramFiles%\Symantec Shared\VirusDefs\20070117.019\DefInst.exe -> Symantec Corporation [Ver = 6.6.6 | Size = 69632 bytes | Created Date = 18-01-2007 07:20:44 | Attr =    ]
ECBOOTIL.VXD -> %CommonProgramFiles%\Symantec Shared\VirusDefs\20070117.019\ECBOOTIL.VXD ->  [Ver =  | Size = 6899 bytes | Created Date = 18-01-2007 07:20:44 | Attr =    ]
ECMSVR32.DLL -> %CommonProgramFiles%\Symantec Shared\VirusDefs\20070117.019\ECMSVR32.DLL -> Symantec Corporation [Ver = 71.1.0.11 | Size = 272040 bytes | Created Date = 18-01-2007 07:20:44 | Attr =    ]
NAVENG.EXP -> %CommonProgramFiles%\Symantec Shared\VirusDefs\20070117.019\NAVENG.EXP ->  [Ver =  | Size = 13040 bytes | Created Date = 18-01-2007 07:20:44 | Attr =    ]
NAVENG.SYS -> %CommonProgramFiles%\Symantec Shared\VirusDefs\20070117.019\NAVENG.SYS -> Symantec Corporation [Ver = 20071.1.0.15 | Size = 80472 bytes | Created Date = 18-01-2007 07:20:44 | Attr =    ]
NAVENG.VXD -> %CommonProgramFiles%\Symantec Shared\VirusDefs\20070117.019\NAVENG.VXD ->  [Ver =  | Size = 90186 bytes | Created Date = 18-01-2007 07:20:44 | Attr =    ]
NAVENG32.DLL -> %CommonProgramFiles%\Symantec Shared\VirusDefs\20070117.019\NAVENG32.DLL -> Symantec Corporation [Ver = 20071.1.0.15 | Size = 124536 bytes | Created Date = 18-01-2007 07:20:44 | Attr =    ]
NAVEX15.EXP -> %CommonProgramFiles%\Symantec Shared\VirusDefs\20070117.019\NAVEX15.EXP ->  [Ver =  | Size = 13232 bytes | Created Date = 18-01-2007 07:20:44 | Attr =    ]
NAVEX15.SYS -> %CommonProgramFiles%\Symantec Shared\VirusDefs\20070117.019\NAVEX15.SYS -> Symantec Corporation [Ver = 20071.1.0.15 | Size = 852280 bytes | Created Date = 18-01-2007 07:20:44 | Attr =    ]
NAVEX15.VXD -> %CommonProgramFiles%\Symantec Shared\VirusDefs\20070117.019\NAVEX15.VXD ->  [Ver =  | Size = 1014347 bytes | Created Date = 18-01-2007 07:20:44 | Attr =    ]
NAVEX32A.DLL -> %CommonProgramFiles%\Symantec Shared\VirusDefs\20070117.019\NAVEX32A.DLL -> Symantec Corporation [Ver = 20071.1.0.15 | Size = 902776 bytes | Created Date = 18-01-2007 07:20:44 | Attr =    ]
SCRAUTH.DAT -> %CommonProgramFiles%\Symantec Shared\VirusDefs\20070117.019\SCRAUTH.DAT ->  [Ver =  | Size = 97712 bytes | Created Date = 18-01-2007 07:20:44 | Attr =    ]
SYMAVENG.CAT -> %CommonProgramFiles%\Symantec Shared\VirusDefs\20070117.019\SYMAVENG.CAT ->  [Ver =  | Size = 9237 bytes | Created Date = 18-01-2007 07:20:44 | Attr =    ]
SYMAVENG.INF -> %CommonProgramFiles%\Symantec Shared\VirusDefs\20070117.019\SYMAVENG.INF ->  [Ver =  | Size = 1061 bytes | Created Date = 18-01-2007 07:20:44 | Attr =    ]
TCDEFS.DAT -> %CommonProgramFiles%\Symantec Shared\VirusDefs\20070117.019\TCDEFS.DAT ->  [Ver =  | Size = 188007 bytes | Created Date = 18-01-2007 07:20:44 | Attr =    ]
TCSCAN7.DAT -> %CommonProgramFiles%\Symantec Shared\VirusDefs\20070117.019\TCSCAN7.DAT ->  [Ver =  | Size = 1204823 bytes | Created Date = 18-01-2007 07:20:44 | Attr =    ]
TCSCAN8.DAT -> %CommonProgramFiles%\Symantec Shared\VirusDefs\20070117.019\TCSCAN8.DAT ->  [Ver =  | Size = 327507 bytes | Created Date = 18-01-2007 07:20:44 | Attr =    ]
TCSCAN9.DAT -> %CommonProgramFiles%\Symantec Shared\VirusDefs\20070117.019\TCSCAN9.DAT ->  [Ver =  | Size = 739486 bytes | Created Date = 18-01-2007 07:20:44 | Attr =    ]
TINF.DAT -> %CommonProgramFiles%\Symantec Shared\VirusDefs\20070117.019\TINF.DAT ->  [Ver =  | Size = 453 bytes | Created Date = 18-01-2007 07:20:44 | Attr =    ]
TINFIDX.DAT -> %CommonProgramFiles%\Symantec Shared\VirusDefs\20070117.019\TINFIDX.DAT ->  [Ver =  | Size = 148 bytes | Created Date = 18-01-2007 07:20:44 | Attr =    ]
TINFL.DAT -> %CommonProgramFiles%\Symantec Shared\VirusDefs\20070117.019\TINFL.DAT ->  [Ver =  | Size = 1957 bytes | Created Date = 18-01-2007 07:20:44 | Attr =    ]
TSCAN1.DAT -> %CommonProgramFiles%\Symantec Shared\VirusDefs\20070117.019\TSCAN1.DAT ->  [Ver =  | Size = 64232 bytes | Created Date = 18-01-2007 07:20:44 | Attr =    ]
TSCAN1HD.DAT -> %CommonProgramFiles%\Symantec Shared\VirusDefs\20070117.019\TSCAN1HD.DAT ->  [Ver =  | Size = 3072 bytes | Created Date = 18-01-2007 07:20:44 | Attr =    ]
V.GRD -> %CommonProgramFiles%\Symantec Shared\VirusDefs\20070117.019\V.GRD ->  [Ver =  | Size = 4778 bytes | Created Date = 18-01-2007 07:20:44 | Attr =    ]
V.SIG -> %CommonProgramFiles%\Symantec Shared\VirusDefs\20070117.019\V.SIG ->  [Ver =  | Size = 2261 bytes | Created Date = 18-01-2007 07:20:44 | Attr =    ]
VIRSCAN.INF -> %CommonProgramFiles%\Symantec Shared\VirusDefs\20070117.019\VIRSCAN.INF ->  [Ver =  | Size = 106244 bytes | Created Date = 18-01-2007 07:20:44 | Attr =    ]
VIRSCAN1.DAT -> %CommonProgramFiles%\Symantec Shared\VirusDefs\20070117.019\VIRSCAN1.DAT ->  [Ver =  | Size = 976014 bytes | Created Date = 18-01-2007 07:20:44 | Attr =    ]
VIRSCAN2.DAT -> %CommonProgramFiles%\Symantec Shared\VirusDefs\20070117.019\VIRSCAN2.DAT ->  [Ver =  | Size = 570042 bytes | Created Date = 18-01-2007 07:20:44 | Attr =    ]
VIRSCAN3.DAT -> %CommonProgramFiles%\Symantec Shared\VirusDefs\20070117.019\VIRSCAN3.DAT ->  [Ver =  | Size = 147584 bytes | Created Date = 18-01-2007 07:20:44 | Attr =    ]
VIRSCAN4.DAT -> %CommonProgramFiles%\Symantec Shared\VirusDefs\20070117.019\VIRSCAN4.DAT ->  [Ver =  | Size = 320186 bytes | Created Date = 18-01-2007 07:20:44 | Attr =    ]
VIRSCAN5.DAT -> %CommonProgramFiles%\Symantec Shared\VirusDefs\20070117.019\VIRSCAN5.DAT ->  [Ver =  | Size = 3200757 bytes | Created Date = 18-01-2007 07:20:44 | Attr =    ]
VIRSCAN6.DAT -> %CommonProgramFiles%\Symantec Shared\VirusDefs\20070117.019\VIRSCAN6.DAT ->  [Ver =  | Size = 390197 bytes | Created Date = 18-01-2007 07:20:44 | Attr =    ]
VIRSCAN7.DAT -> %CommonProgramFiles%\Symantec Shared\VirusDefs\20070117.019\VIRSCAN7.DAT ->  [Ver =  | Size = 6003538 bytes | Created Date = 18-01-2007 07:20:44 | Attr =    ]
VIRSCAN8.DAT -> %CommonProgramFiles%\Symantec Shared\VirusDefs\20070117.019\VIRSCAN8.DAT ->  [Ver =  | Size = 1664913 bytes | Created Date = 18-01-2007 07:20:44 | Attr =    ]
VIRSCAN9.DAT -> %CommonProgramFiles%\Symantec Shared\VirusDefs\20070117.019\VIRSCAN9.DAT ->  [Ver =  | Size = 4033733 bytes | Created Date = 18-01-2007 07:20:44 | Attr =    ]
VIRSCANT.DAT -> %CommonProgramFiles%\Symantec Shared\VirusDefs\20070117.019\VIRSCANT.DAT ->  [Ver =  | Size = 32 bytes | Created Date = 18-01-2007 07:20:44 | Attr =    ]
vscanmsx.dat -> %CommonProgramFiles%\Symantec Shared\VirusDefs\20070117.019\vscanmsx.dat ->  [Ver =  | Size = 2072 bytes | Created Date = 21-01-2007 14:10:34 | Attr =    ]
ZDONE.DAT -> %CommonProgramFiles%\Symantec Shared\VirusDefs\20070117.019\ZDONE.DAT ->  [Ver =  | Size = 224 bytes | Created Date = 18-01-2007 07:20:44 | Attr =    ]
CATALOG.DAT -> %CommonProgramFiles%\Symantec Shared\VirusDefs\20070122.041\CATALOG.DAT ->  [Ver =  | Size = 2504 bytes | Created Date = 23-01-2007 13:39:48 | Attr =    ]
DefInst.exe -> %CommonProgramFiles%\Symantec Shared\VirusDefs\20070122.041\DefInst.exe -> Symantec Corporation [Ver = 6.6.6 | Size = 69632 bytes | Created Date = 23-01-2007 13:39:48 | Attr =    ]
ECBOOTIL.VXD -> %CommonProgramFiles%\Symantec Shared\VirusDefs\20070122.041\ECBOOTIL.VXD ->  [Ver =  | Size = 6899 bytes | Created Date = 23-01-2007 13:39:48 | Attr =    ]
ECMSVR32.DLL -> %CommonProgramFiles%\Symantec Shared\VirusDefs\20070122.041\ECMSVR32.DLL -> Symantec Corporation [Ver = 71.1.0.11 | Size = 272040 bytes | Created Date = 23-01-2007 13:39:48 | Attr =    ]
NAVENG.EXP -> %CommonProgramFiles%\Symantec Shared\VirusDefs\20070122.041\NAVENG.EXP ->  [Ver =  | Size = 13040 bytes | Created Date = 23-01-2007 13:39:48 | Attr =    ]
NAVENG.SYS -> %CommonProgramFiles%\Symantec Shared\VirusDefs\20070122.041\NAVENG.SYS -> Symantec Corporation [Ver = 20071.1.0.15 | Size = 80472 bytes | Created Date = 23-01-2007 13:39:48 | Attr =    ]
NAVENG.VXD -> %CommonProgramFiles%\Symantec Shared\VirusDefs\20070122.041\NAVENG.VXD ->  [Ver =  | Size = 90186 bytes | Created Date = 23-01-2007 13:39:48 | Attr =    ]
NAVENG32.DLL -> %CommonProgramFiles%\Symantec Shared\VirusDefs\20070122.041\NAVENG32.DLL -> Symantec Corporation [Ver = 20071.1.0.15 | Size = 124536 bytes | Created Date = 23-01-2007 13:39:48 | Attr =    ]
NAVEX15.EXP -> %CommonProgramFiles%\Symantec Shared\VirusDefs\20070122.041\NAVEX15.EXP ->  [Ver =  | Size = 13232 bytes | Created Date = 23-01-2007 13:39:48 | Attr =    ]
NAVEX15.SYS -> %CommonProgramFiles%\Symantec Shared\VirusDefs\20070122.041\NAVEX15.SYS -> Symantec Corporation [Ver = 20071.1.0.15 | Size = 852280 bytes | Created Date = 23-01-2007 13:39:48 | Attr =    ]
NAVEX15.VXD -> %CommonProgramFiles%\Symantec Shared\VirusDefs\20070122.041\NAVEX15.VXD ->  [Ver =  | Size = 1014347 bytes | Created Date = 23-01-2007 13:39:48 | Attr =    ]
NAVEX32A.DLL -> %CommonProgramFiles%\Symantec Shared\VirusDefs\20070122.041\NAVEX32A.DLL -> Symantec Corporation [Ver = 20071.1.0.15 | Size = 902776 bytes | Created Date = 23-01-2007 13:39:48 | Attr =    ]
SCRAUTH.DAT -> %CommonProgramFiles%\Symantec Shared\VirusDefs\20070122.041\SCRAUTH.DAT ->  [Ver =  | Size = 97712 bytes | Created Date = 23-01-2007 13:39:48 | Attr =    ]
SYMAVENG.CAT -> %CommonProgramFiles%\Symantec Shared\VirusDefs\20070122.041\SYMAVENG.CAT ->  [Ver =  | Size = 9237 bytes | Created Date = 23-01-2007 13:39:48 | Attr =    ]
SYMAVENG.INF -> %CommonProgramFiles%\Symantec Shared\VirusDefs\20070122.041\SYMAVENG.INF ->  [Ver =  | Size = 1061 bytes | Created Date = 23-01-2007 13:39:48 | Attr =    ]
TCDEFS.DAT -> %CommonProgramFiles%\Symantec Shared\VirusDefs\20070122.041\TCDEFS.DAT ->  [Ver =  | Size = 188073 bytes | Created Date = 23-01-2007 13:39:48 | Attr =    ]
TCSCAN7.DAT -> %CommonProgramFiles%\Symantec Shared\VirusDefs\20070122.041\TCSCAN7.DAT ->  [Ver =  | Size = 1207798 bytes | Created Date = 23-01-2007 13:39:48 | Attr =    ]
TCSCAN8.DAT -> %CommonProgramFiles%\Symantec Shared\VirusDefs\20070122.041\TCSCAN8.DAT ->  [Ver =  | Size = 330699 bytes | Created Date = 23-01-2007 13:39:48 | Attr =    ]
TCSCAN9.DAT -> %CommonProgramFiles%\Symantec Shared\VirusDefs\20070122.041\TCSCAN9.DAT ->  [Ver =  | Size = 742316 bytes | Created Date = 23-01-2007 13:39:48 | Attr =    ]
TINF.DAT -> %CommonProgramFiles%\Symantec Shared\VirusDefs\20070122.041\TINF.DAT ->  [Ver =  | Size = 453 bytes | Created Date = 23-01-2007 13:39:49 | Attr =    ]
TINFIDX.DAT -> %CommonProgramFiles%\Symantec Shared\VirusDefs\20070122.041\TINFIDX.DAT ->  [Ver =  | Size = 148 bytes | Created Date = 23-01-2007 13:39:49 | Attr =    ]
TINFL.DAT -> %CommonProgramFiles%\Symantec Shared\VirusDefs\20070122.041\TINFL.DAT ->  [Ver =  | Size = 1957 bytes | Created Date = 23-01-2007 13:39:49 | Attr =    ]
TSCAN1.DAT -> %CommonProgramFiles%\Symantec Shared\VirusDefs\20070122.041\TSCAN1.DAT ->  [Ver =  | Size = 64232 bytes | Created Date = 23-01-2007 13:39:49 | Attr =    ]
TSCAN1HD.DAT -> %CommonProgramFiles%\Symantec Shared\VirusDefs\20070122.041\TSCAN1HD.DAT ->  [Ver =  | Size = 3072 bytes | Created Date = 23-01-2007 13:39:49 | Attr =    ]
V.GRD -> %CommonProgramFiles%\Symantec Shared\VirusDefs\20070122.041\V.GRD ->  [Ver =  | Size = 4778 bytes | Created Date = 23-01-2007 13:39:49 | Attr =    ]
V.SIG -> %CommonProgramFiles%\Symantec Shared\VirusDefs\20070122.041\V.SIG ->  [Ver =  | Size = 2269 bytes | Created Date = 23-01-2007 13:39:49 | Attr =    ]
VIRSCAN.INF -> %CommonProgramFiles%\Symantec Shared\VirusDefs\20070122.041\VIRSCAN.INF ->  [Ver =  | Size = 106244 bytes | Created Date = 23-01-2007 13:39:49 | Attr =    ]
VIRSCAN1.DAT -> %CommonProgramFiles%\Symantec Shared\VirusDefs\20070122.041\VIRSCAN1.DAT ->  [Ver =  | Size = 976339 bytes | Created Date = 23-01-2007 13:39:49 | Attr =    ]
VIRSCAN2.DAT -> %CommonProgramFiles%\Symantec Shared\VirusDefs\20070122.041\VIRSCAN2.DAT ->  [Ver =  | Size = 570042 bytes | Created Date = 23-01-2007 13:39:49 | Attr =    ]
VIRSCAN3.DAT -> %CommonProgramFiles%\Symantec Shared\VirusDefs\20070122.041\VIRSCAN3.DAT ->  [Ver =  | Size = 147656 bytes | Created Date = 23-01-2007 13:39:49 | Attr =    ]
VIRSCAN4.DAT -> %CommonProgramFiles%\Symantec Shared\VirusDefs\20070122.041\VIRSCAN4.DAT ->  [Ver =  | Size = 320186 bytes | Created Date = 23-01-2007 13:39:49 | Attr =    ]
VIRSCAN5.DAT -> %CommonProgramFiles%\Symantec Shared\VirusDefs\20070122.041\VIRSCAN5.DAT ->  [Ver =  | Size = 3216884 bytes | Created Date = 23-01-2007 13:39:49 | Attr =    ]
VIRSCAN6.DAT -> %CommonProgramFiles%\Symantec Shared\VirusDefs\20070122.041\VIRSCAN6.DAT ->  [Ver =  | Size = 390197 bytes | Created Date = 23-01-2007 13:39:49 | Attr =    ]
VIRSCAN7.DAT -> %CommonProgramFiles%\Symantec Shared\VirusDefs\20070122.041\VIRSCAN7.DAT ->  [Ver =  | Size = 6010078 bytes | Created Date = 23-01-2007 13:39:49 | Attr =    ]
VIRSCAN8.DAT -> %CommonProgramFiles%\Symantec Shared\VirusDefs\20070122.041\VIRSCAN8.DAT ->  [Ver =  | Size = 1668987 bytes | Created Date = 23-01-2007 13:39:49 | Attr =    ]
VIRSCAN9.DAT -> %CommonProgramFiles%\Symantec Shared\VirusDefs\20070122.041\VIRSCAN9.DAT ->  [Ver =  | Size = 4056384 bytes | Created Date = 23-01-2007 13:39:50 | Attr =    ]
