Notifikationer

Markér alle som læst Log ud

kim-h Novice

15. december 2007 - 19:43 Der er 6 kommentarer og
1 løsning

Tjek hijackthis log

Det er erfterhånden længe siden jeg har fået tjekket en logfil.
Og min PC er ved at være lidt sløv igen, så måske ligger der noget og driller. + har lige hørt om virus på EB siden.
Så her er en log, som jeg gerne vil have tjekket, TAK.

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 19:36:20, on 15-12-2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16574)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\Programmer\Alwil Software\Avast4\aswUpdSv.exe
C:\Programmer\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\LEXBCES.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Programmer\Fælles filer\Acronis\Schedule2\schedul2.exe
C:\Programmer\Fælles filer\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\SearchIndexer.exe
C:\Programmer\Alwil Software\Avast4\ashMaiSv.exe
C:\Programmer\Alwil Software\Avast4\ashWebSv.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\Programmer\Analog Devices\Core\smax4pnp.exe
C:\Programmer\Fælles filer\Acronis\Schedule2\schedhlp.exe
C:\Programmer\Java\jre1.6.0_03\bin\jusched.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Programmer\ATI Technologies\ATI.ACE\CLI.EXE
C:\WINDOWS\system32\rundll32.exe
C:\Programmer\Microsoft Office\Office12\GrooveMonitor.exe
C:\WINDOWS\system32\ctfmon.exe
C:\PROGRA~1\MICROS~2\Office12\OUTLOOK.EXE
C:\Programmer\Google\Gmail Notifier\gnotify.exe
C:\Programmer\Multimedia Keyboard Driver\PS2USBKbdDrv.exe
C:\Programmer\Multimedia Mouse Driver\MouseDrv.exe
C:\Programmer\ATI Technologies\ATI.ACE\cli.exe
C:\Programmer\ATI Technologies\ATI.ACE\cli.exe
C:\Programmer\MSN Messenger\usnsvc.exe
C:\Programmer\iPod\bin\iPodService.exe
C:\Programmer\Microsoft Office\OFFICE11\FRONTPG.EXE
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\Documents and Settings\Kim\Skrivebord\PC rens\HiJackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.dk/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Hyperlinks
F2 - REG:system.ini: UserInit=userinit.exe,
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programmer\Fælles filer\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Programmer\Spybot - Search & Destroy\SDHelper.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Programmer\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programmer\Java\jre1.6.0_03\bin\ssv.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programmer\Fælles filer\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O4 - HKLM\..\Run: [ATIPTA] C:\Programmer\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [SoundMAXPnP] C:\Programmer\Analog Devices\Core\smax4pnp.exe
O4 - HKLM\..\Run: [Acronis Scheduler2 Service] "C:\Programmer\Fælles filer\Acronis\Schedule2\schedhlp.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Programmer\Java\jre1.6.0_03\bin\jusched.exe"
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [ATICCC] "C:\Programmer\ATI Technologies\ATI.ACE\CLIStart.exe"
O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
O4 - HKLM\..\Run: [WireLessKeyboard] C:\Programmer\Multimedia Keyboard Driver\StartAutorun.exe PS2USBKbdDrv.exe
O4 - HKLM\..\Run: [WireLessMouse] C:\Programmer\Multimedia Mouse Driver\StartAutorun.exe MouseDrv.exe
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Programmer\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Programmer\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Programmer\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOKAL TJENESTE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETVÆRKSTJENESTE')
O4 - HKUS\S-1-5-21-448539723-823518204-1801674531-1005\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe (User 'Familien')
O4 - HKUS\S-1-5-21-448539723-823518204-1801674531-1007\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe (User 'Katrine')
O4 - HKUS\S-1-5-21-448539723-823518204-1801674531-1009\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe (User 'Andreas')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - S-1-5-21-448539723-823518204-1801674531-1005 Startup: E-mail.lnk = ? (User 'Familien')
O4 - S-1-5-21-448539723-823518204-1801674531-1005 User Startup: E-mail.lnk = ? (User 'Familien')
O4 - Startup: E-mail.lnk = ?
O4 - Startup: Gmail Notifier.lnk = C:\Programmer\Google\Gmail Notifier\gnotify.exe
O8 - Extra context menu item: E&ksporter til Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Gem formularer - file://C:\Programmer\Siber Systems\AI RoboForm\RoboFormComSavePass.html
O8 - Extra context menu item: RF værktøjslinie - file://C:\Programmer\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html
O8 - Extra context menu item: Tilpas RF menu - file://C:\Programmer\Siber Systems\AI RoboForm\RoboFormComCustomizeIEMenu.html
O8 - Extra context menu item: Udfyld formularer - file://C:\Programmer\Siber Systems\AI RoboForm\RoboFormComFillForms.html
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programmer\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programmer\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra button: Adgangforalle.dk fjernbetjening - {0AD5A451-967F-46BD-9F5E-39247D7FC77F} - C:\Documents and Settings\Katrine\Skrivebord\adgangforalle.exe (file missing)
O9 - Extra 'Tools' menuitem: Adgangforalle.dk fjernbetjening - {0AD5A451-967F-46BD-9F5E-39247D7FC77F} - C:\Documents and Settings\Katrine\Skrivebord\adgangforalle.exe (file missing)
O9 - Extra button: Send til OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: S&end til OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: Opslag - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programmer\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programmer\Messenger\msmsgs.exe
O16 - DPF: {029FDBA6-3547-11D7-AA4C-0050BF051A00} (Rawflow ICD Client) - http://downol.dr.dk/download/netradio/Rawflow.cab
O16 - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} (QuickTime Object) - http://a1540.g.akamai.net/7/1540/52/20070711/qtinstall.info.apple.com/qtactivex/qtplugin.cab
O16 - DPF: {070CA17A-4BD2-4612-83B4-32B1B9159B47} - http://uc.sina.com.cn/download/live/weblive2.4.0.0.cab
O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://www.kaspersky.com/kos/eng/partner/default/kavwebscan_unicode.cab
O16 - DPF: {4ED9DDF0-7479-4BBE-9335-5A1EDB1D8A21} - http://download.mcafee.com/molbin/shared/mcinsctl/4,0,0,101/mcinsctl.cab
O16 - DPF: {C4925E65-7A1E-11D2-8BB4-00A0C9CC72C3} (Virtools WebPlayer Class) - http://a532.g.akamai.net/f/532/6712/4h/player.virtools.com/downloads/player/Install2.5/Installer.exe
O16 - DPF: {E8F628B5-259A-4734-97EE-BA914D7BE941} (Driver Agent ActiveX Control) - http://driveragent.com/files/driveragent.cab
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Programmer\Microsoft Office\Office12\GrooveSystemServices.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\FLLESF~1\Skype\SKYPE4~1.DLL
O23 - Service: Acronis Scheduler2 Service (AcrSch2Svc) - Acronis - C:\Programmer\Fælles filer\Acronis\Schedule2\schedul2.exe
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Programmer\Fælles filer\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Programmer\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Programmer\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Programmer\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Programmer\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Programmer\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: iPod-tjeneste (iPod Service) - Apple Inc. - C:\Programmer\iPod\bin\iPodService.exe
O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINDOWS\system32\LEXBCES.EXE
O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - CACE Technologies - C:\Programmer\WinPcap\rpcapd.exe
O23 - Service: ServiceLayer - Nokia. - C:\Programmer\PC Connectivity Solution\ServiceLayer.exe

--
End of file - 10199 bytes

Synes godt om

Computer Hjælp (Gratis) Mester

15. december 2007 - 20:14 #1

... Nu er der ikke alle (u)ønskede elementer som viser sig med en HiJackThis Log; hvis du har 'mod' på det som gennemfør proceduren herfra -> http://www.eksperten.dk/artikler/1123

------------------

Registreringsdatabase oprydning kan anbefales ->
RegCleaner http://www.ccleaner.com/ + http://www.spywarefri.dk/manualer/ccleaner-manual.htm (Specielt punktet [Register]...)
Under installationen får du tilbudt [Yahoo Toolbar]. Du kan sige ja eller NEJ til den.

Synes godt om

jne Nybegynder

16. december 2007 - 12:47 #2

tak for det enormt hurtige svar... Jeg vil lige se på hvad der står i artiklen 1123

Men tror du umiddelbart der er noget i min log fil?

Synes godt om

kim-h Novice

16. december 2007 - 13:35 #3

Jne, tror du ikke at du svare på et forkert indlæg ?
Dette indlæg er oprettet af kim-h.
Jeg har læst artiklen 1123, og er i fuld gang. Logfiler kommer senere.

Synes godt om

kim-h Novice

17. december 2007 - 23:05 #4

Så har jeg fulgt artikel 1123 og her kommer de 4 logfiler:

SUPERAntiSpyware Scan Log
http://www.superantispyware.com

Generated 12/16/2007 at 10:47 PM

Application Version : 3.7.1018

Core Rules Database Version : 3362
Trace Rules Database Version: 1361

Scan type : Complete Scan
Total Scan Time : 01:28:04

Memory items scanned : 190
Memory threats detected : 0
Registry items scanned : 7291
Registry threats detected : 0
File items scanned : 53400
File threats detected : 518

