Hent "Malwarebytes' Anti-Malware" her

Eller her

Installer og start programmet, klik på fanen opdater, klik Tjek for opdatering, lav "Hurtig skan" under fanebladet "skanner".
Bagefter klik på "vis resultater", tryk på "Fjern det valgte" og send loggen herind sammen med en ny hijackthis log

Mht.: Vista og Windows 7 - højreklik på filen - Kør som Administrator.

NB Når du opdaterer Malwarebytes, så klik på opdater til den skriver at der ikke er flere opdateringer.

Malwarebytes' Anti-Malware 1.46
www.malwarebytes.org

Database version: 4329

Windows 6.0.6000
Internet Explorer 7.0.6000.17037

20-07-2010 13:29:55
mbam-log-2010-07-20 (13-29-55).txt

Skanningstype: Hurtig skanning
Objekter skannet: 135098
Tid gået: 6 minut(ter), 16 sekund(er)

Hukommelses Processorer Inficeret: 0
Hukommelses Moduler Inficeret: 0
Registreringsdatabasenøgler Inficeret: 4
Registreringsdatabaseværdier Inficeret: 0
Registreringsdatabasedata Objekter Inficeret: 0
Inficerede Mapper: 2
Inficerede Filer: 4

Hukommelses Processorer Inficeret:
(Ingen skadelige objekter blev fundet)

Hukommelses Moduler Inficeret:
(Ingen skadelige objekter blev fundet)

Registreringsdatabasenøgler Inficeret:
HKEY_CURRENT_USER\SOFTWARE\W34BCG2GRJ (Trojan.FakeAlert) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\JDK5SWFMZY (Trojan.FakeAlert) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Handle (Malware.Trace) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\XML (Trojan.FakeAlert) -> Quarantined and deleted successfully.

Registreringsdatabaseværdier Inficeret:
(Ingen skadelige objekter blev fundet)

Registreringsdatabasedata Objekter Inficeret:
(Ingen skadelige objekter blev fundet)

Inficerede Mapper:
C:\RECYCLER\S-1-5-21-0243556031-888888379-781863308-1455 (Worm.AutoRun) -> Quarantined and deleted successfully.
C:\RECYCLER\S-1-5-21-0243936033-3052116371-381863308-1811 (Trojan.Agent) -> Quarantined and deleted successfully.

Inficerede Filer:
C:\RECYCLER\S-1-5-21-0243556031-888888379-781863308-1455\Desktop.ini (Worm.AutoRun) -> Quarantined and deleted successfully.
C:\RECYCLER\S-1-5-21-0243936033-3052116371-381863308-1811\Desktop.ini (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Windows\Tasks\{35DC3473-A719-4d14-B7C1-FD326CA84A0C}.job (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\Windows\Tasks\{8C3FDD81-7AE0-4605-A46A-2488B179F2A3}.job (Trojan.Downloader) -> Quarantined and deleted successfully.


Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 13:31:03, on 20-07-2010
Platform: Windows Vista  (WinNT 6.00.1904)
MSIE: Internet Explorer v7.00 (7.00.6000.17037)
Boot mode: Normal

Running processes:
C:\Program Files\SUPERAntiSpyware\SUPERANTISPYWARE.EXE
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Windows Defender\MSASCui.exe
C:\hp\support\hpsysdrv.exe
C:\Program Files\Hewlett-Packard\On-Screen OSD Indicator\OSD.exe
C:\Windows\RtHDVCpl.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
C:\Program Files\HP\HP Software Update\hpwuSchd2.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\Program Files\Creative\Creative Live! Cam\Live! Central 2\CTLVCentral2.exe
C:\Program Files\Eraser\Eraser.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Common Files\Nero\Lib\NMIndexStoreSvr.exe
C:\Program Files\DAEMON Tools Lite\daemon.exe
C:\Windows\ehome\ehtray.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\Program Files\SUPERAntiSpyware\SUPERANTISPYWARE.EXE
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Windows\System32\p2phost.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\WinZip\WZQKPICK.EXE
C:\Windows\ehome\ehmsas.exe
C:\Windows\system32\schtasks.exe
C:\Windows\system32\wuauclt.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
C:\Program Files\Windows Live\Contacts\wlcomm.exe
C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
C:\Program Files\HP\Digital Imaging\bin\hpqbam08.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe
C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe
C:\hp\kbd\kbd.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Internet Explorer\IEUser.exe
C:\Program Files\Google\Google Toolbar\GoogleToolbarUser_32.exe
C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_clipbook.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Windows\system32\Macromed\Flash\FlashUtil10d.exe
C:\Users\Jan\Downloads\HiJackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/ (...)
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.bold.dk/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/ (...)
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/ (...)
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/ (...)
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://ie.redirect.hp.com/ (...)
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O1 - Hosts: ::1 localhost
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: BitComet ClickCapture - {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} - C:\Program Files\BitComet\tools\BitCometBHO_1.2.2.28.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll (file missing)
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O2 - BHO: NCO 2.0 IE BHO - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - (no file)
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: Hjælp til tilmelding til Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.5.5126.1836\swg.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O3 - Toolbar: (no name) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - (no file)
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [hpsysdrv] c:\hp\support\hpsysdrv.exe
O4 - HKLM\..\Run: [KBD] C:\HP\KBD\KbdStub.EXE
O4 - HKLM\..\Run: [OsdMaestro] "C:\Program Files\Hewlett-Packard\On-Screen OSD Indicator\OSD.exe"
O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
O4 - HKLM\..\Run: [HP Health Check Scheduler] [ProgramFilesFolder]Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe
O4 - HKLM\..\Run: [SunJavaUpdateReg] "C:\Windows\system32\jureg.exe"
O4 - HKLM\..\Run: [NBKeyScan] "C:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe"
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Nero\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe"  -osboot
O4 - HKLM\..\Run: [Live! Central 2] "C:\Program Files\Creative\Creative Live! Cam\Live! Central 2\CTLVCentral2.exe" /mode2
O4 - HKLM\..\Run: [Eraser] "C:\PROGRA~1\Eraser\Eraser.exe" --atRestart
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [IndxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Nero\Lib\NMIndexStoreSvr.exe" ASO-616B5711-6DAE-4795-A05F-39A1E5104020
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\\Phone\Skype.exe" /nosplash /minimized
O4 - HKCU\..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKCU\..\Run: [CollaborationHost] C:\Windows\system32\p2phost.exe -s
O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: WinZip Quick Pick.lnk = C:\Program Files\WinZip\WZQKPICK.EXE
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Google Sidewiki ... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_89D8574934B26AC4.dll/cmsidewiki.html
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra button: Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra 'Tools' menuitem: Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL
O9 - Extra button: BitComet - {D18A0B52-D63C-4ed0-AFC6-C1E3DC1AF43A} - res://C:\Program Files\BitComet\tools\BitCometBHO_1.2.2.28.dll/206 (file missing)
O9 - Extra button: HP Smart markering - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O15 - Trusted Zone: *.danskebank.dk
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O20 - AppInit_DLLs:  C:\Users\Jan\AppData\Roaming\TEAMSP~1\MSWIND~1\msftldr.dll
O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Ati External Event Utility - ATI Technologies Inc. - C:\Windows\system32\Ati2evxx.exe
O23 - Service: Bonjour-tjeneste (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Crypkey License - CrypKey (Canada) Ltd. - C:\Windows\SYSTEM32\crypserv.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Tjenesten Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: HP Health Check Service - Hewlett-Packard - c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPod-tjeneste (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Lavasoft Ad-Aware Service - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - c:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: McAfee Real-time Scanner (McShield) - Unknown owner - C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe (file missing)
O23 - Service: McAfee SystemGuards (McSysmon) - Unknown owner - C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe (file missing)
O23 - Service: Nero BackItUp Scheduler 3 - Nero AG - C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe
O23 - Service: SBSD Security Center Service (SBSDWSCService) - Safer Networking Ltd. - C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe
O23 - Service: TunngleService - Tunngle.net GmbH - C:\Program Files\Tunngle\TnglCtrl.exe

--
End of file - 12529 bytes

*SUK*
Ikke opdateret Vista / ServicePack ?
Ikke virkende / ikke opdateret Sikkerhedsprogram ?
Og 'leger' med BitComet ?

Joooo - der er nogle mistænkelige elementer!!!

<f-arn>: Just Go' For It ... *S*

desværre så lærer man ofte ikke før det er forsent.. er aldrig blevet "hacked" før.. men det er jeg så nu..

Hent og gem Combofix på dit skrivebord:

http://download.bleepingcomputer.com/ (...)

Højreklik på skrivebordet og vælg ny->tekstdokument og kopier det fremhævede ind og gem filen som CFScript


Killall::
Snapshot::


Da Combofix kan konflikte med dine sikkerhedsprogrammer er det vigtigt at du deaktiverer dem.

Tag så fat i den nye fil med musen, og før den hen over Combofix-filen, hvorefter du "giver slip" med musen.
http://www.fromsej.saknet.dk/ (...)

Så skulle Combofix gerne give sig til at arbejde. Muligvis vil den kræve en genstart, hvilket du skal tillade. Du bør ikke klikke på vinduet imens værktøjet kører, idet det kan få din computer til at fryse.
Når Combofix er færdig, og efter det (muligvis) har genstartet, skulle der gerne åbnes en logfil: combofix.txt som ligger her C:\ Combofix.txt

Indholdet af denne fil må du gerne lægge herind.

ComboFix 10-07-19.04 - Jan 20-07-2010  14:45:46.1.2 - x86
Microsoft® Windows Vista™ Home Premium  6.0.6000.0.1252.45.1030.18.3070.2348 [GMT 2:00]
Kører fra: c:\users\Jan\Desktop\ComboFix.exe
Kommandoer benyttet :: c:\users\Jan\Desktop\CFScript.txt
SP: Lavasoft Ad-Watch Live! *disabled* (Updated) {67844DAE-4F77-4D69-9457-98E8CFFDAA22}
SP: Spybot - Search and Destroy *disabled* (Outdated) {ED588FAF-1B8F-43B4-ACA8-8E3C85DADBE9}
SP: SUPERAntiSpyware *disabled* (Updated) {222A897C-5018-402e-943F-7E7AC8560DA7}
SP: Windows Defender *enabled* (Updated) {D68DDC3A-831F-4FAE-9E44-DA132C1ACF46}
* Dannede nyt systemgendannelsespunkt
.
Følgende filer blev deaktiveret under scanning:
c:\users\Jan\AppData\Roaming\TEAMSP~1\MSWIND~1\msftldr.dll


(((((((((((((((((((((((((((((((((((((((  Andet, der er slettet  )))))))))))))))))))))))))))))))))))))))))))))))))
.

Inficeret kopi af c:\windows\system32\drivers\ndis.sys blev fundet og desinficeret
Genskabt kopi fra - Kitty had a snack :p
.
(((((((((((((((((((((((((((((  Filer skabt fra 2010-06-20 til 2010-07-20  )))))))))))))))))))))))))))))))))))
.