VIRSCANT.DAT -> %CommonProgramFiles%\Symantec Shared\VirusDefs\20070122.041\VIRSCANT.DAT ->  [Ver =  | Size = 32 bytes | Created Date = 23-01-2007 13:39:50 | Attr =    ]
ZDONE.DAT -> %CommonProgramFiles%\Symantec Shared\VirusDefs\20070122.041\ZDONE.DAT ->  [Ver =  | Size = 224 bytes | Created Date = 23-01-2007 13:39:50 | Attr =    ]
CATALOG.DAT -> %CommonProgramFiles%\Symantec Shared\SymcData\idsdefs\20070117.002\CATALOG.DAT ->  [Ver =  | Size = 728 bytes | Created Date = 18-01-2007 19:48:07 | Attr =    ]
IDS9xx86.dll -> %CommonProgramFiles%\Symantec Shared\SymcData\idsdefs\20070117.002\IDS9xx86.dll -> Symantec Corporation [Ver = 6.3.0.5 | Size = 157384 bytes | Created Date = 18-01-2007 19:48:07 | Attr =    ]
IDSVia64.cat -> %CommonProgramFiles%\Symantec Shared\SymcData\idsdefs\20070117.002\IDSVia64.cat ->  [Ver =  | Size = 10654 bytes | Created Date = 18-01-2007 19:48:07 | Attr =    ]
IDSVia64.INF -> %CommonProgramFiles%\Symantec Shared\SymcData\idsdefs\20070117.002\IDSVia64.INF ->  [Ver =  | Size = 1042 bytes | Created Date = 18-01-2007 19:48:07 | Attr =    ]
IDSviA64.sys -> %CommonProgramFiles%\Symantec Shared\SymcData\idsdefs\20070117.002\IDSviA64.sys -> Symantec Corporation [Ver = 7.2.1.1 | Size = 278840 bytes | Created Date = 18-01-2007 19:48:07 | Attr =    ]
IDSVix86.cat -> %CommonProgramFiles%\Symantec Shared\SymcData\idsdefs\20070117.002\IDSVix86.cat ->  [Ver =  | Size = 10596 bytes | Created Date = 18-01-2007 19:48:07 | Attr =    ]
IDSVix86.INF -> %CommonProgramFiles%\Symantec Shared\SymcData\idsdefs\20070117.002\IDSVix86.INF ->  [Ver =  | Size = 838 bytes | Created Date = 18-01-2007 19:48:07 | Attr =    ]
IDSvix86.sys -> %CommonProgramFiles%\Symantec Shared\SymcData\idsdefs\20070117.002\IDSvix86.sys -> Symantec Corporation [Ver = 7.2.1.1 | Size = 212280 bytes | Created Date = 18-01-2007 19:48:07 | Attr =    ]
IDSxpx86.dll -> %CommonProgramFiles%\Symantec Shared\SymcData\idsdefs\20070117.002\IDSxpx86.dll -> Symantec Corporation [Ver = 7.2.1.1 | Size = 513656 bytes | Created Date = 18-01-2007 19:48:07 | Attr =    ]
Metadata.dat -> %CommonProgramFiles%\Symantec Shared\SymcData\idsdefs\20070117.002\Metadata.dat ->  [Ver =  | Size = 87820 bytes | Created Date = 18-01-2007 19:48:07 | Attr =    ]
sigs.dat -> %CommonProgramFiles%\Symantec Shared\SymcData\idsdefs\20070117.002\sigs.dat ->  [Ver =  | Size = 2389240 bytes | Created Date = 18-01-2007 19:48:07 | Attr =    ]
SymIDSCo.sys -> %CommonProgramFiles%\Symantec Shared\SymcData\idsdefs\20070117.002\SymIDSCo.sys -> Symantec Corporation [Ver = 7.2.1.1 | Size = 185976 bytes | Created Date = 18-01-2007 19:48:07 | Attr =    ]
SymIDSCo.vxd -> %CommonProgramFiles%\Symantec Shared\SymcData\idsdefs\20070117.002\SymIDSCo.vxd ->  [Ver =  | Size = 216777 bytes | Created Date = 18-01-2007 19:48:07 | Attr =    ]
SymIDSI.dll -> %CommonProgramFiles%\Symantec Shared\SymcData\idsdefs\20070117.002\SymIDSI.dll -> Symantec Corporation [Ver = 7.2.1.1 | Size = 104056 bytes | Created Date = 18-01-2007 19:48:07 | Attr =    ]
v.grd -> %CommonProgramFiles%\Symantec Shared\SymcData\idsdefs\20070117.002\v.grd ->  [Ver =  | Size = 1245 bytes | Created Date = 18-01-2007 19:48:07 | Attr =    ]
v.sig -> %CommonProgramFiles%\Symantec Shared\SymcData\idsdefs\20070117.002\v.sig ->  [Ver =  | Size = 2249 bytes | Created Date = 18-01-2007 19:48:07 | Attr =    ]
VIRSCAN1.DAT -> %CommonProgramFiles%\Symantec Shared\SymcData\idsdefs\20070117.002\VIRSCAN1.DAT ->  [Ver =  | Size = 32 bytes | Created Date = 18-01-2007 19:48:07 | Attr =    ]
zdone.dat -> %CommonProgramFiles%\Symantec Shared\SymcData\idsdefs\20070117.002\zdone.dat ->  [Ver =  | Size = 224 bytes | Created Date = 18-01-2007 19:48:07 | Attr =    ]
CATALOG.DAT -> %CommonProgramFiles%\Symantec Shared\SymcData\idsdefs\20070123.001\CATALOG.DAT ->  [Ver =  | Size = 728 bytes | Created Date = 23-01-2007 13:38:46 | Attr =    ]
IDS9xx86.dll -> %CommonProgramFiles%\Symantec Shared\SymcData\idsdefs\20070123.001\IDS9xx86.dll -> Symantec Corporation [Ver = 6.3.0.5 | Size = 157384 bytes | Created Date = 23-01-2007 13:38:46 | Attr =    ]
IDSVia64.cat -> %CommonProgramFiles%\Symantec Shared\SymcData\idsdefs\20070123.001\IDSVia64.cat ->  [Ver =  | Size = 10654 bytes | Created Date = 23-01-2007 13:38:47 | Attr =    ]
IDSVia64.INF -> %CommonProgramFiles%\Symantec Shared\SymcData\idsdefs\20070123.001\IDSVia64.INF ->  [Ver =  | Size = 1042 bytes | Created Date = 23-01-2007 13:38:47 | Attr =    ]
IDSviA64.sys -> %CommonProgramFiles%\Symantec Shared\SymcData\idsdefs\20070123.001\IDSviA64.sys -> Symantec Corporation [Ver = 7.2.1.1 | Size = 278840 bytes | Created Date = 23-01-2007 13:38:49 | Attr =    ]
IDSVix86.cat -> %CommonProgramFiles%\Symantec Shared\SymcData\idsdefs\20070123.001\IDSVix86.cat ->  [Ver =  | Size = 10596 bytes | Created Date = 23-01-2007 13:38:49 | Attr =    ]
IDSVix86.INF -> %CommonProgramFiles%\Symantec Shared\SymcData\idsdefs\20070123.001\IDSVix86.INF ->  [Ver =  | Size = 838 bytes | Created Date = 23-01-2007 13:38:49 | Attr =    ]
IDSvix86.sys -> %CommonProgramFiles%\Symantec Shared\SymcData\idsdefs\20070123.001\IDSvix86.sys -> Symantec Corporation [Ver = 7.2.1.1 | Size = 212280 bytes | Created Date = 23-01-2007 13:38:49 | Attr =    ]
IDSxpx86.dll -> %CommonProgramFiles%\Symantec Shared\SymcData\idsdefs\20070123.001\IDSxpx86.dll -> Symantec Corporation [Ver = 7.2.1.1 | Size = 513656 bytes | Created Date = 23-01-2007 13:38:49 | Attr =    ]
Metadata.dat -> %CommonProgramFiles%\Symantec Shared\SymcData\idsdefs\20070123.001\Metadata.dat ->  [Ver =  | Size = 87900 bytes | Created Date = 23-01-2007 13:38:49 | Attr =    ]
sigs.dat -> %CommonProgramFiles%\Symantec Shared\SymcData\idsdefs\20070123.001\sigs.dat ->  [Ver =  | Size = 2395468 bytes | Created Date = 23-01-2007 13:38:49 | Attr =    ]
SymIDSCo.sys -> %CommonProgramFiles%\Symantec Shared\SymcData\idsdefs\20070123.001\SymIDSCo.sys -> Symantec Corporation [Ver = 7.2.1.1 | Size = 185976 bytes | Created Date = 23-01-2007 13:38:49 | Attr =    ]
SymIDSCo.vxd -> %CommonProgramFiles%\Symantec Shared\SymcData\idsdefs\20070123.001\SymIDSCo.vxd ->  [Ver =  | Size = 216777 bytes | Created Date = 23-01-2007 13:38:50 | Attr =    ]
SymIDSI.dll -> %CommonProgramFiles%\Symantec Shared\SymcData\idsdefs\20070123.001\SymIDSI.dll -> Symantec Corporation [Ver = 7.2.1.1 | Size = 104056 bytes | Created Date = 23-01-2007 13:38:50 | Attr =    ]
v.grd -> %CommonProgramFiles%\Symantec Shared\SymcData\idsdefs\20070123.001\v.grd ->  [Ver =  | Size = 1245 bytes | Created Date = 23-01-2007 13:38:50 | Attr =    ]
v.sig -> %CommonProgramFiles%\Symantec Shared\SymcData\idsdefs\20070123.001\v.sig ->  [Ver =  | Size = 2249 bytes | Created Date = 23-01-2007 13:38:50 | Attr =    ]
VIRSCAN1.DAT -> %CommonProgramFiles%\Symantec Shared\SymcData\idsdefs\20070123.001\VIRSCAN1.DAT ->  [Ver =  | Size = 32 bytes | Created Date = 23-01-2007 13:38:50 | Attr =    ]
zdone.dat -> %CommonProgramFiles%\Symantec Shared\SymcData\idsdefs\20070123.001\zdone.dat ->  [Ver =  | Size = 224 bytes | Created Date = 23-01-2007 13:38:50 | Attr =    ]
IDSVia64.cat -> %CommonProgramFiles%\Symantec Shared\SymcData\idsdefs\BinHub\IDSVia64.cat ->  [Ver =  | Size = 8016 bytes | Created Date = 28-12-2006 01:16:10 | Attr =    ]
IDSVia64.INF -> %CommonProgramFiles%\Symantec Shared\SymcData\idsdefs\BinHub\IDSVia64.INF ->  [Ver =  | Size = 1043 bytes | Created Date = 28-12-2006 01:16:11 | Attr =    ]
IDSviA64.sys -> %CommonProgramFiles%\Symantec Shared\SymcData\idsdefs\BinHub\IDSviA64.sys -> Symantec Corporation [Ver = 7.2.0.17 | Size = 278840 bytes | Created Date = 27-12-2006 23:48:28 | Attr =    ]
IDSVix86.cat -> %CommonProgramFiles%\Symantec Shared\SymcData\idsdefs\BinHub\IDSVix86.cat ->  [Ver =  | Size = 7958 bytes | Created Date = 28-12-2006 01:16:13 | Attr =    ]
IDSVix86.INF -> %CommonProgramFiles%\Symantec Shared\SymcData\ids
Avatar billede ejvindh Ekspert
23. januar 2007 - 22:28 #4
Du skal lige lægge resten af loggen herind også (hele loggen kan åbenbart ikke være i én post).
Avatar billede drbest Nybegynder
24. januar 2007 - 18:07 #5
sigs.dat -> %CommonProgramFiles%\Symantec Shared\SymcData\idsdefs\20070123.001\sigs.dat ->  [Ver =  | Size = 2395468 bytes | Created Date = 23-01-2007 13:38:49 | Attr =    ]
SymIDSCo.sys -> %CommonProgramFiles%\Symantec Shared\SymcData\idsdefs\20070123.001\SymIDSCo.sys -> Symantec Corporation [Ver = 7.2.1.1 | Size = 185976 bytes | Created Date = 23-01-2007 13:38:49 | Attr =    ]
SymIDSCo.vxd -> %CommonProgramFiles%\Symantec Shared\SymcData\idsdefs\20070123.001\SymIDSCo.vxd ->  [Ver =  | Size = 216777 bytes | Created Date = 23-01-2007 13:38:50 | Attr =    ]
SymIDSI.dll -> %CommonProgramFiles%\Symantec Shared\SymcData\idsdefs\20070123.001\SymIDSI.dll -> Symantec Corporation [Ver = 7.2.1.1 | Size = 104056 bytes | Created Date = 23-01-2007 13:38:50 | Attr =    ]
v.grd -> %CommonProgramFiles%\Symantec Shared\SymcData\idsdefs\20070123.001\v.grd ->  [Ver =  | Size = 1245 bytes | Created Date = 23-01-2007 13:38:50 | Attr =    ]
v.sig -> %CommonProgramFiles%\Symantec Shared\SymcData\idsdefs\20070123.001\v.sig ->  [Ver =  | Size = 2249 bytes | Created Date = 23-01-2007 13:38:50 | Attr =    ]
VIRSCAN1.DAT -> %CommonProgramFiles%\Symantec Shared\SymcData\idsdefs\20070123.001\VIRSCAN1.DAT ->  [Ver =  | Size = 32 bytes | Created Date = 23-01-2007 13:38:50 | Attr =    ]
zdone.dat -> %CommonProgramFiles%\Symantec Shared\SymcData\idsdefs\20070123.001\zdone.dat ->  [Ver =  | Size = 224 bytes | Created Date = 23-01-2007 13:38:50 | Attr =    ]
IDSVia64.cat -> %CommonProgramFiles%\Symantec Shared\SymcData\idsdefs\BinHub\IDSVia64.cat ->  [Ver =  | Size = 8016 bytes | Created Date = 28-12-2006 01:16:10 | Attr =    ]
IDSVia64.INF -> %CommonProgramFiles%\Symantec Shared\SymcData\idsdefs\BinHub\IDSVia64.INF ->  [Ver =  | Size = 1043 bytes | Created Date = 28-12-2006 01:16:11 | Attr =    ]
IDSviA64.sys -> %CommonProgramFiles%\Symantec Shared\SymcData\idsdefs\BinHub\IDSviA64.sys -> Symantec Corporation [Ver = 7.2.0.17 | Size = 278840 bytes | Created Date = 27-12-2006 23:48:28 | Attr =    ]
IDSVix86.cat -> %CommonProgramFiles%\Symantec Shared\SymcData\idsdefs\BinHub\IDSVix86.cat ->  [Ver =  | Size = 7958 bytes | Created Date = 28-12-2006 01:16:13 | Attr =    ]
IDSVix86.INF -> %CommonProgramFiles%\Symantec Shared\SymcData\idsdefs\BinHub\IDSVix86.INF ->  [Ver =  | Size = 839 bytes | Created Date = 28-12-2006 01:16:14 | Attr =    ]
IDSvix86.sys -> %CommonProgramFiles%\Symantec Shared\SymcData\idsdefs\BinHub\IDSvix86.sys -> Symantec Corporation [Ver = 7.2.0.17 | Size = 212280 bytes | Created Date = 27-12-2006 23:48:25 | Attr =    ]
IDSxpx86.dll -> %CommonProgramFiles%\Symantec Shared\SymcData\idsdefs\BinHub\IDSxpx86.dll -> Symantec Corporation [Ver = 7.2.0.17 | Size = 513656 bytes | Created Date = 27-12-2006 23:48:22 | Attr =    ]
metadata.dat -> %CommonProgramFiles%\Symantec Shared\SymcData\idsdefs\BinHub\metadata.dat ->  [Ver =  | Size = 87820 bytes | Created Date = 08-01-2007 22:24:04 | Attr =    ]
sigs.dat -> %CommonProgramFiles%\Symantec Shared\SymcData\idsdefs\BinHub\sigs.dat ->  [Ver =  | Size = 2382080 bytes | Created Date = 08-01-2007 22:24:03 | Attr =    ]
symidsco.sys -> %CommonProgramFiles%\Symantec Shared\SymcData\idsdefs\BinHub\symidsco.sys -> Symantec Corporation [Ver = 7.2.0.17 | Size = 185976 bytes | Created Date = 27-12-2006 23:48:06 | Attr =    ]
SymIDSI.dll -> %CommonProgramFiles%\Symantec Shared\SymcData\idsdefs\BinHub\SymIDSI.dll -> Symantec Corporation [Ver = 7.2.0.17 | Size = 104056 bytes | Created Date = 27-12-2006 23:48:10 | Attr =    ]
v.grd -> %CommonProgramFiles%\Symantec Shared\SymcData\idsdefs\BinHub\v.grd ->  [Ver =  | Size = 1245 bytes | Created Date = 08-01-2007 22:24:05 | Attr =    ]
v.sig -> %CommonProgramFiles%\Symantec Shared\SymcData\idsdefs\BinHub\v.sig ->  [Ver =  | Size = 2269 bytes | Created Date = 08-01-2007 22:24:12 | Attr =    ]
virscan1.dat -> %CommonProgramFiles%\Symantec Shared\SymcData\idsdefs\BinHub\virscan1.dat ->  [Ver =  | Size = 32 bytes | Created Date = 08-01-2007 22:24:04 | Attr =    ]
mozver.dat -> %SystemRoot%\mozver.dat ->  [Ver =  | Size = 1156 bytes | Created Date = 03-01-2007 23:06:52 | Attr =    ]
nsreg.dat -> %SystemRoot%\nsreg.dat ->  [Ver =  | Size = 0 bytes | Created Date = 02-01-2007 12:13:04 | Attr =    ]
QTFont.for -> %SystemRoot%\QTFont.for ->  [Ver =  | Size = 1409 bytes | Created Date = 21-01-2007 19:44:28 | Attr =    ]
QTFont.qfn -> %SystemRoot%\QTFont.qfn ->  [Ver =  | Size = 54156 bytes | Created Date = 21-01-2007 19:44:28 | Attr =  H ]
java.exe -> %System32%\java.exe -> Sun Microsystems, Inc. [Ver = 5.0.100.3 | Size = 49248 bytes | Created Date = 17-01-2007 21:37:37 | Attr =    ]
javaw.exe -> %System32%\javaw.exe -> Sun Microsystems, Inc. [Ver = 5.0.100.3 | Size = 53346 bytes | Created Date = 17-01-2007 21:37:37 | Attr =    ]
javaws.exe -> %System32%\javaws.exe -> Sun Microsystems, Inc. [Ver = 5.0.100.3 | Size = 127078 bytes | Created Date = 17-01-2007 21:37:37 | Attr =    ]