Adware.Tracking Cookie
C:\Documents and Settings\Andreas\Cookies\andreas@2o7[2].txt
C:\Documents and Settings\Andreas\Cookies\andreas@3.adbrite[1].txt
C:\Documents and Settings\Andreas\Cookies\andreas@4.adbrite[1].txt
C:\Documents and Settings\Andreas\Cookies\andreas@ad.adtoma[1].txt
C:\Documents and Settings\Andreas\Cookies\andreas@ad.yieldmanager[2].txt
C:\Documents and Settings\Andreas\Cookies\andreas@ad1.emediate[1].txt
C:\Documents and Settings\Andreas\Cookies\andreas@adbrite[2].txt
C:\Documents and Settings\Andreas\Cookies\andreas@adfair[2].txt
C:\Documents and Settings\Andreas\Cookies\andreas@adlegend[1].txt
C:\Documents and Settings\Andreas\Cookies\andreas@adopt.euroclick[1].txt
C:\Documents and Settings\Andreas\Cookies\andreas@adrevolver[2].txt
C:\Documents and Settings\Andreas\Cookies\andreas@ads.adbrite[3].txt
C:\Documents and Settings\Andreas\Cookies\andreas@ads.cartoonnetwork[2].txt
C:\Documents and Settings\Andreas\Cookies\andreas@ads.estart[1].txt
C:\Documents and Settings\Andreas\Cookies\andreas@ads.freeonlinegames[1].txt
C:\Documents and Settings\Andreas\Cookies\andreas@ads.gameforgeads[2].txt
C:\Documents and Settings\Andreas\Cookies\andreas@ads.gamesbannernet[1].txt
C:\Documents and Settings\Andreas\Cookies\andreas@ads.habbogroup[2].txt
C:\Documents and Settings\Andreas\Cookies\andreas@ads.habbohotel[2].txt
C:\Documents and Settings\Andreas\Cookies\andreas@ads.pointroll[2].txt
C:\Documents and Settings\Andreas\Cookies\andreas@ads.revsci[1].txt
C:\Documents and Settings\Andreas\Cookies\andreas@ads2.jubii[1].txt
C:\Documents and Settings\Andreas\Cookies\andreas@adserver.adreactor[1].txt
C:\Documents and Settings\Andreas\Cookies\andreas@adserver.banneradministration[2].txt
C:\Documents and Settings\Andreas\Cookies\andreas@adserver.spele[2].txt
C:\Documents and Settings\Andreas\Cookies\andreas@adtech[2].txt
C:\Documents and Settings\Andreas\Cookies\andreas@adv.tvnet[1].txt
C:\Documents and Settings\Andreas\Cookies\andreas@advertising[1].txt
C:\Documents and Settings\Andreas\Cookies\andreas@as-eu.falkag[1].txt
C:\Documents and Settings\Andreas\Cookies\andreas@as-us.falkag[1].txt
C:\Documents and Settings\Andreas\Cookies\andreas@atdmt[2].txt
C:\Documents and Settings\Andreas\Cookies\andreas@banner.gratis-ting[1].txt
C:\Documents and Settings\Andreas\Cookies\andreas@banners2.battleon[2].txt
C:\Documents and Settings\Andreas\Cookies\andreas@bluestreak[2].txt
C:\Documents and Settings\Andreas\Cookies\andreas@bs.serving-sys[1].txt
C:\Documents and Settings\Andreas\Cookies\andreas@burstnet[2].txt
C:\Documents and Settings\Andreas\Cookies\andreas@c5.zedo[2].txt
C:\Documents and Settings\Andreas\Cookies\andreas@casalemedia[2].txt
C:\Documents and Settings\Andreas\Cookies\andreas@clicktorrent[1].txt
C:\Documents and Settings\Andreas\Cookies\andreas@counter.cnw[1].txt
C:\Documents and Settings\Andreas\Cookies\andreas@cz7.clickzs[2].txt
C:\Documents and Settings\Andreas\Cookies\andreas@data2.perf.overture[1].txt
C:\Documents and Settings\Andreas\Cookies\andreas@doubleclick[1].txt
C:\Documents and Settings\Andreas\Cookies\andreas@eas.apm.emediate[1].txt
C:\Documents and Settings\Andreas\Cookies\andreas@eas4.emediate[2].txt
C:\Documents and Settings\Andreas\Cookies\andreas@edsa.122.2o7[1].txt
C:\Documents and Settings\Andreas\Cookies\andreas@ehg-dig.hitbox[2].txt
C:\Documents and Settings\Andreas\Cookies\andreas@ehg-discoverynetwork.hitbox[2].txt
C:\Documents and Settings\Andreas\Cookies\andreas@ehg-legonewyorkinc.hitbox[2].txt
C:\Documents and Settings\Andreas\Cookies\andreas@eyewonder[1].txt
C:\Documents and Settings\Andreas\Cookies\andreas@fastclick[1].txt
C:\Documents and Settings\Andreas\Cookies\andreas@hitbox[1].txt
C:\Documents and Settings\Andreas\Cookies\andreas@i.screensavers[1].txt
C:\Documents and Settings\Andreas\Cookies\andreas@ilead.itrack[1].txt
C:\Documents and Settings\Andreas\Cookies\andreas@image.masterstats[1].txt
C:\Documents and Settings\Andreas\Cookies\andreas@imrworldwide[1].txt
C:\Documents and Settings\Andreas\Cookies\andreas@indextools[1].txt
C:\Documents and Settings\Andreas\Cookies\andreas@kanoodle[1].txt
C:\Documents and Settings\Andreas\Cookies\andreas@media.adrevolver[2].txt
C:\Documents and Settings\Andreas\Cookies\andreas@mediaplex[1].txt
C:\Documents and Settings\Andreas\Cookies\andreas@mtg.banneradministration[2].txt
C:\Documents and Settings\Andreas\Cookies\andreas@nextag[2].txt
C:\Documents and Settings\Andreas\Cookies\andreas@overture[1].txt
C:\Documents and Settings\Andreas\Cookies\andreas@perf.overture[1].txt
C:\Documents and Settings\Andreas\Cookies\andreas@pro-market[1].txt
C:\Documents and Settings\Andreas\Cookies\andreas@questionmarket[1].txt
C:\Documents and Settings\Andreas\Cookies\andreas@rc2corp.112.2o7[1].txt
C:\Documents and Settings\Andreas\Cookies\andreas@screensavers[2].txt
C:\Documents and Settings\Andreas\Cookies\andreas@server.cpmstar[2].txt
C:\Documents and Settings\Andreas\Cookies\andreas@serving-sys[1].txt
C:\Documents and Settings\Andreas\Cookies\andreas@stat.inleadmedia[1].txt
C:\Documents and Settings\Andreas\Cookies\andreas@stat.onestat[2].txt
C:\Documents and Settings\Andreas\Cookies\andreas@statcounter[2].txt
C:\Documents and Settings\Andreas\Cookies\andreas@stats.channel4[1].txt
C:\Documents and Settings\Andreas\Cookies\andreas@stats1.reliablestats[1].txt
C:\Documents and Settings\Andreas\Cookies\andreas@targetnet[2].txt
C:\Documents and Settings\Andreas\Cookies\andreas@toplist[1].txt
C:\Documents and Settings\Andreas\Cookies\andreas@track.adform[2].txt
C:\Documents and Settings\Andreas\Cookies\andreas@tradedoubler[2].txt
C:\Documents and Settings\Andreas\Cookies\andreas@tribalfusion[2].txt
C:\Documents and Settings\Andreas\Cookies\andreas@valueclick[2].txt
C:\Documents and Settings\Andreas\Cookies\andreas@wrigley.122.2o7[1].txt
C:\Documents and Settings\Andreas\Cookies\andreas@www.burstnet[2].txt
C:\Documents and Settings\Andreas\Cookies\andreas@www.dotbanner[2].txt
C:\Documents and Settings\Andreas\Cookies\andreas@www.googleadservices[1].txt
C:\Documents and Settings\Andreas\Cookies\andreas@www.macromedia[1].txt
C:\Documents and Settings\Andreas\Cookies\andreas@www.pstats[1].txt
C:\Documents and Settings\Andreas\Cookies\andreas@www.screensavers[1].txt
C:\Documents and Settings\Andreas\Cookies\andreas@www.tns-counter[2].txt
C:\Documents and Settings\Andreas\Cookies\andreas@www2.addfreestats[2].txt
C:\Documents and Settings\Andreas\Cookies\andreas@www3.addfreestats[1].txt
C:\Documents and Settings\Andreas\Cookies\andreas@www4.addfreestats[2].txt
C:\Documents and Settings\Andreas\Cookies\andreas@www6.addfreestats[2].txt
C:\Documents and Settings\Andreas\Cookies\andreas@www8.addfreestats[1].txt
C:\Documents and Settings\Andreas\Cookies\andreas@xiti[1].txt
C:\Documents and Settings\Andreas\Cookies\andreas@yadro[1].txt
C:\Documents and Settings\Andreas\Cookies\andreas@zedo[2].txt
C:\Documents and Settings\Familien\Cookies\familien@247realmedia[1].txt
C:\Documents and Settings\Familien\Cookies\familien@2o7[2].txt
C:\Documents and Settings\Familien\Cookies\familien@3.adbrite[1].txt
C:\Documents and Settings\Familien\Cookies\familien@4.adbrite[2].txt
C:\Documents and Settings\Familien\Cookies\familien@4.adbrite[3].txt
C:\Documents and Settings\Familien\Cookies\familien@ad.adnetinteractive[2].txt
C:\Documents and Settings\Familien\Cookies\familien@ad.adtoma[1].txt
C:\Documents and Settings\Familien\Cookies\familien@ad.ofir[1].txt
C:\Documents and Settings\Familien\Cookies\familien@ad.uk.tangozebra[1].txt
C:\Documents and Settings\Familien\Cookies\familien@ad.yieldmanager[2].txt
C:\Documents and Settings\Familien\Cookies\familien@ad.zanox[1].txt
C:\Documents and Settings\Familien\Cookies\familien@ad1.emediate[1].txt
C:\Documents and Settings\Familien\Cookies\familien@ad1.hardware[1].txt
C:\Documents and Settings\Familien\Cookies\familien@adbrite[2].txt
C:\Documents and Settings\Familien\Cookies\familien@adecn[2].txt
C:\Documents and Settings\Familien\Cookies\familien@adfair[2].txt
C:\Documents and Settings\Familien\Cookies\familien@adfarm1.adition[1].txt
C:\Documents and Settings\Familien\Cookies\familien@adlegend[2].txt
C:\Documents and Settings\Familien\Cookies\familien@admarketplace[1].txt
C:\Documents and Settings\Familien\Cookies\familien@adopt.euroclick[2].txt
C:\Documents and Settings\Familien\Cookies\familien@adopt.hbmediapro[1].txt
C:\Documents and Settings\Familien\Cookies\familien@adrevolver[1].txt
C:\Documents and Settings\Familien\Cookies\familien@ads.adbrite[1].txt
C:\Documents and Settings\Familien\Cookies\familien@ads.as4x.tmcs[1].txt
C:\Documents and Settings\Familien\Cookies\familien@ads.boats[2].txt
C:\Documents and Settings\Familien\Cookies\familien@ads.cartoonnetwork[1].txt
C:\Documents and Settings\Familien\Cookies\familien@ads.freeonlinegames[1].txt
C:\Documents and Settings\Familien\Cookies\familien@ads.freeway[2].txt
C:\Documents and Settings\Familien\Cookies\familien@ads.gameforgeads[1].txt
C:\Documents and Settings\Familien\Cookies\familien@ads.gamesbannernet[1].txt
C:\Documents and Settings\Familien\Cookies\familien@ads.habbogroup[1].txt
C:\Documents and Settings\Familien\Cookies\familien@ads.habbohotel[1].txt
C:\Documents and Settings\Familien\Cookies\familien@ads.heias[1].txt