2010-07-20 12:13 . 2010-07-20 12:13    --------    d-----w-    c:\programdata\Office Genuine Advantage
2010-07-20 10:48 . 2010-07-20 10:48    --------    d-----w-    c:\program files\CCleaner
2010-07-19 16:27 . 2010-07-19 16:27    --------    d-----w-    c:\users\Jan\AppData\Roaming\Malwarebytes
2010-07-19 16:26 . 2010-04-29 13:39    38224    ----a-w-    c:\windows\system32\drivers\mbamswissarmy.sys
2010-07-19 16:26 . 2010-07-19 16:27    --------    d-----w-    c:\program files\Malwarebytes' Anti-Malware
2010-07-19 16:26 . 2010-07-19 16:26    --------    d-----w-    c:\programdata\Malwarebytes
2010-07-19 16:26 . 2010-04-29 13:39    20952    ----a-w-    c:\windows\system32\drivers\mbam.sys
2010-07-19 14:40 . 2010-07-12 08:55    15880    ----a-w-    c:\windows\system32\lsdelete.exe
2010-07-19 14:14 . 2010-07-19 14:14    --------    d-----w-    c:\users\Jan\AppData\Local\Sunbelt Software
2010-07-19 14:10 . 2010-07-19 14:10    --------    dc-h--w-    c:\programdata\{BD986C1B-72EC-4B82-B47B-6CAC4E6F494E}
2010-07-08 20:09 . 2010-07-08 20:09    --------    d-----w-    c:\program files\Common Files\Skype
2010-06-25 12:09 . 2010-06-25 12:09    --------    d-----w-    c:\program files\7-Zip
2010-06-24 16:24 . 2009-05-29 21:37    205824    ----a-w-    c:\windows\system32\xvidvfw.dll
2010-06-24 16:24 . 2009-05-29 21:31    881664    ----a-w-    c:\windows\system32\xvidcore.dll
2010-06-24 16:24 . 2006-04-02 12:47    630784    ----a-w-    c:\windows\system32\vp7vfw.dll
2010-06-24 16:24 . 2004-05-18 18:16    39936    ----a-w-    c:\windows\system32\huffyuv.dll
2010-06-24 16:24 . 2004-01-25 16:18    217088    ----a-w-    c:\windows\system32\yv12vfw.dll
2010-06-24 16:24 . 2010-06-02 08:00    108032    ----a-w-    c:\windows\system32\ff_vfw.dll
2010-06-24 15:16 . 2010-06-24 15:16    --------    d-----w-    c:\users\Jan\AppData\Roaming\GRETECH
2010-06-24 15:14 . 2010-06-24 15:14    --------    d-----w-    c:\program files\GRETECH

.
((((((((((((((((((((((((((((((((((((((((  Find3M Rapport  ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-07-20 12:49 . 2008-01-08 21:11    80082    ----a-w-    c:\windows\system32\perfc006.dat
2010-07-20 12:49 . 2008-01-08 21:11    485362    ----a-w-    c:\windows\system32\perfh006.dat
2010-07-20 12:40 . 2010-05-21 19:37    0    ----a-w-    c:\windows\system32\Access.dat
2010-07-20 10:53 . 2010-05-21 17:27    --------    d-----w-    c:\program files\Shiny
2010-07-20 10:53 . 2008-01-08 13:14    --------    d--h--w-    c:\program files\InstallShield Installation Information
2010-07-20 10:49 . 2010-02-23 18:24    --------    d-----w-    c:\users\Jan\AppData\Roaming\Media Player Classic
2010-07-20 10:49 . 2009-03-10 20:26    --------    d-----w-    c:\programdata\Spybot - Search & Destroy
2010-07-20 10:21 . 2008-03-27 05:56    680    ----a-w-    c:\users\Jan\AppData\Local\d3d9caps.dat
2010-07-19 14:13 . 2008-08-01 12:05    --------    d-----w-    c:\program files\Google
2010-07-19 03:43 . 2008-03-26 20:41    --------    d-----w-    c:\program files\SUPERAntiSpyware
2010-07-18 20:47 . 2010-07-18 20:47    49152    ----a-w-    c:\users\Jan\AppData\Roaming\teamspeak2\mswindrv26\msftcore.dll
2010-07-18 20:47 . 2010-07-18 20:47    40960    ----a-w-    c:\users\Jan\AppData\Roaming\teamspeak2\mswindrv26\msfteml.dll
2010-07-18 20:47 . 2010-07-18 20:47    28672    ----a-w-    c:\users\Jan\AppData\Roaming\teamspeak2\mswindrv26\msftldr.dll
2010-07-18 20:47 . 2010-07-18 20:47    2560    ----a-w-    c:\users\Jan\AppData\Roaming\teamspeak2\mswindrv26\msftdm32.exe
2010-07-18 20:47 . 2010-07-18 20:47    2560    ----a-w-    c:\users\Jan\AppData\Roaming\teamspeak2\mswindrv26\msftdm.exe
2010-07-18 20:47 . 2010-07-18 20:47    16384    ----a-w-    c:\users\Jan\AppData\Roaming\teamspeak2\mswindrv26\msftstp.exe
2010-07-18 20:47 . 2008-09-09 19:15    --------    d-----w-    c:\users\Jan\AppData\Roaming\teamspeak2
2010-07-18 20:27 . 2009-09-15 05:36    --------    d-----w-    c:\users\Jan\AppData\Roaming\vlc
2010-07-16 01:02 . 2008-09-23 15:50    --------    d-----w-    c:\programdata\Microsoft Help
2010-07-12 08:56 . 2010-07-19 14:10    2979280    -c--a-w-    c:\programdata\{BD986C1B-72EC-4B82-B47B-6CAC4E6F494E}\Ad-AwareInstall.exe
2010-07-12 08:55 . 2010-06-07 23:09    64288    ----a-w-    c:\windows\system32\drivers\Lbd.sys
2010-07-09 14:04 . 2008-05-20 16:34    --------    d-----w-    c:\users\Jan\AppData\Roaming\Skype
2010-07-09 14:00 . 2008-05-20 16:35    --------    d-----w-    c:\users\Jan\AppData\Roaming\skypePM
2010-07-04 14:56 . 2010-03-09 15:00    439816    ----a-w-    c:\users\Jan\AppData\Roaming\Real\Update\setup3.10\setup.exe
2010-06-30 08:41 . 2009-08-20 04:38    --------    d-----w-    c:\programdata\Blizzard Entertainment
2010-06-24 16:48 . 2010-05-21 17:48    --------    dc-h--w-    c:\programdata\{67C33A62-5B1D-43D1-9600-16006F36EB2B}
2010-06-24 16:25 . 2010-02-23 18:22    --------    d-----w-    c:\program files\K-Lite Codec Pack
2010-06-24 15:17 . 2010-06-24 15:17    501936    ----a-w-    c:\programdata\Google\Google Toolbar\Update\gtb42A0.tmp.exe
2010-06-10 11:14 . 2010-06-10 11:14    --------    d-----w-    c:\users\Jan\AppData\Roaming\ACD Systems
2010-06-10 11:11 . 2010-06-10 11:11    --------    d-----w-    c:\program files\Common Files\ACD Systems
2010-06-10 11:11 . 2010-06-10 11:11    --------    d-----w-    c:\programdata\ACD Systems
2010-06-10 11:11 . 2010-06-10 11:11    --------    d-----w-    c:\program files\ACD Systems
2010-06-10 06:37 . 2010-06-10 06:36    --------    d-----w-    c:\program files\Eraser
2010-06-05 10:09 . 2010-05-14 20:37    --------    d-----w-    c:\program files\Microsoft Silverlight
2010-05-23 10:16 . 2010-05-23 10:16    --------    d-----w-    c:\users\Jan\AppData\Roaming\PeerNetworking
2010-05-23 00:53 . 2010-05-21 19:36    --------    d-----w-    c:\users\Jan\AppData\Roaming\Tunngle
2010-05-23 00:53 . 2010-05-21 19:36    --------    d-----w-    c:\programdata\Tunngle
2010-05-22 17:35 . 2010-05-22 17:35    530    ----a-w-    c:\windows\eReg.dat
2010-05-22 06:57 . 2010-05-22 01:28    --------    d-----w-    c:\program files\Left 4 Dead 2
2010-05-21 23:16 . 2010-05-21 23:16    --------    d-----w-    c:\program files\Domination
2010-05-21 23:09 . 2010-05-21 23:09    --------    d-----w-    c:\program files\Death Rally
2010-05-21 19:39 . 2008-03-26 07:44    106872    ----a-w-    c:\users\Jan\AppData\Local\GDIPFONTCACHEV1.DAT
2010-05-21 19:37 . 2010-05-21 19:36    --------    d-----w-    c:\program files\Tunngle
2010-05-21 17:51 . 2010-05-21 17:51    --------    d-----w-    c:\users\Jan\AppData\Roaming\Stardock
2010-05-21 17:49 . 2010-05-21 17:49    --------    d-----w-    c:\programdata\Stardock
2010-05-21 17:48 . 2010-05-21 17:48    --------    d-----w-    c:\program files\Stardock Games
2010-05-21 14:34 . 2010-05-21 14:34    --------    d-----w-    c:\program files\Ubisoft
2010-05-21 12:14 . 2009-10-03 00:10    221568    ------w-    c:\windows\system32\MpSigStub.exe
2010-05-17 23:08 . 2010-05-17 23:08    95024    ----a-w-    c:\windows\system32\drivers\SBREDrv.sys
2010-05-17 23:06 . 2010-05-17 23:06    63488    ----a-w-    c:\users\Jan\AppData\Roaming\SUPERAntiSpyware.com\SUPERAntiSpyware\SDDLLS\SD10006.dll
2010-05-17 23:06 . 2010-05-17 23:06    52224    ----a-w-    c:\users\Jan\AppData\Roaming\SUPERAntiSpyware.com\SUPERAntiSpyware\SDDLLS\SD10005.dll
2010-05-17 23:06 . 2010-05-17 23:06    117760    ----a-w-    c:\users\Jan\AppData\Roaming\SUPERAntiSpyware.com\SUPERAntiSpyware\SDDLLS\UIREPAIR.DLL
2010-05-04 05:59 . 2010-07-20 12:05    916480    ----a-w-    c:\windows\system32\wininet.dll
2010-05-04 05:55 . 2010-07-20 12:05    71680    ----a-w-    c:\windows\system32\iesetup.dll
2010-05-04 05:55 . 2010-07-20 12:05    109056    ----a-w-    c:\windows\system32\iesysprep.dll
2010-05-04 04:31 . 2010-07-20 12:05    133632    ----a-w-    c:\windows\system32\ieUnatt.exe
2008-01-08 21:45 . 2008-01-08 21:15    8192    --sha-w-    c:\windows\Users\Default\NTUSER.DAT
.

(((((((((((((((((((((((((((((((((((  Start steder i reg.basen  ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Bemærk* tomme linier & lovlige standard linier vises ikke 
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"MsnMsgr"="c:\program files\Windows Live\Messenger\MsnMsgr.Exe" [2009-07-26 3883856]
"IndxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="c:\program files\Common Files\Nero\Lib\NMIndexStoreSvr.exe" [2007-12-13 1688872]
"ehTray.exe"="c:\windows\ehome\ehTray.exe" [2006-11-02 125440]
"SpybotSD TeaTimer"="c:\program files\Spybot - Search & Destroy\TeaTimer.exe" [2009-01-26 2144088]
"Skype"="c:\program files\Skype\\Phone\Skype.exe" [2010-05-13 26192168]
"SUPERAntiSpyware"="c:\program files\SUPERAntiSpyware\SUPERAntiSpyware.exe" [2010-07-19 2403568]
"WMPNSCFG"="c:\program files\Windows Media Player\WMPNSCFG.exe" [2006-11-02 201728]
"CollaborationHost"="c:\windows\system32\p2phost.exe" [2006-11-02 191488]
"swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2010-05-27 39408]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Windows Defender"="c:\program files\Windows Defender\MSASCui.exe" [2008-01-08 1006264]
"hpsysdrv"="c:\hp\support\hpsysdrv.exe" [2007-04-18 65536]
"KBD"="c:\hp\KBD\KbdStub.EXE" [2006-12-08 65536]
"OsdMaestro"="c:\program files\Hewlett-Packard\On-Screen OSD Indicator\OSD.exe" [2007-02-15 118784]
"RtHDVCpl"="RtHDVCpl.exe" [2008-01-15 4874240]
"SunJavaUpdateReg"="c:\windows\system32\jureg.exe" [2007-04-07 54936]
"NBKeyScan"="c:\program files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe" [2007-12-03 2213160]
"NeroFilterCheck"="c:\program files\Common Files\Nero\Lib\NeroCheck.exe" [2007-03-01 153136]
"StartCCC"="c:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2008-07-16 61440]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2010-01-11 246504]
"GrooveMonitor"="c:\program files\Microsoft Office\Office12\GrooveMonitor.exe" [2008-10-25 31072]
"HP Software Update"="c:\program files\HP\HP Software Update\HPWuSchd2.exe" [2007-10-14 49152]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2008-10-14 39792]
"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2009-09-04 417792]
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2009-09-08 305440]
"TkBellExe"="c:\program files\Common Files\Real\Update_OB\realsched.exe" [2009-09-29 198160]
"Live! Central 2"="c:\program files\Creative\Creative Live! Cam\Live! Central 2\CTLVCentral2.exe" [2009-10-14 426140]
"Eraser"="c:\progra~1\Eraser\Eraser.exe" [2010-04-10 979344]
"Malwarebytes Anti-Malware (reboot)"="c:\program files\Malwarebytes' Anti-Malware\mbam.exe" [2010-04-29 1090952]

c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
HP Digital Imaging Monitor.lnk - c:\program files\HP\Digital Imaging\bin\hpqtra08.exe [2007-10-14 214360]
WinZip Quick Pick.lnk - c:\program files\WinZip\WZQKPICK.EXE [2008-9-10 525664]

[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= "c:\program files\SUPERAntiSpyware\SASSEH.DLL" [2008-05-13 77824]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\!SASWinLogon]
2009-09-03 13:21    548352    ----a-w-    c:\program files\SUPERAntiSpyware\SASWINLO.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"aux"=wdmaud.drv

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Lavasoft Ad-Aware Service]
@="Service"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend]
@="Service"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CurseClient]
2008-01-30 20:33    477696    ----a-w-    c:\program files\Curse\CurseClient.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite]
2008-04-01 09:39    486856    ----a-w-    c:\program files\DAEMON Tools Lite\daemon.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Eraser]
2010-04-10 06:45    979344    ----a-w-    c:\program files\Eraser\Eraser.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Sidebar]
2008-03-26 07:59    1232896    ----a-w-    c:\program files\Windows Sidebar\sidebar.exe