[Files - Modified Within 30 days]
boot.ini -> %SystemDrive%\boot.ini ->  [Ver =  | Size = 212 bytes | Modified Date = 11-01-2007 23:20:30 | Attr =  HS]
Firewall.BAK -> %CommonProgramFiles%\Symantec Shared\Firewall.BAK ->  [Ver =  | Size = 33236 bytes | Modified Date = 19-01-2007 11:17:36 | Attr =    ]
Firewall.rul -> %CommonProgramFiles%\Symantec Shared\Firewall.rul ->  [Ver =  | Size = 185692 bytes | Modified Date = 19-01-2007 11:17:36 | Attr =    ]
Persist.BAK -> %CommonProgramFiles%\Symantec Shared\Persist.BAK ->  [Ver =  | Size = 3068 bytes | Modified Date = 18-01-2007 19:48:10 | Attr =    ]
Persist.Dat -> %CommonProgramFiles%\Symantec Shared\Persist.Dat ->  [Ver =  | Size = 3068 bytes | Modified Date = 23-01-2007 13:39:06 | Attr =    ]
Validate.dat -> %CommonProgramFiles%\Symantec Shared\Validate.dat ->  [Ver =  | Size = 2988 bytes | Modified Date = 23-01-2007 19:44:42 | Attr =    ]
symlcrst.dll -> %CommonProgramFiles%\Symantec Shared\CCPD-LC\symlcrst.dll ->  [Ver =  | Size = 250682 bytes | Modified Date = 23-01-2007 19:20:10 | Attr =    ]
firewall.chw -> %CommonProgramFiles%\Symantec Shared\Help\firewall.chw ->  [Ver =  | Size = 127286 bytes | Modified Date = 07-01-2007 11:51:08 | Attr =    ]
outbreak.chw -> %CommonProgramFiles%\Symantec Shared\Help\outbreak.chw ->  [Ver =  | Size = 127286 bytes | Modified Date = 22-01-2007 22:05:22 | Attr =    ]
IDSSettg.BAK -> %CommonProgramFiles%\Symantec Shared\IDS\IDSSettg.BAK ->  [Ver =  | Size = 4372 bytes | Modified Date = 23-01-2007 13:39:04 | Attr =    ]
IDSSettg.dat -> %CommonProgramFiles%\Symantec Shared\IDS\IDSSettg.dat ->  [Ver =  | Size = 4372 bytes | Modified Date = 23-01-2007 13:39:04 | Attr =    ]
Catalog.LiveSubscribe -> %CommonProgramFiles%\Symantec Shared\LiveReg\Catalog.LiveSubscribe ->  [Ver =  | Size = 2092 bytes | Modified Date = 23-01-2007 19:20:10 | Attr =    ]
definfo.dat -> %CommonProgramFiles%\Symantec Shared\VirusDefs\definfo.dat ->  [Ver =  | Size = 57 bytes | Modified Date = 23-01-2007 13:39:56 | Attr =    ]
usage.dat -> %CommonProgramFiles%\Symantec Shared\VirusDefs\usage.dat ->  [Ver =  | Size = 285 bytes | Modified Date = 23-01-2007 14:24:52 | Attr =    ]
definfo.dat -> %CommonProgramFiles%\Symantec Shared\SymcData\idsdefs\definfo.dat ->  [Ver =  | Size = 57 bytes | Modified Date = 23-01-2007 13:38:52 | Attr =    ]
usage.dat -> %CommonProgramFiles%\Symantec Shared\SymcData\idsdefs\usage.dat ->  [Ver =  | Size = 37 bytes | Modified Date = 23-01-2007 13:39:02 | Attr =    ]
CATALOG.DAT -> %CommonProgramFiles%\Symantec Shared\VirusDefs\20070117.019\CATALOG.DAT ->  [Ver =  | Size = 2504 bytes | Modified Date = 17-01-2007 07:49:26 | Attr =    ]
ECBOOTIL.VXD -> %CommonProgramFiles%\Symantec Shared\VirusDefs\20070117.019\ECBOOTIL.VXD ->  [Ver =  | Size = 6899 bytes | Modified Date = 17-01-2007 10:00:00 | Attr =    ]
ECMSVR32.DLL -> %CommonProgramFiles%\Symantec Shared\VirusDefs\20070117.019\ECMSVR32.DLL -> Symantec Corporation [Ver = 71.1.0.11 | Size = 272040 bytes | Modified Date = 17-01-2007 10:00:00 | Attr =    ]
NAVENG.SYS -> %CommonProgramFiles%\Symantec Shared\VirusDefs\20070117.019\NAVENG.SYS -> Symantec Corporation [Ver = 20071.1.0.15 | Size = 80472 bytes | Modified Date = 17-01-2007 10:00:00 | Attr =    ]
NAVENG.VXD -> %CommonProgramFiles%\Symantec Shared\VirusDefs\20070117.019\NAVENG.VXD ->  [Ver =  | Size = 90186 bytes | Modified Date = 17-01-2007 10:00:00 | Attr =    ]
NAVENG32.DLL -> %CommonProgramFiles%\Symantec Shared\VirusDefs\20070117.019\NAVENG32.DLL -> Symantec Corporation [Ver = 20071.1.0.15 | Size = 124536 bytes | Modified Date = 17-01-2007 10:00:00 | Attr =    ]
NAVEX15.SYS -> %CommonProgramFiles%\Symantec Shared\VirusDefs\20070117.019\NAVEX15.SYS -> Symantec Corporation [Ver = 20071.1.0.15 | Size = 852280 bytes | Modified Date = 17-01-2007 10:00:00 | Attr =    ]
NAVEX15.VXD -> %CommonProgramFiles%\Symantec Shared\VirusDefs\20070117.019\NAVEX15.VXD ->  [Ver =  | Size = 1014347 bytes | Modified Date = 17-01-2007 10:00:00 | Attr =    ]
NAVEX32A.DLL -> %CommonProgramFiles%\Symantec Shared\VirusDefs\20070117.019\NAVEX32A.DLL -> Symantec Corporation [Ver = 20071.1.0.15 | Size = 902776 bytes | Modified Date = 17-01-2007 10:00:00 | Attr =    ]
SCRAUTH.DAT -> %CommonProgramFiles%\Symantec Shared\VirusDefs\20070117.019\SCRAUTH.DAT ->  [Ver =  | Size = 97712 bytes | Modified Date = 27-12-2006 10:00:00 | Attr =    ]
SYMAVENG.CAT -> %CommonProgramFiles%\Symantec Shared\VirusDefs\20070117.019\SYMAVENG.CAT ->  [Ver =  | Size = 9237 bytes | Modified Date = 17-01-2007 10:00:00 | Attr =    ]
SYMAVENG.INF -> %CommonProgramFiles%\Symantec Shared\VirusDefs\20070117.019\SYMAVENG.INF ->  [Ver =  | Size = 1061 bytes | Modified Date = 17-01-2007 10:00:00 | Attr =    ]
TCDEFS.DAT -> %CommonProgramFiles%\Symantec Shared\VirusDefs\20070117.019\TCDEFS.DAT ->  [Ver =  | Size = 188007 bytes | Modified Date = 17-01-2007 10:00:00 | Attr =    ]
TCSCAN7.DAT -> %CommonProgramFiles%\Symantec Shared\VirusDefs\20070117.019\TCSCAN7.DAT ->  [Ver =  | Size = 1204823 bytes | Modified Date = 17-01-2007 10:00:00 | Attr =    ]
TCSCAN8.DAT -> %CommonProgramFiles%\Symantec Shared\VirusDefs\20070117.019\TCSCAN8.DAT ->  [Ver =  | Size = 327507 bytes | Modified Date = 17-01-2007 10:00:00 | Attr =    ]
TCSCAN9.DAT -> %CommonProgramFiles%\Symantec Shared\VirusDefs\20070117.019\TCSCAN9.DAT ->  [Ver =  | Size = 739486 bytes | Modified Date = 17-01-2007 10:00:00 | Attr =    ]
TINF.DAT -> %CommonProgramFiles%\Symantec Shared\VirusDefs\20070117.019\TINF.DAT ->  [Ver =  | Size = 453 bytes | Modified Date = 17-01-2007 10:00:00 | Attr =    ]
TINFL.DAT -> %CommonProgramFiles%\Symantec Shared\VirusDefs\20070117.019\TINFL.DAT ->  [Ver =  | Size = 1957 bytes | Modified Date = 17-01-2007 10:00:00 | Attr =    ]
TSCAN1.DAT -> %CommonProgramFiles%\Symantec Shared\VirusDefs\20070117.019\TSCAN1.DAT ->  [Ver =  | Size = 64232 bytes | Modified Date = 17-01-2007 10:00:00 | Attr =    ]
V.GRD -> %CommonProgramFiles%\Symantec Shared\VirusDefs\20070117.019\V.GRD ->  [Ver =  | Size = 4778 bytes | Modified Date = 17-01-2007 07:49:46 | Attr =    ]
V.SIG -> %CommonProgramFiles%\Symantec Shared\VirusDefs\20070117.019\V.SIG ->  [Ver =  | Size = 2261 bytes | Modified Date = 17-01-2007 07:49:46 | Attr =    ]
VIRSCAN1.DAT -> %CommonProgramFiles%\Symantec Shared\VirusDefs\20070117.019\VIRSCAN1.DAT ->  [Ver =  | Size = 976014 bytes | Modified Date = 17-01-2007 10:00:00 | Attr =    ]
VIRSCAN2.DAT -> %CommonProgramFiles%\Symantec Shared\VirusDefs\20070117.019\VIRSCAN2.DAT ->  [Ver =  | Size = 570042 bytes | Modified Date = 17-01-2007 10:00:00 | Attr =    ]
VIRSCAN3.DAT -> %CommonProgramFiles%\Symantec Shared\VirusDefs\20070117.019\VIRSCAN3.DAT ->  [Ver =  | Size = 147584 bytes | Modified Date = 17-01-2007 10:00:00 | Attr =    ]
VIRSCAN4.DAT -> %CommonProgramFiles%\Symantec Shared\VirusDefs\20070117.019\VIRSCAN4.DAT ->  [Ver =  | Size = 320186 bytes | Modified Date = 17-01-2007 10:00:00 | Attr =    ]
VIRSCAN5.DAT -> %CommonProgramFiles%\Symantec Shared\VirusDefs\20070117.019\VIRSCAN5.DAT ->  [Ver =  | Size = 3200757 bytes | Modified Date = 17-01-2007 10:00:00 | Attr =    ]
VIRSCAN6.DAT -> %CommonProgramFiles%\Symantec Shared\VirusDefs\20070117.019\VIRSCAN6.DAT ->  [Ver =  | Size = 390197 bytes | Modified Date = 17-01-2007 10:00:00 | Attr =    ]
VIRSCAN7.DAT -> %CommonProgramFiles%\Symantec Shared\VirusDefs\20070117.019\VIRSCAN7.DAT ->  [Ver =  | Size = 6003538 bytes | Modified Date = 17-01-2007 10:00:00 | Attr =    ]
VIRSCAN8.DAT -> %CommonProgramFiles%\Symantec Shared\VirusDefs\20070117.019\VIRSCAN8.DAT ->  [Ver =  | Size = 1664913 bytes | Modified Date = 17-01-2007 10:00:00 | Attr =    ]
VIRSCAN9.DAT -> %CommonProgramFiles%\Symantec Shared\VirusDefs\20070117.019\VIRSCAN9.DAT ->  [Ver =  | Size = 4033733 bytes | Modified Date = 17-01-2007 10:00:00 | Attr =    ]
VIRSCANT.DAT -> %CommonProgramFiles%\Symantec Shared\VirusDefs\20070117.019\VIRSCANT.DAT ->  [Ver =  | Size = 32 bytes | Modified Date = 17-01-2007 07:50:50 | Attr =    ]
vscanmsx.dat -> %CommonProgramFiles%\Symantec Shared\VirusDefs\20070117.019\vscanmsx.dat ->  [Ver =  | Size = 2072 bytes | Modified Date = 21-01-2007 14:10:36 | Attr =    ]
CATALOG.DAT -> %CommonProgramFiles%\Symantec Shared\VirusDefs\20070122.041\CATALOG.DAT ->  [Ver =  | Size = 2504 bytes | Modified Date = 22-01-2007 12:25:58 | Attr =    ]
ECBOOTIL.VXD -> %CommonProgramFiles%\Symantec Shared\VirusDefs\20070122.041\ECBOOTIL.VXD ->  [Ver =  | Size = 6899 bytes | Modified Date = 17-01-2007 10:00:00 | Attr =    ]
ECMSVR32.DLL -> %CommonProgramFiles%\Symantec Shared\VirusDefs\20070122.041\ECMSVR32.DLL -> Symantec Corporation [Ver = 71.1.0.11 | Size = 272040 bytes | Modified Date = 17-01-2007 10:00:00 | Attr =    ]
NAVENG.SYS -> %CommonProgramFiles%\Symantec Shared\VirusDefs\20070122.041\NAVENG.SYS -> Symantec Corporation [Ver = 20071.1.0.15 | Size = 80472 bytes | Modified Date = 17-01-2007 10:00:00 | Attr =    ]
NAVENG.VXD -> %CommonProgramFiles%\Symantec Shared\VirusDefs\20070122.041\NAVENG.VXD ->  [Ver =  | Size = 90186 bytes | Modified Date = 17-01-2007 10:00:00 | Attr =    ]
NAVENG32.DLL -> %CommonProgramFiles%\Symantec Shared\VirusDefs\20070122.041\NAVENG32.DLL -> Symantec Corporation [Ver = 20071.1.0.15 | Size = 124536 bytes | Modified Date = 17-01-2007 10:00:00 | Attr =    ]
NAVEX15.SYS -> %CommonProgramFiles%\Symantec Shared\VirusDefs\20070122.041\NAVEX15.SYS -> Symantec Corporation [Ver = 20071.1.0.15 | Size = 852280 bytes | Modified Date = 17-01-2007 10:00:00 | Attr =    ]
NAVEX15.VXD -> %CommonProgramFiles%\Symantec Shared\VirusDefs\20070122.041\NAVEX15.VXD ->  [Ver =  | Size = 1014347 bytes | Modified Date = 17-01-2007 10:00:00 | Attr =    ]
NAVEX32A.DLL -> %CommonProgramFiles%\Symantec Shared\VirusDefs\20070122.041\NAVEX32A.DLL -> Symantec Corporation [Ver = 20071.1.0.15 | Size = 902776 bytes | Modified Date = 17-01-2007 10:00:00 | Attr =    ]
SCRAUTH.DAT -> %CommonProgramFiles%\Symantec Shared\VirusDefs\20070122.041\SCRAUTH.DAT ->  [Ver =  | Size = 97712 bytes | Modified Date = 27-12-2006 10:00:00 | Attr =    ]
SYMAVENG.CAT -> %CommonProgramFiles%\Symantec Shared\VirusDefs\20070122.041\SYMAVENG.CAT ->  [Ver =  | Size = 9237 bytes | Modified Date = 17-01-2007 10:00:00 | Attr =    ]
SYMAVENG.INF -> %CommonProgramFiles%\Symantec Shared\VirusDefs\20070122.041\SYMAVENG.INF ->  [Ver =  | Size = 1061 bytes | Modified Date = 17-01-2007 10:00:00 | Attr =    ]
TCDEFS.DAT -> %CommonProgramFiles%\Symantec Shared\VirusDefs\20070122.041\TCDEFS.DAT ->  [Ver =  | Size = 188073 bytes | Modified Date = 22-01-2007 10:00:00 | Attr =    ]
TCSCAN7.DAT -> %CommonProgramFiles%\Symantec Shared\VirusDefs\20070122.041\TCSCAN7.DAT ->  [Ver =  | Size = 1207798 bytes | Modified Date = 22-01-2007 10:00:00 | Attr =    ]
TCSCAN8.DAT -> %CommonProgramFiles%\Symantec Shared\VirusDefs\20070122.041\TCSCAN8.DAT ->  [Ver =  | Size = 330699 bytes | Modified Date = 22-01-2007 10:00:00 | Attr =    ]
TCSCAN9.DAT -> %CommonProgramFiles%\Symantec Shared\VirusDefs\20070122.041\TCSCAN9.DAT ->  [Ver =  | Size = 742316 bytes | Modified Date = 22-01-2007 10:00:00 | Attr =    ]
TINF.DAT -> %CommonProgramFiles%\Symantec Shared\VirusDefs\20070122.041\TINF.DAT ->  [Ver =  | Size = 453 bytes | Modified Date = 22-01-2007 10:00:00 | Attr =    ]
TINFL.DAT -> %CommonProgramFiles%\Symantec Shared\VirusDefs\20070122.041\TINFL.DAT ->  [Ver =  | Size = 1957 bytes | Modified Date = 22-01-2007 10:00:00 | Attr =    ]
TSCAN1.DAT -> %CommonProgramFiles%\Symantec Shared\VirusDefs\20070122.041\TSCAN1.DAT ->  [Ver =  | Size = 64232 bytes | Modified Date = 22-01-2007 10:00:00 | Attr =    ]
V.GRD -> %CommonProgramFiles%\Symantec Shared\VirusDefs\20070122.041\V.GRD ->  [Ver =  | Size = 4778 bytes | Modified Date = 22-01-2007 12:26:02 | Attr =    ]
V.SIG -> %CommonProgramFiles%\Symantec Shared\VirusDefs\20070122.041\V.SIG ->  [Ver =  | Size = 2269 bytes | Modified Date = 22-01-2007 12:26:02 | Attr =    ]
VIRSCAN1.DAT -> %CommonProgramFiles%\Symantec Shared\VirusDefs\20070122.041\VIRSCAN1.DAT ->  [Ver =  | Size = 976339 bytes | Modified Date = 22-01-2007 10:00:00 | Attr =    ]
VIRSCAN2.DAT -> %CommonProgramFiles%\Symantec Shared\VirusDefs\20070122.041\VIRSCAN2.DAT ->  [Ver =  | Size = 570042 bytes | Modified Date = 22-01-2007 10:00:00 | Attr =    ]
VIRSCAN3.DAT -> %CommonProgramFiles%\Symantec Shared\VirusDefs\20070122.041\VIRSCAN3.DAT ->  [Ver =  | Size = 147656 bytes | Modified Date = 22-01-2007 10:00:00 | Attr =    ]
VIRSCAN4.DAT -> %CommonProgramFiles%\Symantec Shared\VirusDefs\20070122.041\VIRSCAN4.DAT ->  [Ver =  | Size = 320186 bytes | Modified Date = 22-01-2007 10:00:00 | Attr =    ]
VIRSCAN5.DAT -> %CommonProgramFiles%\Symantec Shared\VirusDefs\20070122.041\VIRSCAN5.DAT ->  [Ver =  | Size = 3216884 bytes | Modified Date = 22-01-2007 10:00:00 | Attr =    ]
VIRSCAN6.DAT -> %CommonProgramFiles%\Symantec Shared\VirusDefs\20070122.041\VIRSCAN6.DAT ->  [Ver =  | Size = 390197 bytes | Modified Date = 22-01-2007 10:00:00 | Attr =    ]
VIRSCAN7.DAT -> %CommonProgramFiles%\Symantec Shared\VirusDefs\20070122.041\VIRSCAN7.DAT ->  [Ver =  | Size = 6010078 bytes | Modified Date = 22-01-2007 10:00:00 | Attr =    ]
VIRSCAN8.DAT -> %CommonProgramFiles%\Symantec Shared\VirusDefs\20070122.041\VIRSCAN8.DAT ->  [Ver =  | Size = 1668987 bytes | Modified Date = 22-01-2007 10:00:00 | Attr =    ]
VIRSCAN9.DAT -> %CommonProgramFiles%\Symantec Shared\VirusDefs\20070122.041\VIRSCAN9.DAT ->  [Ver =  | Size = 4056384 bytes | Modified Date = 22-01-2007 10:00:00 | Attr =    ]
VIRSCANT.DAT -> %CommonProgramFiles%\Symantec Shared\VirusDefs\20070122.041\VIRSCANT.DAT ->  [Ver =  | Size = 32 bytes | Modified Date = 22-01-2007 12:27:06 | Attr =    ]
IDSVia64.cat -> %CommonProgramFiles%\Symantec Shared\SymcData\idsdefs\20070117.002\IDSVia64.cat ->  [Ver =  | Size = 10654 bytes | Modified Date = 16-01-2007 12:01:14 | Attr =    ]
IDSVia64.INF -> %CommonProgramFiles%\Symantec Shared\SymcData\idsdefs\20070117.002\IDSVia64.INF ->  [Ver =  | Size = 1042 bytes | Modified Date = 16-01-2007 12:01:16 | Attr =    ]
IDSviA64.sys -> %CommonProgramFiles%\Symantec Shared\SymcData\idsdefs\20070117.002\IDSviA64.sys -> Symantec Corporation [Ver = 7.2.1.1 | Size = 278840 bytes | Modified Date = 16-01-2007 12:01:28 | Attr =    ]
IDSVix86.cat -> %CommonProgramFiles%\Symantec Shared\SymcData\idsdefs\20070117.002\IDSVix86.cat ->  [Ver =  | Size = 10596 bytes | Modified Date = 16-01-2007 12:01:16 | Attr =    ]
IDSVix86.INF -> %CommonProgramFiles%\Symantec Shared\SymcData\idsdefs\20070117.002\IDSVix86.INF ->  [Ver =  | Size = 838 bytes | Modified Date = 16-01-2007 12:01:18 | Attr =    ]
IDSvix86.sys -> %CommonProgramFiles%\Symantec Shared\SymcData\idsdefs\20070117.002\IDSvix86.sys -> Symantec Corporation [Ver = 7.2.1.1 | Size = 212280 bytes | Modified Date = 16-01-2007 12:01:24 | Attr =    ]
IDSxpx86.dll -> %CommonProgramFiles%\Symantec Shared\SymcData\idsdefs\20070117.002\IDSxpx86.dll -> Symantec Corporation [Ver = 7.2.1.1 | Size = 513656 bytes | Modified Date = 16-01-2007 12:01:22 | Attr =    ]
Metadata.dat -> %CommonProgramFiles%\Symantec Shared\SymcData\idsdefs\20070117.002\Metadata.dat ->  [Ver =  | Size = 87820 bytes | Modified Date = 17-01-2007 22:35:12 | Attr =    ]
sigs.dat -> %CommonProgramFiles%\Symantec Shared\SymcData\idsdefs\20070117.002\sigs.dat ->  [Ver =  | Size = 2389240 bytes | Modified Date = 17-01-2007 22:35:10 | Attr =    ]
SymIDSCo.sys -> %CommonProgramFiles%\Symantec Shared\SymcData\idsdefs\20070117.002\SymIDSCo.sys -> Symantec Corporation [Ver = 7.2.1.1 | Size = 185976 bytes | Modified Date = 16-01-2007 12:01:06 | Attr =    ]
SymIDSI.dll -> %CommonProgramFiles%\Symantec Shared\SymcData\idsdefs\20070117.002\SymIDSI.dll -> Symantec Corporation [Ver = 7.2.1.1 | Size = 104056 bytes | Modified Date = 16-01-2007 12:01:10 | Attr =    ]
v.grd -> %CommonProgramFiles%\Symantec Shared\SymcData\idsdefs\20070117.002\v.grd ->  [Ver =  | Size = 1245 bytes | Modified Date = 17-01-2007 22:35:14 | Attr =    ]
v.sig -> %CommonProgramFiles%\Symantec Shared\SymcData\idsdefs\20070117.002\v.sig ->  [Ver =  | Size = 2249 bytes | Modified Date = 17-01-2007 22:35:18 | Attr =    ]
VIRSCAN1.DAT -> %CommonProgramFiles%\Symantec Shared\SymcData\idsdefs\20070117.002\VIRSCAN1.DAT ->  [Ver =  | Size = 32 bytes | Modified Date = 17-01-2007 22:35:12 | Attr =    ]
IDSVia64.cat -> %CommonProgramFiles%\Symantec Shared\SymcData\idsdefs\20070123.001\IDSVia64.cat ->  [Ver =  | Size = 10654 bytes | Modified Date = 16-01-2007 12:01:14 | Attr =    ]
IDSVia64.INF -> %CommonProgramFiles%\Symantec Shared\SymcData\idsdefs\20070123.001\IDSVia64.INF ->  [Ver =  | Size = 1042 bytes | Modified Date = 16-01-2007 12:01:16 | Attr =    ]
IDSviA64.sys -> %CommonProgramFiles%\Symantec Shared\SymcData\idsdefs\20070123.001\IDSviA64.sys -> Symantec Corporation [Ver = 7.2.1.1 | Size = 278840 bytes | Modified Date = 16-01-2007 12:01:28 | Attr =    ]
IDSVix86.cat -> %CommonProgramFiles%\Symantec Shared\SymcData\idsdefs\20070123.001\IDSVix86.cat ->  [Ver =  | Size = 10596 bytes | Modified Date = 16-01-2007 12:01:16 | Attr =    ]
IDSVix86.INF -> %CommonProgramFiles%\Symantec Shared\SymcData\idsdefs\20070123.001\IDSVix86.INF ->  [Ver =  | Size = 838 bytes | Modified Date = 16-01-2007 12:01:18 | Attr =    ]
IDSvix86.sys -> %CommonProgramFiles%\Symantec Shared\SymcData\idsdefs\20070123.001\IDSvix86.sys -> Symantec Corporation [Ver = 7.2.1.1 | Size = 212280 bytes | Modified Date = 16-01-2007 12:01:24 | Attr =    ]
IDSxpx86.dll -> %CommonProgramFiles%\Symantec Shared\SymcData\idsdefs\20070123.001\IDSxpx86.dll -> Symantec Corporation [Ver = 7.2.1.1 | Size = 513656 bytes | Modified Date = 16-01-2007 12:01:22 | Attr =    ]
Metadata.dat -> %CommonProgramFiles%\Symantec Shared\SymcData\idsdefs\20070123.001\Metadata.dat ->  [Ver =  | Size = 87900 bytes | Modified Date = 23-01-2007 01:06:18 | Attr =    ]
sigs.dat -> %CommonProgramFiles%\Symantec Shared\SymcData\idsdefs\20070123.001\sigs.dat ->  [Ver =  | Size = 2395468 bytes | Modified Date = 23-01-2007 01:06:18 | Attr =    ]
SymIDSCo.sys -> %CommonProgramFiles%\Symantec Shared\SymcData\idsdefs\20070123.001\SymIDSCo.sys -> Symantec Corporation [Ver = 7.2.1.1 | Size = 185976 bytes | Modified Date = 16-01-2007 12:01:06 | Attr =    ]
SymIDSI.dll -> %CommonProgramFiles%\Symantec Shared\SymcData\idsdefs\20070123.001\SymIDSI.dll -> Symantec Corporation [Ver = 7.2.1.1 | Size = 104056 bytes | Modified Date = 16-01-2007 12:01:10 | Attr =    ]
v.grd -> %CommonProgramFiles%\Symantec Shared\SymcData\idsdefs\20070123.001\v.grd ->  [Ver =  | Size = 1245 bytes | Modified Date = 23-01-2007 01:06:20 | Attr =    ]
v.sig -> %CommonProgramFiles%\Symantec Shared\SymcData\idsdefs\20070123.001\v.sig ->  [Ver =  | Size = 2249 bytes | Modified Date = 23-01-2007 01:06:24 | Attr =    ]
VIRSCAN1.DAT -> %CommonProgramFiles%\Symantec Shared\SymcData\idsdefs\20070123.001\VIRSCAN1.DAT ->  [Ver =  | Size = 32 bytes | Modified Date = 23-01-2007 01:06:20 | Attr =    ]
IDSVia64.cat -> %CommonProgramFiles%\Symantec Shared\SymcData\idsdefs\BinHub\IDSVia64.cat ->  [Ver =  | Size = 8016 bytes | Modified Date = 28-12-2006 01:16:12 | Attr =    ]
IDSVia64.INF -> %CommonProgramFiles%\Symantec Shared\SymcData\idsdefs\BinHub\IDSVia64.INF ->  [Ver =  | Size = 1043 bytes | Modified Date = 28-12-2006 01:16:12 | Attr =    ]
IDSviA64.sys -> %CommonProgramFiles%\Symantec Shared\SymcData\idsdefs\BinHub\IDSviA64.sys -> Symantec Corporation [Ver = 7.2.0.17 | Size = 278840 bytes | Modified Date = 27-12-2006 23:48:30 | Attr =    ]
IDSVix86.cat -> %CommonProgramFiles%\Symantec Shared\SymcData\idsdefs\BinHub\IDSVix86.cat ->  [Ver =  | Size = 7958 bytes | Modified Date = 28-12-2006 01:16:14 | Attr =    ]
IDSVix86.INF -> %CommonProgramFiles%\Symantec Shared\SymcData\idsdefs\BinHub\IDSVix86.INF ->  [Ver =  | Size = 839 bytes | Modified Date = 28-12-2006 01:16:16 | Attr =    ]
IDSvix86.sys -> %CommonProgramFiles%\Symantec Shared\SymcData\idsdefs\BinHub\IDSvix86.sys -> Symantec Corporation [Ver = 7.2.0.17 | Size = 212280 bytes | Modified Date = 27-12-2006 23:48:26 | Attr =    ]
IDSxpx86.dll -> %CommonProgramFiles%\Symantec Shared\SymcData\idsdefs\BinHub\IDSxpx86.dll -> Symantec Corporation [Ver = 7.2.0.17 | Size = 513656 bytes | Modified Date = 27-12-2006 23:48:24 | Attr =    ]
metadata.dat -> %CommonProgramFiles%\Symantec Shared\SymcData\idsdefs\BinHub\metadata.dat ->  [Ver =  | Size = 87820 bytes | Modified Date = 08-01-2007 22:24:06 | Attr =    ]
sigs.dat -> %CommonProgramFiles%\Symantec Shared\SymcData\idsdefs\BinHub\sigs.dat ->  [Ver =  | Size = 2382080 bytes | Modified Date = 08-01-2007 22:24:04 | Attr =    ]
symidsco.sys -> %CommonProgramFiles%\Symantec Shared\SymcData\idsdefs\BinHub\symidsco.sys -> Symantec Corporation [Ver = 7.2.0.17 | Size = 185976 bytes | Modified Date = 27-12-2006 23:48:08 | Attr =    ]
SymIDSI.dll -> %CommonProgramFiles%\Symantec Shared\SymcData\idsdefs\BinHub\SymIDSI.dll -> Symantec Corporation [Ver = 7.2.0.17 | Size = 104056 bytes | Modified Date = 27-12-2006 23:48:12 | Attr =    ]
v.grd -> %CommonProgramFiles%\Symantec Shared\SymcData\idsdefs\BinHub\v.grd ->  [Ver =  | Size = 1245 bytes | Modified Date = 08-01-2007 22:24:06 | Attr =    ]
v.sig -> %CommonProgramFiles%\Symantec Shared\SymcData\idsdefs\BinHub\v.sig ->  [Ver =  | Size = 2269 bytes | Modified Date = 08-01-2007 22:24:14 | Attr =    ]
virscan1.dat -> %CommonProgramFiles%\Symantec Shared\SymcData\idsdefs\BinHub\virscan1.dat ->  [Ver =  | Size = 32 bytes | Modified Date = 08-01-2007 22:24:06 | Attr =    ]
bootstat.dat -> %SystemRoot%\bootstat.dat ->  [Ver =  | Size = 2048 bytes | Modified Date = 23-01-2007 19:08:06 | Attr =  S]
imsins.BAK -> %SystemRoot%\imsins.BAK ->  [Ver =  | Size = 1374 bytes | Modified Date = 18-01-2007 07:26:38 | Attr =    ]
mozver.dat -> %SystemRoot%\mozver.dat ->  [Ver =  | Size = 1156 bytes | Modified Date = 03-01-2007 23:06:54 | Attr =    ]
NeroDigital.ini -> %SystemRoot%\NeroDigital.ini ->  [Ver =  | Size = 116 bytes | Modified Date = 21-01-2007 00:29:16 | Attr =    ]
nsreg.dat -> %SystemRoot%\nsreg.dat ->  [Ver =  | Size = 0 bytes | Modified Date = 02-01-2007 12:13:06 | Attr =    ]
QTFont.for -> %SystemRoot%\QTFont.for ->  [Ver =  | Size = 1409 bytes | Modified Date = 21-01-2007 19:44:30 | Attr =    ]
QTFont.qfn -> %SystemRoot%\QTFont.qfn ->  [Ver =  | Size = 54156 bytes | Modified Date = 21-01-2007 19:44:30 | Attr =  H ]
win.ini -> %SystemRoot%\win.ini ->  [Ver =  | Size = 847 bytes | Modified Date = 10-01-2007 22:50:12 | Attr =    ]
perfc006.dat -> %System32%\perfc006.dat ->  [Ver =  | Size = 63482 bytes | Modified Date = 23-01-2007 19:13:16 | Attr =    ]
perfc009.dat -> %System32%\perfc009.dat ->  [Ver =  | Size = 53608 bytes | Modified Date = 23-01-2007 19:13:16 | Attr =    ]
perfh006.dat -> %System32%\perfh006.dat ->  [Ver =  | Size = 397806 bytes | Modified Date = 23-01-2007 19:13:16 | Attr =    ]
perfh009.dat -> %System32%\perfh009.dat ->  [Ver =  | Size = 383254 bytes | Modified Date = 23-01-2007 19:13:16 | Attr =    ]
PerfStringBackup.INI -> %System32%\PerfStringBackup.INI ->  [Ver =  | Size = 908782 bytes | Modified Date = 23-01-2007 19:13:14 | Attr =    ]
wpa.dbl -> %System32%\wpa.dbl ->  [Ver =  | Size = 13646 bytes | Modified Date = 23-01-2007 19:09:54 | Attr =    ]