C:\Documents and Settings\Familien\Cookies\familien@ads.planetactive[1].txt
C:\Documents and Settings\Familien\Cookies\familien@ads.pointroll[2].txt
C:\Documents and Settings\Familien\Cookies\familien@ads.realtechnetwork[2].txt
C:\Documents and Settings\Familien\Cookies\familien@ads.revsci[1].txt
C:\Documents and Settings\Familien\Cookies\familien@ads.swgenerator[1].txt
C:\Documents and Settings\Familien\Cookies\familien@ads.tibaco[2].txt
C:\Documents and Settings\Familien\Cookies\familien@ads2.jubii[1].txt
C:\Documents and Settings\Familien\Cookies\familien@ads2.net2day[1].txt
C:\Documents and Settings\Familien\Cookies\familien@ads3.net2day[1].txt
C:\Documents and Settings\Familien\Cookies\familien@adserver.71i[1].txt
C:\Documents and Settings\Familien\Cookies\familien@adserver.adreactor[1].txt
C:\Documents and Settings\Familien\Cookies\familien@adserver.adremedy[2].txt
C:\Documents and Settings\Familien\Cookies\familien@adserver.banneradministration[1].txt
C:\Documents and Settings\Familien\Cookies\familien@adserver.easyad[2].txt
C:\Documents and Settings\Familien\Cookies\familien@adserver.philboxing[2].txt
C:\Documents and Settings\Familien\Cookies\familien@adserving.cpxinteractive[1].txt
C:\Documents and Settings\Familien\Cookies\familien@adtech[1].txt
C:\Documents and Settings\Familien\Cookies\familien@advertising[2].txt
C:\Documents and Settings\Familien\Cookies\familien@allyours.virginmedia[2].txt
C:\Documents and Settings\Familien\Cookies\familien@as-eu.falkag[2].txt
C:\Documents and Settings\Familien\Cookies\familien@as-us.falkag[2].txt
C:\Documents and Settings\Familien\Cookies\familien@atdmt[1].txt
C:\Documents and Settings\Familien\Cookies\familien@atwola[2].txt
C:\Documents and Settings\Familien\Cookies\familien@azjmp[2].txt
C:\Documents and Settings\Familien\Cookies\familien@azpr40.cracks[1].txt
C:\Documents and Settings\Familien\Cookies\familien@banner.fynskemedier[1].txt
C:\Documents and Settings\Familien\Cookies\familien@banner.gratis-ting[2].txt
C:\Documents and Settings\Familien\Cookies\familien@banners2.battleon[1].txt
C:\Documents and Settings\Familien\Cookies\familien@bluestreak[2].txt
C:\Documents and Settings\Familien\Cookies\familien@bonnier.banneradministration[1].txt
C:\Documents and Settings\Familien\Cookies\familien@borsen.112.2o7[1].txt
C:\Documents and Settings\Familien\Cookies\familien@bs.serving-sys[1].txt
C:\Documents and Settings\Familien\Cookies\familien@burstnet[1].txt
C:\Documents and Settings\Familien\Cookies\familien@casalemedia[2].txt
C:\Documents and Settings\Familien\Cookies\familien@casioelectronics.112.2o7[1].txt
C:\Documents and Settings\Familien\Cookies\familien@click.ip.creunacampaign[1].txt
C:\Documents and Settings\Familien\Cookies\familien@click.tdc-online[1].txt
C:\Documents and Settings\Familien\Cookies\familien@clickaider[2].txt
C:\Documents and Settings\Familien\Cookies\familien@clickbank[2].txt
C:\Documents and Settings\Familien\Cookies\familien@clicksor[2].txt
C:\Documents and Settings\Familien\Cookies\familien@clicktorrent[1].txt
C:\Documents and Settings\Familien\Cookies\familien@cnetasiapacific.122.2o7[1].txt
C:\Documents and Settings\Familien\Cookies\familien@cnetaustralia.122.2o7[1].txt
C:\Documents and Settings\Familien\Cookies\familien@counter1.fc2[1].txt
C:\Documents and Settings\Familien\Cookies\familien@counter12.sextracker[1].txt
C:\Documents and Settings\Familien\Cookies\familien@counter8.sextracker[1].txt
C:\Documents and Settings\Familien\Cookies\familien@counter9.sextracker[1].txt
C:\Documents and Settings\Familien\Cookies\familien@cpvfeed[2].txt
C:\Documents and Settings\Familien\Cookies\familien@crack.serial.cracks[1].txt
C:\Documents and Settings\Familien\Cookies\familien@cracks[1].txt
C:\Documents and Settings\Familien\Cookies\familien@cs.sexcounter[2].txt
C:\Documents and Settings\Familien\Cookies\familien@cz11.clickzs[2].txt
C:\Documents and Settings\Familien\Cookies\familien@cz3.clickzs[1].txt
C:\Documents and Settings\Familien\Cookies\familien@cz7.clickzs[2].txt
C:\Documents and Settings\Familien\Cookies\familien@data2.perf.overture[2].txt
C:\Documents and Settings\Familien\Cookies\familien@doubleclick[1].txt
C:\Documents and Settings\Familien\Cookies\familien@e2.emediate[1].txt
C:\Documents and Settings\Familien\Cookies\familien@eas.apm.emediate[2].txt
C:\Documents and Settings\Familien\Cookies\familien@eas4.emediate[2].txt
C:\Documents and Settings\Familien\Cookies\familien@edge.ru4[2].txt
C:\Documents and Settings\Familien\Cookies\familien@edsa.122.2o7[1].txt
C:\Documents and Settings\Familien\Cookies\familien@ehg-dig.hitbox[1].txt
C:\Documents and Settings\Familien\Cookies\familien@ehg-fastweb.hitbox[2].txt
C:\Documents and Settings\Familien\Cookies\familien@ehg-foxmovies.hitbox[1].txt
C:\Documents and Settings\Familien\Cookies\familien@ehg-gatehousemedia.hitbox[2].txt
C:\Documents and Settings\Familien\Cookies\familien@ehg-kingstontechnology.hitbox[2].txt
C:\Documents and Settings\Familien\Cookies\familien@ehg-kodak.hitbox[2].txt
C:\Documents and Settings\Familien\Cookies\familien@ehg-legonewyorkinc.hitbox[2].txt
C:\Documents and Settings\Familien\Cookies\familien@ehg-myspaceinc.hitbox[2].txt
C:\Documents and Settings\Familien\Cookies\familien@ehg-nokiafin.hitbox[1].txt
C:\Documents and Settings\Familien\Cookies\familien@ehg-traderelectronicmedia.hitbox[2].txt
C:\Documents and Settings\Familien\Cookies\familien@ehg-warnerbrothers.hitbox[2].txt
C:\Documents and Settings\Familien\Cookies\familien@ehg-youtube.hitbox[2].txt
C:\Documents and Settings\Familien\Cookies\familien@elitecampbornholm[1].txt
C:\Documents and Settings\Familien\Cookies\familien@emimusic.122.2o7[1].txt
C:\Documents and Settings\Familien\Cookies\familien@epicsoundtracks[1].txt
C:\Documents and Settings\Familien\Cookies\familien@fastclick[1].txt
C:\Documents and Settings\Familien\Cookies\familien@findvej[2].txt
C:\Documents and Settings\Familien\Cookies\familien@focalex[2].txt
C:\Documents and Settings\Familien\Cookies\familien@goclick[2].txt
C:\Documents and Settings\Familien\Cookies\familien@hitbox[1].txt
C:\Documents and Settings\Familien\Cookies\familien@ice.112.2o7[1].txt
C:\Documents and Settings\Familien\Cookies\familien@ilead.itrack[1].txt
C:\Documents and Settings\Familien\Cookies\familien@image.masterstats[1].txt
C:\Documents and Settings\Familien\Cookies\familien@indexstats[2].txt
C:\Documents and Settings\Familien\Cookies\familien@indextools[2].txt
C:\Documents and Settings\Familien\Cookies\familien@jamster[2].txt
C:\Documents and Settings\Familien\Cookies\familien@login.tracking101[2].txt
C:\Documents and Settings\Familien\Cookies\familien@lynxtrack[1].txt
C:\Documents and Settings\Familien\Cookies\familien@m1.webstats.motigo[1].txt
C:\Documents and Settings\Familien\Cookies\familien@media.adrevolver[2].txt
C:\Documents and Settings\Familien\Cookies\familien@media.adrevolver[3].txt
C:\Documents and Settings\Familien\Cookies\familien@mediamaker[2].txt
C:\Documents and Settings\Familien\Cookies\familien@mediaplex[1].txt
C:\Documents and Settings\Familien\Cookies\familien@mediaservices.myspace[2].txt
C:\Documents and Settings\Familien\Cookies\familien@mediavizion.112.2o7[1].txt
C:\Documents and Settings\Familien\Cookies\familien@metacafe.122.2o7[1].txt
C:\Documents and Settings\Familien\Cookies\familien@microsoftwga.112.2o7[1].txt
C:\Documents and Settings\Familien\Cookies\familien@msnaccountservices.112.2o7[1].txt
C:\Documents and Settings\Familien\Cookies\familien@msnportal.112.2o7[1].txt
C:\Documents and Settings\Familien\Cookies\familien@mtg.banneradministration[2].txt
C:\Documents and Settings\Familien\Cookies\familien@ncom.banneradministration[2].txt
C:\Documents and Settings\Familien\Cookies\familien@netmediagroup[2].txt
C:\Documents and Settings\Familien\Cookies\familien@nissaneurope.112.2o7[1].txt
C:\Documents and Settings\Familien\Cookies\familien@nordea.112.2o7[1].txt
C:\Documents and Settings\Familien\Cookies\familien@ok.112.2o7[1].txt
C:\Documents and Settings\Familien\Cookies\familien@overture[2].txt
C:\Documents and Settings\Familien\Cookies\familien@pacificpoker[2].txt
C:\Documents and Settings\Familien\Cookies\familien@partners.webmasterplan[2].txt
C:\Documents and Settings\Familien\Cookies\familien@partygaming.122.2o7[1].txt
C:\Documents and Settings\Familien\Cookies\familien@partypoker[1].txt
C:\Documents and Settings\Familien\Cookies\familien@perf.overture[1].txt
C:\Documents and Settings\Familien\Cookies\familien@phg.hitbox[1].txt
C:\Documents and Settings\Familien\Cookies\familien@playnetwork.112.2o7[1].txt
C:\Documents and Settings\Familien\Cookies\familien@politiken.112.2o7[1].txt
C:\Documents and Settings\Familien\Cookies\familien@precisionclick[2].txt
C:\Documents and Settings\Familien\Cookies\familien@pro-market[2].txt
C:\Documents and Settings\Familien\Cookies\familien@pulz.banneradministration[2].txt
C:\Documents and Settings\Familien\Cookies\familien@questionmarket[2].txt
C:\Documents and Settings\Familien\Cookies\familien@qxl.banneradministration[1].txt
C:\Documents and Settings\Familien\Cookies\familien@realmedia[1].txt
C:\Documents and Settings\Familien\Cookies\familien@revenue[2].txt