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring]
"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\McAfeeAntiSpyware]
"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]
"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]
"DisableMonitoring"=dword:00000001

R2 gupdate;Tjenesten Google Update (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [2010-05-27 136176]
R2 Lavasoft Ad-Aware Service;Lavasoft Ad-Aware Service;c:\program files\Lavasoft\Ad-Aware\AAWService.exe [2010-07-12 1352832]
R3 CtClsFlt;Creative Camera Class Upper Filter Driver;c:\windows\system32\DRIVERS\CtClsFlt.sys [2009-08-21 143936]
R3 USBAAPL;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl.sys [2009-08-28 40448]
R3 V0520Vid;Creative Camera VF0520 Driver;c:\windows\system32\DRIVERS\V0520Vid.sys [2009-10-11 246240]
R3 vtany;vtany;c:\windows\vtany.sys [2009-10-07 19584]
R3 xhunter1;xhunter1;c:\windows\xhunter1.sys [x]
R4 sptd;sptd;c:\windows\system32\Drivers\sptd.sys [2008-04-24 717296]
S0 Lbd;Lbd;c:\windows\system32\DRIVERS\Lbd.sys [2010-07-12 64288]
S1 SASDIFSV;SASDIFSV;c:\program files\SUPERAntiSpyware\SASDIFSV.SYS [2010-02-17 12872]
S1 SASKUTIL;SASKUTIL;c:\program files\SUPERAntiSpyware\SASKUTIL.sys [2010-05-27 67656]
S2 SBSDWSCService;SBSD Security Center Service;c:\program files\Spybot - Search & Destroy\SDWinSec.exe [2009-01-26 1153368]
S2 TunngleService;TunngleService;c:\program files\Tunngle\TnglCtrl.exe [2010-03-23 704760]
S3 tap0901t;TAP-Win32 Adapter V9 (Tunngle);c:\windows\system32\DRIVERS\tap0901t.sys [2009-09-16 27136]


[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
HPZ12    REG_MULTI_SZ      Pml Driver HPZ12 Net Driver HPZ12
hpdevmgmt    REG_MULTI_SZ      hpqcxs08 hpqddsvc
.
Indhold af mappen 'Planlagte Opgaver'

2010-07-20 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-05-27 13:50]

2010-07-20 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-05-27 13:50]
.
.
------- Yderligere scanning -------
.
uStart Page = hxxp://www.bold.dk/
mStart Page = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=da_dk&c=81&bd=Pavilion&pf=desktop
uInternet Settings,ProxyOverride = *.local
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~3\Office12\EXCEL.EXE/3000
IE: Google Sidewiki ... - c:\program files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_89D8574934B26AC4.dll/cmsidewiki.html
Trusted Zone: danskebank.dk
FF - ProfilePath - c:\users\Jan\AppData\Roaming\Mozilla\Firefox\Profiles\2unrkq9b.default\
FF - prefs.js: browser.search.defaulturl - hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2009787&SearchSource=3&q={searchTerms}
FF - prefs.js: browser.search.selectedEngine - softonicen Customized Web Search
FF - prefs.js: browser.startup.homepage - hxxp://www.facebook.com
FF - prefs.js: keyword.URL - hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2009787&q=
FF - plugin: c:\program files\Google\Google Earth\plugin\npgeplugin.dll
FF - plugin: c:\program files\Google\Update\1.2.183.29\npGoogleOneClick8.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\np-mswmp.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\npGoogleGadgetPluginFirefoxWin.dll
.
- - - - TOMME GENVEJE FJERNET - - - -

HKLM-Run-HP Health Check Scheduler - [ProgramFilesFolder]Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe
MSConfigStartUp-Vidalia - c:\program files\Vidalia Bundle\Vidalia\vidalia.exe



**************************************************************************
scanner skjulte processer ... 

scanner skjulte autostarter ...

scanner skjulte filer ... 

scanning gennemført med succes
skjulte filer:

**************************************************************************
.
--------------------- LÅSTE REGISTRERINGS NØGLER ---------------------

[HKEY_USERS\S-1-5-21-2214416905-1292004739-3297873169-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.032\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 9.0.032"

[HKEY_USERS\S-1-5-21-2214416905-1292004739-3297873169-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ani\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 9.0.ani"

[HKEY_USERS\S-1-5-21-2214416905-1292004739-3297873169-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.bay\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 9.0.bay"

[HKEY_USERS\S-1-5-21-2214416905-1292004739-3297873169-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.bmp\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 9.0.bmp"

[HKEY_USERS\S-1-5-21-2214416905-1292004739-3297873169-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.bw\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 9.0.bw"

[HKEY_USERS\S-1-5-21-2214416905-1292004739-3297873169-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.bwf\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 9.0.bwf"

[HKEY_USERS\S-1-5-21-2214416905-1292004739-3297873169-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.caf\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 9.0.caf"

[HKEY_USERS\S-1-5-21-2214416905-1292004739-3297873169-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.cel\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 9.0.cel"

[HKEY_USERS\S-1-5-21-2214416905-1292004739-3297873169-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.cr2\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 9.0.cr2"

[HKEY_USERS\S-1-5-21-2214416905-1292004739-3297873169-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.crw\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 9.0.crw"

[HKEY_USERS\S-1-5-21-2214416905-1292004739-3297873169-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.cs1\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 9.0.cs1"

[HKEY_USERS\S-1-5-21-2214416905-1292004739-3297873169-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.cur\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 9.0.cur"

[HKEY_USERS\S-1-5-21-2214416905-1292004739-3297873169-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.dcr\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 9.0.dcr"

[HKEY_USERS\S-1-5-21-2214416905-1292004739-3297873169-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.dcx\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 9.0.dcx"

[HKEY_USERS\S-1-5-21-2214416905-1292004739-3297873169-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.dib\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 9.0.dib"

[HKEY_USERS\S-1-5-21-2214416905-1292004739-3297873169-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.djv\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 9.0.djv"

[HKEY_USERS\S-1-5-21-2214416905-1292004739-3297873169-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.djvu\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 9.0.djvu"

[HKEY_USERS\S-1-5-21-2214416905-1292004739-3297873169-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.dng\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 9.0.dng"

[HKEY_USERS\S-1-5-21-2214416905-1292004739-3297873169-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.emf\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 9.0.emf"

[HKEY_USERS\S-1-5-21-2214416905-1292004739-3297873169-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.eps\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 9.0.eps"

[HKEY_USERS\S-1-5-21-2214416905-1292004739-3297873169-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.erf\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 9.0.erf"

[HKEY_USERS\S-1-5-21-2214416905-1292004739-3297873169-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.fff\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 9.0.fff"

[HKEY_USERS\S-1-5-21-2214416905-1292004739-3297873169-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.flc\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 9.0.flc"

[HKEY_USERS\S-1-5-21-2214416905-1292004739-3297873169-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.fli\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 9.0.fli"

[HKEY_USERS\S-1-5-21-2214416905-1292004739-3297873169-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.fpx\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 9.0.fpx"

[HKEY_USERS\S-1-5-21-2214416905-1292004739-3297873169-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.gif\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 9.0.gif"

[HKEY_USERS\S-1-5-21-2214416905-1292004739-3297873169-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.gsm\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 9.0.gsm"

[HKEY_USERS\S-1-5-21-2214416905-1292004739-3297873169-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.icl\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 9.0.icl"

[HKEY_USERS\S-1-5-21-2214416905-1292004739-3297873169-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.icn\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 9.0.icn"

[HKEY_USERS\S-1-5-21-2214416905-1292004739-3297873169-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ico\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 9.0.ico"

[HKEY_USERS\S-1-5-21-2214416905-1292004739-3297873169-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.iff\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 9.0.iff"

[HKEY_USERS\S-1-5-21-2214416905-1292004739-3297873169-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ilbm\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 9.0.ilbm"

[HKEY_USERS\S-1-5-21-2214416905-1292004739-3297873169-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.int\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 9.0.int"

[HKEY_USERS\S-1-5-21-2214416905-1292004739-3297873169-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.inta\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 9.0.inta"

[HKEY_USERS\S-1-5-21-2214416905-1292004739-3297873169-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.iw4\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 9.0.iw4"

[HKEY_USERS\S-1-5-21-2214416905-1292004739-3297873169-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.j2c\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 9.0.j2c"

[HKEY_USERS\S-1-5-21-2214416905-1292004739-3297873169-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.j2k\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 9.0.j2k"

[HKEY_USERS\S-1-5-21-2214416905-1292004739-3297873169-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jfif\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 9.0.jfif"

[HKEY_USERS\S-1-5-21-2214416905-1292004739-3297873169-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jif\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 9.0.jif"

[HKEY_USERS\S-1-5-21-2214416905-1292004739-3297873169-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jp2\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 9.0.jp2"

[HKEY_USERS\S-1-5-21-2214416905-1292004739-3297873169-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jpc\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 9.0.jpc"

[HKEY_USERS\S-1-5-21-2214416905-1292004739-3297873169-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jpe\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 9.0.jpe"

[HKEY_USERS\S-1-5-21-2214416905-1292004739-3297873169-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jpeg\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 9.0.jpeg"

[HKEY_USERS\S-1-5-21-2214416905-1292004739-3297873169-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jpg\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 9.0.jpg"

[HKEY_USERS\S-1-5-21-2214416905-1292004739-3297873169-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jpk\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 9.0.jpk"

[HKEY_USERS\S-1-5-21-2214416905-1292004739-3297873169-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jpx\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 9.0.jpx"

[HKEY_USERS\S-1-5-21-2214416905-1292004739-3297873169-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.kar\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 9.0.kar"

[HKEY_USERS\S-1-5-21-2214416905-1292004739-3297873169-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.lbm\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 9.0.lbm"

[HKEY_USERS\S-1-5-21-2214416905-1292004739-3297873169-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.m15\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 9.0.m15"

[HKEY_USERS\S-1-5-21-2214416905-1292004739-3297873169-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.m1a\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 9.0.m1a"

[HKEY_USERS\S-1-5-21-2214416905-1292004739-3297873169-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.m2a\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 9.0.m2a"

[HKEY_USERS\S-1-5-21-2214416905-1292004739-3297873169-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.m75\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 9.0.m75"

[HKEY_USERS\S-1-5-21-2214416905-1292004739-3297873169-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mos\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 9.0.mos"

[HKEY_USERS\S-1-5-21-2214416905-1292004739-3297873169-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mpv\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 9.0.mpv"

[HKEY_USERS\S-1-5-21-2214416905-1292004739-3297873169-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mrw\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 9.0.mrw"

[HKEY_USERS\S-1-5-21-2214416905-1292004739-3297873169-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.nef\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 9.0.nef"

[HKEY_USERS\S-1-5-21-2214416905-1292004739-3297873169-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.orf\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 9.0.orf"

[HKEY_USERS\S-1-5-21-2214416905-1292004739-3297873169-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pbm\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 9.0.pbm"

[HKEY_USERS\S-1-5-21-2214416905-1292004739-3297873169-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pcd\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 9.0.pcd"

[HKEY_USERS\S-1-5-21-2214416905-1292004739-3297873169-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pct\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 9.0.pct"

[HKEY_USERS\S-1-5-21-2214416905-1292004739-3297873169-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pcx\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 9.0.pcx"

[HKEY_USERS\S-1-5-21-2214416905-1292004739-3297873169-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pef\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 9.0.pef"

[HKEY_USERS\S-1-5-21-2214416905-1292004739-3297873169-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pgm\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 9.0.pgm"

[HKEY_USERS\S-1-5-21-2214416905-1292004739-3297873169-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pic\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 9.0.pic"

[HKEY_USERS\S-1-5-21-2214416905-1292004739-3297873169-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pics\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 9.0.pics"

[HKEY_USERS\S-1-5-21-2214416905-1292004739-3297873169-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pict\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 9.0.pict"

[HKEY_USERS\S-1-5-21-2214416905-1292004739-3297873169-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pix\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 9.0.pix"

[HKEY_USERS\S-1-5-21-2214416905-1292004739-3297873169-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.png\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 9.0.png"

[HKEY_USERS\S-1-5-21-2214416905-1292004739-3297873169-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ppm\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 9.0.ppm"

[HKEY_USERS\S-1-5-21-2214416905-1292004739-3297873169-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.psd\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 9.0.psd"

[HKEY_USERS\S-1-5-21-2214416905-1292004739-3297873169-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.psp\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 9.0.psp"

[HKEY_USERS\S-1-5-21-2214416905-1292004739-3297873169-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.qcp\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 9.0.qcp"

[HKEY_USERS\S-1-5-21-2214416905-1292004739-3297873169-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.qtpf\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 9.0.qtpf"

[HKEY_USERS\S-1-5-21-2214416905-1292004739-3297873169-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.raf\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 9.0.raf"

[HKEY_USERS\S-1-5-21-2214416905-1292004739-3297873169-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ras\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 9.0.ras"