[File String Scan - Non-Microsoft Only]
Thawte Consulting ,  -> %CommonProgramFiles%\Java\Update\Base Images\jre1.5.0.b64\core3.zip ->  [Ver =  | Size = 3290841 bytes | Modified Date = 12-10-2006 03:41:56 | Attr =    ]
USERTRUST ,  -> %CommonProgramFiles%\Java\Update\Base Images\jre1.5.0.b64\patch-jre1.5.0_09.b03\patchjre.exe -> Sun Microsystems, Inc. [Ver = 1, 0, 0, 1 | Size = 4490872 bytes | Modified Date = 12-10-2006 03:41:58 | Attr =    ]
USERTRUST ,  -> %CommonProgramFiles%\Java\Update\Base Images\jre1.5.0.b64\patch-jre1.5.0_10.b03\patchjre.exe -> Sun Microsystems, Inc. [Ver = 1, 0, 0, 1 | Size = 4650616 bytes | Modified Date = 09-11-2006 15:38:38 | Attr =    ]
UPX! ,  -> %CommonProgramFiles%\Microsoft Shared\Web Components\11\1030\OWCFUN11.CHM ->  [Ver =  | Size = 599630 bytes | Modified Date = 18-08-2003 14:46:24 | Attr =    ]
PTech ,  -> %CommonProgramFiles%\Symantec Shared\AntiSpam\bteuclid.dll -> Basis Technology [Ver = 1.7.6 | Size = 3928064 bytes | Modified Date = 24-08-2004 21:04:36 | Attr = R  ]
abetterinternet.com , ad-w-a-r-e.com , MZKERNEL32.DLL , UPX0 ,  -> %CommonProgramFiles%\Symantec Shared\SymcData\idsdefs\20070117.002\sigs.dat ->  [Ver =  | Size = 2389240 bytes | Modified Date = 17-01-2007 22:35:10 | Attr =    ]
abetterinternet.com , ad-w-a-r-e.com , MZKERNEL32.DLL , UPX0 ,  -> %CommonProgramFiles%\Symantec Shared\SymcData\idsdefs\20070123.001\sigs.dat ->  [Ver =  | Size = 2395468 bytes | Modified Date = 23-01-2007 01:06:18 | Attr =    ]
abetterinternet.com , ad-w-a-r-e.com , MZKERNEL32.DLL , UPX0 ,  -> %CommonProgramFiles%\Symantec Shared\SymcData\idsdefs\BinHub\sigs.dat ->  [Ver =  | Size = 2382080 bytes | Modified Date = 08-01-2007 22:24:04 | Attr =    ]
aspack ,  -> %CommonProgramFiles%\Symantec Shared\VirusDefs\20050412.023\NAVEX15.SYS -> Symantec Corporation [Ver = 2004.4.0.15 | Size = 631040 bytes | Modified Date = 12-04-2005 | Attr =    ]
aspack ,  -> %CommonProgramFiles%\Symantec Shared\VirusDefs\20050412.023\NAVEX15.VXD ->  [Ver =  | Size = 900089 bytes | Modified Date = 12-04-2005 | Attr =    ]
aspack ,  -> %CommonProgramFiles%\Symantec Shared\VirusDefs\20050412.023\NAVEX32A.DLL -> Symantec Corporation [Ver = 2004.4.0.15 | Size = 685728 bytes | Modified Date = 12-04-2005 | Attr =    ]
SAHAgent ,  -> %CommonProgramFiles%\Symantec Shared\VirusDefs\20050412.023\VIRSCAN1.DAT ->  [Ver =  | Size = 923442 bytes | Modified Date = 12-04-2005 | Attr =    ]
FSG! ,  -> %CommonProgramFiles%\Symantec Shared\VirusDefs\20050412.023\VIRSCAN8.DAT ->  [Ver =  | Size = 1276987 bytes | Modified Date = 12-04-2005 | Attr =    ]
UPX! , FSG! , WSUD , UPX0 ,  -> %CommonProgramFiles%\Symantec Shared\VirusDefs\20050412.023\VIRSCAN9.DAT ->  [Ver =  | Size = 2135396 bytes | Modified Date = 12-04-2005 | Attr =    ]
SAHAgent ,  -> %CommonProgramFiles%\Symantec Shared\VirusDefs\20070117.019\TCDEFS.DAT ->  [Ver =  | Size = 188007 bytes | Modified Date = 17-01-2007 10:00:00 | Attr =    ]
FSG! ,  -> %CommonProgramFiles%\Symantec Shared\VirusDefs\20070117.019\VIRSCAN8.DAT ->  [Ver =  | Size = 1664913 bytes | Modified Date = 17-01-2007 10:00:00 | Attr =    ]
FSG! , WSUD , UPX0 ,  -> %CommonProgramFiles%\Symantec Shared\VirusDefs\20070117.019\VIRSCAN9.DAT ->  [Ver =  | Size = 4033733 bytes | Modified Date = 17-01-2007 10:00:00 | Attr =    ]
SAHAgent ,  -> %CommonProgramFiles%\Symantec Shared\VirusDefs\20070122.041\TCDEFS.DAT ->  [Ver =  | Size = 188073 bytes | Modified Date = 22-01-2007 10:00:00 | Attr =    ]
FSG! ,  -> %CommonProgramFiles%\Symantec Shared\VirusDefs\20070122.041\VIRSCAN8.DAT ->  [Ver =  | Size = 1668987 bytes | Modified Date = 22-01-2007 10:00:00 | Attr =    ]
FSG! , WSUD , UPX0 ,  -> %CommonProgramFiles%\Symantec Shared\VirusDefs\20070122.041\VIRSCAN9.DAT ->  [Ver =  | Size = 4056384 bytes | Modified Date = 22-01-2007 10:00:00 | Attr =    ]
aspack ,  -> %CommonProgramFiles%\Symantec Shared\VirusDefs\BinHub\navex15.sys -> Symantec Corporation [Ver = 20051.3.1.11 | Size = 750952 bytes | Modified Date = 14-12-2005 10:00:00 | Attr =    ]
aspack ,  -> %CommonProgramFiles%\Symantec Shared\VirusDefs\BinHub\navex15.vxd ->  [Ver =  | Size = 907851 bytes | Modified Date = 14-12-2005 10:00:00 | Attr =    ]
aspack ,  -> %CommonProgramFiles%\Symantec Shared\VirusDefs\BinHub\navex32a.dll -> Symantec Corporation [Ver = 20051.3.1.11 | Size = 788136 bytes | Modified Date = 14-12-2005 10:00:00 | Attr =    ]
SAHAgent ,  -> %CommonProgramFiles%\Symantec Shared\VirusDefs\BinHub\tcdefs.dat ->  [Ver =  | Size = 40290 bytes | Modified Date = 14-12-2005 10:00:00 | Attr =    ]
FSG! ,  -> %CommonProgramFiles%\Symantec Shared\VirusDefs\BinHub\virscan8.dat ->  [Ver =  | Size = 1454934 bytes | Modified Date = 14-12-2005 10:00:00 | Attr =    ]
UPX! , FSG! , WSUD , UPX0 ,  -> %CommonProgramFiles%\Symantec Shared\VirusDefs\BinHub\virscan9.dat ->  [Ver =  | Size = 2930846 bytes | Modified Date = 14-12-2005 10:00:00 | Attr =    ]
aspack ,  -> %CommonProgramFiles%\Symantec Shared\VirusDefs\tmp7f56.tmp\NAVEX15.SYS -> Symantec Corporation [Ver = 20051.3.1.11 | Size = 750952 bytes | Modified Date = 14-12-2005 10:00:00 | Attr =    ]
aspack ,  -> %CommonProgramFiles%\Symantec Shared\VirusDefs\tmp7f56.tmp\NAVEX15.VXD ->  [Ver =  | Size = 907851 bytes | Modified Date = 14-12-2005 10:00:00 | Attr =    ]
aspack ,  -> %CommonProgramFiles%\Symantec Shared\VirusDefs\tmp7f56.tmp\NAVEX32A.DLL -> Symantec Corporation [Ver = 20051.3.1.11 | Size = 788136 bytes | Modified Date = 14-12-2005 10:00:00 | Attr =    ]
SAHAgent ,  -> %CommonProgramFiles%\Symantec Shared\VirusDefs\tmp7f56.tmp\TCDEFS.DAT ->  [Ver =  | Size = 44311 bytes | Modified Date = 08-03-2006 10:00:00 | Attr =    ]
FSG! ,  -> %CommonProgramFiles%\Symantec Shared\VirusDefs\tmp7f56.tmp\VIRSCAN8.DAT ->  [Ver =  | Size = 1498106 bytes | Modified Date = 08-03-2006 10:00:00 | Attr =    ]
UPX! , FSG! , WSUD , UPX0 ,  -> %CommonProgramFiles%\Symantec Shared\VirusDefs\tmp7f56.tmp\VIRSCAN9.DAT ->  [Ver =  | Size = 3117925 bytes | Modified Date = 08-03-2006 10:00:00 | Attr =    ]
WSUD ,  -> %System32%\ALSNDMGR.CPL -> Realtek Semiconductor Corp. [Ver = 2.2.03 | Size = 10435072 bytes | Modified Date = 21-08-2003 10:37:38 | Attr =    ]
PEC2 ,  -> %System32%\dfrg.msc ->  [Ver =  | Size = 41123 bytes | Modified Date = 25-04-2003 13:00:00 | Attr =    ]
winsync ,  -> %System32%\wbdbase.deu ->  [Ver =  | Size = 1309184 bytes | Modified Date = 25-04-2003 13:00:00 | Attr =    ]
WSUD , UPX0 ,  -> %System32%\dllcache\hwxjpn.dll ->  [Ver =  | Size = 13463552 bytes | Modified Date = 27-08-2004 13:00:00 | Attr =    ]