C:\Documents and Settings\Familien\Cookies\familien@revsci[2].txt
C:\Documents and Settings\Familien\Cookies\familien@server.cpmstar[1].txt
C:\Documents and Settings\Familien\Cookies\familien@server.iad.liveperson[1].txt
C:\Documents and Settings\Familien\Cookies\familien@server.iad.liveperson[2].txt
C:\Documents and Settings\Familien\Cookies\familien@server.iad.liveperson[3].txt
C:\Documents and Settings\Familien\Cookies\familien@server.iad.liveperson[4].txt
C:\Documents and Settings\Familien\Cookies\familien@server.iad.liveperson[5].txt
C:\Documents and Settings\Familien\Cookies\familien@serving-sys[2].txt
C:\Documents and Settings\Familien\Cookies\familien@sexlist[2].txt
C:\Documents and Settings\Familien\Cookies\familien@sexreactor[1].txt
C:\Documents and Settings\Familien\Cookies\familien@sextracker[1].txt
C:\Documents and Settings\Familien\Cookies\familien@smiely-ivil.tripod[1].txt
C:\Documents and Settings\Familien\Cookies\familien@smileycentral[1].txt
C:\Documents and Settings\Familien\Cookies\familien@sonofon.112.2o7[1].txt
C:\Documents and Settings\Familien\Cookies\familien@sonyeurope.112.2o7[1].txt
C:\Documents and Settings\Familien\Cookies\familien@specificclick[2].txt
C:\Documents and Settings\Familien\Cookies\familien@spylog[1].txt
C:\Documents and Settings\Familien\Cookies\familien@stat.onestat[2].txt
C:\Documents and Settings\Familien\Cookies\familien@stat.postdanmark[2].txt
C:\Documents and Settings\Familien\Cookies\familien@statcounter[2].txt
C:\Documents and Settings\Familien\Cookies\familien@stats1.reliablestats[1].txt
C:\Documents and Settings\Familien\Cookies\familien@statse.webtrendslive[2].txt
C:\Documents and Settings\Familien\Cookies\familien@superstats[1].txt
C:\Documents and Settings\Familien\Cookies\familien@tacoda[2].txt
C:\Documents and Settings\Familien\Cookies\familien@targetnet[1].txt
C:\Documents and Settings\Familien\Cookies\familien@tdc.112.2o7[2].txt
C:\Documents and Settings\Familien\Cookies\familien@telenor.112.2o7[1].txt
C:\Documents and Settings\Familien\Cookies\familien@telmore.112.2o7[1].txt
C:\Documents and Settings\Familien\Cookies\familien@toplist[1].txt
C:\Documents and Settings\Familien\Cookies\familien@track-your-partner[1].txt
C:\Documents and Settings\Familien\Cookies\familien@track.adform[1].txt
C:\Documents and Settings\Familien\Cookies\familien@track.webtrekk[1].txt
C:\Documents and Settings\Familien\Cookies\familien@tracking.notabenestats[2].txt
C:\Documents and Settings\Familien\Cookies\familien@tradedoubler[1].txt
C:\Documents and Settings\Familien\Cookies\familien@trafficmp[1].txt
C:\Documents and Settings\Familien\Cookies\familien@tribalfusion[1].txt
C:\Documents and Settings\Familien\Cookies\familien@tripod[1].txt
C:\Documents and Settings\Familien\Cookies\familien@upspiral[2].txt
C:\Documents and Settings\Familien\Cookies\familien@usenext[1].txt
C:\Documents and Settings\Familien\Cookies\familien@valueclick[2].txt
C:\Documents and Settings\Familien\Cookies\familien@valueclick[3].txt
C:\Documents and Settings\Familien\Cookies\familien@versiontracker[2].txt
C:\Documents and Settings\Familien\Cookies\familien@virginmedia[1].txt
C:\Documents and Settings\Familien\Cookies\familien@warezlinker[1].txt
C:\Documents and Settings\Familien\Cookies\familien@weborama[2].txt
C:\Documents and Settings\Familien\Cookies\familien@windowsmedia[1].txt
C:\Documents and Settings\Familien\Cookies\familien@woco.112.2o7[1].txt
C:\Documents and Settings\Familien\Cookies\familien@wrigley.122.2o7[1].txt
C:\Documents and Settings\Familien\Cookies\familien@www.absolutemedianetwork[2].txt
C:\Documents and Settings\Familien\Cookies\familien@www.burstbeacon[1].txt
C:\Documents and Settings\Familien\Cookies\familien@www.burstnet[2].txt
C:\Documents and Settings\Familien\Cookies\familien@www.comprabanner[2].txt
C:\Documents and Settings\Familien\Cookies\familien@www.crackz[2].txt
C:\Documents and Settings\Familien\Cookies\familien@www.fullreleases[1].txt
C:\Documents and Settings\Familien\Cookies\familien@www.googleadservices[1].txt
C:\Documents and Settings\Familien\Cookies\familien@www.googleadservices[3].txt
C:\Documents and Settings\Familien\Cookies\familien@www.googleadservices[7].txt
C:\Documents and Settings\Familien\Cookies\familien@www.jamster.co[1].txt
C:\Documents and Settings\Familien\Cookies\familien@www.jamster[1].txt
C:\Documents and Settings\Familien\Cookies\familien@www.macromedia[1].txt
C:\Documents and Settings\Familien\Cookies\familien@www.mediakey[1].txt
C:\Documents and Settings\Familien\Cookies\familien@www.sextasya[2].txt
C:\Documents and Settings\Familien\Cookies\familien@www.sextv[1].txt
C:\Documents and Settings\Familien\Cookies\familien@www.smartadserver[1].txt
C:\Documents and Settings\Familien\Cookies\familien@www.stats.casio[2].txt
C:\Documents and Settings\Familien\Cookies\familien@www.upspiral[1].txt
C:\Documents and Settings\Familien\Cookies\familien@www.w3counter[2].txt
C:\Documents and Settings\Familien\Cookies\familien@www.zanox-affiliate[2].txt
C:\Documents and Settings\Familien\Cookies\familien@www1.addfreestats[1].txt
C:\Documents and Settings\Familien\Cookies\familien@www2.addfreestats[2].txt
C:\Documents and Settings\Familien\Cookies\familien@www3.addfreestats[2].txt
C:\Documents and Settings\Familien\Cookies\familien@www4.addfreestats[1].txt
C:\Documents and Settings\Familien\Cookies\familien@www5.addfreestats[2].txt
C:\Documents and Settings\Familien\Cookies\familien@www6.addfreestats[2].txt
C:\Documents and Settings\Familien\Cookies\familien@www8.addfreestats[1].txt
C:\Documents and Settings\Familien\Cookies\familien@xiti[1].txt
C:\Documents and Settings\Familien\Cookies\familien@yadro[1].txt
C:\Documents and Settings\Familien\Cookies\familien@yieldmanager[2].txt
C:\Documents and Settings\Familien\Cookies\familien@youporn[2].txt
C:\Documents and Settings\Familien\Cookies\familien@zedo[1].txt
C:\Documents and Settings\Katrine\Cookies\katrine@247realmedia[1].txt
C:\Documents and Settings\Katrine\Cookies\katrine@2o7[1].txt
C:\Documents and Settings\Katrine\Cookies\katrine@3.adbrite[1].txt
C:\Documents and Settings\Katrine\Cookies\katrine@4.adbrite[2].txt
C:\Documents and Settings\Katrine\Cookies\katrine@ad.adnet[2].txt
C:\Documents and Settings\Katrine\Cookies\katrine@ad.ofir[1].txt
C:\Documents and Settings\Katrine\Cookies\katrine@ad.yieldmanager[1].txt
C:\Documents and Settings\Katrine\Cookies\katrine@ad1.emediate[2].txt
C:\Documents and Settings\Katrine\Cookies\katrine@adbrite[2].txt
C:\Documents and Settings\Katrine\Cookies\katrine@adfair[1].txt
C:\Documents and Settings\Katrine\Cookies\katrine@adfarm1.adition[1].txt
C:\Documents and Settings\Katrine\Cookies\katrine@adopt.euroclick[1].txt
C:\Documents and Settings\Katrine\Cookies\katrine@adrevolver[1].txt
C:\Documents and Settings\Katrine\Cookies\katrine@ads.addynamix[2].txt
C:\Documents and Settings\Katrine\Cookies\katrine@ads.gamers-globe[2].txt
C:\Documents and Settings\Katrine\Cookies\katrine@ads.habbogroup[2].txt
C:\Documents and Settings\Katrine\Cookies\katrine@ads.habbohotel[1].txt
C:\Documents and Settings\Katrine\Cookies\katrine@ads2.jubii[1].txt
C:\Documents and Settings\Katrine\Cookies\katrine@adserver.banneradministration[2].txt
C:\Documents and Settings\Katrine\Cookies\katrine@adserver.mediarun[1].txt
C:\Documents and Settings\Katrine\Cookies\katrine@adtech[2].txt
C:\Documents and Settings\Katrine\Cookies\katrine@adverticum[2].txt
C:\Documents and Settings\Katrine\Cookies\katrine@advertising[1].txt
C:\Documents and Settings\Katrine\Cookies\katrine@as-eu.falkag[1].txt
C:\Documents and Settings\Katrine\Cookies\katrine@atdmt[2].txt
C:\Documents and Settings\Katrine\Cookies\katrine@atwola[1].txt
C:\Documents and Settings\Katrine\Cookies\katrine@audit.median[1].txt
C:\Documents and Settings\Katrine\Cookies\katrine@banner.gratis-ting[1].txt
C:\Documents and Settings\Katrine\Cookies\katrine@bonnier.banneradministration[1].txt
C:\Documents and Settings\Katrine\Cookies\katrine@bs.serving-sys[1].txt
C:\Documents and Settings\Katrine\Cookies\katrine@bs.serving-sys[2].txt
C:\Documents and Settings\Katrine\Cookies\katrine@care2.112.2o7[1].txt
C:\Documents and Settings\Katrine\Cookies\katrine@casalemedia[2].txt
C:\Documents and Settings\Katrine\Cookies\katrine@centrebet.advertserve[1].txt
C:\Documents and Settings\Katrine\Cookies\katrine@clickbank[1].txt
C:\Documents and Settings\Katrine\Cookies\katrine@counter.hitslink[1].txt
C:\Documents and Settings\Katrine\Cookies\katrine@doubleclick[1].txt
C:\Documents and Settings\Katrine\Cookies\katrine@e2.emediate[1].txt
C:\Documents and Settings\Katrine\Cookies\katrine@eas.apm.emediate[1].txt
C:\Documents and Settings\Katrine\Cookies\katrine@eas4.emediate[1].txt
C:\Documents and Settings\Katrine\Cookies\katrine@edsa.122.2o7[1].txt
C:\Documents and Settings\Katrine\Cookies\katrine@ehg-dig.hitbox[2].txt
C:\Documents and Settings\Katrine\Cookies\katrine@ehg-foxmovies.hitbox[2].txt
C:\Documents and Settings\Katrine\Cookies\katrine@ehg-iwantoneofthose.hitbox[1].txt
C:\Documents and Settings\Katrine\Cookies\katrine@ehg-nokiafin.hitbox[1].txt
C:\Documents and Settings\Katrine\Cookies\katrine@ehg-warnerbrothers.hitbox[1].txt
C:\Documents and Settings\Katrine\Cookies\katrine@ehg-youtube.hitbox[1].txt