[HKEY_USERS\S-1-5-21-2214416905-1292004739-3297873169-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.raw\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 9.0.raw"

[HKEY_USERS\S-1-5-21-2214416905-1292004739-3297873169-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.rgb\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 9.0.rgb"

[HKEY_USERS\S-1-5-21-2214416905-1292004739-3297873169-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.rgba\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 9.0.rgba"

[HKEY_USERS\S-1-5-21-2214416905-1292004739-3297873169-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.rle\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 9.0.rle"

[HKEY_USERS\S-1-5-21-2214416905-1292004739-3297873169-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.rsb\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 9.0.rsb"

[HKEY_USERS\S-1-5-21-2214416905-1292004739-3297873169-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.sfil\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 9.0.sfil"

[HKEY_USERS\S-1-5-21-2214416905-1292004739-3297873169-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.sgi\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 9.0.sgi"

[HKEY_USERS\S-1-5-21-2214416905-1292004739-3297873169-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.sml\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 9.0.sml"

[HKEY_USERS\S-1-5-21-2214416905-1292004739-3297873169-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.sr2\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 9.0.sr2"

[HKEY_USERS\S-1-5-21-2214416905-1292004739-3297873169-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.srf\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 9.0.srf"

[HKEY_USERS\S-1-5-21-2214416905-1292004739-3297873169-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.swa\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 9.0.swa"

[HKEY_USERS\S-1-5-21-2214416905-1292004739-3297873169-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.tga\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 9.0.tga"

[HKEY_USERS\S-1-5-21-2214416905-1292004739-3297873169-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.thm\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 9.0.thm"

[HKEY_USERS\S-1-5-21-2214416905-1292004739-3297873169-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.tif\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 9.0.tif"

[HKEY_USERS\S-1-5-21-2214416905-1292004739-3297873169-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.tiff\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 9.0.tiff"

[HKEY_USERS\S-1-5-21-2214416905-1292004739-3297873169-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ttc\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 9.0.ttc"

[HKEY_USERS\S-1-5-21-2214416905-1292004739-3297873169-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ttf\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 9.0.ttf"

[HKEY_USERS\S-1-5-21-2214416905-1292004739-3297873169-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ulw\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 9.0.ulw"

[HKEY_USERS\S-1-5-21-2214416905-1292004739-3297873169-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.v9o\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 9.0.v9o"

[HKEY_USERS\S-1-5-21-2214416905-1292004739-3297873169-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.v9p\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 9.0.v9p"

[HKEY_USERS\S-1-5-21-2214416905-1292004739-3297873169-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.v9pf\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 9.0.v9pf"

[HKEY_USERS\S-1-5-21-2214416905-1292004739-3297873169-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.vfw\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 9.0.vfw"

[HKEY_USERS\S-1-5-21-2214416905-1292004739-3297873169-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.wbm\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 9.0.wbm"

[HKEY_USERS\S-1-5-21-2214416905-1292004739-3297873169-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.wbmp\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 9.0.wbmp"

[HKEY_USERS\S-1-5-21-2214416905-1292004739-3297873169-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.wmf\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 9.0.wmf"

[HKEY_USERS\S-1-5-21-2214416905-1292004739-3297873169-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xbm\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 9.0.xbm"

[HKEY_USERS\S-1-5-21-2214416905-1292004739-3297873169-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xif\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 9.0.xif"

[HKEY_USERS\S-1-5-21-2214416905-1292004739-3297873169-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xpm\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 9.0.xpm"
.
------------------------ Andre kørende processer ------------------------
.
c:\windows\system32\Ati2evxx.exe
c:\windows\system32\Ati2evxx.exe
c:\program files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
c:\program files\Bonjour\mDNSResponder.exe
c:\windows\system32\crypserv.exe
c:\program files\Common Files\LightScribe\LSSrvc.exe
c:\program files\Nero\Nero8\Nero BackItUp\NBService.exe
c:\windows\system32\WUDFHost.exe
c:\windows\system32\conime.exe
c:\windows\system32\WerCon.exe
c:\program files\Hewlett-Packard\HP Health Check\hphc_service.exe
c:\windows\servicing\TrustedInstaller.exe
.
**************************************************************************
.
Gennemført tid: 2010-07-20  15:07:33 - maskinen blev genstartet
ComboFix-quarantined-files.txt  2010-07-20 13:07

Pre-Kørsel: 102.983.921.664 byte ledig
Post-Kørsel: 102.949.941.248 byte ledig

- - End Of File - - 7CCB88A2A3847DF21DDA516BD40C32A6

Deaktiver dit antivirus-program, kør en online scanning med ESET Online Scanner:
http://www.eset.com/ (...)

Du skal acceptere betingelserne for brug, og klik på Start.
Efter ActiveX Control er indlæst, vil det tage et par minutter for scanneren at blive klar.
Dernæst skal du sætte flueben i følgende felter:

Scan archives

under advanced settings
Scan for potentialy unwanted applications
Scan for potentially unsafe applications
enable anti-stealth technology

Klik på Start. Denne scanning kan tage et stykke tid, så vær tålmodig.
En log vil åbne, når scanningen er færdig.

(hvis ikke, skal du gå til C:\Programmer\EsetOnlineScanner\ og åbne filen Log.txt).

Kopier den herind i næste indlæg.

ESETSmartInstaller@High as downloader log:
all ok
# version=7
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.6211
# api_version=3.0.2
# EOSSerial=f377454f62a8e846bd890d5944dbb38c
# end=finished
# remove_checked=true
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=true
# antistealth_checked=true
# utc_time=2010-07-20 06:39:00
# local_time=2010-07-20 08:39:00 (+0100, Rom, sommertid)
# country="Denmark"
# lang=1033
# osver=6.0.6000 NT
# compatibility_mode=512 16777215 100 0 0 0 0 0
# compatibility_mode=5892 16776573 100 100 0 117173435 0 0
# compatibility_mode=8192 67108863 100 0 374 374 0 0
# scanned=266356
# found=13
# cleaned=12
# scan_time=10433
C:\Downloads\Microsoft Office 2007 Complete Third Edition\MS Office 2007.iso    probably a variant of Win32/Agent trojan (deleted - quarantined)    00000000000000000000000000000000    C
C:\Downloads\Nero 8 Ultra Edition 8.2.8.0+Keymaker\Nero-8.2.8.0_eng_trial.exe    Win32/Toolbar.AskSBar application (deleted - quarantined)    00000000000000000000000000000000    C
C:\fifa\rld-fif9.iso    probably a variant of Win32/Obfuscated trojan (deleted - quarantined)    00000000000000000000000000000000    C
C:\jan\VentriloMIX\Ventrilo 2.2.0.exe    probably a variant of Win32/Agent trojan (cleaned by deleting - quarantined)    00000000000000000000000000000000    C
C:\Qoobox\Quarantine\C\Windows\system32\Drivers\ndis.sys.vir    Win32/Olmarik.ZC trojan (cleaned - quarantined)    00000000000000000000000000000000    C
C:\Users\Jan\AppData\Local\VirtualStore\Program Files\VentriloMIX\Ventrilo 2.2.0.$$A    probably a variant of Win32/Agent trojan (cleaned by deleting - quarantined)    00000000000000000000000000000000    C
C:\Users\Jan\AppData\Local\VirtualStore\Program Files\VentriloMIX\Ventrilo 2.2.0.$$B    probably a variant of Win32/Agent trojan (cleaned by deleting - quarantined)    00000000000000000000000000000000    C
C:\Users\Jan\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\12\1dd6a40c-61c332db    a variant of Java/TrojanDownloader.Agent.NAN trojan (deleted - quarantined)    00000000000000000000000000000000    C
C:\Users\Jan\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\49\1eff1eb1-560f8ecd    probably a variant of Win32/Agent trojan (deleted - quarantined)    00000000000000000000000000000000    C
C:\Users\Jan\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\9\6bd9d49-4405b7da    multiple threats (deleted - quarantined)    00000000000000000000000000000000    C
C:\Users\Jan\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\9\7dfd6a09-33402765    multiple threats (deleted - quarantined)    00000000000000000000000000000000    C
C:\Users\Public\Games\World of Warcraft\msvcr70.dll    a variant of Win32/PSW.WOW.NOW trojan (cleaned by deleting - quarantined)    00000000000000000000000000000000    C
C:\Windows\winsxs\x86_microsoft-windows-ndis_31bf3856ad364e35_6.0.6000.16386_none_a59069cb1f23fc44\ndis.sys    Win32/Olmarik.ZC trojan (error while cleaning)    00000000000000000000000000000000    I

Hent og installer denne scanner:
http://kortlink.dk/ (...)

Start superantispyware, klik på Check for updates, når det er opdateret skal du lade det skanne din computer
(Fixed disk betyder harddisk)
Flyt prikken til Perform complete scan og klik på Næste, så kører scanningen.

Når den er færdig kommer der et vindue med en opsummering, klik på OK, klik så på næste og så på Udfør.

Der kommer et vindue med Quarantine and removal Complete, klik på OK, klik på Udfør.
Luk programmet, genstart normalt.

Start så superantispyware, klik på preferences, statistics/logs, view log. Indholdet af denne log må du gerne kopiere herind.

SUPERAntiSpyware Scan Log
http://www.superantispyware.com

Generated 07/21/2010 at 04:09 PM

Application Version : 4.40.1002

Core Rules Database Version : 5239
Trace Rules Database Version: 3051

Scan type      : Complete Scan
Total Scan Time : 00:43:00

Memory items scanned      : 929
Memory threats detected  : 0
Registry items scanned    : 10863
Registry threats detected : 0
File items scanned        : 45906
File threats detected    : 128