< End of report >
Avatar billede ejvindh Ekspert
24. januar 2007 - 22:13 #6
Der er ikke noget i loggen, der forklarer problemet. Prøv evt. om dette kan hjælpe på problemet:

Hent Dial-a-fix på dette link, og gem det på skrivebordet.
http://djlizard.net/Dial-a-fix-2006-09-19.exe

Kør programmet, klik på "Tools" knappen (billede af en hammer), marker følgende punkt, og klik på "GO"

Reinstall Windows Firewall
Avatar billede drbest Nybegynder
25. januar 2007 - 09:49 #7
Hej Ejvindh.
Desværre hjalp dette ikke....:-(
Avatar billede forevernewbie Nybegynder
25. januar 2007 - 09:53 #8
Prøv den her. Vejledning er vedlagt http://www.sitecenter.dk/secure/nss-folder/mappe/reset.zip
Avatar billede drbest Nybegynder
26. januar 2007 - 09:52 #9
Hej foreverwebie
Desværre, heller ingen hjælp der - ét eller andet deaktiverer stadig min windows firewall....:-(
Avatar billede ejvindh Ekspert
26. januar 2007 - 09:58 #10
Prøv lige at køre en tur med SDfix så:
-- Hent denne fil, og pak den ud til en mappe på skrivebordet:
http://downloads.andymanchesta.com/RemovalTools/SDFix.exe
Dobbeltklik på filen, og lad den pakke sig ud til en mappe i roden af din harddisk (typisk: c:\SDfix)

-- Genstart i fejlsikret, hvis du ikke ved hvordan så kig her:
http://www.ctrlaltdel.dk/forum/forum_posts.asp?TID=23&PN=1

-- Gå så ind i mappen SDFix, som du fik oprettet tidligere. Dobbeltklik på filen RunThis.bat, for at starte værktøjet. Tryk "y" for at bekræfte, at du kører værktøjet på egen risiko. Så vil værktøjet gå i gang med at fjerne trojanservicen, og lave et par reparationer af registreringsdatabasen. På et tidspunkt vil det bede dig om at trykke en taste for at genstarte computeren. Det skal du gøre, hvorefter computeren vil genstarte efter 15 sekunder.

Genstarten vil tage lidt længere end sædvanligt, idet værktøjet skal have tid til at udføre sit arbejde. Når skrivebordet dukker op, vil værktøjet skrive "Finished". Tryk herefter en taste for at indlæse dine skrivebordsikoner igen.

Åben så SDFix-mappen, find filen Report.txt, og kopier indholdet af denne fil herind.
Avatar billede drbest Nybegynder
26. januar 2007 - 20:31 #11
Hej igen Ejvindh:
Her er report.txt så:

SDFix: Version 1.62

26-01-2007 - 19:33:57,65

Microsoft Windows XP [version 5.1.2600]

Running From: C:\SDFix

Safe Mode:
Checking Services:

Name:
Wintab32

Path:
%SystemRoot%\system32\Wintab32.exe

Wintab32 Deleted

Restoring Windows Registry Entries
Restoring Default Hosts File


Rebooting...

Normal Mode:
Checking Files:

Files will be copied to Backups folder and removed:

C:\WINDOWS\system32\Wintab32.exe - Deleted



Alternate Streams Check:

C:\WINDOWS\system32
No streams found.

                                Final Check:

Remaining Services:
------------------


Authorized Application Key Export:

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"


[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"


Remaining Files:
---------------

Backups Folder: - C:\SDFix\backups\backups.zip


Checking For Files with Hidden Attributes :

C:\NTDETECT.COM
C:\Programmer\MessengerOFF\msmsgs.exe
C:\WINDOWS\system32\cdplayer.exe.manifest
C:\WINDOWS\system32\logonui.exe.manifest
C:\IO.SYS
C:\MSDOS.SYS
C:\pagefile.sys
C:\Documents and Settings\Ejer\Lokale indstillinger\Temp\Z@R17D.tmp
C:\Documents and Settings\Ejer\Lokale indstillinger\Temp\Z@R17F.tmp
C:\Documents and Settings\Ejer\Lokale indstillinger\Temp\Z@R181.tmp
C:\Documents and Settings\Ejer\Lokale indstillinger\Temp\Z@S17E.tmp
C:\Documents and Settings\Ejer\Lokale indstillinger\Temp\Z@S180.tmp
C:\Documents and Settings\Ejer\Lokale indstillinger\Temp\Z@S182.tmp
C:\Documents and Settings\Ejer\Skrivebord\Ny mappe\~WRL0001.tmp

                                Finished
Avatar billede ejvindh Ekspert
26. januar 2007 - 22:25 #12
Nå, for søren, jeg havde faktisk overset en entry. Godt at sdfix tog den. Har det hjulpet på problemet?
Avatar billede drbest Nybegynder
27. januar 2007 - 10:16 #13
Nej, desværre ikke.....
Avatar billede ejvindh Ekspert
28. januar 2007 - 20:30 #14
Så må vi prøve at rense videre:
Hent "SuperAntiSpyware free" herfra:
http://www.spywarefri.dk/downloads1.htm

Installer, og opdater scannereren.

Genstart i fejlsikret tilstand.
Lidt hjælp til at komme i fejlsikret tilstand:
http://www.spywareinfo.dk/#/htm/fejlsikret_tilstand.htm

Start scannereren, klik "Scan your computer", sæt flueben i dine drev, ovre til venstre i vinduet. Ovre til højre i vinduet, sætter du prik i "Perform Complete Scan". Klik "næste", nu scanner den. Når den er færdig, så markerer du det den finder, og lader scannereren fjerne det.

Genstart til normal tilstand (scannereren tilbyder måske at gøre det).

Åbn scannereren igen, og klik "preferences"-> "stastics/logs". Marker loggen, og klik "View log". Kopier loggen her ind i tråden, sammen med en ny HijackThis log.