C:\Documents and Settings\Katrine\Cookies\katrine@ehg.hitbox[2].txt
C:\Documents and Settings\Katrine\Cookies\katrine@elite[2].txt
C:\Documents and Settings\Katrine\Cookies\katrine@fastclick[2].txt
C:\Documents and Settings\Katrine\Cookies\katrine@findvej[1].txt
C:\Documents and Settings\Katrine\Cookies\katrine@focalex[1].txt
C:\Documents and Settings\Katrine\Cookies\katrine@gostats[1].txt
C:\Documents and Settings\Katrine\Cookies\katrine@hitbox[2].txt
C:\Documents and Settings\Katrine\Cookies\katrine@hotlog[1].txt
C:\Documents and Settings\Katrine\Cookies\katrine@ilead.itrack[1].txt
C:\Documents and Settings\Katrine\Cookies\katrine@imrworldwide[1].txt
C:\Documents and Settings\Katrine\Cookies\katrine@indextools[2].txt
C:\Documents and Settings\Katrine\Cookies\katrine@jobzonen.112.2o7[1].txt
C:\Documents and Settings\Katrine\Cookies\katrine@linksynergy[1].txt
C:\Documents and Settings\Katrine\Cookies\katrine@m1.webstats.motigo[1].txt
C:\Documents and Settings\Katrine\Cookies\katrine@m1.webstats4u[1].txt
C:\Documents and Settings\Katrine\Cookies\katrine@media.adrevolver[1].txt
C:\Documents and Settings\Katrine\Cookies\katrine@mediaplex[1].txt
C:\Documents and Settings\Katrine\Cookies\katrine@mediaservices.myspace[1].txt
C:\Documents and Settings\Katrine\Cookies\katrine@microsoftconsumermarketing.112.2o7[1].txt
C:\Documents and Settings\Katrine\Cookies\katrine@microsoftwlmessengermkt.112.2o7[1].txt
C:\Documents and Settings\Katrine\Cookies\katrine@msnaccountservices.112.2o7[1].txt
C:\Documents and Settings\Katrine\Cookies\katrine@msnportal.112.2o7[1].txt
C:\Documents and Settings\Katrine\Cookies\katrine@mtg.banneradministration[1].txt
C:\Documents and Settings\Katrine\Cookies\katrine@mtgnewmedia[1].txt
C:\Documents and Settings\Katrine\Cookies\katrine@overture[1].txt
C:\Documents and Settings\Katrine\Cookies\katrine@perf.overture[1].txt
C:\Documents and Settings\Katrine\Cookies\katrine@playnetwork.112.2o7[1].txt
C:\Documents and Settings\Katrine\Cookies\katrine@politiken.112.2o7[1].txt
C:\Documents and Settings\Katrine\Cookies\katrine@precisionclick[2].txt
C:\Documents and Settings\Katrine\Cookies\katrine@questionmarket[2].txt
C:\Documents and Settings\Katrine\Cookies\katrine@realmedia[1].txt
C:\Documents and Settings\Katrine\Cookies\katrine@revsci[2].txt
C:\Documents and Settings\Katrine\Cookies\katrine@saxobfdk.122.2o7[2].txt
C:\Documents and Settings\Katrine\Cookies\katrine@serif.112.2o7[1].txt
C:\Documents and Settings\Katrine\Cookies\katrine@server.cpmstar[1].txt
C:\Documents and Settings\Katrine\Cookies\katrine@server.iad.liveperson[1].txt
C:\Documents and Settings\Katrine\Cookies\katrine@server.iad.liveperson[3].txt
C:\Documents and Settings\Katrine\Cookies\katrine@serving-sys[1].txt
C:\Documents and Settings\Katrine\Cookies\katrine@specificclick[2].txt
C:\Documents and Settings\Katrine\Cookies\katrine@stat.onestat[2].txt
C:\Documents and Settings\Katrine\Cookies\katrine@stat.postdanmark[1].txt
C:\Documents and Settings\Katrine\Cookies\katrine@stat.visible[1].txt
C:\Documents and Settings\Katrine\Cookies\katrine@statcounter[1].txt
C:\Documents and Settings\Katrine\Cookies\katrine@statse.webtrendslive[2].txt
C:\Documents and Settings\Katrine\Cookies\katrine@tacoda[2].txt
C:\Documents and Settings\Katrine\Cookies\katrine@telmore.112.2o7[1].txt
C:\Documents and Settings\Katrine\Cookies\katrine@track.adform[2].txt
C:\Documents and Settings\Katrine\Cookies\katrine@tracking.foxnews[2].txt
C:\Documents and Settings\Katrine\Cookies\katrine@tradedoubler[1].txt
C:\Documents and Settings\Katrine\Cookies\katrine@trafficmp[2].txt
C:\Documents and Settings\Katrine\Cookies\katrine@tribalfusion[2].txt
C:\Documents and Settings\Katrine\Cookies\katrine@uclick[1].txt
C:\Documents and Settings\Katrine\Cookies\katrine@wrigley.122.2o7[1].txt
C:\Documents and Settings\Katrine\Cookies\katrine@www.etracker[1].txt
C:\Documents and Settings\Katrine\Cookies\katrine@www.googleadservices[1].txt
C:\Documents and Settings\Katrine\Cookies\katrine@www.googleadservices[3].txt
C:\Documents and Settings\Katrine\Cookies\katrine@www2.mystats[1].txt
C:\Documents and Settings\Katrine\Cookies\katrine@www2.mystats[3].txt
C:\Documents and Settings\Katrine\Cookies\katrine@xiti[1].txt
C:\Documents and Settings\Katrine\Cookies\katrine@yadro[1].txt
C:\Documents and Settings\Katrine\Cookies\katrine@zedo[1].txt
C:\Documents and Settings\Kim\Cookies\kim@a.findarticles[1].txt
C:\Documents and Settings\Kim\Cookies\kim@ad.adnetinteractive[2].txt
C:\Documents and Settings\Kim\Cookies\kim@ad1.emediate[2].txt
C:\Documents and Settings\Kim\Cookies\kim@adfair[1].txt
C:\Documents and Settings\Kim\Cookies\kim@adfair[2].txt
C:\Documents and Settings\Kim\Cookies\kim@adfair[3].txt
C:\Documents and Settings\Kim\Cookies\kim@admin.teenrevenue[2].txt
C:\Documents and Settings\Kim\Cookies\kim@ads.dailyrush[1].txt
C:\Documents and Settings\Kim\Cookies\kim@ads.gameforgeads[2].txt
C:\Documents and Settings\Kim\Cookies\kim@ads.gamers-globe[2].txt
C:\Documents and Settings\Kim\Cookies\kim@ads.mininova[1].txt
C:\Documents and Settings\Kim\Cookies\kim@ads.opensubtitles[1].txt
C:\Documents and Settings\Kim\Cookies\kim@ads.usercash[1].txt
C:\Documents and Settings\Kim\Cookies\kim@ads2.jubii[1].txt
C:\Documents and Settings\Kim\Cookies\kim@adultadworld[1].txt
C:\Documents and Settings\Kim\Cookies\kim@adultadworld[2].txt
C:\Documents and Settings\Kim\Cookies\kim@adultadworld[4].txt
C:\Documents and Settings\Kim\Cookies\kim@blogcncpm.t2click[2].txt
C:\Documents and Settings\Kim\Cookies\kim@click.porngurus[2].txt
C:\Documents and Settings\Kim\Cookies\kim@clickaider[1].txt
C:\Documents and Settings\Kim\Cookies\kim@clickaider[2].txt
C:\Documents and Settings\Kim\Cookies\kim@clickaider[3].txt
C:\Documents and Settings\Kim\Cookies\kim@clickaider[4].txt
C:\Documents and Settings\Kim\Cookies\kim@clickaider[6].txt
C:\Documents and Settings\Kim\Cookies\kim@clicktorrent[1].txt
C:\Documents and Settings\Kim\Cookies\kim@clicktorrent[2].txt
C:\Documents and Settings\Kim\Cookies\kim@clicktorrent[3].txt
C:\Documents and Settings\Kim\Cookies\kim@clicktorrent[4].txt
C:\Documents and Settings\Kim\Cookies\kim@clicktorrent[5].txt
C:\Documents and Settings\Kim\Cookies\kim@cracks[2].txt
C:\Documents and Settings\Kim\Cookies\kim@daily-porn-page[1].txt
C:\Documents and Settings\Kim\Cookies\kim@dinowarez[1].txt
C:\Documents and Settings\Kim\Cookies\kim@dinowarez[2].txt
C:\Documents and Settings\Kim\Cookies\kim@e2.emediate[1].txt
C:\Documents and Settings\Kim\Cookies\kim@eas.apm.emediate[1].txt
C:\Documents and Settings\Kim\Cookies\kim@eas.apm.emediate[2].txt
C:\Documents and Settings\Kim\Cookies\kim@eas.apm.emediate[3].txt
C:\Documents and Settings\Kim\Cookies\kim@eas.apm.emediate[4].txt
C:\Documents and Settings\Kim\Cookies\kim@easy-hit-counters[1].txt
C:\Documents and Settings\Kim\Cookies\kim@findarticles[1].txt
C:\Documents and Settings\Kim\Cookies\kim@freefind[1].txt
C:\Documents and Settings\Kim\Cookies\kim@freefind[2].txt
C:\Documents and Settings\Kim\Cookies\kim@freefind[3].txt
C:\Documents and Settings\Kim\Cookies\kim@freefind[4].txt
C:\Documents and Settings\Kim\Cookies\kim@idgmedia.idg[1].txt
C:\Documents and Settings\Kim\Cookies\kim@imagesex[2].txt
C:\Documents and Settings\Kim\Cookies\kim@inthecrack[1].txt
C:\Documents and Settings\Kim\Cookies\kim@linkto.mediafire[1].txt
C:\Documents and Settings\Kim\Cookies\kim@media.intelia[1].txt
C:\Documents and Settings\Kim\Cookies\kim@mediacenter.smartlog[1].txt
C:\Documents and Settings\Kim\Cookies\kim@mediafire[1].txt
C:\Documents and Settings\Kim\Cookies\kim@mediamac.comon[2].txt
C:\Documents and Settings\Kim\Cookies\kim@mypornblog[2].txt
C:\Documents and Settings\Kim\Cookies\kim@pornpassforall[1].txt
C:\Documents and Settings\Kim\Cookies\kim@qxl.adservinginternational[1].txt
C:\Documents and Settings\Kim\Cookies\kim@server.iad.liveperson[2].txt
C:\Documents and Settings\Kim\Cookies\kim@server.iad.liveperson[3].txt
C:\Documents and Settings\Kim\Cookies\kim@stat.inleadmedia[1].txt
C:\Documents and Settings\Kim\Cookies\kim@stat.postdanmark[1].txt
C:\Documents and Settings\Kim\Cookies\kim@t3.trackalyzer[1].txt
C:\Documents and Settings\Kim\Cookies\kim@track.adform[2].txt
C:\Documents and Settings\Kim\Cookies\kim@track.adform[3].txt
C:\Documents and Settings\Kim\Cookies\kim@usenext[2].txt
C:\Documents and Settings\Kim\Cookies\kim@usenext[3].txt
C:\Documents and Settings\Kim\Cookies\kim@usenext[4].txt
C:\Documents and Settings\Kim\Cookies\kim@windowsmedia[1].txt
C:\Documents and Settings\Kim\Cookies\kim@www.comprabanner[1].txt
C:\Documents and Settings\Kim\Cookies\kim@www.comprabanner[3].txt
C:\Documents and Settings\Kim\Cookies\kim@www.extreme-teen-nipples[1].txt
C:\Documents and Settings\Kim\Cookies\kim@www.findingnevermore[1].txt
C:\Documents and Settings\Kim\Cookies\kim@www.fullreleases[1].txt
C:\Documents and Settings\Kim\Cookies\kim@www.fullreleases[2].txt
C:\Documents and Settings\Kim\Cookies\kim@www.inthecrack[1].txt
C:\Documents and Settings\Kim\Cookies\kim@www.netdebit-counter[2].txt
C:\Documents and Settings\Kim\Cookies\kim@www.thepornhost[2].txt
C:\Documents and Settings\Kim\Cookies\kim@www.verygoodfuck[2].txt
C:\Documents and Settings\Kim\Cookies\kim@www.warezquality[1].txt

