Ser listan bra ut? Har en känsla på att jag har vi

30 augusti, 2007

Logfile of Trend Micro HijackThis v2.0.2

Scan saved at 16:09:22, on 2007-08-30

Platform: Windows XP SP2 (WinNT 5.01.2600)

MSIE: Internet Explorer v7.00 (7.00.6000.16512)

Boot mode: Normal

Running processes:

C:\WINDOWS\System32\smss.exe

C:\WINDOWS\system32\winlogon.exe

C:\WINDOWS\system32\services.exe

C:\WINDOWS\system32\lsass.exe

C:\WINDOWS\system32\svchost.exe

C:\Program\Windows Defender\MsMpEng.exe

C:\WINDOWS\System32\svchost.exe

C:\WINDOWS\system32\spoolsv.exe

C:\Program\Delade filer\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe

C:\Program\Bonjour\mDNSResponder.exe

C:\WINDOWS\system32\CTsvcCDA.exe

C:\Program\Intel\Intel Matrix Storage Manager\iaantmon.exe

C:\Program\Delade filer\McAfee\HackerWatch\HWAPI.exe

C:\Program\McAfee\MSC\mcmscsvc.exe

c:\program\delade filer\mcafee\mna\mcnasvc.exe

C:\Program\McAfee\VIRUSS~1\mcods.exe

C:\Program\McAfee\MSC\mcpromgr.exe

c:\program\DELADE~1\mcafee\mcproxy\mcproxy.exe

c:\program\DELADE~1\mcafee\redirsvc\redirsvc.exe

C:\Program\McAfee\VIRUSS~1\mcsysmon.exe

C:\Program\Delade filer\Microsoft Shared\VS7DEBUG\MDM.EXE

C:\Program\McAfee\MPF\MPFSrv.exe

C:\Program\McAfee\MPS\mps.exe

C:\Program\McAfee\MSK\MskSrver.exe

C:\Program\NVIDIA Corporation\nTune\nTuneService.exe

C:\WINDOWS\system32\PRISMSVC.EXE

C:\Program\Retrospect\Retrospect 7.5\retrorun.exe

C:\Program\SiteAdvisor\6066\SAService.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\Explorer.EXE

C:\WINDOWS\system32\PRISMSVR.EXE

C:\Program\McAfee\MPS\mpsevh.exe

C:\WINDOWS\system32\WDBtnMgr.exe

C:\Program\Creative\VoiceCenter\AndreaVC.exe

C:\Program\Delade filer\Real\Update_OB\realsched.exe

C:\Program\Java\jre1.6.0_02\bin\jusched.exe

C:\Program\SiteAdvisor\6066\SiteAdv.exe

C:\WINDOWS\stsystra.exe

C:\WINDOWS\system32\RUNDLL32.EXE

C:\WINDOWS\system32\rundll32.exe

C:\Program\McAfee\MSK\MskAgent.exe

C:\WINDOWS\system32\Rundll32.exe

C:\Program\iTunes\iTunesHelper.exe

C:\Program\Intel\Intel Matrix Storage Manager\iaanotif.exe

C:\WINDOWS\TBPanel.exe

C:\Program\Synthetic Aperture\Echo Fire\Support\Echo Fire Server.exe

C:\Program\Dell\Media Experience\DMXLauncher.exe

C:\WINDOWS\System32\DLA\DLACTRLW.EXE

C:\Program\Creative\SBAudigy\Surround Mixer\CTSysVol.exe

C:\Program\Corel\Corel Photo Album 6\MediaDetect.exe

C:\DOCUME~1\WebbTV\LOKALA~1\Temp\clclean.0001

C:\Program\Adobe\Photoshop Album Starter Edition\3.2\Apps\apdproxy.exe

C:\Program\Windows Defender\MSASCui.exe

C:\Program\Uniblue\RegistryBooster 2\RegistryBooster.exe

C:\Program\Delade filer\Creative Labs Shared\Service\CreativeLicensing.exe

C:\WINDOWS\system32\ctfmon.exe

C:\Program\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe

C:\Program\DellSupport\DSAgnt.exe

C:\Program\Creative\MediaSource\Detector\CTDetect.exe

C:\Program\Dell Wireless\PRISMCFG.exe

C:\Program\WinZip\WZQKPICK.EXE

C:\Program\iPod\bin\iPodService.exe

C:\Program\McAfee\VIRUSS~1\mcshield.exe

C:\Program\DELADE~1\McAfee\EmProxy\emproxy.exe

c:\program\mcafee\VIRUSS~1\mcvsshld.exe

C:\Program\Trend Micro\HijackThis\HijackThis.exe

C:\Program\Internet Explorer\IEXPLORE.EXE

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896'>http://go.microsoft.com/fwlink/?LinkId=54896'>http://go.microsoft.com/fwlink/?LinkId=54896