Adware.Tracking Cookie
    C:\Users\Jan\AppData\Roaming\Microsoft\Windows\Cookies\jan@atdmt[1].txt
    C:\Users\Jan\AppData\Roaming\Microsoft\Windows\Cookies\jan@bluestreak[2].txt
    C:\Users\Jan\AppData\Roaming\Microsoft\Windows\Cookies\jan@track.adform[3].txt
    C:\Users\Jan\AppData\Roaming\Microsoft\Windows\Cookies\jan@track.adform[2].txt
    cdn5.specificclick.net [ C:\Users\Jan\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\DDRTTR8E ]
    ia.media-imdb.com [ C:\Users\Jan\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\DDRTTR8E ]
    C:\Users\Jan\AppData\Roaming\Microsoft\Windows\Cookies\jan@atdmt[2].txt
    C:\Users\Jan\AppData\Roaming\Microsoft\Windows\Cookies\Low\jan@track.adform[5].txt
    C:\Users\Jan\AppData\Roaming\Microsoft\Windows\Cookies\Low\jan@adserver3.openadex[1].txt
    C:\Users\Jan\AppData\Roaming\Microsoft\Windows\Cookies\Low\jan@adtech[1].txt
    C:\Users\Jan\AppData\Roaming\Microsoft\Windows\Cookies\Low\jan@atdmt[1].txt
    C:\Users\Jan\AppData\Roaming\Microsoft\Windows\Cookies\Low\jan@atdmt[2].txt
    C:\Users\Jan\AppData\Roaming\Microsoft\Windows\Cookies\Low\jan@bluestreak[1].txt
    C:\Users\Jan\AppData\Roaming\Microsoft\Windows\Cookies\Low\jan@bluestreak[2].txt
    C:\Users\Jan\AppData\Roaming\Microsoft\Windows\Cookies\Low\jan@track.adform[1].txt
    C:\Users\Jan\AppData\Roaming\Microsoft\Windows\Cookies\Low\jan@track.adform[2].txt
    C:\Users\Jan\AppData\Roaming\Microsoft\Windows\Cookies\Low\jan@track.adform[3].txt
    .adtech.de [ C:\Users\Jan\AppData\Roaming\Mozilla\Firefox\Profiles\2unrkq9b.default\cookies.sqlite ]
    .apmebf.com [ C:\Users\Jan\AppData\Roaming\Mozilla\Firefox\Profiles\2unrkq9b.default\cookies.sqlite ]
    .mediaplex.com [ C:\Users\Jan\AppData\Roaming\Mozilla\Firefox\Profiles\2unrkq9b.default\cookies.sqlite ]
    delivery-media.surftown.com [ C:\Users\Jan\AppData\Roaming\Mozilla\Firefox\Profiles\2unrkq9b.default\cookies.sqlite ]
    .doubleclick.net [ C:\Users\Jan\AppData\Roaming\Mozilla\Firefox\Profiles\2unrkq9b.default\cookies.sqlite ]
    track.adform.net [ C:\Users\Jan\AppData\Roaming\Mozilla\Firefox\Profiles\2unrkq9b.default\cookies.sqlite ]
    adserver3.openadex.dk [ C:\Users\Jan\AppData\Roaming\Mozilla\Firefox\Profiles\2unrkq9b.default\cookies.sqlite ]
    delivery-media.surftown.com [ C:\Users\Jan\AppData\Roaming\Mozilla\Firefox\Profiles\2unrkq9b.default\cookies.sqlite ]
    .popcapgames.122.2o7.net [ C:\Users\Jan\AppData\Roaming\Mozilla\Firefox\Profiles\2unrkq9b.default\cookies.sqlite ]
    .atdmt.com [ C:\Users\Jan\AppData\Roaming\Mozilla\Firefox\Profiles\2unrkq9b.default\cookies.sqlite ]
    .atdmt.com [ C:\Users\Jan\AppData\Roaming\Mozilla\Firefox\Profiles\2unrkq9b.default\cookies.sqlite ]
    .www.burstnet.com [ C:\Users\Jan\AppData\Roaming\Mozilla\Firefox\Profiles\2unrkq9b.default\cookies.sqlite ]
    .burstnet.com [ C:\Users\Jan\AppData\Roaming\Mozilla\Firefox\Profiles\2unrkq9b.default\cookies.sqlite ]
    www.burstnet.com [ C:\Users\Jan\AppData\Roaming\Mozilla\Firefox\Profiles\2unrkq9b.default\cookies.sqlite ]
    .burstnet.com [ C:\Users\Jan\AppData\Roaming\Mozilla\Firefox\Profiles\2unrkq9b.default\cookies.sqlite ]
    .adviva.net [ C:\Users\Jan\AppData\Roaming\Mozilla\Firefox\Profiles\2unrkq9b.default\cookies.sqlite ]
    .adviva.net [ C:\Users\Jan\AppData\Roaming\Mozilla\Firefox\Profiles\2unrkq9b.default\cookies.sqlite ]
    .advertising.com [ C:\Users\Jan\AppData\Roaming\Mozilla\Firefox\Profiles\2unrkq9b.default\cookies.sqlite ]
    rev.remnantmedianetwork.com [ C:\Users\Jan\AppData\Roaming\Mozilla\Firefox\Profiles\2unrkq9b.default\cookies.sqlite ]
    www.pornhost.com [ C:\Users\Jan\AppData\Roaming\Mozilla\Firefox\Profiles\2unrkq9b.default\cookies.sqlite ]
    www.pornhost.com [ C:\Users\Jan\AppData\Roaming\Mozilla\Firefox\Profiles\2unrkq9b.default\cookies.sqlite ]
    www.pornhost.com [ C:\Users\Jan\AppData\Roaming\Mozilla\Firefox\Profiles\2unrkq9b.default\cookies.sqlite ]
    .pornhost.com [ C:\Users\Jan\AppData\Roaming\Mozilla\Firefox\Profiles\2unrkq9b.default\cookies.sqlite ]
    .pornhost.com [ C:\Users\Jan\AppData\Roaming\Mozilla\Firefox\Profiles\2unrkq9b.default\cookies.sqlite ]
    .ero-advertising.com [ C:\Users\Jan\AppData\Roaming\Mozilla\Firefox\Profiles\2unrkq9b.default\cookies.sqlite ]
    .adultfriendfinder.com [ C:\Users\Jan\AppData\Roaming\Mozilla\Firefox\Profiles\2unrkq9b.default\cookies.sqlite ]
    .adultfriendfinder.com [ C:\Users\Jan\AppData\Roaming\Mozilla\Firefox\Profiles\2unrkq9b.default\cookies.sqlite ]
    .adultfriendfinder.com [ C:\Users\Jan\AppData\Roaming\Mozilla\Firefox\Profiles\2unrkq9b.default\cookies.sqlite ]
    .adultfriendfinder.com [ C:\Users\Jan\AppData\Roaming\Mozilla\Firefox\Profiles\2unrkq9b.default\cookies.sqlite ]
    .adultfriendfinder.com [ C:\Users\Jan\AppData\Roaming\Mozilla\Firefox\Profiles\2unrkq9b.default\cookies.sqlite ]
    .adultfriendfinder.com [ C:\Users\Jan\AppData\Roaming\Mozilla\Firefox\Profiles\2unrkq9b.default\cookies.sqlite ]
    www.pornhost.com [ C:\Users\Jan\AppData\Roaming\Mozilla\Firefox\Profiles\2unrkq9b.default\cookies.sqlite ]
    www.pornhost.com [ C:\Users\Jan\AppData\Roaming\Mozilla\Firefox\Profiles\2unrkq9b.default\cookies.sqlite ]
    www.pornhost.com [ C:\Users\Jan\AppData\Roaming\Mozilla\Firefox\Profiles\2unrkq9b.default\cookies.sqlite ]
    www.pornhost.com [ C:\Users\Jan\AppData\Roaming\Mozilla\Firefox\Profiles\2unrkq9b.default\cookies.sqlite ]
    www.pornhost.com [ C:\Users\Jan\AppData\Roaming\Mozilla\Firefox\Profiles\2unrkq9b.default\cookies.sqlite ]
    www.yourfreeporn.us [ C:\Users\Jan\AppData\Roaming\Mozilla\Firefox\Profiles\2unrkq9b.default\cookies.sqlite ]
    .adbrite.com [ C:\Users\Jan\AppData\Roaming\Mozilla\Firefox\Profiles\2unrkq9b.default\cookies.sqlite ]
    .adbrite.com [ C:\Users\Jan\AppData\Roaming\Mozilla\Firefox\Profiles\2unrkq9b.default\cookies.sqlite ]
    .adbrite.com [ C:\Users\Jan\AppData\Roaming\Mozilla\Firefox\Profiles\2unrkq9b.default\cookies.sqlite ]
    .adbrite.com [ C:\Users\Jan\AppData\Roaming\Mozilla\Firefox\Profiles\2unrkq9b.default\cookies.sqlite ]
    .adbrite.com [ C:\Users\Jan\AppData\Roaming\Mozilla\Firefox\Profiles\2unrkq9b.default\cookies.sqlite ]
    .adbrite.com [ C:\Users\Jan\AppData\Roaming\Mozilla\Firefox\Profiles\2unrkq9b.default\cookies.sqlite ]
    www.yourfreeporn.us [ C:\Users\Jan\AppData\Roaming\Mozilla\Firefox\Profiles\2unrkq9b.default\cookies.sqlite ]
    www.yourfreeporn.us [ C:\Users\Jan\AppData\Roaming\Mozilla\Firefox\Profiles\2unrkq9b.default\cookies.sqlite ]
    .bannerbobber.com [ C:\Users\Jan\AppData\Roaming\Mozilla\Firefox\Profiles\2unrkq9b.default\cookies.sqlite ]
    .adserver.adtechus.com [ C:\Users\Jan\AppData\Roaming\Mozilla\Firefox\Profiles\2unrkq9b.default\cookies.sqlite ]
    gr.burstnet.com [ C:\Users\Jan\AppData\Roaming\Mozilla\Firefox\Profiles\2unrkq9b.default\cookies.sqlite ]
    ad.yieldmanager.com [ C:\Users\Jan\AppData\Roaming\Mozilla\Firefox\Profiles\2unrkq9b.default\cookies.sqlite ]
    ad.yieldmanager.com [ C:\Users\Jan\AppData\Roaming\Mozilla\Firefox\Profiles\2unrkq9b.default\cookies.sqlite ]
    ad.yieldmanager.com [ C:\Users\Jan\AppData\Roaming\Mozilla\Firefox\Profiles\2unrkq9b.default\cookies.sqlite ]
    .tradedoubler.com [ C:\Users\Jan\AppData\Roaming\Mozilla\Firefox\Profiles\2unrkq9b.default\cookies.sqlite ]
    .tradedoubler.com [ C:\Users\Jan\AppData\Roaming\Mozilla\Firefox\Profiles\2unrkq9b.default\cookies.sqlite ]
    .tradedoubler.com [ C:\Users\Jan\AppData\Roaming\Mozilla\Firefox\Profiles\2unrkq9b.default\cookies.sqlite ]
    ad.yieldmanager.com [ C:\Users\Jan\AppData\Roaming\Mozilla\Firefox\Profiles\2unrkq9b.default\cookies.sqlite ]
    .content.yieldmanager.com [ C:\Users\Jan\AppData\Roaming\Mozilla\Firefox\Profiles\2unrkq9b.default\cookies.sqlite ]
    eas8.emediate.eu [ C:\Users\Jan\AppData\Roaming\Mozilla\Firefox\Profiles\2unrkq9b.default\cookies.sqlite ]
    eas8.emediate.eu [ C:\Users\Jan\AppData\Roaming\Mozilla\Firefox\Profiles\2unrkq9b.default\cookies.sqlite ]
    .adtech.de [ C:\Users\Jan\AppData\Roaming\Mozilla\Firefox\Profiles\2unrkq9b.default\cookies.sqlite ]
    .adtech.de [ C:\Users\Jan\AppData\Roaming\Mozilla\Firefox\Profiles\2unrkq9b.default\cookies.sqlite ]
    .adtech.de [ C:\Users\Jan\AppData\Roaming\Mozilla\Firefox\Profiles\2unrkq9b.default\cookies.sqlite ]
    .bluestreak.com [ C:\Users\Jan\AppData\Roaming\Mozilla\Firefox\Profiles\2unrkq9b.default\cookies.sqlite ]
    .adtech.de [ C:\Users\Jan\AppData\Roaming\Mozilla\Firefox\Profiles\2unrkq9b.default\cookies.sqlite ]
    .hitbox.com [ C:\Users\Jan\AppData\Roaming\Mozilla\Firefox\Profiles\2unrkq9b.default\cookies.sqlite ]
    .ehg-eset.hitbox.com [ C:\Users\Jan\AppData\Roaming\Mozilla\Firefox\Profiles\2unrkq9b.default\cookies.sqlite ]
    .hitbox.com [ C:\Users\Jan\AppData\Roaming\Mozilla\Firefox\Profiles\2unrkq9b.default\cookies.sqlite ]
    .tradedoubler.com [ C:\Users\Jan\AppData\Roaming\Mozilla\Firefox\Profiles\2unrkq9b.default\cookies.sqlite ]
    .mediaplex.com [ C:\Users\Jan\AppData\Roaming\Mozilla\Firefox\Profiles\2unrkq9b.default\cookies.sqlite ]
    track.adform.net [ C:\Users\Jan\AppData\Roaming\Mozilla\Firefox\Profiles\2unrkq9b.default\cookies.sqlite ]
    track.adform.net [ C:\Users\Jan\AppData\Roaming\Mozilla\Firefox\Profiles\2unrkq9b.default\cookies.sqlite ]
    ad.yieldmanager.com [ C:\Users\Jan\AppData\Roaming\Mozilla\Firefox\Profiles\2unrkq9b.default\cookies.sqlite ]
    ad.yieldmanager.com [ C:\Users\Jan\AppData\Roaming\Mozilla\Firefox\Profiles\2unrkq9b.default\cookies.sqlite ]
    eas8.emediate.eu [ C:\Users\Jan\AppData\Roaming\Mozilla\Firefox\Profiles\2unrkq9b.default\cookies.sqlite ]
    .specificclick.net [ C:\Users\Jan\AppData\Roaming\Mozilla\Firefox\Profiles\2unrkq9b.default\cookies.sqlite ]
    .specificclick.net [ C:\Users\Jan\AppData\Roaming\Mozilla\Firefox\Profiles\2unrkq9b.default\cookies.sqlite ]
    .specificclick.net [ C:\Users\Jan\AppData\Roaming\Mozilla\Firefox\Profiles\2unrkq9b.default\cookies.sqlite ]
    .specificclick.net [ C:\Users\Jan\AppData\Roaming\Mozilla\Firefox\Profiles\2unrkq9b.default\cookies.sqlite ]
    .specificclick.net [ C:\Users\Jan\AppData\Roaming\Mozilla\Firefox\Profiles\2unrkq9b.default\cookies.sqlite ]
    .specificclick.net [ C:\Users\Jan\AppData\Roaming\Mozilla\Firefox\Profiles\2unrkq9b.default\cookies.sqlite ]
    .specificclick.net [ C:\Users\Jan\AppData\Roaming\Mozilla\Firefox\Profiles\2unrkq9b.default\cookies.sqlite ]
    .media6degrees.com [ C:\Users\Jan\AppData\Roaming\Mozilla\Firefox\Profiles\2unrkq9b.default\cookies.sqlite ]
    .media6degrees.com [ C:\Users\Jan\AppData\Roaming\Mozilla\Firefox\Profiles\2unrkq9b.default\cookies.sqlite ]
    .interclick.com [ C:\Users\Jan\AppData\Roaming\Mozilla\Firefox\Profiles\2unrkq9b.default\cookies.sqlite ]
    .tribalfusion.com [ C:\Users\Jan\AppData\Roaming\Mozilla\Firefox\Profiles\2unrkq9b.default\cookies.sqlite ]
    ad.yieldmanager.com [ C:\Users\Jan\AppData\Roaming\Mozilla\Firefox\Profiles\2unrkq9b.default\cookies.sqlite ]
    .interclick.com [ C:\Users\Jan\AppData\Roaming\Mozilla\Firefox\Profiles\2unrkq9b.default\cookies.sqlite ]
    .interclick.com [ C:\Users\Jan\AppData\Roaming\Mozilla\Firefox\Profiles\2unrkq9b.default\cookies.sqlite ]
    optimize.indieclick.com [ C:\Users\Jan\AppData\Roaming\Mozilla\Firefox\Profiles\2unrkq9b.default\cookies.sqlite ]
    .elkjop.112.2o7.net [ C:\Users\Jan\AppData\Roaming\Mozilla\Firefox\Profiles\2unrkq9b.default\cookies.sqlite ]
    cdn5.specificclick.net [ C:\Users\Jan\AppData\Roaming\Mozilla\Firefox\Profiles\2unrkq9b.default\cookies.sqlite ]
    cdn5.specificclick.net [ C:\Users\Jan\AppData\Roaming\Mozilla\Firefox\Profiles\2unrkq9b.default\cookies.sqlite ]
    .specificclick.net [ C:\Users\Jan\AppData\Roaming\Mozilla\Firefox\Profiles\2unrkq9b.default\cookies.sqlite ]
    .lfstmedia.com [ C:\Users\Jan\AppData\Roaming\Mozilla\Firefox\Profiles\2unrkq9b.default\cookies.sqlite ]
    .lfstmedia.com [ C:\Users\Jan\AppData\Roaming\Mozilla\Firefox\Profiles\2unrkq9b.default\cookies.sqlite ]
    delivery-media.surftown.com [ C:\Users\Jan\AppData\Roaming\Mozilla\Firefox\Profiles\2unrkq9b.default\cookies.sqlite ]
    .adultfriendfinder.com [ C:\Users\Jan\AppData\Roaming\Mozilla\Firefox\Profiles\2unrkq9b.default\cookies.sqlite ]
    .ero-advertising.com [ C:\Users\Jan\AppData\Roaming\Mozilla\Firefox\Profiles\2unrkq9b.default\cookies.sqlite ]
    .adultadworld.com [ C:\Users\Jan\AppData\Roaming\Mozilla\Firefox\Profiles\2unrkq9b.default\cookies.sqlite ]
    .adultadworld.com [ C:\Users\Jan\AppData\Roaming\Mozilla\Firefox\Profiles\2unrkq9b.default\cookies.sqlite ]
    .adultadworld.com [ C:\Users\Jan\AppData\Roaming\Mozilla\Firefox\Profiles\2unrkq9b.default\cookies.sqlite ]
    .adultadworld.com [ C:\Users\Jan\AppData\Roaming\Mozilla\Firefox\Profiles\2unrkq9b.default\cookies.sqlite ]
    .adultadworld.com [ C:\Users\Jan\AppData\Roaming\Mozilla\Firefox\Profiles\2unrkq9b.default\cookies.sqlite ]
    .ero-advertising.com [ C:\Users\Jan\AppData\Roaming\Mozilla\Firefox\Profiles\2unrkq9b.default\cookies.sqlite ]
    x2.xclicks.net [ C:\Users\Jan\AppData\Roaming\Mozilla\Firefox\Profiles\2unrkq9b.default\cookies.sqlite ]
    x2.xclicks.net [ C:\Users\Jan\AppData\Roaming\Mozilla\Firefox\Profiles\2unrkq9b.default\cookies.sqlite ]