BearShare File Sharing Client
C:\PROGRAMMER\BEARSHARE APPLICATIONS\BEARSHARE\BEARSHARE.EXE

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 22:47:31, on 17-12-2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16574)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Programmer\Alwil Software\Avast4\aswUpdSv.exe
C:\Programmer\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\LEXBCES.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\Programmer\Fælles filer\Acronis\Schedule2\schedul2.exe
C:\Programmer\Fælles filer\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\SearchIndexer.exe
C:\Programmer\Alwil Software\Avast4\ashMaiSv.exe
C:\Programmer\Alwil Software\Avast4\ashWebSv.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\Programmer\Analog Devices\Core\smax4pnp.exe
C:\Programmer\Fælles filer\Acronis\Schedule2\schedhlp.exe
C:\Programmer\Java\jre1.6.0_03\bin\jusched.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\WINDOWS\system32\rundll32.exe
C:\Programmer\ATI Technologies\ATI.ACE\CLI.EXE
C:\Programmer\Microsoft Office\Office12\GrooveMonitor.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Programmer\SUPERAntiSpyware\SUPERAntiSpyware.exe
C:\PROGRA~1\MICROS~2\Office12\OUTLOOK.EXE
C:\Programmer\Google\Gmail Notifier\gnotify.exe
C:\Programmer\Multimedia Keyboard Driver\PS2USBKbdDrv.exe
C:\Programmer\Multimedia Mouse Driver\MouseDrv.exe
C:\Programmer\ATI Technologies\ATI.ACE\cli.exe
C:\Programmer\ATI Technologies\ATI.ACE\cli.exe
C:\Programmer\PC Connectivity Solution\ServiceLayer.exe
C:\Documents and Settings\Kim\Skrivebord\PC rens\HiJackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.dk/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Hyperlinks
F2 - REG:system.ini: UserInit=userinit.exe,
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programmer\Fælles filer\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Programmer\Spybot - Search & Destroy\SDHelper.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Programmer\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programmer\Java\jre1.6.0_03\bin\ssv.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programmer\Fælles filer\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O4 - HKLM\..\Run: [ATIPTA] C:\Programmer\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [SoundMAXPnP] C:\Programmer\Analog Devices\Core\smax4pnp.exe
O4 - HKLM\..\Run: [Acronis Scheduler2 Service] "C:\Programmer\Fælles filer\Acronis\Schedule2\schedhlp.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Programmer\Java\jre1.6.0_03\bin\jusched.exe"
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [ATICCC] "C:\Programmer\ATI Technologies\ATI.ACE\CLIStart.exe"
O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
O4 - HKLM\..\Run: [WireLessKeyboard] C:\Programmer\Multimedia Keyboard Driver\StartAutorun.exe PS2USBKbdDrv.exe
O4 - HKLM\..\Run: [WireLessMouse] C:\Programmer\Multimedia Mouse Driver\StartAutorun.exe MouseDrv.exe
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Programmer\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [SUPERAntiSpyware] C:\Programmer\SUPERAntiSpyware\SUPERAntiSpyware.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOKAL TJENESTE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETVÆRKSTJENESTE')
O4 - HKUS\S-1-5-21-448539723-823518204-1801674531-1005\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe (User 'Familien')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - S-1-5-21-448539723-823518204-1801674531-1005 Startup: E-mail.lnk = ? (User 'Familien')
O4 - S-1-5-21-448539723-823518204-1801674531-1005 User Startup: E-mail.lnk = ? (User 'Familien')
O4 - Startup: E-mail.lnk = ?
O4 - Startup: Gmail Notifier.lnk = C:\Programmer\Google\Gmail Notifier\gnotify.exe
O8 - Extra context menu item: E&ksporter til Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Gem formularer - file://C:\Programmer\Siber Systems\AI RoboForm\RoboFormComSavePass.html
O8 - Extra context menu item: RF værktøjslinie - file://C:\Programmer\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html
O8 - Extra context menu item: Tilpas RF menu - file://C:\Programmer\Siber Systems\AI RoboForm\RoboFormComCustomizeIEMenu.html
O8 - Extra context menu item: Udfyld formularer - file://C:\Programmer\Siber Systems\AI RoboForm\RoboFormComFillForms.html
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programmer\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programmer\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra button: Adgangforalle.dk fjernbetjening - {0AD5A451-967F-46BD-9F5E-39247D7FC77F} - C:\Documents and Settings\Katrine\Skrivebord\adgangforalle.exe (file missing)
O9 - Extra 'Tools' menuitem: Adgangforalle.dk fjernbetjening - {0AD5A451-967F-46BD-9F5E-39247D7FC77F} - C:\Documents and Settings\Katrine\Skrivebord\adgangforalle.exe (file missing)
O9 - Extra button: Send til OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: S&end til OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: Opslag - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programmer\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programmer\Messenger\msmsgs.exe
O16 - DPF: {029FDBA6-3547-11D7-AA4C-0050BF051A00} (Rawflow ICD Client) - http://downol.dr.dk/download/netradio/Rawflow.cab
O16 - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} (QuickTime Object) - http://a1540.g.akamai.net/7/1540/52/20070711/qtinstall.info.apple.com/qtactivex/qtplugin.cab
O16 - DPF: {070CA17A-4BD2-4612-83B4-32B1B9159B47} - http://uc.sina.com.cn/download/live/weblive2.4.0.0.cab
O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://www.kaspersky.com/kos/eng/partner/default/kavwebscan_unicode.cab
O16 - DPF: {4ED9DDF0-7479-4BBE-9335-5A1EDB1D8A21} - http://download.mcafee.com/molbin/shared/mcinsctl/4,0,0,101/mcinsctl.cab
O16 - DPF: {B1E2B96C-12FE-45E2-BEF1-44A219113CDD} (SABScanProcesses Class) - http://www.superadblocker.com/activex/sabspx.cab
O16 - DPF: {C4925E65-7A1E-11D2-8BB4-00A0C9CC72C3} (Virtools WebPlayer Class) - http://a532.g.akamai.net/f/532/6712/4h/player.virtools.com/downloads/player/Install2.5/Installer.exe
O16 - DPF: {E8F628B5-259A-4734-97EE-BA914D7BE941} (Driver Agent ActiveX Control) - http://driveragent.com/files/driveragent.cab
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Programmer\Microsoft Office\Office12\GrooveSystemServices.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\FLLESF~1\Skype\SKYPE4~1.DLL
O20 - Winlogon Notify: !SASWinLogon - C:\Programmer\SUPERAntiSpyware\SASWINLO.dll
O23 - Service: Acronis Scheduler2 Service (AcrSch2Svc) - Acronis - C:\Programmer\Fælles filer\Acronis\Schedule2\schedul2.exe
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Programmer\Fælles filer\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Programmer\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Programmer\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Programmer\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Programmer\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Programmer\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: iPod-tjeneste (iPod Service) - Apple Inc. - C:\Programmer\iPod\bin\iPodService.exe
O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINDOWS\system32\LEXBCES.EXE
O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - CACE Technologies - C:\Programmer\WinPcap\rpcapd.exe
O23 - Service: ServiceLayer - Nokia. - C:\Programmer\PC Connectivity Solution\ServiceLayer.exe