Fuld vejledning til superantispyware finder du her:
http://www.spywarefri.dk/manualer/superantispyware-manual.htm

Prøv også at lave en logfil med Gmer:
Download Gmer-rootkit scanner, og pak den ud til skrivebordet:
http://www.young-andersen.dk/gamer/gamer.zip
Start med at omdøbe programmet gmer.exe (fx til abc.exe). Kør programmet, klik på fanebladet "Rootkit", og klik på "Scan". Imens der scannes, er det vigtigt at du ikke bruger computeren til andre ting. Når scanningen er færdig, skal du klikke på "Copy". Så dukker et vindue op, som fortæller at resultatet af rootkit-scanningen er blevet lagt ind i udklipsholderen. Du kan herefter gå ind i denne tråd, og kopiere indholdet herind, ved at stille dig i indtastningsfeltet, og trykke ctrl-v.
Avatar billede drbest Nybegynder
29. januar 2007 - 09:19 #15
tak for din udholdenhed - jeg ser, om det hjælper os :-)
Avatar billede drbest Nybegynder
30. januar 2007 - 22:11 #16
Her er Spyware-log og G mer:
SUPERAntiSpyware Scan Log
Generated 01/30/2007 at 09:33 PM

Application Version : 3.5.1016

Core Rules Database Version : 3175
Trace Rules Database Version: 1185

Scan type      : Quick Scan
Total Scan Time : 00:07:49

Memory items scanned      : 216
Memory threats detected  : 0
Registry items scanned    : 817
Registry threats detected : 0
File items scanned        : 10914
File threats detected    : 67

Adware.Tracking Cookie
    C:\Documents and Settings\Ejer\Cookies\ejer@adtech[2].txt
    C:\Documents and Settings\Ejer\Cookies\ejer@doubleclick[1].txt
    C:\Documents and Settings\Ejer\Cookies\ejer@adserver.banneradministration[2].txt
    C:\Documents and Settings\Ejer\Cookies\ejer@track.adform[1].txt
    C:\Documents and Settings\Anders\Cookies\anders@ad.zanox[1].txt
    C:\Documents and Settings\Anders\Cookies\anders@adopt.euroclick[2].txt
    C:\Documents and Settings\Anders\Cookies\anders@ads.tibaco[2].txt
    C:\Documents and Settings\Anders\Cookies\anders@adserver.adremedy[2].txt
    C:\Documents and Settings\Anders\Cookies\anders@adserver.tibaco[1].txt
    C:\Documents and Settings\Anders\Cookies\anders@advertising[1].txt
    C:\Documents and Settings\Anders\Cookies\anders@atdmt[1].txt
    C:\Documents and Settings\Anders\Cookies\anders@bluestreak[1].txt
    C:\Documents and Settings\Anders\Cookies\anders@casalemedia[1].txt
    C:\Documents and Settings\Anders\Cookies\anders@doubleclick[1].txt
    C:\Documents and Settings\Anders\Cookies\anders@fastclick[1].txt
    C:\Documents and Settings\Anders\Cookies\anders@imrworldwide[2].txt
    C:\Documents and Settings\Anders\Cookies\anders@media.fastclick[1].txt
    C:\Documents and Settings\Anders\Cookies\anders@server.cpmstar[1].txt
    C:\Documents and Settings\Anders\Cookies\anders@tribalfusion[2].txt
    C:\Documents and Settings\Anders\Cookies\anders@www6.addfreestats[1].txt
    C:\Documents and Settings\Anders\Cookies\anders@xiti[1].txt
    C:\Documents and Settings\Laura\Cookies\laura@2o7[2].txt
    C:\Documents and Settings\Laura\Cookies\laura@ad.yieldmanager[1].txt
    C:\Documents and Settings\Laura\Cookies\laura@ad.zanox[2].txt
    C:\Documents and Settings\Laura\Cookies\laura@ad1.emediate[1].txt
    C:\Documents and Settings\Laura\Cookies\laura@ads.stardoll[1].txt
    C:\Documents and Settings\Laura\Cookies\laura@ads.tibaco[1].txt
    C:\Documents and Settings\Laura\Cookies\laura@adserver.adremedy[2].txt
    C:\Documents and Settings\Laura\Cookies\laura@adserver.banneradministration[1].txt
    C:\Documents and Settings\Laura\Cookies\laura@adserver.tibaco[2].txt
    C:\Documents and Settings\Laura\Cookies\laura@adtech[1].txt
    C:\Documents and Settings\Laura\Cookies\laura@advertising[1].txt
    C:\Documents and Settings\Laura\Cookies\laura@as-us.falkag[1].txt
    C:\Documents and Settings\Laura\Cookies\laura@atdmt[2].txt
    C:\Documents and Settings\Laura\Cookies\laura@atwola[1].txt
    C:\Documents and Settings\Laura\Cookies\laura@bluestreak[2].txt
    C:\Documents and Settings\Laura\Cookies\laura@bs.serving-sys[2].txt
    C:\Documents and Settings\Laura\Cookies\laura@casalemedia[2].txt
    C:\Documents and Settings\Laura\Cookies\laura@doubleclick[1].txt
    C:\Documents and Settings\Laura\Cookies\laura@ehg-dig.hitbox[1].txt
    C:\Documents and Settings\Laura\Cookies\laura@ehg-legonewyorkinc.hitbox[2].txt
    C:\Documents and Settings\Laura\Cookies\laura@fastclick[1].txt
    C:\Documents and Settings\Laura\Cookies\laura@hitbox[1].txt
    C:\Documents and Settings\Laura\Cookies\laura@indextools[2].txt
    C:\Documents and Settings\Laura\Cookies\laura@media.fastclick[1].txt
    C:\Documents and Settings\Laura\Cookies\laura@mediaplex[1].txt
    C:\Documents and Settings\Laura\Cookies\laura@mediaservices.myspace[1].txt
    C:\Documents and Settings\Laura\Cookies\laura@msnportal.112.2o7[1].txt
    C:\Documents and Settings\Laura\Cookies\laura@overture[1].txt
    C:\Documents and Settings\Laura\Cookies\laura@revenue[1].txt
    C:\Documents and Settings\Laura\Cookies\laura@revsci[2].txt
    C:\Documents and Settings\Laura\Cookies\laura@server.cpmstar[2].txt
    C:\Documents and Settings\Laura\Cookies\laura@serving-sys[1].txt
    C:\Documents and Settings\Laura\Cookies\laura@statcounter[1].txt
    C:\Documents and Settings\Laura\Cookies\laura@track.adform[1].txt
    C:\Documents and Settings\Laura\Cookies\laura@tradedoubler[2].txt
    C:\Documents and Settings\Laura\Cookies\laura@trafficmp[2].txt
    C:\Documents and Settings\Laura\Cookies\laura@www.googleadservices[1].txt
    C:\Documents and Settings\Laura\Cookies\laura@www.macromedia[1].txt
    C:\Documents and Settings\Line\Cookies\line@2o7[1].txt
    C:\Documents and Settings\Line\Cookies\line@atdmt[1].txt
    C:\Documents and Settings\Line\Cookies\line@bs.serving-sys[2].txt
    C:\Documents and Settings\Line\Cookies\line@fastclick[2].txt
    C:\Documents and Settings\Line\Cookies\line@media.fastclick[1].txt
    C:\Documents and Settings\Line\Cookies\line@msnportal.112.2o7[1].txt
    C:\Documents and Settings\Line\Cookies\line@serving-sys[2].txt
    C:\Documents and Settings\Line\Cookies\line@tripod[1].txt

***********
GMER 1.0.12.12011 - http://www.gmer.net
Rootkit scan 2007-01-30 22:07:43
Windows 5.1.2600 Service Pack 2


---- System - GMER 1.0.12 ----

SSDT    8212F8B8                                                                                                                        ZwConnectPort
SSDT    82053908                                                                                                                        ZwOpenProcess
SSDT    820539D0                                                                                                                        ZwOpenThread

---- Devices - GMER 1.0.12 ----

Device  \Driver\atapi \Device\Ide\IdePort0 IRP_MJ_DEVICE_CONTROL                                                                        [F8778A08] sdcplh.sys
Device  \Driver\atapi \Device\Ide\IdePort0 IRP_MJ_INTERNAL_DEVICE_CONTROL                                                                [F8778684] sdcplh.sys
Device  \Driver\atapi \Device\Ide\IdeDeviceP0T0L0-4 IRP_MJ_DEVICE_CONTROL                                                                [F8778A08] sdcplh.sys
Device  \Driver\atapi \Device\Ide\IdeDeviceP0T0L0-4 IRP_MJ_INTERNAL_DEVICE_CONTROL                                                      [F8778684] sdcplh.sys
Device  \Driver\atapi \Device\Ide\IdePort1 IRP_MJ_DEVICE_CONTROL                                                                        [F8778A08] sdcplh.sys
Device  \Driver\atapi \Device\Ide\IdePort1 IRP_MJ_INTERNAL_DEVICE_CONTROL                                                                [F8778684] sdcplh.sys
Device  \Driver\atapi \Device\Ide\IdeDeviceP0T1L0-c IRP_MJ_DEVICE_CONTROL                                                                [F8778A08] sdcplh.sys
Device  \Driver\atapi \Device\Ide\IdeDeviceP0T1L0-c IRP_MJ_INTERNAL_DEVICE_CONTROL                                                      [F8778684] sdcplh.sys

---- Registry - GMER 1.0.12 ----

Reg    \Registry\MACHINE\SOFTWARE\Classes\CLSID\{47629D4B-2AD3-4e50-B716-A66C15C63153}\InprocServer32@ThreadingModel                    Apartment
Reg    \Registry\MACHINE\SOFTWARE\Classes\CLSID\{47629D4B-2AD3-4e50-B716-A66C15C63153}\InprocServer32@                                  C:\WINDOWS\system32\OLE32.DLL
Reg    \Registry\MACHINE\SOFTWARE\Classes\CLSID\{47629D4B-2AD3-4e50-B716-A66C15C63153}\InprocServer32@cd042efbbd7f7af1647644e76e06692b  0xE2 0x63 0x26 0xF1 ...
Reg    \Registry\MACHINE\SOFTWARE\Classes\CLSID\{604BB98A-A94F-4a5c-A67C-D8D3582C741C}\InprocServer32@ThreadingModel                    Apartment
Reg    \Registry\MACHINE\SOFTWARE\Classes\CLSID\{604BB98A-A94F-4a5c-A67C-D8D3582C741C}\InprocServer32@                                  C:\WINDOWS\system32\OLE32.DLL
Reg    \Registry\MACHINE\SOFTWARE\Classes\CLSID\{604BB98A-A94F-4a5c-A67C-D8D3582C741C}\InprocServer32@bca643cdc5c2726b20d2ecedcc62c59b  0x71 0x3B 0x04 0x66 ...
Reg    \Registry\MACHINE\SOFTWARE\Classes\CLSID\{684373FB-9CD8-4e47-B990-5A4466C16034}\InprocServer32@ThreadingModel                    Apartment
Reg    \Registry\MACHINE\SOFTWARE\Classes\CLSID\{684373FB-9CD8-4e47-B990-5A4466C16034}\InprocServer32@                                  C:\WINDOWS\system32\OLE32.DLL
Reg    \Registry\MACHINE\SOFTWARE\Classes\CLSID\{684373FB-9CD8-4e47-B990-5A4466C16034}\InprocServer32@2c81e34222e8052573023a60d06dd016  0xFF 0x7C 0x85 0xE0 ...
Reg    \Registry\MACHINE\SOFTWARE\Classes\CLSID\{74554CCD-F60F-4708-AD98-D0152D08C8B9}\InprocServer32@ThreadingModel                    Apartment
Reg    \Registry\MACHINE\SOFTWARE\Classes\CLSID\{74554CCD-F60F-4708-AD98-D0152D08C8B9}\InprocServer32@                                  C:\WINDOWS\system32\OLE32.DLL
Reg    \Registry\MACHINE\SOFTWARE\Classes\CLSID\{74554CCD-F60F-4708-AD98-D0152D08C8B9}\InprocServer32@2582ae41fb52324423be06337561aa48  0x86 0x8C 0x21 0x01 ...
Reg    \Registry\MACHINE\SOFTWARE\Classes\CLSID\{7EB537F9-A916-4339-B91B-DED8E83632C0}\InprocServer32@ThreadingModel                    Apartment
Reg    \Registry\MACHINE\SOFTWARE\Classes\CLSID\{7EB537F9-A916-4339-B91B-DED8E83632C0}\InprocServer32@                                  C:\WINDOWS\system32\OLE32.DLL
Reg    \Registry\MACHINE\SOFTWARE\Classes\CLSID\{7EB537F9-A916-4339-B91B-DED8E83632C0}\InprocServer32@caaeda5fd7a9ed7697d9686d4b818472  0xCD 0x44 0xCD 0xB9 ...
Reg    \Registry\MACHINE\SOFTWARE\Classes\CLSID\{948395E8-7A56-4fb1-843B-3E52D94DB145}\InprocServer32@ThreadingModel                    Apartment
Reg    \Registry\MACHINE\SOFTWARE\Classes\CLSID\{948395E8-7A56-4fb1-843B-3E52D94DB145}\InprocServer32@                                  C:\WINDOWS\system32\OLE32.DLL
Reg    \Registry\MACHINE\SOFTWARE\Classes\CLSID\{948395E8-7A56-4fb1-843B-3E52D94DB145}\InprocServer32@a4a1bcf2cc2b8bc3716b74b2b4522f5d  0xB0 0x18 0xED 0xA7 ...
Reg    \Registry\MACHINE\SOFTWARE\Classes\CLSID\{AC3ED30B-6F1A-4bfc-A4F6-2EBDCCD34C19}\InprocServer32@ThreadingModel                    Apartment
Reg    \Registry\MACHINE\SOFTWARE\Classes\CLSID\{AC3ED30B-6F1A-4bfc-A4F6-2EBDCCD34C19}\InprocServer32@                                  C:\WINDOWS\system32\OLE32.DLL
Reg    \Registry\MACHINE\SOFTWARE\Classes\CLSID\{AC3ED30B-6F1A-4bfc-A4F6-2EBDCCD34C19}\InprocServer32@4d370831d2c43cd13623e232fed27b7b  0x31 0x77 0xE1 0xBA ...
Reg    \Registry\MACHINE\SOFTWARE\Classes\CLSID\{DE5654CA-EB84-4df9-915B-37E957082D6D}\InprocServer32@ThreadingModel                    Apartment
Reg    \Registry\MACHINE\SOFTWARE\Classes\CLSID\{DE5654CA-EB84-4df9-915B-37E957082D6D}\InprocServer32@                                  C:\WINDOWS\system32\OLE32.DLL
Reg    \Registry\MACHINE\SOFTWARE\Classes\CLSID\{DE5654CA-EB84-4df9-915B-37E957082D6D}\InprocServer32@1d68fe701cdea33e477eb204b76f993d  0x01 0x3A 0x48 0xFC ...
Reg    \Registry\MACHINE\SOFTWARE\Classes\CLSID\{E39C35E8-7488-4926-92B2-2F94619AC1A5}\InprocServer32@ThreadingModel                    Apartment
Reg    \Registry\MACHINE\SOFTWARE\Classes\CLSID\{E39C35E8-7488-4926-92B2-2F94619AC1A5}\InprocServer32@                                  C:\WINDOWS\system32\OLE32.DLL
Reg    \Registry\MACHINE\SOFTWARE\Classes\CLSID\{E39C35E8-7488-4926-92B2-2F94619AC1A5}\InprocServer32@1fac81b91d8e3c5aa4b0a51804d844a3  0xF6 0x0F 0x4E 0x58 ...
Reg    \Registry\MACHINE\SOFTWARE\Classes\CLSID\{EACAFCE5-B0E2-4288-8073-C02FF9619B6F}\InprocServer32@ThreadingModel                    Apartment
Reg    \Registry\MACHINE\SOFTWARE\Classes\CLSID\{EACAFCE5-B0E2-4288-8073-C02FF9619B6F}\InprocServer32@                                  C:\WINDOWS\system32\OLE32.DLL
Reg    \Registry\MACHINE\SOFTWARE\Classes\CLSID\{EACAFCE5-B0E2-4288-8073-C02FF9619B6F}\InprocServer32@f5f62a6129303efb32fbe080bb27835b  0x3D 0xCE 0xEA 0x26 ...
Reg    \Registry\MACHINE\SOFTWARE\Classes\CLSID\{F8F02ADD-7366-4186-9488-C21CB8B3DCEC}\InprocServer32@ThreadingModel                    Apartment
Reg    \Registry\MACHINE\SOFTWARE\Classes\CLSID\{F8F02ADD-7366-4186-9488-C21CB8B3DCEC}\InprocServer32@                                  C:\WINDOWS\system32\OLE32.DLL
Reg    \Registry\MACHINE\SOFTWARE\Classes\CLSID\{F8F02ADD-7366-4186-9488-C21CB8B3DCEC}\InprocServer32@fd4e2e1a3940b94dceb5a6a021f2e3c6  0xE3 0x0E 0x66 0xD5 ...
Reg    \Registry\MACHINE\SOFTWARE\Classes\CLSID\{FEE45DE2-A467-4bf9-BF2D-1411304BCD84}\InprocServer32@ThreadingModel                    Apartment
Reg    \Registry\MACHINE\SOFTWARE\Classes\CLSID\{FEE45DE2-A467-4bf9-BF2D-1411304BCD84}\InprocServer32@                                  C:\WINDOWS\system32\OLE32.DLL
Reg    \Registry\MACHINE\SOFTWARE\Classes\CLSID\{FEE45DE2-A467-4bf9-BF2D-1411304BCD84}\InprocServer32@8a8aec57dd6508a385616fbc86791ec2  0x6C 0x43 0x2D 0x1E ...

---- Files - GMER 1.0.12 ----

ADS    C:\Documents and Settings\Anders\Skrivebord\Club Penguin.url:favicon                                                           
ADS    C:\Documents and Settings\Ejer\Foretrukne\www.myspace.com-andreashre.url:favicon                                               
ADS    C:\Programmer\Alletiders Nisse\start.url:favicon                                                                               

---- EOF - GMER 1.0.12 ----
Avatar billede drbest Nybegynder
30. januar 2007 - 22:15 #17
Logfile of HijackThis v1.99.1
Scan saved at 22:13:08, on 30-01-2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.5730.0011)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Programmer\Ahead\InCD\InCDsrv.exe
C:\Programmer\Fælles filer\Symantec Shared\ccProxy.exe
C:\Programmer\Fælles filer\Symantec Shared\ccSetMgr.exe
C:\Programmer\Norton Internet Security\ISSVC.exe
C:\Programmer\Fælles filer\Symantec Shared\SNDSrvc.exe
C:\Programmer\Fælles filer\Symantec Shared\SPBBC\SPBBCSvc.exe
C:\Programmer\Fælles filer\Symantec Shared\ccEvtMgr.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\igfxtray.exe
C:\WINDOWS\system32\hkcmd.exe
C:\Programmer\Fælles filer\Symantec Shared\ccApp.exe
C:\Programmer\CyberLink\PowerDVD\PDVDServ.exe
C:\WINDOWS\system32\Wtfunc.exe
C:\Programmer\HP\HP Software Update\HPWuSchd2.exe
C:\Programmer\Java\jre1.5.0_10\bin\jusched.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\Programmer\QuickTime\qttask.exe
C:\Programmer\iTunes\iTunesHelper.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Programmer\SUPERAntiSpyware\SUPERAntiSpyware.exe
C:\Programmer\Symantec\LiveUpdate\ALUSchedulerSvc.exe
C:\Programmer\Cisco Systems\VPN Client\cvpnd.exe
C:\Programmer\Norton Internet Security\Norton AntiVirus\navapsvc.exe
C:\WINDOWS\system32\slserv.exe
C:\WINDOWS\System32\svchost.exe
C:\Programmer\Fælles filer\Symantec Shared\CCPD-LC\symlcsvc.exe
C:\WINDOWS\system32\UStorSrv.exe
C:\Programmer\iPod\bin\iPodService.exe
C:\Programmer\HP\Digital Imaging\bin\hpqtra08.exe
C:\Programmer\HP\Digital Imaging\bin\hpqimzone.exe
C:\Programmer\HP\Digital Imaging\bin\hpqSTE08.exe
C:\Programmer\HP\Digital Imaging\Product Assistant\bin\hprblog.exe
C:\Documents and Settings\Ejer\Skrivebord\gamer\abc.exe
C:\WINDOWS\explorer.exe
C:\Programmer\Internet Explorer\iexplore.exe
C:\Documents and Settings\Ejer\Skrivebord\hijackthis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.dk/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Hyperlinks
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programmer\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programmer\Java\jre1.5.0_10\bin\ssv.dll
O2 - BHO: CNisExtBho Class - {9ECB9560-04F9-4bbc-943D-298DDF1699E1} - C:\Programmer\Fælles filer\Symantec Shared\AdBlocking\NISShExt.dll
O2 - BHO: CNavExtBho Class - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Programmer\Norton Internet Security\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: Norton Internet Security - {0B53EAC3-8D69-4b9e-9B19-A37C9A5676A7} - C:\Programmer\Fælles filer\Symantec Shared\AdBlocking\NISShExt.dll
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Programmer\Norton Internet Security\Norton AntiVirus\NavShExt.dll
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [ccApp] "C:\Programmer\Fælles filer\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [Symantec NetDriver Monitor] C:\PROGRA~1\SYMNET~1\SNDMon.exe /Consumer
O4 - HKLM\..\Run: [RemoteControl] C:\Programmer\CyberLink\PowerDVD\PDVDServ.exe
O4 - HKLM\..\Run: [Wintab Functions] C:\WINDOWS\system32\Wtfunc.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [HP Software Update] C:\Programmer\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Programmer\Java\jre1.5.0_10\bin\jusched.exe"
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [QuickTime Task] "C:\Programmer\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Programmer\iTunes\iTunesHelper.exe"
O4 - HKCU\..\Run: [updateMgr] "C:\Programmer\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe" AcRdB7_0_8 -reboot 1
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [SUPERAntiSpyware] C:\Programmer\SUPERAntiSpyware\SUPERAntiSpyware.exe
O4 - Global Startup: Adobe Reader Hurtigstart.lnk = C:\Programmer\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Cisco Systems VPN Client.lnk = C:\Programmer\Cisco Systems\VPN Client\ipsecdialer.exe
O4 - Global Startup: Firebird Server.lnk = C:\Programmer\aFirebird\Bin\fbguard.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Programmer\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: HP Image Zone Hurtig start.lnk = C:\Programmer\HP\Digital Imaging\bin\hpqthb08.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Programmer\Microsoft Office\Office10\OSA.EXE
O8 - Extra context menu item: E&ksporter til Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: FirstClass® - {02011FE3-C22B-451d-9A25-BF4DBB38B8E7} - C:\WINDOWS\Downloaded Program Files\fcplugin.dll
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programmer\Java\jre1.5.0_10\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programmer\Java\jre1.5.0_10\bin\ssv.dll
O9 - Extra button: Opslag - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - (no file)
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - (no file)
O11 - Options group: [INTERNATIONAL] International*
O16 - DPF: {05CA9FB0-3E3E-4B36-BF41-0E3A5CAA8CD8} (Office Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=67633
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1138445231625
O16 - DPF: {9C196458-4145-46AF-8A77-1506878DFECA} (FirstClass® Control) - ftp://ftp.sektornet.dk/sektornet/skolekom/fcplugin.cab
O16 - DPF: {D8575CE3-3432-4540-88A9-85A1325D3375} (e-Safekey) - https://netpension.danicapension.dk/html/activex/e-Safekey/DB/e-Safekey.cab
O16 - DPF: {E8F628B5-259A-4734-97EE-BA914D7BE941} (Driver Agent ActiveX Control) - http://driveragent.com/files/driveragent.cab
O18 - Protocol: fcp - {B3133379-8789-4D3C-9593-C205D7297501} - C:\WINDOWS\Downloaded Program Files\fcplugin.dll
O20 - Winlogon Notify: !SASWinLogon - C:\Programmer\SUPERAntiSpyware\SASWINLO.dll
O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxsrvc.dll
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O23 - Service: Automatisk LiveUpdate-planlægning - Symantec Corporation - C:\Programmer\Symantec\LiveUpdate\ALUSchedulerSvc.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Programmer\Fælles filer\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Network Proxy (ccProxy) - Symantec Corporation - C:\Programmer\Fælles filer\Symantec Shared\ccProxy.exe
O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Programmer\Fælles filer\Symantec Shared\ccPwdSvc.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Programmer\Fælles filer\Symantec Shared\ccSetMgr.exe
O23 - Service: Cisco Systems, Inc. VPN Service (CVPND) - Cisco Systems, Inc. - C:\Programmer\Cisco Systems\VPN Client\cvpnd.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Programmer\Fælles filer\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: InCD Helper (InCDsrv) - Nero AG - C:\Programmer\Ahead\InCD\InCDsrv.exe
O23 - Service: iPod Service - Apple Computer, Inc. - C:\Programmer\iPod\bin\iPodService.exe
O23 - Service: ISSvc (ISSVC) - Symantec Corporation - C:\Programmer\Norton Internet Security\ISSVC.exe
O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
O23 - Service: Norton AntiVirus Auto-Protect-tjeneste (navapsvc) - Symantec Corporation - C:\Programmer\Norton Internet Security\Norton AntiVirus\navapsvc.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: SAVScan - Symantec Corporation - C:\Programmer\Norton Internet Security\Norton AntiVirus\SAVScan.exe
O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - C:\PROGRA~1\FLLESF~1\SYMANT~1\SCRIPT~1\SBServ.exe
O23 - Service: SmartLinkService (SLService) -  - C:\WINDOWS\SYSTEM32\slserv.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Programmer\Fælles filer\Symantec Shared\SNDSrvc.exe
O23 - Service: Symantec SPBBCSvc (SPBBCSvc) - Symantec Corporation - C:\Programmer\Fælles filer\Symantec Shared\SPBBC\SPBBCSvc.exe
O23 - Service: Symantec Core LC - Symantec Corporation - C:\Programmer\Fælles filer\Symantec Shared\CCPD-LC\symlcsvc.exe
O23 - Service: UStorage Server Service - OTi - C:\WINDOWS\system32\UStorSrv.exe
Avatar billede ejvindh Ekspert
31. januar 2007 - 11:09 #18
Der er stadig ikke rigtig nogle tegn på infektion på din computer. Og den er efterhånden blevet undersøgt på kryds og tværs, uden de mindste tegn på skidt. Kan du sige noget om, i hvilken sammenhæng det sker. Og hvor ofte det sker?

Prøv også lige lave en log med winpfind2:
Hent WinPfind2 herfra:
http://download.bleepingcomputer.com/oldtimer/winpfind2.exe

Dobbeltklik på filen, og klik på Extract, for at pakke programmet ud. Så dukker der en ny mappe op på skrivebordet, der hedder WinPfind2. Inde i denne mappe skal du klikke på Winpfind2.exe.

Under "Registry options" skal du klikke på "Remove all". Under "File options" skal du også klikke på "Remove all"
Ovre til højre skal du markere "Security.def"

Klik herefter på "Run all scans". Så vil computeren blive scannet. Når der nederst til venstre står "Scans Complete!", klikker du på "Simple report", hvorefter der vil åbnes en logfil, som du skal lægge herind.
Avatar billede drbest Nybegynder
31. januar 2007 - 18:14 #19
Det sker stort set hele tiden - og hver gang jeg har startet maskinen på ny, er firewallen inaktiveret. Her er den ønskede log:
Logfile created on: 31-01-2007 18:11:47
WinPFind2 by OldTimer - Version 1.0.15    Folder = C:\Documents and Settings\Ejer\Skrivebord\WinPFind2\
Microsoft Windows XP Service Pack 2 (Version = 5.1.2600)
Internet Explorer (Version = 7.0.5730.11)


< Processes (Non-Microsoft Only) >
c:\programmer\symantec\liveupdate\aluschedulersvc.exe - (Symantec Corporation )
c:\programmer\fælles filer\symantec shared\ccapp.exe - (Symantec Corporation )
c:\programmer\fælles filer\symantec shared\ccevtmgr.exe - (Symantec Corporation )
c:\programmer\fælles filer\symantec shared\ccproxy.exe - (Symantec Corporation )
c:\programmer\fælles filer\symantec shared\ccsetmgr.exe - (Symantec Corporation )
c:\programmer\cisco systems\vpn client\cvpnd.exe - (Cisco Systems, Inc. )
c:\windows\system32\hkcmd.exe - (Intel Corporation )
c:\programmer\hp\digital imaging\bin\hpqimzone.exe - (Hewlett-Packard Co. )
c:\programmer\hp\digital imaging\bin\hpqste08.exe - (Hewlett-Packard Co. )
c:\programmer\hp\digital imaging\bin\hpqtra08.exe - (Hewlett-Packard Co. )
c:\programmer\hp\digital imaging\product assistant\bin\hprblog.exe - (Hewlett-Packard Co. )
c:\programmer\hp\hp software update\hpwuschd2.exe - (Hewlett-Packard Co. )
c:\windows\system32\igfxtray.exe - (Intel Corporation )
c:\programmer\ahead\incd\incdsrv.exe - (Nero AG )
c:\programmer\ipod\bin\ipodservice.exe - (Apple Computer, Inc. )
c:\programmer\cisco systems\vpn client\ipsecdialer.exe - (Cisco Systems, Inc. )
c:\programmer\norton internet security\issvc.exe - (Symantec Corporation )
c:\programmer\itunes\ituneshelper.exe - (Apple Computer, Inc. )
c:\programmer\java\jre1.5.0_10\bin\jusched.exe - (Sun Microsystems, Inc. )
c:\programmer\norton internet security\norton antivirus\navapsvc.exe - (Symantec Corporation )
c:\programmer\cyberlink\powerdvd\pdvdserv.exe - (Cyberlink Corp. )
c:\programmer\quicktime\qttask.exe - (Apple Computer, Inc. )
c:\windows\system32\slserv.exe - (  )
c:\programmer\fælles filer\symantec shared\sndsrvc.exe - (Symantec Corporation )
c:\windows\soundman.exe - (Realtek Semiconductor Corp. )
c:\programmer\fælles filer\symantec shared\spbbc\spbbcsvc.exe - (Symantec Corporation )
c:\programmer\superantispyware\superantispyware.exe - (SUPERAntiSpyware.com )
c:\programmer\fælles filer\symantec shared\ccpd-lc\symlcsvc.exe - (Symantec Corporation )
c:\windows\system32\ustorsrv.exe - (OTi )
c:\documents and settings\ejer\skrivebord\winpfind2\winpfind2.exe - (OldTimer Tools )
c:\windows\system32\wtfunc.exe - (ACE CAD Enterprise Co., Ltd. )

< Services (Non-Microsoft Only) >
Automatisk LiveUpdate-planlægning (Automatisk LiveUpdate-planlægning) - "C:\Programmer\Symantec\LiveUpdate\ALUSchedulerSvc.exe" (Symantec Corporation ) [Automatic - Running - Win32, running in it's own process]
Symantec Event Manager (ccEvtMgr) - "C:\Programmer\Fælles filer\Symantec Shared\ccEvtMgr.exe" (Symantec Corporation ) [Automatic - Running - Win32, running in it's own process]
Symantec Network Proxy (ccProxy) - "C:\Programmer\Fælles filer\Symantec Shared\ccProxy.exe" (Symantec Corporation ) [Automatic - Running - Win32, running in it's own process]
Symantec Settings Manager (ccSetMgr) - "C:\Programmer\Fælles filer\Symantec Shared\ccSetMgr.exe" (Symantec Corporation ) [Automatic - Running - Win32, running in it's own process]
Cisco Systems, Inc. VPN Service (CVPND) - "C:\Programmer\Cisco Systems\VPN Client\cvpnd.exe" (Cisco Systems, Inc. ) [Automatic - Running - Win32, running in it's own process]
InCD Helper (InCDsrv) - C:\Programmer\Ahead\InCD\InCDsrv.exe (Nero AG ) [Automatic - Running - Win32, running in it's own process]
iPod Service (iPod Service) - "C:\Programmer\iPod\bin\iPodService.exe" (Apple Computer, Inc. ) [On Demand - Running - Win32, running in it's own process]
ISSvc (ISSVC) - "C:\Programmer\Norton Internet Security\ISSVC.exe" (Symantec Corporation ) [Automatic - Running - Win32, running in it's own process]
Norton AntiVirus Auto-Protect-tjeneste (navapsvc) - "C:\Programmer\Norton Internet Security\Norton AntiVirus\navapsvc.exe" (Symantec Corporation ) [Automatic - Running - Win32, running in it's own process]
SmartLinkService (SLService) - slserv.exe (  ) [Automatic - Running - Win32, running in it's own process]
Symantec Network Drivers Service (SNDSrvc) - "C:\Programmer\Fælles filer\Symantec Shared\SNDSrvc.exe" (Symantec Corporation ) [Automatic - Running - Win32, running in it's own process]
Symantec SPBBCSvc (SPBBCSvc) - "C:\Programmer\Fælles filer\Symantec Shared\SPBBC\SPBBCSvc.exe" (Symantec Corporation ) [Automatic - Running - Win32, running in it's own process]
Symantec Core LC (Symantec Core LC) - "C:\Programmer\Fælles filer\Symantec Shared\CCPD-LC\symlcsvc.exe" (Symantec Corporation ) [Automatic - Running - Win32, running in it's own process]
UStorage Server Service (UStorage Server Service) - C:\WINDOWS\system32\UStorSrv.exe /Service (OTi ) [Automatic - Running - Win32, running in it's own process]

< Add On's >

>>>>Output for AddOn file Security.def<<<<
Avatar billede forevernewbie Nybegynder
31. januar 2007 - 18:23 #20
Jeg skal ikke blande mig i logsene, nu hvor Ejvindh er godt i gang, men det kan tænkes at dit Norton, som jo har en firewall, selv disabler Windows firewall, for at undgå konflikter. Visse firewalls gør det, men om Norton også gør det, ved jeg ikke. Men det kunne være en forklaring på "fænomenet".
Avatar billede ejvindh Ekspert
31. januar 2007 - 21:24 #21
Winpfind2-loggen giver ikke så meget, da den vigtige del af loggen tilsyneladende er blevet skåret væk (det der står efter ">>>>Output for AddOn file Security.def<<<<"). Prøv derfor at se om der ikke står noget efter denne linie i logfilen (findes inde i winpfind2-mappen).

Derudover hælder jeg nok også til at forevernewbie kunne have en pointe. Jeg har også været ved at overveje om det kunne være en købe-firewall, der afinstallerede den indbyggede. Vil du sige at Norton's "besked" er en advarsel eller en oplysning? Og bruger du den installerede Norton-firewall?
Avatar billede drbest Nybegynder
31. januar 2007 - 21:32 #22
Her skulle det hele så være - undskyld!
Logfile created on: 31-01-2007 18:11:47
WinPFind2 by OldTimer - Version 1.0.15    Folder = C:\Documents and Settings\Ejer\Skrivebord\WinPFind2\
Microsoft Windows XP Service Pack 2 (Version = 5.1.2600)
Internet Explorer (Version = 7.0.5730.11)


< Processes (Non-Microsoft Only) >
c:\programmer\symantec\liveupdate\aluschedulersvc.exe - (Symantec Corporation )
c:\programmer\fælles filer\symantec shared\ccapp.exe - (Symantec Corporation )
c:\programmer\fælles filer\symantec shared\ccevtmgr.exe - (Symantec Corporation )
c:\programmer\fælles filer\symantec shared\ccproxy.exe - (Symantec Corporation )
c:\programmer\fælles filer\symantec shared\ccsetmgr.exe - (Symantec Corporation )
c:\programmer\cisco systems\vpn client\cvpnd.exe - (Cisco Systems, Inc. )
c:\windows\system32\hkcmd.exe - (Intel Corporation )
c:\programmer\hp\digital imaging\bin\hpqimzone.exe - (Hewlett-Packard Co. )
c:\programmer\hp\digital imaging\bin\hpqste08.exe - (Hewlett-Packard Co. )
c:\programmer\hp\digital imaging\bin\hpqtra08.exe - (Hewlett-Packard Co. )
c:\programmer\hp\digital imaging\product assistant\bin\hprblog.exe - (Hewlett-Packard Co. )
c:\programmer\hp\hp software update\hpwuschd2.exe - (Hewlett-Packard Co. )
c:\windows\system32\igfxtray.exe - (Intel Corporation )
c:\programmer\ahead\incd\incdsrv.exe - (Nero AG )
c:\programmer\ipod\bin\ipodservice.exe - (Apple Computer, Inc. )
c:\programmer\cisco systems\vpn client\ipsecdialer.exe - (Cisco Systems, Inc. )
c:\programmer\norton internet security\issvc.exe - (Symantec Corporation )
c:\programmer\itunes\ituneshelper.exe - (Apple Computer, Inc. )
c:\programmer\java\jre1.5.0_10\bin\jusched.exe - (Sun Microsystems, Inc. )
c:\programmer\norton internet security\norton antivirus\navapsvc.exe - (Symantec Corporation )
c:\programmer\cyberlink\powerdvd\pdvdserv.exe - (Cyberlink Corp. )
c:\programmer\quicktime\qttask.exe - (Apple Computer, Inc. )
c:\windows\system32\slserv.exe - (  )
c:\programmer\fælles filer\symantec shared\sndsrvc.exe - (Symantec Corporation )
c:\windows\soundman.exe - (Realtek Semiconductor Corp. )
c:\programmer\fælles filer\symantec shared\spbbc\spbbcsvc.exe - (Symantec Corporation )
c:\programmer\superantispyware\superantispyware.exe - (SUPERAntiSpyware.com )
c:\programmer\fælles filer\symantec shared\ccpd-lc\symlcsvc.exe - (Symantec Corporation )
c:\windows\system32\ustorsrv.exe - (OTi )
c:\documents and settings\ejer\skrivebord\winpfind2\winpfind2.exe - (OldTimer Tools )
c:\windows\system32\wtfunc.exe - (ACE CAD Enterprise Co., Ltd. )