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.vgdl.org/

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157'>http://go.microsoft.com/fwlink/?LinkId=69157

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =

R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Länkar

O2 - BHO: SnagIt Toolbar Loader - {00C6482D-C502-44C8-8409-FCE54AD9C208} - C:\Program\TechSmith\SnagIt 8\SnagItBHO.dll

O2 - BHO: Länkhjälp till Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program\Delade filer\Adobe\Acrobat\ActiveX\AcroIEHelper.dll

O2 - BHO: (no name) - {089FD14D-132B-48FC-8861-0048AE113215} - C:\Program\SiteAdvisor\6066\SiteAdv.dll

O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program\SPYBOT~1\SDHelper.dll

O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\System32\DLA\DLASHX_W.DLL

O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program\Java\jre1.6.0_02\bin\ssv.dll

O2 - BHO: scriptproxy - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - c:\program\mcafee\virusscan\scriptcl.dll

O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program\google\googletoolbar3.dll

O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll

O3 - Toolbar: SnagIt - {8FF5E183-ABDE-46EB-B09E-D2AAB95CABE3} - C:\Program\TechSmith\SnagIt 8\SnagItIEAddin.dll

O3 - Toolbar: Systran50premi.IEPlugIn - {9A0844DB-84CF-4440-BDB1-1F4F7C4F7FB0} - C:\Program\SYSTRAN\5.0\Premium\IEPlugIn.dll

O3 - Toolbar: McAfee SiteAdvisor - {0BF43445-2F28-4351-9252-17FE6E806AA0} - C:\Program\SiteAdvisor\6066\SiteAdv.dll

O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program\google\googletoolbar3.dll

O4 - HKLM\..\Run: [WD Button Manager] WDBtnMgr.exe

O4 - HKLM\..\Run: [VoiceCenter] "C:\Program\Creative\VoiceCenter\AndreaVC.exe" /tray

O4 - HKLM\..\Run: [updReg] C:\WINDOWS\UpdReg.EXE

O4 - HKLM\..\Run: [TkBellExe] "C:\Program\Delade filer\Real\Update_OB\realsched.exe" -osboot

O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program\Java\jre1.6.0_02\bin\jusched.exe"

O4 - HKLM\..\Run: [siteAdvisor] C:\Program\SiteAdvisor\6066\SiteAdv.exe

O4 - HKLM\..\Run: [sigmatelSysTrayApp] stsystra.exe

O4 - HKLM\..\Run: [QuickTime Task] "C:\Program\QuickTime\qttask.exe" -atboottime

O4 - HKLM\..\Run: [nwiz] nwiz.exe /install

O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit

O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup

O4 - HKLM\..\Run: [MskAgentexe] C:\Program\McAfee\MSK\MskAgent.exe

O4 - HKLM\..\Run: [MBMon] Rundll32 CTMBHA.DLL,MBMon

O4 - HKLM\..\Run: [iTunesHelper] "C:\Program\iTunes\iTunesHelper.exe"

O4 - HKLM\..\Run: [iSUSScheduler] "C:\Program\Delade filer\InstallShield\UpdateService\issch.exe" -start

O4 - HKLM\..\Run: [iSUSPM Startup] "C:\Program\Delade filer\InstallShield\UpdateService\ISUSPM.exe" -startup

O4 - HKLM\..\Run: [iAAnotif] "C:\Program\Intel\Intel Matrix Storage Manager\iaanotif.exe"

O4 - HKLM\..\Run: [Gainward] C:\WINDOWS\TBPanel.exe /A

O4 - HKLM\..\Run: [Echo Fire Server] "C:\Program\Synthetic Aperture\Echo Fire\Support\Echo Fire Server.exe"

O4 - HKLM\..\Run: [DMXLauncher] "C:\Program\Dell\Media Experience\DMXLauncher.exe"

O4 - HKLM\..\Run: [DLA] C:\WINDOWS\System32\DLA\DLACTRLW.EXE

O4 - HKLM\..\Run: [CTSysVol] "C:\Program\Creative\SBAudigy\Surround Mixer\CTSysVol.exe" /r