--
End of file - 9902 bytes

********************************* ROOTCHK-(5-12-07)-LOG, by ejvindh
17-12-2007 22:48:28,54

The rootkits that are detected by this tool were not found.

********************************* ROOTCHK-LOG-end

catchme 0.3.1319 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2007-12-17 22:48:29
Windows 5.1.2600 Service Pack 2
scanning hidden processes ...

scanning hidden services & system hive ...
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BTHPORT\Parameters\Keys\001060d291d5]
"0019639fd8dc"=hex:a0,5e,5c,a1,c4,a8,13,67,5c,59,73,41,8c,9b,4e,b2
"001963da3353"=hex:86,a9,dc,82,35,fd,db,9f,19,8b,77,79,46,78,6d,12
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\sptd\Cfg]
"s1"=dword:629e1eca
"s2"=dword:af2412a3
"h0"=dword:00000001
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4]
"p0"="C:\Programmer\DAEMON Tools\"
"h0"=dword:00000000
"khjeh"=hex:23,a1,29,63,d5,01,20,18,92,ee,b8,02,b3,68,9d,62,b9,db,5e,61,81,..
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001]
"a0"=hex:20,01,00,00,13,9e,d3,1d,b8,96,dd,b9,cf,ec,66,8d,25,7b,8f,97,95,..
"khjeh"=hex:1c,a8,ca,ea,94,5a,21,87,26,a6,49,f2,17,b5,80,25,39,9c,07,97,9e,..
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf40]
"khjeh"=hex:3b,ea,58,44,6c,05,b5,d3,00,a0,7b,7e,af,09,37,0f,73,f8,95,dd,0f,..
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\BTHPORT\Parameters\Keys\001060d291d5]
"0019639fd8dc"=hex:a0,5e,5c,a1,c4,a8,13,67,5c,59,73,41,8c,9b,4e,b2
"001963da3353"=hex:86,a9,dc,82,35,fd,db,9f,19,8b,77,79,46,78,6d,12
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4]
"p0"="C:\Programmer\DAEMON Tools\"
"h0"=dword:00000000
"khjeh"=hex:23,a1,29,63,d5,01,20,18,92,ee,b8,02,b3,68,9d,62,b9,db,5e,61,81,..
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001]
"a0"=hex:20,01,00,00,13,9e,d3,1d,b8,96,dd,b9,cf,ec,66,8d,25,7b,8f,97,95,..
"khjeh"=hex:1c,a8,ca,ea,94,5a,21,87,26,a6,49,f2,17,b5,80,25,39,9c,07,97,9e,..
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf40]
"khjeh"=hex:3b,ea,58,44,6c,05,b5,d3,00,a0,7b,7e,af,09,37,0f,73,f8,95,dd,0f,..

scanning hidden registry entries ...

scanning hidden files ...

hidden processes: 0
hidden services: 0
hidden files: 0

ComboFix 07-12-15.5 - Kim 2007-12-17 22:52:27.1 - NTFSx86
Microsoft Windows XP Home Edition 5.1.2600.2.1252.1.1030.18.1494 [GMT 1:00]
Running from: D:\Downloads\ComboFix.exe
* Created a new restore point
.

((((((((((((((((((((((((( Files Created from 2007-11-17 to 2007-12-17 )))))))))))))))))))))))))))))))
.

2007-12-15 23:09 . 2007-12-16 21:18 <DIR> d-------- C:\Programmer\SUPERAntiSpyware
2007-12-15 23:09 . 2007-12-15 23:09 <DIR> d-------- C:\Programmer\Fælles filer\Wise Installation Wizard
2007-12-15 23:09 . 2007-12-15 23:09 <DIR> d-------- C:\Documents and Settings\Kim\Application Data\SUPERAntiSpyware.com
2007-12-15 23:09 . 2007-12-15 23:09 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\SUPERAntiSpyware.com
2007-12-15 17:18 . 2007-12-15 17:18 <DIR> d-------- C:\Documents and Settings\Katrine\Application Data\Politiken
2007-12-15 16:57 . 2007-12-15 16:57 <DIR> d-------- C:\Programmer\Polob32
2007-12-15 15:30 . 2007-12-15 15:31 <DIR> d-------- C:\Programmer\Fælles filer\Adobe
2007-12-08 20:31 . 2007-12-15 15:07 83 --a------ C:\WINDOWS\wwp.INI
2007-11-25 15:35 . 2007-11-25 15:35 <DIR> d-------- C:\Team17
2007-11-21 22:27 . 2007-11-21 22:27 <DIR> dr-h----- C:\Documents and Settings\Andreas\Application Data\SecuROM
2007-11-21 21:09 . 2006-02-20 13:25 17,536 --a------ C:\WINDOWS\system32\drivers\grmn0200.sys
2007-11-21 21:09 . 2003-09-23 15:42 17,024 --a------ C:\WINDOWS\system32\drivers\grmngen.sys
2007-11-21 21:09 . 2006-04-11 14:51 16,512 --a------ C:\WINDOWS\system32\drivers\grmn0400.sys
2007-11-21 21:09 . 2006-07-11 20:50 11,776 --a------ C:\WINDOWS\system32\drivers\grmn1200.sys
2007-11-21 21:09 . 2003-09-23 15:42 7,296 --a------ C:\WINDOWS\system32\drivers\grmnusb.sys
2007-11-18 22:11 . 2005-10-21 02:47 30,592 --------- C:\WINDOWS\system32\drivers\rndismpx.sys
2007-11-18 22:11 . 2005-10-21 02:47 12,800 --------- C:\WINDOWS\system32\drivers\usb8023x.sys

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2007-12-17 21:48 --------- d-----w C:\Documents and Settings\Familien\Application Data\Skype
2007-12-15 22:04 --------- d-----w C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
2007-12-14 23:01 --------- d-----w C:\Documents and Settings\Kim\Application Data\XnView
2007-12-13 14:34 --------- d-----w C:\Programmer\RadioCenter DataBase
2007-12-11 21:34 --------- d-----w C:\Documents and Settings\All Users\Application Data\Microsoft Help
2007-12-11 16:24 --------- d-----w C:\Documents and Settings\Kim\Application Data\wsInspector
2007-12-05 20:12 --------- d-----w C:\Documents and Settings\Kim\Application Data\uTorrent
2007-12-05 19:17 --------- d-----w C:\Programmer\Safari
2007-11-29 16:08 --------- d-----w C:\Programmer\Microsoft ActiveSync
2007-11-26 21:47 --------- d-----w C:\Documents and Settings\Familien\Application Data\wsInspector
2007-11-26 14:55 --------- d-----w C:\Programmer\Hide IP Platinum
2007-11-25 14:35 --------- d--h--w C:\Programmer\InstallShield Installation Information
2007-11-21 19:52 --------- d-----w C:\Documents and Settings\Familien\Application Data\uTorrent
2007-11-14 19:37 --------- d-----w C:\Programmer\iTunes
2007-11-14 19:37 --------- d-----w C:\Programmer\iPod
2007-11-14 19:36 --------- d-----w C:\Programmer\QuickTime
2007-11-13 10:25 20,480 ----a-w C:\WINDOWS\system32\drivers\secdrv.sys
2007-11-06 21:34 --------- d-----w C:\Programmer\WMR11
2007-11-06 19:34 --------- d-----w C:\Programmer\WinPcap
2007-11-03 21:38 --------- d-----w C:\Programmer\TVAnts
2007-11-03 20:26 --------- d-----w C:\Programmer\SopCast
2007-11-03 16:12 --------- d-----w C:\Programmer\TVUPlayer
2007-10-29 22:44 1,291,776 ----a-w C:\WINDOWS\system32\quartz.dll
2007-10-29 19:19 0 ---ha-w C:\WINDOWS\system32\drivers\MsftWdf_Kernel_01005_Coinstaller_Critical.Wdf
2007-10-29 19:19 0 ---ha-w C:\WINDOWS\system32\drivers\Msft_Kernel_ggsemc_01005.Wdf
2007-10-28 16:45 19,424 ----a-w C:\WINDOWS\system32\drivers\ggsemc.sys
2007-10-28 16:45 1,419,232 ----a-w C:\WINDOWS\system32\wdfcoinstaller01005.dll
2007-10-28 16:44 --------- d-----w C:\Programmer\Sony Ericsson
2007-10-27 16:19 --------- d-----w C:\Programmer\Joost
2007-10-25 08:28 222,720 ----a-w C:\WINDOWS\system32\wmasf.dll
2007-10-24 11:47 --------- d-----w C:\Documents and Settings\All Users\Application Data\Kaspersky Lab
2007-10-22 17:32 --------- d-----w C:\Programmer\Picasa2
2007-10-20 15:26 --------- d---a-w C:\Documents and Settings\All Users\Application Data\TEMP
2007-10-03 20:37 98,304 ----a-w C:\WINDOWS\system32\CmdLineExt.dll
2005-09-09 18:55 7,155,864 ----a-w C:\Programmer\NGhost10.msi
2005-09-09 18:55 4,588,454 ----a-w C:\Programmer\setup.exe
2005-09-09 18:55 37,766,164 ----a-w C:\Programmer\Data1.cab
2005-09-09 18:55 35 ----a-w C:\Programmer\SCSSDist.ini
2007-01-20 23:27 32,768 --sha-w C:\WINDOWS\system32\config\systemprofile\Lokale indstillinger\Oversigt\History.IE5\MSHist012007012120070122\index.dat
.