< Services (Non-Microsoft Only) >
Automatisk LiveUpdate-planlægning (Automatisk LiveUpdate-planlægning) - "C:\Programmer\Symantec\LiveUpdate\ALUSchedulerSvc.exe" (Symantec Corporation ) [Automatic - Running - Win32, running in it's own process]
Symantec Event Manager (ccEvtMgr) - "C:\Programmer\Fælles filer\Symantec Shared\ccEvtMgr.exe" (Symantec Corporation ) [Automatic - Running - Win32, running in it's own process]
Symantec Network Proxy (ccProxy) - "C:\Programmer\Fælles filer\Symantec Shared\ccProxy.exe" (Symantec Corporation ) [Automatic - Running - Win32, running in it's own process]
Symantec Settings Manager (ccSetMgr) - "C:\Programmer\Fælles filer\Symantec Shared\ccSetMgr.exe" (Symantec Corporation ) [Automatic - Running - Win32, running in it's own process]
Cisco Systems, Inc. VPN Service (CVPND) - "C:\Programmer\Cisco Systems\VPN Client\cvpnd.exe" (Cisco Systems, Inc. ) [Automatic - Running - Win32, running in it's own process]
InCD Helper (InCDsrv) - C:\Programmer\Ahead\InCD\InCDsrv.exe (Nero AG ) [Automatic - Running - Win32, running in it's own process]
iPod Service (iPod Service) - "C:\Programmer\iPod\bin\iPodService.exe" (Apple Computer, Inc. ) [On Demand - Running - Win32, running in it's own process]
ISSvc (ISSVC) - "C:\Programmer\Norton Internet Security\ISSVC.exe" (Symantec Corporation ) [Automatic - Running - Win32, running in it's own process]
Norton AntiVirus Auto-Protect-tjeneste (navapsvc) - "C:\Programmer\Norton Internet Security\Norton AntiVirus\navapsvc.exe" (Symantec Corporation ) [Automatic - Running - Win32, running in it's own process]
SmartLinkService (SLService) - slserv.exe (  ) [Automatic - Running - Win32, running in it's own process]
Symantec Network Drivers Service (SNDSrvc) - "C:\Programmer\Fælles filer\Symantec Shared\SNDSrvc.exe" (Symantec Corporation ) [Automatic - Running - Win32, running in it's own process]
Symantec SPBBCSvc (SPBBCSvc) - "C:\Programmer\Fælles filer\Symantec Shared\SPBBC\SPBBCSvc.exe" (Symantec Corporation ) [Automatic - Running - Win32, running in it's own process]
Symantec Core LC (Symantec Core LC) - "C:\Programmer\Fælles filer\Symantec Shared\CCPD-LC\symlcsvc.exe" (Symantec Corporation ) [Automatic - Running - Win32, running in it's own process]
UStorage Server Service (UStorage Server Service) - C:\WINDOWS\system32\UStorSrv.exe /Service (OTi ) [Automatic - Running - Win32, running in it's own process]

< Add On's >

>>>>Output for AddOn file Security.def<<<<

KEY - HKLM\SOFTWARE\Microsoft\Security Center - Include SUBKEYS
HKLM\SOFTWARE\Microsoft\Security Center -
Security Center\\AntiVirusDisableNotify - 0
Security Center\\FirewallDisableNotify - 0
Security Center\\UpdatesDisableNotify - 0
Security Center\\AntiVirusOverride - 0
Security Center\\FirewallOverride - 0
Security Center\\FirstRunDisabled - 1
Security Center\Monitoring -
Security Center\Monitoring\AhnlabAntiVirus -
Security Center\Monitoring\ComputerAssociatesAntiVirus -
Security Center\Monitoring\KasperskyAntiVirus -
Security Center\Monitoring\McAfeeAntiVirus -
Security Center\Monitoring\McAfeeFirewall -
Security Center\Monitoring\PandaAntiVirus -
Security Center\Monitoring\PandaFirewall -
Security Center\Monitoring\SophosAntiVirus -
Security Center\Monitoring\SymantecAntiVirus -
Security Center\Monitoring\SymantecAntiVirus\\DisableMonitoring - 1
Security Center\Monitoring\SymantecFirewall -
Security Center\Monitoring\SymantecFirewall\\DisableMonitoring - 1
Security Center\Monitoring\TinyFirewall -
Security Center\Monitoring\TrendAntiVirus -
Security Center\Monitoring\TrendFirewall -
Security Center\Monitoring\ZoneLabsFirewall -

KEY - HKLM\SYSTEM\CurrentControlSet\Services\BITS - Include SUBKEYS
HKLM\SYSTEM\CurrentControlSet\Services\BITS -
BITS\\Type - 32
BITS\\Start - 3
BITS\\ErrorControl - 1
BITS\\ImagePath - %SystemRoot%\System32\svchost.exe -k netsvcs
BITS\\DisplayName - Tjenesten Background Intelligent Transfer
BITS\\DependOnService - Rpcss;
BITS\\DependOnGroup -
BITS\\ObjectName - LocalSystem
BITS\\Description - Overfører filer i baggrunden ved hjælp af inaktiv netværksbåndbredde. Hvis tjenesten stoppes, kan funktioner som Windows Update og MSN Explorer ikke automatisk hente programmer og andre oplysninger. Hvis denne tjeneste deaktiveres, kan tjenester, der er direkte afhængige af den, muligvis ikke overføre filer, hvis tjenesterne ikke har en fejlsikker mekanisme til at overføre filer direkte gennem Internet Explorer, når BITS er blevet deaktiveret.
BITS\\FailureActions - 00 00 00 00 00 00 00 00 00 00 00 00 03 00 00 00 68 E3 0C 00 01 00 00 00 60 EA 00 00 01 00 00 00 60 EA 00 00 01 00 00 00 60 EA 00 00
BITS\Parameters -
BITS\Parameters\\ServiceDll - C:\WINDOWS\System32\qmgr.dll
BITS\Security -
BITS\Security\\Security - 01 00 14 80 90 00 00 00 9C 00 00 00 14 00 00 00 30 00 00 00 02 00 1C 00 01 00 00 00 02 80 14 00 FF 01 0F 00 01 01 00 00 00 00 00 01 00 00 00 00 02 00 60 00 04 00 00 00 00 00 14 00 FD 01 02 00 01 01 00 00 00 00 00 05 12 00 00 00 00 00 18 00 FF 01 0F 00 01 02 00 00 00 00 00 05 20 00 00 00 20 02 00 00 00 00 14 00 8D 01 02 00 01 01 00 00 00 00 00 05 0B 00 00 00 00 00 18 00 FD 01 02 00 01 02 00 00 00 00 00 05 20 00 00 00 23 02 00 00 01 01 00 00 00 00 00 05 12 00 00 00 01 01 00 00 00 00 00 05 12 00 00 00
BITS\Enum -
BITS\Enum\\0 - Root\LEGACY_BITS\0000
BITS\Enum\\Count - 1
BITS\Enum\\NextInstance - 1

KEY - HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess - Include SUBKEYS
HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess -
SharedAccess\\DependOnGroup -
SharedAccess\\DependOnService - Netman;WinMgmt;
SharedAccess\\Description - Giver mulighed for adresseoversættelse, adressering, navnefortolkning og/eller tjenester til forebyggelse af uautoriseret brug for netværksadresser på et hjemmenetværk eller mindre kontornetværk.
SharedAccess\\DisplayName - Windows Firewall/Deling af Internetforbindelse
SharedAccess\\ErrorControl - 1
SharedAccess\\ImagePath - %SystemRoot%\system32\svchost.exe -k netsvcs
SharedAccess\\ObjectName - LocalSystem
SharedAccess\\Start - 2
SharedAccess\\Type - 32
SharedAccess\Enum -
SharedAccess\Enum\\0 - Root\LEGACY_SHAREDACCESS\0000
SharedAccess\Enum\\Count - 1
SharedAccess\Enum\\NextInstance - 1
SharedAccess\Epoch -
SharedAccess\Epoch\\Epoch - 637
SharedAccess\Parameters -
SharedAccess\Parameters\\ServiceDll - %SystemRoot%\System32\ipnathlp.dll
SharedAccess\Parameters\FirewallPolicy -
SharedAccess\Parameters\FirewallPolicy\DomainProfile -
SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications -
SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List -
SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List\\%windir%\system32\sessmgr.exe - %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019
SharedAccess\Parameters\FirewallPolicy\StandardProfile -
SharedAccess\Parameters\FirewallPolicy\StandardProfile\\EnableFirewall - 0
SharedAccess\Parameters\FirewallPolicy\StandardProfile\\DoNotAllowExceptions - 1
SharedAccess\Parameters\FirewallPolicy\StandardProfile\\DisableNotifications - 0
SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications -
SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List -
SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List\\%windir%\system32\sessmgr.exe - %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019
SharedAccess\Setup -
SharedAccess\Setup\\ServiceUpgrade - 1
SharedAccess\Setup\InterfacesUnfirewalledAtUpdate -
SharedAccess\Setup\InterfacesUnfirewalledAtUpdate\\All - 1

KEY - HKLM\SYSTEM\CurrentControlSet\Services\wuauserv - Include SUBKEYS
HKLM\SYSTEM\CurrentControlSet\Services\wuauserv -
wuauserv\\Type - 32
wuauserv\\Start - 2
wuauserv\\ErrorControl - 1
wuauserv\\ImagePath - %systemroot%\system32\svchost.exe -k netsvcs
wuauserv\\DisplayName - Automatiske opdateringer
wuauserv\\ObjectName - LocalSystem
wuauserv\\Description - Giver mulighed for overførsel og installation af vigtige Windows-opdateringer. Hvis tjenesten er deaktiveret, kan operativsystemet opdateres manuelt på webstedet Windows Update.
wuauserv\Parameters -
wuauserv\Parameters\\ServiceDll - C:\WINDOWS\system32\wuauserv.dll
wuauserv\Security -
wuauserv\Security\\Security - 01 00 14 80 90 00 00 00 9C 00 00 00 14 00 00 00 30 00 00 00 02 00 1C 00 01 00 00 00 02 80 14 00 FF 01 0F 00 01 01 00 00 00 00 00 01 00 00 00 00 02 00 60 00 04 00 00 00 00 00 14 00 FD 01 02 00 01 01 00 00 00 00 00 05 12 00 00 00 00 00 18 00 FF 01 0F 00 01 02 00 00 00 00 00 05 20 00 00 00 20 02 00 00 00 00 14 00 8D 01 02 00 01 01 00 00 00 00 00 05 0B 00 00 00 00 00 18 00 FD 01 02 00 01 02 00 00 00 00 00 05 20 00 00 00 23 02 00 00 01 01 00 00 00 00 00 05 12 00 00 00 01 01 00 00 00 00 00 05 12 00 00 00
wuauserv\Enum -
wuauserv\Enum\\0 - Root\LEGACY_WUAUSERV\0000
wuauserv\Enum\\Count - 1
wuauserv\Enum\\NextInstance - 1

< End of report >
Avatar billede ejvindh Ekspert
31. januar 2007 - 22:36 #23
OK, nu skal du bare høre. Jeg har været ved at søge lidt på nettet på dit problem, og meget tyder på at forevernewbie havde ret. Hvis du bruger Nortons firewall vil jeg egentlig foreslå dig bare at slå sikkerheds-centerets advarsel om at den indbyggede firewall ikke er aktiv fra.

Du kan læse lidt om Norton og indvirkningen på andre firewalls på disse links:
http://www.pcreview.co.uk/forums/thread-531696.php
http://forum.kaspersky.com/lofiversion/index.php/t10797.html
Avatar billede drbest Nybegynder
01. februar 2007 - 21:11 #24
hvis nu både forevernewbie og ejvindh lægger et svar - kan jeg så ikke give jer fuld point begge. Det har I fortjent ! Tusind tak for hjælpen :-)
Avatar billede ejvindh Ekspert
01. februar 2007 - 21:47 #25
Ok, der kommer svar her. Var det norton der blandede sig?
Avatar billede drbest Nybegynder
01. februar 2007 - 22:27 #26
jeg tror det - men er ikke sikker. Efter at have deaktiveret nortons firewall, opstod probl. stadig. Nu lader jeg bare Norton have min fulde tillid...
Tak for hjælpen !!!
Avatar billede ejvindh Ekspert
02. februar 2007 - 09:24 #27
Du er velkommen. Det er ikke unormalt at Norton stadig spærrer efter at den er afinstalleret. Norton er lidt berygtet for ikke at rydde så godt op efter sig.

Uden at være ekspert på firewalls tror jeg nok jeg tør sige, at du er bedre hjulpen med Norton fremfor den indbyggede. Og det er egentlig heller slet ikke hensigtsmæssigt at have begge aktiveret :-)

Forevernewbie: Du kan lige lægge et svar her:
http://www.eksperten.dk/spm/759958
Avatar billede drbest Nybegynder
02. februar 2007 - 12:53 #28
Jeg synes nu i begge fortjener 60. Hvordan gør jeg det?
Avatar billede ejvindh Ekspert
02. februar 2007 - 20:45 #29
Det synes jeg ikke du skal bøvle videre med. Jeg er tilfreds med 30, og det er jeg sikker på at forevernewbie også er :-)
Avatar billede forevernewbie Nybegynder
02. februar 2007 - 22:20 #30
Helt sikkert :)
Avatar billede Ny bruger Nybegynder

Din løsning...

Tilladte BB-code-tags: [b]fed[/b] [i]kursiv[/i] [u]understreget[/u] Web- og emailadresser omdannes automatisk til links. Der sættes "nofollow" på alle links.

Loading billede Opret Preview

Flere spørgsmål fra Firewalls kategorien

Titel Indlæg Oprettet Seneste aktivitet
Fejlmeddelse i Easy Firewall Af cyperbent i Firewalls 22 21/01/202418:54 08/03/202415:31
Abelssoft EasyFirewall Af valby i Firewalls 9 12/10/202319:21 13/10/202319:17
Firewals og antivirus med videre Af mogens8000 i Firewalls 4 24/06/202213:54 24/06/202215:30
Din internetadgang er blokeret Af sigyn i Firewalls 1 04/01/202218:04 04/01/202220:25
Den afsatte tid til at gennemføre dit køb, er desværre udløbet. Men dit produkt er sandsynligvis stadig tilgængeligt i sortimentet. Forsøg gerne igen" Af gh0stry i Firewalls 3 25/09/202114:52 25/09/202120:39
Se alle spørgsmål i kategorien Opret spørgsmål

Log ind eller opret profil

Hov!

For at kunne deltage på Computerworld Eksperten skal du være logget ind.

Det er heldigvis nemt at oprette en bruger: Det tager to minutter og du kan vælge at bruge enten e-mail, Facebook eller Google som login.

Opret Log ind

Du kan også logge ind via nedenstående tjenester



Alle kategorier på Eksperten
Seneste spørgsmål Seneste aktivitet
I går 17:16 Optimer MySql table med ASP Af poulmadsen i ASP
I går 09:27 Stegkode scanner med funktionsknap Af kulawig i Andet hardware
I går 08:47 hjælp til film Af Carmen i Fri debat
25/0418:19 Fjerne adgangskode Af Geo" søster i Andet sikkerhed
25/0416:44 sletning af en årgang billeder i dropbox Af valsbol i Cloudtjenester
White papers
Flere white papers »


Premium
Teaser billede
Køber 25.000 Copilot-licenser af Microsoft i kæmpe-aftale - vil investere milliarder i AI
Læs mere »
"Når jeg engang ikke er her mere, så vil jeg gerne huskes som generøs lige som ham"
Det danske it-lovsystem skal moderniseres: Styrelse søger ene-leverandør til 10-årig kæmpe-kontrakt
7N fra København runder halvanden milliard kroner i omsætning: Beskæftiger nu 1.700 konsulenter
Se alle »
Computerworld
Teaser billede
På tur i BMW's mægtigste elbil: Sådan er livet ombord i en monumental million-ellert
Læs mere »
Her er Danmarks fem bedste CIO’er lige nu: Se de fem nominerede til prisen som Årets CIO 2024
Porno-giganterne Pornhub og XVideos skal indlevere materiale til EU
Test: Denne bærbar beviser, hvorfor man ikke skal handle laptop alene ud fra teknikbladet
Se alle »
CIO
Teaser billede
Nu kan mange flere opgradere deres gamle Windows 10-pc'er til Windows 11: Se om du kan opgradere
Læs mere »
Her er Danmarks fem bedste CIO’er lige nu: Se de fem nominerede til prisen som Årets CIO 2024
På denne dato er det slut med udbredte versioner af Office: Microsoft vil have dig over på de dyrere E3-licenser
Microsoft skruer op for CPU-krav til den næste version af Windows 11: Færre brugere kan nu opdatere
Se alle »
Job & Karriere
Teaser billede
NNIT flytter til det centrale København: Her er selskabets nye hovedkvarter
Læs mere »
Knap 40 procent af disse it-folk tjener tjener mindst 57.000 kroner om måneden
Så meget tjener dine kollegaer: Her er alle data fra Computerworlds store it-lønstatistik for 2024
Medarbejderne fik udleveret badetøfler ved indflytningen: Kom med inden for i IBM Danmarks nye topmoderne hovedkontor
Se alle »
White paper
Teaser billede
SASE: Træf det rette valg – første gang
Læs mere »
Cybersikkerhed: Skær antallet af alarmer ned fra tusindvis til blot en håndfuld
Guide: Sådan udvikler du en moderne netværksstrategi
Få mere ud af din cloudinfrastruktur og gør op med de konstant stigende omkostninger
Se alle »

Events
Flere events »
White papers
Flere white papers »
IT-Kurser
Se alle vores it-kurser »