O4 - HKLM\..\Run: [Corel Photo Downloader] "C:\Program\Corel\Corel Photo Album 6\MediaDetect.exe"

O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program\Adobe\Reader 8.0\Reader\Reader_sl.exe"

O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Program\Adobe\Photoshop Album Starter Edition\3.2\Apps\apdproxy.exe"

O4 - HKLM\..\Run: [MSrui] C:\windows\system32\msmrtmon.exe

O4 - HKLM\..\Run: [Windows Defender] "C:\Program\Windows Defender\MSASCui.exe" -hide

O4 - HKCU\..\Run: [uniblue RegistryBooster2] C:\Program\Uniblue\RegistryBooster 2\RegistryBooster.exe /S

O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe

O4 - HKCU\..\Run: [swg] C:\Program\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe

O4 - HKCU\..\Run: [setDefaultMIDI] MIDIDef.exe

O4 - HKCU\..\Run: [NVIDIA nTune] "C:\Program\NVIDIA Corporation\nTune\nTuneCmd.exe" clear

O4 - HKCU\..\Run: [DellSupport] "C:\Program\DellSupport\DSAgnt.exe" /startup

O4 - HKCU\..\Run: [Creative Detector] C:\Program\Creative\MediaSource\Detector\CTDetect.exe /R

O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOKAL TJÄNST')

O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')

O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')

O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')

O4 - Global Startup: Adobe Gamma.lnk = C:\Program\Delade filer\Adobe\Calibration\Adobe Gamma Loader.exe

O4 - Global Startup: Verktyg för trådlöst WLAN via USB 2.0-adapter.lnk = ?

O4 - Global Startup: WinZip Quick Pick.lnk = C:\Program\WinZip\WZQKPICK.EXE

O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program\Java\jre1.6.0_02\bin\npjpi160_02.dll

O9 - Extra 'Tools' menuitem: Sun Java-konsol - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program\Java\jre1.6.0_02\bin\npjpi160_02.dll

O9 - Extra button: Referensinformation - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Program\MICROS~3\OFFICE11\REFIEBAR.DLL

O16 - DPF: {9C024426-7859-4B2D-AB4C-B1E370AE7549} - http://se.mcafee.com/Apps/WSC/sv/WscWlanScannerCtrl.cab

O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab

O16 - DPF: {EF791A6B-FC12-4C68-99EF-FB9E207A39E6} (McFreeScan Class) - http://download.mcafee.com/molbin/iss-loc/mcfscan/2,2,0,5054/mcfscan.cab

O23 - Service: Adobe LM Service - Adobe Systems - C:\Program\Delade filer\Adobe Systems Shared\Service\Adobelmsvc.exe

O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program\Delade filer\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe

O23 - Service: ##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762## (Bonjour Service) - Apple Computer, Inc. - C:\Program\Bonjour\mDNSResponder.exe

O23 - Service: Creative Labs Licensing Service - Creative Labs - C:\Program\Delade filer\Creative Labs Shared\Service\CreativeLicensing.exe

O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\system32\CTsvcCDA.exe

O23 - Service: DSBrokerService - Unknown owner - C:\Program\DellSupport\brkrsvc.exe

O23 - Service: McAfee E-mail Proxy (Emproxy) - McAfee, Inc. - C:\Program\DELADE~1\McAfee\EmProxy\emproxy.exe

O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program\Delade filer\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe

O23 - Service: Google Updater Service (gusvc) - Google - C:\Program\Google\Common\Google Updater\GoogleUpdaterService.exe

O23 - Service: Intel® Matrix Storage Event Monitor (IAANTMon) - Intel Corporation - C:\Program\Intel\Intel Matrix Storage Manager\iaantmon.exe

O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program\Delade filer\InstallShield\Driver\11\Intel 32\IDriverT.exe

O23 - Service: iPod Service - Apple Inc. - C:\Program\iPod\bin\iPodService.exe

O23 - Service: McAfee HackerWatch Service - McAfee, Inc. - C:\Program\Delade filer\McAfee\HackerWatch\HWAPI.exe

O23 - Service: McAfee Update Manager (mcmispupdmgr) - McAfee, Inc. - C:\Program\McAfee\MSC\mcupdmgr.exe