Adware.Flash Tracking Cookie
    C:\Users\Jan\AppData\Roaming\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\DDRTTR8E\IA.MEDIA-IMDB.COM

Trojan.Agent/Gen
    C:\USERS\JAN\APPDATA\ROAMING\TEAMSPEAK2\MSWINDRV26\MSFTCORE.DLL
    C:\USERS\JAN\APPDATA\ROAMING\TEAMSPEAK2\MSWINDRV26\MSFTDM.EXE
    C:\USERS\JAN\APPDATA\ROAMING\TEAMSPEAK2\MSWINDRV26\MSFTDM32.EXE

Trojan.Agent/Gen-FraudPack
    C:\USERS\JAN\APPDATA\ROAMING\TEAMSPEAK2\MSWINDRV26\MSFTLDR.DLL

Trojan.Agent/Gen-Crypt
    C:\WINDOWS\CKRFRESH.EXE

Vil du godt lægge en frisk log fra Combofix herind.

ComboFix 10-07-19.04 - Jan 22-07-2010  5:45.2.2 - x86
Microsoft® Windows Vista™ Home Premium  6.0.6001.1.1252.45.1030.18.3070.2191 [GMT 2:00]
Kører fra: c:\users\Jan\Desktop\ComboFix.exe
Kommandoer benyttet :: c:\users\Jan\Desktop\CFScript.txt
SP: Lavasoft Ad-Watch Live! *enabled* (Updated) {67844DAE-4F77-4D69-9457-98E8CFFDAA22}
SP: Spybot - Search and Destroy *disabled* (Outdated) {ED588FAF-1B8F-43B4-ACA8-8E3C85DADBE9}
SP: SUPERAntiSpyware *disabled* (Updated) {222A897C-5018-402e-943F-7E7AC8560DA7}
SP: Windows Defender *enabled* (Updated) {D68DDC3A-831F-4FAE-9E44-DA132C1ACF46}
.

(((((((((((((((((((((((((((((  Filer skabt fra 2010-06-22 til 2010-07-22  )))))))))))))))))))))))))))))))))))
.

2010-07-22 03:52 . 2010-07-22 03:56    --------    d-----w-    c:\users\Jan\AppData\Local\temp
2010-07-22 03:52 . 2010-07-22 03:52    --------    d-----w-    c:\users\Public\AppData\Local\temp
2010-07-22 03:52 . 2010-07-22 03:52    --------    d-----w-    c:\users\Default\AppData\Local\temp
2010-07-21 21:29 . 2010-07-21 21:29    --------    d-----w-    C:\PerfLogs
2010-07-21 21:23 . 2008-01-08 11:10    98304    ----a-w-    c:\windows\RTKAUDIOSERVICE.EXE
2010-07-20 17:04 . 2010-07-20 17:07    --------    d-----w-    c:\users\Jan\Cataclysm Pre-Release 11927 enUS
2010-07-20 15:38 . 2010-07-20 15:38    --------    d-----w-    c:\program files\ESET
2010-07-20 15:30 . 2010-03-05 14:01    420352    ----a-w-    c:\windows\system32\vbscript.dll
2010-07-20 12:13 . 2010-07-20 12:13    --------    d-----w-    c:\programdata\Office Genuine Advantage
2010-07-20 10:48 . 2010-07-20 10:48    --------    d-----w-    c:\program files\CCleaner
2010-07-19 16:27 . 2010-07-19 16:27    --------    d-----w-    c:\users\Jan\AppData\Roaming\Malwarebytes
2010-07-19 16:26 . 2010-04-29 13:39    38224    ----a-w-    c:\windows\system32\drivers\mbamswissarmy.sys
2010-07-19 16:26 . 2010-07-19 16:27    --------    d-----w-    c:\program files\Malwarebytes' Anti-Malware
2010-07-19 16:26 . 2010-07-19 16:26    --------    d-----w-    c:\programdata\Malwarebytes
2010-07-19 16:26 . 2010-04-29 13:39    20952    ----a-w-    c:\windows\system32\drivers\mbam.sys
2010-07-19 14:40 . 2010-07-12 08:55    15880    ----a-w-    c:\windows\system32\lsdelete.exe
2010-07-19 14:14 . 2010-07-19 14:14    --------    d-----w-    c:\users\Jan\AppData\Local\Sunbelt Software
2010-07-19 14:10 . 2010-07-19 14:10    --------    dc-h--w-    c:\programdata\{BD986C1B-72EC-4B82-B47B-6CAC4E6F494E}
2010-07-08 20:09 . 2010-07-08 20:09    --------    d-----w-    c:\program files\Common Files\Skype
2010-06-25 12:09 . 2010-06-25 12:09    --------    d-----w-    c:\program files\7-Zip
2010-06-24 16:24 . 2009-05-29 21:37    205824    ----a-w-    c:\windows\system32\xvidvfw.dll
2010-06-24 16:24 . 2009-05-29 21:31    881664    ----a-w-    c:\windows\system32\xvidcore.dll
2010-06-24 16:24 . 2006-04-02 12:47    630784    ----a-w-    c:\windows\system32\vp7vfw.dll
2010-06-24 16:24 . 2004-05-18 18:16    39936    ----a-w-    c:\windows\system32\huffyuv.dll
2010-06-24 16:24 . 2004-01-25 16:18    217088    ----a-w-    c:\windows\system32\yv12vfw.dll
2010-06-24 16:24 . 2010-06-02 08:00    108032    ----a-w-    c:\windows\system32\ff_vfw.dll
2010-06-24 15:16 . 2010-06-24 15:16    --------    d-----w-    c:\users\Jan\AppData\Roaming\GRETECH
2010-06-24 15:14 . 2010-06-24 15:14    --------    d-----w-    c:\program files\GRETECH

.
((((((((((((((((((((((((((((((((((((((((  Find3M Rapport  ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-07-22 03:41 . 2008-01-08 21:11    76996    ----a-w-    c:\windows\system32\perfc006.dat
2010-07-22 03:41 . 2008-01-08 21:11    463030    ----a-w-    c:\windows\system32\perfh006.dat
2010-07-22 03:36 . 2010-05-21 19:37    0    ----a-w-    c:\windows\system32\Access.dat
2010-07-21 21:30 . 2006-11-02 12:37    --------    d-----w-    c:\program files\Windows Sidebar
2010-07-21 21:30 . 2006-11-02 12:37    --------    d-----w-    c:\program files\Windows Photo Gallery
2010-07-21 21:30 . 2006-11-02 12:37    --------    d-----w-    c:\program files\Windows Journal
2010-07-21 21:30 . 2006-11-02 12:37    --------    d-----w-    c:\program files\Windows Collaboration
2010-07-21 21:30 . 2006-11-02 12:37    --------    d-----w-    c:\program files\Windows Calendar
2010-07-21 21:30 . 2006-11-02 11:18    --------    d-----w-    c:\program files\Windows Mail
2010-07-21 21:30 . 2006-11-02 12:37    --------    d-----w-    c:\program files\Windows Defender
2010-07-21 14:50 . 2006-11-02 10:32    101888    ----a-w-    c:\windows\system32\ifxcardm.dll
2010-07-21 14:50 . 2006-11-02 10:32    82432    ----a-w-    c:\windows\system32\axaltocm.dll
2010-07-21 13:25 . 2010-05-17 23:06    63488    ----a-w-    c:\users\Jan\AppData\Roaming\SUPERAntiSpyware.com\SUPERAntiSpyware\SDDLLS\SD10006.dll
2010-07-21 13:25 . 2010-05-17 23:06    117760    ----a-w-    c:\users\Jan\AppData\Roaming\SUPERAntiSpyware.com\SUPERAntiSpyware\SDDLLS\UIREPAIR.DLL
2010-07-20 21:18 . 2009-09-15 05:36    --------    d-----w-    c:\users\Jan\AppData\Roaming\vlc
2010-07-20 17:07 . 2009-08-20 04:38    --------    d-----w-    c:\programdata\Blizzard Entertainment
2010-07-20 10:53 . 2010-05-21 17:27    --------    d-----w-    c:\program files\Shiny
2010-07-20 10:53 . 2008-01-08 13:14    --------    d--h--w-    c:\program files\InstallShield Installation Information
2010-07-20 10:49 . 2010-02-23 18:24    --------    d-----w-    c:\users\Jan\AppData\Roaming\Media Player Classic
2010-07-20 10:49 . 2009-03-10 20:26    --------    d-----w-    c:\programdata\Spybot - Search & Destroy
2010-07-20 10:21 . 2008-03-27 05:56    680    ----a-w-    c:\users\Jan\AppData\Local\d3d9caps.dat
2010-07-19 14:13 . 2008-08-01 12:05    --------    d-----w-    c:\program files\Google
2010-07-19 03:43 . 2008-03-26 20:41    --------    d-----w-    c:\program files\SUPERAntiSpyware
2010-07-18 20:47 . 2010-07-18 20:47    40960    ----a-w-    c:\users\Jan\AppData\Roaming\teamspeak2\mswindrv26\msfteml.dll
2010-07-18 20:47 . 2010-07-18 20:47    16384    ----a-w-    c:\users\Jan\AppData\Roaming\teamspeak2\mswindrv26\msftstp.exe
2010-07-18 20:47 . 2008-09-09 19:15    --------    d-----w-    c:\users\Jan\AppData\Roaming\teamspeak2
2010-07-16 01:02 . 2008-09-23 15:50    --------    d-----w-    c:\programdata\Microsoft Help
2010-07-12 08:56 . 2010-07-19 14:10    2979280    -c--a-w-    c:\programdata\{BD986C1B-72EC-4B82-B47B-6CAC4E6F494E}\Ad-AwareInstall.exe
2010-07-12 08:55 . 2010-06-07 23:09    64288    ----a-w-    c:\windows\system32\drivers\Lbd.sys
2010-07-09 14:04 . 2008-05-20 16:34    --------    d-----w-    c:\users\Jan\AppData\Roaming\Skype
2010-07-09 14:00 . 2008-05-20 16:35    --------    d-----w-    c:\users\Jan\AppData\Roaming\skypePM
2010-07-04 14:56 . 2010-03-09 15:00    439816    ----a-w-    c:\users\Jan\AppData\Roaming\Real\Update\setup3.10\setup.exe
2010-06-24 16:48 . 2010-05-21 17:48    --------    dc-h--w-    c:\programdata\{67C33A62-5B1D-43D1-9600-16006F36EB2B}
2010-06-24 16:25 . 2010-02-23 18:22    --------    d-----w-    c:\program files\K-Lite Codec Pack
2010-06-24 15:17 . 2010-06-24 15:17    501936    ----a-w-    c:\programdata\Google\Google Toolbar\Update\gtb42A0.tmp.exe
2010-06-10 11:14 . 2010-06-10 11:14    --------    d-----w-    c:\users\Jan\AppData\Roaming\ACD Systems
2010-06-10 11:11 . 2010-06-10 11:11    --------    d-----w-    c:\program files\Common Files\ACD Systems
2010-06-10 11:11 . 2010-06-10 11:11    --------    d-----w-    c:\programdata\ACD Systems
2010-06-10 11:11 . 2010-06-10 11:11    --------    d-----w-    c:\program files\ACD Systems
2010-06-10 06:37 . 2010-06-10 06:36    --------    d-----w-    c:\program files\Eraser
2010-06-05 10:09 . 2010-05-14 20:37    --------    d-----w-    c:\program files\Microsoft Silverlight
2010-05-23 10:16 . 2010-05-23 10:16    --------    d-----w-    c:\users\Jan\AppData\Roaming\PeerNetworking
2010-05-22 17:35 . 2010-05-22 17:35    530    ----a-w-    c:\windows\eReg.dat
2010-05-21 19:39 . 2008-03-26 07:44    106872    ----a-w-    c:\users\Jan\AppData\Local\GDIPFONTCACHEV1.DAT
2010-05-21 12:14 . 2009-10-03 00:10    221568    ------w-    c:\windows\system32\MpSigStub.exe
2010-05-17 23:08 . 2010-05-17 23:08    95024    ----a-w-    c:\windows\system32\drivers\SBREDrv.sys
2010-05-17 23:06 . 2010-05-17 23:06    52224    ----a-w-    c:\users\Jan\AppData\Roaming\SUPERAntiSpyware.com\SUPERAntiSpyware\SDDLLS\SD10005.dll
2010-05-04 05:59 . 2010-07-20 12:05    916480    ----a-w-    c:\windows\system32\wininet.dll
2010-05-04 05:55 . 2010-07-20 12:05    71680    ----a-w-    c:\windows\system32\iesetup.dll
2010-05-04 05:55 . 2010-07-20 12:05    109056    ----a-w-    c:\windows\system32\iesysprep.dll
2010-05-04 04:31 . 2010-07-20 12:05    133632    ----a-w-    c:\windows\system32\ieUnatt.exe
2008-01-08 21:45 . 2008-01-08 21:15    8192    --sha-w-    c:\windows\Users\Default\NTUSER.DAT
.

(((((((((((((((((((((((((((((((((((  Start steder i reg.basen  ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Bemærk* tomme linier & lovlige standard linier vises ikke 
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"MsnMsgr"="c:\program files\Windows Live\Messenger\MsnMsgr.Exe" [2009-07-26 3883856]
"IndxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="c:\program files\Common Files\Nero\Lib\NMIndexStoreSvr.exe" [2007-12-13 1688872]
"ehTray.exe"="c:\windows\ehome\ehTray.exe" [2008-01-19 125952]
"SpybotSD TeaTimer"="c:\program files\Spybot - Search & Destroy\TeaTimer.exe" [2009-01-26 2144088]
"Skype"="c:\program files\Skype\\Phone\Skype.exe" [2010-05-13 26192168]
"SUPERAntiSpyware"="c:\program files\SUPERAntiSpyware\SUPERAntiSpyware.exe" [2010-07-19 2403568]
"WMPNSCFG"="c:\program files\Windows Media Player\WMPNSCFG.exe" [2008-01-19 202240]
"CollaborationHost"="c:\windows\system32\p2phost.exe" [2008-01-19 192000]
"swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2010-05-27 39408]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Windows Defender"="c:\program files\Windows Defender\MSASCui.exe" [2008-01-19 1008184]
"hpsysdrv"="c:\hp\support\hpsysdrv.exe" [2007-04-18 65536]
"KBD"="c:\hp\KBD\KbdStub.EXE" [2006-12-08 65536]
"OsdMaestro"="c:\program files\Hewlett-Packard\On-Screen OSD Indicator\OSD.exe" [2007-02-15 118784]
"RtHDVCpl"="RtHDVCpl.exe" [2008-01-15 4874240]
"SunJavaUpdateReg"="c:\windows\system32\jureg.exe" [2007-04-07 54936]
"NBKeyScan"="c:\program files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe" [2007-12-03 2213160]
"NeroFilterCheck"="c:\program files\Common Files\Nero\Lib\NeroCheck.exe" [2007-03-01 153136]
"StartCCC"="c:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2008-07-16 61440]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2010-01-11 246504]
"GrooveMonitor"="c:\program files\Microsoft Office\Office12\GrooveMonitor.exe" [2008-10-25 31072]
"HP Software Update"="c:\program files\HP\HP Software Update\HPWuSchd2.exe" [2007-10-14 49152]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2008-10-14 39792]
"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2009-09-04 417792]
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2009-09-08 305440]
"TkBellExe"="c:\program files\Common Files\Real\Update_OB\realsched.exe" [2009-09-29 198160]
"Live! Central 2"="c:\program files\Creative\Creative Live! Cam\Live! Central 2\CTLVCentral2.exe" [2009-10-14 426140]
"Eraser"="c:\progra~1\Eraser\Eraser.exe" [2010-04-10 979344]
"Malwarebytes Anti-Malware (reboot)"="c:\program files\Malwarebytes' Anti-Malware\mbam.exe" [2010-04-29 1090952]

c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
HP Digital Imaging Monitor.lnk - c:\program files\HP\Digital Imaging\bin\hpqtra08.exe [2007-10-14 214360]
WinZip Quick Pick.lnk - c:\program files\WinZip\WZQKPICK.EXE [2008-9-10 525664]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableUIADesktopToggle"= 0 (0x0)

[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= "c:\program files\SUPERAntiSpyware\SASSEH.DLL" [2008-05-13 77824]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\!SASWinLogon]
2009-09-03 13:21    548352    ----a-w-    c:\program files\SUPERAntiSpyware\SASWINLO.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Lavasoft Ad-Aware Service]
@="Service"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend]
@="Service"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CurseClient]
2008-01-30 20:33    477696    ----a-w-    c:\program files\Curse\CurseClient.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite]
2008-04-01 09:39    486856    ----a-w-    c:\program files\DAEMON Tools Lite\daemon.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Eraser]
2010-04-10 06:45    979344    ----a-w-    c:\program files\Eraser\Eraser.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Sidebar]
2008-01-19 07:33    1233920    ----a-w-    c:\program files\Windows Sidebar\sidebar.exe

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring]
"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\McAfeeAntiSpyware]
"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]
"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]
"DisableMonitoring"=dword:00000001

R2 gupdate;Tjenesten Google Update (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [2010-05-27 136176]
R3 CtClsFlt;Creative Camera Class Upper Filter Driver;c:\windows\system32\DRIVERS\CtClsFlt.sys [2009-08-21 143936]
R3 USBAAPL;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl.sys [2009-08-28 40448]
R3 V0520Vid;Creative Camera VF0520 Driver;c:\windows\system32\DRIVERS\V0520Vid.sys [2009-10-11 246240]
R3 vtany;vtany;c:\windows\vtany.sys [2009-10-07 19584]
R3 xhunter1;xhunter1;c:\windows\xhunter1.sys [x]
R4 sptd;sptd;c:\windows\system32\Drivers\sptd.sys [2008-04-24 717296]
S0 Lbd;Lbd;c:\windows\system32\DRIVERS\Lbd.sys [2010-07-12 64288]
S1 SASDIFSV;SASDIFSV;c:\program files\SUPERAntiSpyware\SASDIFSV.SYS [2010-02-17 12872]
S1 SASKUTIL;SASKUTIL;c:\program files\SUPERAntiSpyware\SASKUTIL.sys [2010-05-27 67656]
S2 Lavasoft Ad-Aware Service;Lavasoft Ad-Aware Service;c:\program files\Lavasoft\Ad-Aware\AAWService.exe [2010-07-12 1352832]
S2 SBSDWSCService;SBSD Security Center Service;c:\program files\Spybot - Search & Destroy\SDWinSec.exe [2009-01-26 1153368]
S2 TunngleService;TunngleService;c:\program files\Tunngle\TnglCtrl.exe [2010-03-23 704760]
S3 tap0901t;TAP-Win32 Adapter V9 (Tunngle);c:\windows\system32\DRIVERS\tap0901t.sys [2009-09-16 27136]


[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
HPZ12    REG_MULTI_SZ      Pml Driver HPZ12 Net Driver HPZ12
hpdevmgmt    REG_MULTI_SZ      hpqcxs08 hpqddsvc
.
Indhold af mappen 'Planlagte Opgaver'

2010-07-22 c:\windows\Tasks\Ad-Aware Update (Weekly).job
- c:\program files\Lavasoft\Ad-Aware\Ad-AwareAdmin.exe [2010-07-12 08:55]

2010-07-22 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-05-27 13:50]

2010-07-22 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-05-27 13:50]
.
.
------- Yderligere scanning -------
.
uStart Page = hxxp://www.bold.dk/
mStart Page = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=da_dk&c=81&bd=Pavilion&pf=desktop
uInternet Settings,ProxyOverride = *.local
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~3\Office12\EXCEL.EXE/3000
IE: Google Sidewiki ... - c:\program files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_89D8574934B26AC4.dll/cmsidewiki.html
Trusted Zone: danskebank.dk
FF - ProfilePath - c:\users\Jan\AppData\Roaming\Mozilla\Firefox\Profiles\2unrkq9b.default\
FF - prefs.js: browser.search.defaulturl - hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2009787&SearchSource=3&q={searchTerms}
FF - prefs.js: browser.search.selectedEngine - softonicen Customized Web Search
FF - prefs.js: browser.startup.homepage - hxxp://www.facebook.com
FF - prefs.js: keyword.URL - hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2009787&q=
FF - plugin: c:\program files\Google\Google Earth\plugin\npgeplugin.dll
FF - plugin: c:\program files\Google\Update\1.2.183.29\npGoogleOneClick8.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\np-mswmp.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\npGoogleGadgetPluginFirefoxWin.dll
.

**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2010-07-22 05:55
Windows 6.0.6001 Service Pack 1 NTFS

scanner skjulte processer ... 

scanner skjulte autostarter ...

scanner skjulte filer ... 

scanning gennemført med succes
skjulte filer: 0

**************************************************************************
.
--------------------- LÅSTE REGISTRERINGS NØGLER ---------------------

[HKEY_USERS\S-1-5-21-2214416905-1292004739-3297873169-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.032\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 9.0.032"

[HKEY_USERS\S-1-5-21-2214416905-1292004739-3297873169-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ani\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 9.0.ani"

[HKEY_USERS\S-1-5-21-2214416905-1292004739-3297873169-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.bay\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 9.0.bay"

[HKEY_USERS\S-1-5-21-2214416905-1292004739-3297873169-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.bmp\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 9.0.bmp"

[HKEY_USERS\S-1-5-21-2214416905-1292004739-3297873169-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.bw\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 9.0.bw"

[HKEY_USERS\S-1-5-21-2214416905-1292004739-3297873169-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.bwf\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 9.0.bwf"

[HKEY_USERS\S-1-5-21-2214416905-1292004739-3297873169-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.caf\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 9.0.caf"

[HKEY_USERS\S-1-5-21-2214416905-1292004739-3297873169-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.cel\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 9.0.cel"

[HKEY_USERS\S-1-5-21-2214416905-1292004739-3297873169-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.cr2\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 9.0.cr2"

[HKEY_USERS\S-1-5-21-2214416905-1292004739-3297873169-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.crw\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 9.0.crw"

[HKEY_USERS\S-1-5-21-2214416905-1292004739-3297873169-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.cs1\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 9.0.cs1"

[HKEY_USERS\S-1-5-21-2214416905-1292004739-3297873169-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.cur\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 9.0.cur"

[HKEY_USERS\S-1-5-21-2214416905-1292004739-3297873169-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.dcr\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 9.0.dcr"

[HKEY_USERS\S-1-5-21-2214416905-1292004739-3297873169-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.dcx\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 9.0.dcx"

[HKEY_USERS\S-1-5-21-2214416905-1292004739-3297873169-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.dib\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 9.0.dib"

[HKEY_USERS\S-1-5-21-2214416905-1292004739-3297873169-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.djv\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 9.0.djv"

[HKEY_USERS\S-1-5-21-2214416905-1292004739-3297873169-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.djvu\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 9.0.djvu"

[HKEY_USERS\S-1-5-21-2214416905-1292004739-3297873169-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.dng\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 9.0.dng"

[HKEY_USERS\S-1-5-21-2214416905-1292004739-3297873169-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.emf\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 9.0.emf"

[HKEY_USERS\S-1-5-21-2214416905-1292004739-3297873169-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.eps\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 9.0.eps"

[HKEY_USERS\S-1-5-21-2214416905-1292004739-3297873169-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.erf\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 9.0.erf"

[HKEY_USERS\S-1-5-21-2214416905-1292004739-3297873169-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.fff\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 9.0.fff"

[HKEY_USERS\S-1-5-21-2214416905-1292004739-3297873169-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.flc\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 9.0.flc"

[HKEY_USERS\S-1-5-21-2214416905-1292004739-3297873169-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.fli\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 9.0.fli"

[HKEY_USERS\S-1-5-21-2214416905-1292004739-3297873169-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.fpx\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 9.0.fpx"

[HKEY_USERS\S-1-5-21-2214416905-1292004739-3297873169-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.gif\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 9.0.gif"

[HKEY_USERS\S-1-5-21-2214416905-1292004739-3297873169-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.gsm\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 9.0.gsm"

[HKEY_USERS\S-1-5-21-2214416905-1292004739-3297873169-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.icl\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 9.0.icl"

[HKEY_USERS\S-1-5-21-2214416905-1292004739-3297873169-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.icn\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 9.0.icn"

[HKEY_USERS\S-1-5-21-2214416905-1292004739-3297873169-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ico\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 9.0.ico"

[HKEY_USERS\S-1-5-21-2214416905-1292004739-3297873169-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.iff\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 9.0.iff"

[HKEY_USERS\S-1-5-21-2214416905-1292004739-3297873169-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ilbm\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 9.0.ilbm"

[HKEY_USERS\S-1-5-21-2214416905-1292004739-3297873169-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.int\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 9.0.int"

[HKEY_USERS\S-1-5-21-2214416905-1292004739-3297873169-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.inta\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 9.0.inta"

[HKEY_USERS\S-1-5-21-2214416905-1292004739-3297873169-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.iw4\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 9.0.iw4"

[HKEY_USERS\S-1-5-21-2214416905-1292004739-3297873169-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.j2c\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 9.0.j2c"

[HKEY_USERS\S-1-5-21-2214416905-1292004739-3297873169-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.j2k\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 9.0.j2k"

[HKEY_USERS\S-1-5-21-2214416905-1292004739-3297873169-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jfif\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 9.0.jfif"

[HKEY_USERS\S-1-5-21-2214416905-1292004739-3297873169-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jif\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 9.0.jif"

[HKEY_USERS\S-1-5-21-2214416905-1292004739-3297873169-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jp2\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 9.0.jp2"

[HKEY_USERS\S-1-5-21-2214416905-1292004739-3297873169-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jpc\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 9.0.jpc"

[HKEY_USERS\S-1-5-21-2214416905-1292004739-3297873169-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jpe\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 9.0.jpe"

[HKEY_USERS\S-1-5-21-2214416905-1292004739-3297873169-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jpeg\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 9.0.jpeg"

[HKEY_USERS\S-1-5-21-2214416905-1292004739-3297873169-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jpg\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 9.0.jpg"

[HKEY_USERS\S-1-5-21-2214416905-1292004739-3297873169-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jpk\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 9.0.jpk"

[HKEY_USERS\S-1-5-21-2214416905-1292004739-3297873169-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jpx\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 9.0.jpx"

[HKEY_USERS\S-1-5-21-2214416905-1292004739-3297873169-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.kar\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 9.0.kar"

[HKEY_USERS\S-1-5-21-2214416905-1292004739-3297873169-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.lbm\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 9.0.lbm"

[HKEY_USERS\S-1-5-21-2214416905-1292004739-3297873169-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.m15\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 9.0.m15"

[HKEY_USERS\S-1-5-21-2214416905-1292004739-3297873169-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.m1a\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 9.0.m1a"

[HKEY_USERS\S-1-5-21-2214416905-1292004739-3297873169-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.m2a\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 9.0.m2a"

[HKEY_USERS\S-1-5-21-2214416905-1292004739-3297873169-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.m75\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 9.0.m75"

[HKEY_USERS\S-1-5-21-2214416905-1292004739-3297873169-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mos\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 9.0.mos"

[HKEY_USERS\S-1-5-21-2214416905-1292004739-3297873169-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mpv\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 9.0.mpv"

[HKEY_USERS\S-1-5-21-2214416905-1292004739-3297873169-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mrw\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 9.0.mrw"

[HKEY_USERS\S-1-5-21-2214416905-1292004739-3297873169-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.nef\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 9.0.nef"

[HKEY_USERS\S-1-5-21-2214416905-1292004739-3297873169-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.orf\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 9.0.orf"

[HKEY_USERS\S-1-5-21-2214416905-1292004739-3297873169-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pbm\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 9.0.pbm"

[HKEY_USERS\S-1-5-21-2214416905-1292004739-3297873169-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pcd\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 9.0.pcd"

[HKEY_USERS\S-1-5-21-2214416905-1292004739-3297873169-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pct\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 9.0.pct"

[HKEY_USERS\S-1-5-21-2214416905-1292004739-3297873169-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pcx\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 9.0.pcx"

[HKEY_USERS\S-1-5-21-2214416905-1292004739-3297873169-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pef\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 9.0.pef"

[HKEY_USERS\S-1-5-21-2214416905-1292004739-3297873169-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pgm\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 9.0.pgm"

[HKEY_USERS\S-1-5-21-2214416905-1292004739-3297873169-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pic\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 9.0.pic"

[HKEY_USERS\S-1-5-21-2214416905-1292004739-3297873169-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pics\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 9.0.pics"

[HKEY_USERS\S-1-5-21-2214416905-1292004739-3297873169-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pict\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 9.0.pict"

[HKEY_USERS\S-1-5-21-2214416905-1292004739-3297873169-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pix\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 9.0.pix"

[HKEY_USERS\S-1-5-21-2214416905-1292004739-3297873169-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.png\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 9.0.png"

[HKEY_USERS\S-1-5-21-2214416905-1292004739-3297873169-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ppm\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 9.0.ppm"

[HKEY_USERS\S-1-5-21-2214416905-1292004739-3297873169-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.psd\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 9.0.psd"

[HKEY_USERS\S-1-5-21-2214416905-1292004739-3297873169-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.psp\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 9.0.psp"

[HKEY_USERS\S-1-5-21-2214416905-1292004739-3297873169-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.qcp\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 9.0.qcp"

[HKEY_USERS\S-1-5-21-2214416905-1292004739-3297873169-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.qtpf\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 9.0.qtpf"

[HKEY_USERS\S-1-5-21-2214416905-1292004739-3297873169-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.raf\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 9.0.raf"

[HKEY_USERS\S-1-5-21-2214416905-1292004739-3297873169-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ras\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 9.0.ras"

[HKEY_USERS\S-1-5-21-2214416905-1292004739-3297873169-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.raw\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 9.0.raw"

[HKEY_USERS\S-1-5-21-2214416905-1292004739-3297873169-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.rgb\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 9.0.rgb"

[HKEY_USERS\S-1-5-21-2214416905-1292004739-3297873169-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.rgba\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 9.0.rgba"

[HKEY_USERS\S-1-5-21-2214416905-1292004739-3297873169-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.rle\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 9.0.rle"

[HKEY_USERS\S-1-5-21-2214416905-1292004739-3297873169-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.rsb\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 9.0.rsb"

[HKEY_USERS\S-1-5-21-2214416905-1292004739-3297873169-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.sfil\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 9.0.sfil"

[HKEY_USERS\S-1-5-21-2214416905-1292004739-3297873169-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.sgi\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 9.0.sgi"

[HKEY_USERS\S-1-5-21-2214416905-1292004739-3297873169-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.sml\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 9.0.sml"

[HKEY_USERS\S-1-5-21-2214416905-1292004739-3297873169-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.sr2\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 9.0.sr2"

[HKEY_USERS\S-1-5-21-2214416905-1292004739-3297873169-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.srf\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 9.0.srf"

[HKEY_USERS\S-1-5-21-2214416905-1292004739-3297873169-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.swa\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 9.0.swa"

[HKEY_USERS\S-1-5-21-2214416905-1292004739-3297873169-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.tga\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 9.0.tga"

[HKEY_USERS\S-1-5-21-2214416905-1292004739-3297873169-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.thm\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 9.0.thm"

[HKEY_USERS\S-1-5-21-2214416905-1292004739-3297873169-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.tif\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 9.0.tif"

[HKEY_USERS\S-1-5-21-2214416905-1292004739-3297873169-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.tiff\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 9.0.tiff"

[HKEY_USERS\S-1-5-21-2214416905-1292004739-3297873169-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ttc\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 9.0.ttc"

[HKEY_USERS\S-1-5-21-2214416905-1292004739-3297873169-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ttf\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 9.0.ttf"

[HKEY_USERS\S-1-5-21-2214416905-1292004739-3297873169-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ulw\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 9.0.ulw"

[HKEY_USERS\S-1-5-21-2214416905-1292004739-3297873169-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.v9o\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 9.0.v9o"

[HKEY_USERS\S-1-5-21-2214416905-1292004739-3297873169-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.v9p\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 9.0.v9p"

[HKEY_USERS\S-1-5-21-2214416905-1292004739-3297873169-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.v9pf\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 9.0.v9pf"

[HKEY_USERS\S-1-5-21-2214416905-1292004739-3297873169-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.vfw\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 9.0.vfw"

[HKEY_USERS\S-1-5-21-2214416905-1292004739-3297873169-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.wbm\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 9.0.wbm"

[HKEY_USERS\S-1-5-21-2214416905-1292004739-3297873169-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.wbmp\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 9.0.wbmp"

[HKEY_USERS\S-1-5-21-2214416905-1292004739-3297873169-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.wmf\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 9.0.wmf"

[HKEY_USERS\S-1-5-21-2214416905-1292004739-3297873169-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xbm\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 9.0.xbm"

[HKEY_USERS\S-1-5-21-2214416905-1292004739-3297873169-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xif\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 9.0.xif"

[HKEY_USERS\S-1-5-21-2214416905-1292004739-3297873169-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xpm\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 9.0.xpm"
.
--------------------- DLLs startet under kørende Processer ---------------------

- - - - - - - > 'Explorer.exe'(3200)
c:\program files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
c:\program files\Spybot - Search & Destroy\SDHelper.dll
.
------------------------ Andre kørende processer ------------------------
.
c:\windows\system32\Ati2evxx.exe
c:\windows\system32\Ati2evxx.exe
c:\program files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
c:\program files\Bonjour\mDNSResponder.exe
c:\windows\system32\crypserv.exe
c:\program files\Common Files\LightScribe\LSSrvc.exe
c:\program files\Nero\Nero8\Nero BackItUp\NBService.exe
c:\windows\system32\WUDFHost.exe
c:\windows\system32\wbem\unsecapp.exe
c:\windows\system32\conime.exe
c:\program files\Hewlett-Packard\HP Health Check\hphc_service.exe
c:\windows\servicing\TrustedInstaller.exe
c:\program files\Windows Media Player\wmpnetwk.exe
.
**************************************************************************
.
Gennemført tid: 2010-07-22  06:03:36 - maskinen blev genstartet
ComboFix-quarantined-files.txt  2010-07-22 04:03
ComboFix2.txt  2010-07-20 13:07

Pre-Kørsel: 108.223.815.680 byte ledig
Post-Kørsel: 109.832.015.872 byte ledig

- - End Of File - - D4E58BC37B71F3E377C12E317F158D58

Det ser faktisk fornuftigt ud. Hvordan kører PCen nu?

tja. altså mærkede intet til viruserne før.. opdagede dem kun ved at min spille account blev hacked.

men den virker en smule hurtigere. dog er der det problem at når jeg prøver at spille world of warcraft så lukker den ned med det samme og sådan her kommer frem

Forhindring af datakørsel

Prøv lige at køre en tur med CCleaner (Renser og Register)

Du kører med for meget Antispyware. Du skal ha' et Antivirus, en Antispyware + en Firewall.

http://www.avast.com/ (...)

http://www.pctools.com/ (...)

Bare et forslag.