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\system32\ctfmon.exe" [2004-09-17 18:13]
"SUPERAntiSpyware"="C:\Programmer\SUPERAntiSpyware\SUPERAntiSpyware.exe" [2007-04-23 15:46]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ATIPTA"="C:\Programmer\ATI Technologies\ATI Control Panel\atiptaxx.exe" [2004-08-25 12:52]
"SoundMAXPnP"="C:\Programmer\Analog Devices\Core\smax4pnp.exe" [2004-10-14 14:42]
"Acronis Scheduler2 Service"="C:\Programmer\Fælles filer\Acronis\Schedule2\schedhlp.exe" [2006-12-03 14:20]
"SunJavaUpdateSched"="C:\Programmer\Java\jre1.6.0_03\bin\jusched.exe" [2007-09-25 00:11]
"avast!"="C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe" [2007-09-06 11:06]
"ATICCC"="C:\Programmer\ATI Technologies\ATI.ACE\CLIStart.exe" [2006-09-25 09:12]
"BluetoothAuthenticationAgent"="bthprops.cpl" [2004-09-17 18:12 C:\WINDOWS\system32\bthprops.cpl]
"WireLessKeyboard"="C:\Programmer\Multimedia Keyboard Driver\StartAutorun.exe" [2005-11-30 11:48]
"WireLessMouse"="C:\Programmer\Multimedia Mouse Driver\StartAutorun.exe" [2005-11-30 11:48]
"GrooveMonitor"="C:\Programmer\Microsoft Office\Office12\GrooveMonitor.exe" [2007-08-24 07:00]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\system32\CTFMON.EXE" [2004-09-17 18:13]
"Nokia.PCSync"="C:\Programmer\Nokia\Nokia PC Suite 6\PcSync2.exe" [2007-03-27 14:58]
"Picasa Media Detector"="C:\Programmer\Picasa2\PicasaMediaDetector.exe" [2006-12-12 01:36]

[hkey_local_machine\software\microsoft\windows\currentversion\explorer\shellexecutehooks]
"{56F9679E-7826-4C84-81F3-532071A8BCC5}"= C:\Programmer\Windows Desktop Search\MSNLNamespaceMgr.dll [2007-02-05 14:39 294400]
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= C:\Programmer\SUPERAntiSpyware\SASSEH.DLL [2006-12-20 13:55 77824]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\!SASWinLogon]
C:\Programmer\SUPERAntiSpyware\SASWINLO.dll 2007-04-19 13:41 294912 C:\Programmer\SUPERAntiSpyware\SASWINLO.dll

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AnyDVD]
2003-09-29 22:17 175616 --a------ C:\Programmer\SlySoft\AnyDVD\AnyDVD.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CloneCDTray]
C:\Programmer\SlySoft\CloneCD\CloneCDTray.exe /s

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ElbyCheckAnyDVD]
C:\Programmer\SlySoft\AnyDVD\ElbyCheck.exe /L AnyDVD

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper]
2007-11-02 18:36 267048 --a------ C:\Programmer\iTunes\iTunesHelper.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
C:\Programmer\QuickTime\qttask.exe -atboottime

R0 snapman;Acronis Snapshots Manager;C:\WINDOWS\system32\DRIVERS\snapman.sys
R0 timounter;Acronis TrueImage Backup Archive Explorer;C:\WINDOWS\system32\DRIVERS\timntr.sys
R2 tifsfilter;Acronis TrueImage FS Filter;C:\WINDOWS\system32\DRIVERS\tifsfilt.sys
R3 PID_0920;Labtec WebCam(PID_0920);C:\WINDOWS\system32\DRIVERS\LV532AV.SYS
S3 NPF;NetGroup Packet Filter Driver;C:\WINDOWS\system32\drivers\npf.sys
S3 SE2Ebus;Sony Ericsson Device 046 Driver driver (WDM);C:\WINDOWS\system32\DRIVERS\SE2Ebus.sys
S3 SE2Emdfl;Sony Ericsson Device 046 USB WMC Modem Filter;C:\WINDOWS\system32\DRIVERS\SE2Emdfl.sys
S3 SE2Emdm;Sony Ericsson Device 046 USB WMC Modem Driver;C:\WINDOWS\system32\DRIVERS\SE2Emdm.sys
S3 SE2Emgmt;Sony Ericsson Device 046 USB WMC Device Management Drivers (WDM);C:\WINDOWS\system32\DRIVERS\SE2Emgmt.sys
S3 SE2Eobex;Sony Ericsson Device 046 USB WMC OBEX Interface;C:\WINDOWS\system32\DRIVERS\SE2Eobex.sys
S3 se2Eunic;Sony Ericsson Device 046 USB Ethernet Emulation SEMC46 (WDM);C:\WINDOWS\system32\DRIVERS\se2Eunic.sys

*Newly Created Service* - PROCEXP90
.
Contents of the 'Scheduled Tasks' folder
"2007-12-12 19:14:01 C:\WINDOWS\Tasks\AppleSoftwareUpdate.job"
- C:\Programmer\Apple Software Update\SoftwareUpdate.exe
"2007-12-13 18:00:00 C:\WINDOWS\Tasks\ashAvast.job"
- C:\Programmer\Alwil Software\Avast4\ashAvast.exe
"2007-12-14 18:00:00 C:\WINDOWS\Tasks\Stone's KopiKontrol.job"
"2007-12-17 16:45:28 C:\WINDOWS\Tasks\User_Feed_Synchronization-{9E9E857C-B2D2-483D-AC51-DAB6E460A07C}.job"
- C:\WINDOWS\system32\msfeedssync.exe
.
**************************************************************************

catchme 0.3.1333 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2007-12-17 22:57:11
Windows 5.1.2600 Service Pack 2 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************
.
Completion time: 2007-12-17 22:57:46
.
2007-11-14 18:22:14 --- E O F ---

Synes godt om

Computer Hjælp (Gratis) Mester

18. december 2007 - 07:27 #5

Hmmm... - har du på et tidspunkt leget med BEARSHARE + uTorrent ?

Vil ANBEFALE AFINSTALL af BEARSHARE + uTorrent !!!
Samt sletning af
C:\Documents and Settings\Kim\Application Data\uTorrent\ <- Hele mappen
C:\PROGRAMMER\uTorrent\ <- Hele mappen
C:\PROGRAMMER\BEARSHARE APPLICATIONS\ <- Hele mappen

Iøvrigt er du 'clean' ...

Registreringsdatabase oprydning kan anbefales ->
RegCleaner http://www.ccleaner.com/ + http://www.spywarefri.dk/manualer/ccleaner-manual.htm (Specielt punktet [Register]...)
Under installationen får du tilbudt [Yahoo Toolbar]. Du kan sige ja eller NEJ til den.

Synes godt om

Computer Hjælp (Gratis) Mester

18. december 2007 - 07:27 #6

Ping...
(Det var et [svar]...)

Synes godt om

kim-h Novice

18. december 2007 - 17:28 #7

De er slettet nu.
Tak for hjælpen.

Synes godt om

Ny bruger Nybegynder

Din løsning...

Tilladte BB-code-tags: [b]fed[/b] [i]kursiv[/i] [u]understreget[/u] Web- og emailadresser omdannes automatisk til links. Der sættes "nofollow" på alle links.

Følg dette spørgsmål

Opret Preview

Se alle it-kurser fra Computerworld Kurser

IT-kurser om Microsoft 365, sikkerhed, personlig vækst, udvikling, digital markedsføring, grafisk design, SAP og forretningsanalyse.

Se alle it-kurser

Flere spørgsmål fra Virus kategorien

Titel	Indlæg	Oprettet	Seneste aktivitet
Vil skrifte antivirusprogram. Af ErikHg i Virus	22	26/11/202510:42	23/12/202514:29
Er gratis Bitdefender værd at installere ? Af Ikke-ekspert i Virus	8	31/08/202519:08	01/09/202514:18
Ukendte filer på min Pc Af jonpet i Virus	10	03/02/202514:20	04/02/202511:05
mulig ukendt virus Af jackie18 i Virus	3	18/01/202514:07	18/01/202516:39
virus popper op med jævne mellemrum Af Malm i Virus	13	18/01/202511:40	20/01/202517:53

Se alle spørgsmål i kategorien Opret spørgsmål

Log ind eller opret profil

Hov!

For at kunne deltage på Computerworld Eksperten skal du være logget ind.

Det er heldigvis nemt at oprette en bruger: Det tager to minutter og du kan vælge at bruge enten e-mail, Facebook eller Google som login.

Du kan også logge ind via nedenstående tjenester

Alle kategorier på Eksperten

Seneste artiklerRSS