O23 - Service: McAfee Services (mcmscsvc) - McAfee, Inc. - C:\Program\McAfee\MSC\mcmscsvc.exe

O23 - Service: McAfee Network Agent (McNASvc) - McAfee, Inc. - c:\program\delade filer\mcafee\mna\mcnasvc.exe

O23 - Service: McAfee Scanner (McODS) - McAfee, Inc. - C:\Program\McAfee\VIRUSS~1\mcods.exe

O23 - Service: McAfee Protection Manager (mcpromgr) - McAfee, Inc. - C:\Program\McAfee\MSC\mcpromgr.exe

O23 - Service: McAfee Proxy Service (McProxy) - McAfee, Inc. - c:\program\DELADE~1\mcafee\mcproxy\mcproxy.exe

O23 - Service: McAfee Redirector Service (McRedirector) - McAfee, Inc. - c:\program\DELADE~1\mcafee\redirsvc\redirsvc.exe

O23 - Service: McAfee Real-time Scanner (McShield) - McAfee, Inc. - C:\Program\McAfee\VIRUSS~1\mcshield.exe

O23 - Service: McAfee SystemGuards (McSysmon) - McAfee, Inc. - C:\Program\McAfee\VIRUSS~1\mcsysmon.exe

O23 - Service: McAfee Personal Firewall Service (MpfService) - McAfee, Inc. - C:\Program\McAfee\MPF\MPFSrv.exe

O23 - Service: McAfee Privacy Service (MPS9) - McAfee, Inc. - C:\Program\McAfee\MPS\mps.exe

O23 - Service: McAfee SpamKiller Service (MSK80Service) - McAfee Inc. - C:\Program\McAfee\MSK\MskSrver.exe

O23 - Service: Intel NCS NetService (NetSvc) - Intel® Corporation - C:\Program\Intel\PROSetWired\NCS\Sync\NetSvc.exe

O23 - Service: nTune Service (nTuneService) - NVIDIA - C:\Program\NVIDIA Corporation\nTune\nTuneService.exe

O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe

O23 - Service: PRISMSVC - Conexant Systems, Inc. - C:\WINDOWS\system32\PRISMSVC.EXE

O23 - Service: Retrospect Launcher (RetroLauncher) - EMC Corporation - C:\Program\Retrospect\Retrospect 7.5\retrorun.exe

O23 - Service: SiteAdvisor Service - McAfee, Inc. - C:\Program\SiteAdvisor\6066\SAService.exe

O23 - Service: Windows MS32workstation Service (Windows MS32workstation) - Unknown owner - c:\windows\ws32.exe

O23 - Service: GridIron X-Factor After Effects Peer #1 (XFACTORAE1) - Unknown owner - C:\Program\XLR8\xlr8d.exe (file missing)

--

End of file - 13593 bytes

30 augusti, 2007

först gör vi detta, start >kör >skriv: services.msc >ok

srolla ner till Windows MS32workstation Service >dubbelklicka på raden och välj stoppa och där det står startmetod väljer du *inaktiverad >ok

(lägg på minnet om den stog som manuell eller automatiskt innan du *ändra)

gå hit

http://www.bleepingcomputer.com/submit-malware.php?channel=27

skicka upp dessa filer

c:\windows\ws32.exe

C:\windows\system32\msmrtmon.exe

kopiera in detta i info rutan

O23 - Service: Windows MS32workstation Service (Windows MS32workstation) - Unknown owner - c:\windows\ws32.exe

O4 - HKLM\..\Run: [MSrui] C:\windows\system32\msmrtmon.exe

---

gör en scan med HJT, bocka för dessa rader

O23 - Service: Windows MS32workstation Service (Windows MS32workstation) - Unknown owner - c:\windows\ws32.exe

O4 - HKLM\..\Run: [MSrui] C:\windows\system32\msmrtmon.exe

klicka på knappen fix checked, ta bort filerna i exe filerna i felsäkert läge.

posta en ny HJT logg när du startat om

vet du om detta är ok:

C:\DOCUME~1\WebbTV\LOKALA~1\Temp\clclean.0001

31 augusti, 2007

Logfile of Trend Micro HijackThis v2.0.2

Scan saved at 09:22:48, on 2007-08-31

Platform: Windows XP SP2 (WinNT 5.01.2600)

MSIE: Internet Explorer v7.00 (7.00.6000.16512)

Boot mode: Normal

Running processes:

C:\WINDOWS\System32\smss.exe

C:\WINDOWS\system32\winlogon.exe

C:\WINDOWS\system32\services.exe

C:\WINDOWS\system32\lsass.exe

C:\WINDOWS\system32\svchost.exe

C:\Program\Windows Defender\MsMpEng.exe

C:\WINDOWS\System32\svchost.exe

C:\WINDOWS\system32\spoolsv.exe

C:\Program\Delade filer\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe

C:\Program\Bonjour\mDNSResponder.exe

C:\WINDOWS\system32\CTsvcCDA.exe

C:\Program\Intel\Intel Matrix Storage Manager\iaantmon.exe

C:\Program\Delade filer\McAfee\HackerWatch\HWAPI.exe

C:\Program\McAfee\MSC\mcmscsvc.exe

c:\program\delade filer\mcafee\mna\mcnasvc.exe

C:\Program\McAfee\VIRUSS~1\mcods.exe

C:\Program\McAfee\MSC\mcpromgr.exe

c:\program\DELADE~1\mcafee\mcproxy\mcproxy.exe

c:\program\DELADE~1\mcafee\redirsvc\redirsvc.exe

C:\Program\McAfee\VIRUSS~1\mcshield.exe

C:\Program\McAfee\VIRUSS~1\mcsysmon.exe

C:\Program\Delade filer\Microsoft Shared\VS7DEBUG\MDM.EXE

C:\Program\McAfee\MPF\MPFSrv.exe

C:\Program\McAfee\MPS\mps.exe

C:\Program\McAfee\MSK\MskSrver.exe

C:\Program\NVIDIA Corporation\nTune\nTuneService.exe

C:\WINDOWS\system32\nvsvc32.exe

C:\WINDOWS\system32\PRISMSVC.EXE

C:\Program\Retrospect\Retrospect 7.5\retrorun.exe

C:\Program\SiteAdvisor\6066\SAService.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\Explorer.EXE

C:\WINDOWS\system32\PRISMSVR.EXE

C:\WINDOWS\system32\wuauclt.exe

c:\program\mcafee.com\agent\mcagent.exe

C:\Program\McAfee\MPS\mpsevh.exe

C:\WINDOWS\system32\WDBtnMgr.exe

C:\Program\Creative\VoiceCenter\AndreaVC.exe

C:\Program\Delade filer\Real\Update_OB\realsched.exe

C:\Program\Java\jre1.6.0_02\bin\jusched.exe

C:\Program\SiteAdvisor\6066\SiteAdv.exe

C:\WINDOWS\stsystra.exe

C:\WINDOWS\system32\RUNDLL32.EXE

C:\Program\McAfee\MSK\MskAgent.exe

C:\WINDOWS\system32\Rundll32.exe

C:\Program\iTunes\iTunesHelper.exe

C:\Program\Intel\Intel Matrix Storage Manager\iaanotif.exe

C:\WINDOWS\TBPanel.exe

C:\Program\Synthetic Aperture\Echo Fire\Support\Echo Fire Server.exe

C:\Program\Dell\Media Experience\DMXLauncher.exe

C:\DOCUME~1\WebbTV\LOKALA~1\Temp\clclean.0001

C:\WINDOWS\System32\DLA\DLACTRLW.EXE

C:\Program\Creative\SBAudigy\Surround Mixer\CTSysVol.exe

C:\Program\Adobe\Photoshop Album Starter Edition\3.2\Apps\apdproxy.exe

C:\WINDOWS\system32\csrst.exe

C:\Program\Windows Defender\MSASCui.exe

C:\WINDOWS\system32\rundll32.exe

C:\Program\Uniblue\RegistryBooster 2\RegistryBooster.exe

C:\WINDOWS\system32\ctfmon.exe

C:\Program\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe

C:\Program\Delade filer\Creative Labs Shared\Service\CreativeLicensing.exe

C:\Program\DellSupport\DSAgnt.exe

C:\Program\Creative\MediaSource\Detector\CTDetect.exe

c:\windows\system32\nscpl.exe

C:\Program\Dell Wireless\PRISMCFG.exe

C:\Program\WinZip\WZQKPICK.EXE

C:\Program\iPod\bin\iPodService.exe

C:\WINDOWS\system32\msiexec.exe

C:\Program\Trend Micro\HijackThis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896'>http://go.microsoft.com/fwlink/?LinkId=54896'>http://go.microsoft.com/fwlink/?LinkId=54896

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =