Har fået noget via MSN
Hej eksperterMin datter fik en fil på MSN. Det var en zip-fil. Den åbnede hun. Der var et billede i. Det åbnede hun. Og siden har maskinen gjort ting, vi ikke kan lide. Vi har Avast-antivirus.
Avast e-postskanner-ikonet står jævnt hen og blafrer nede i programbakken. Men vi kan ikke nå at læse, hvad det er, den sender eller modtager.
Filen, hun modtog hed img_397-jpeg.zip (108 KB).
Efter at have fulgt vejledningen i fromsejs 'SuperAntiSpyware (kombineret med Dr.Web)'-artikel http://www.eksperten.dk/artikler/954 har jeg startet maskinen i normal tilstand. Og nu er der ro. Avast står ikke hele tiden og viser at der sendes post. Puha!
Men jeg står nu med tre logfiler. Er der nogen, der godt vil kigge dem igennem og hjælpe mig med at fjerne eventuelle overlevende virus, adware og orme?
På forhånd tak for det store arbejde, I udfører her på siden.
mvh
Jørn Hansen
*** Kørsel af DrWeb
******************************
Process.exe;C:\Documents and Settings\Marie\Skrivebord\MSNFix\incl;Tool.Prockill;Renamed.;
POSTOOBE.NEC;C:\DRIVERS;VBS.Generic.278;Deleted.;
CTMDEngU.dll;C:\Programmer\Creative\ZENcast Organizer;Adware.BookedSpace.origin;Renamed.;
A0039965.exe;C:\System Volume Information\_restore{4D25720C-D913-4297-878B-534CFAB8E819}\RP263;Tool.Prockill;Renamed.;
A0039966.dll;C:\System Volume Information\_restore{4D25720C-D913-4297-878B-534CFAB8E819}\RP263;Adware.BookedSpace.origin;Renamed.;
*** Kørsel af SuperAntiSpyware
******************************
SUPERAntiSpyware Scan Log
http://www.superantispyware.com
Generated 01/18/2008 at 07:19 AM
Application Version : 3.9.1008
Core Rules Database Version : 3380
Trace Rules Database Version: 1374
Scan type : Complete Scan
Total Scan Time : 01:12:13
Memory items scanned : 222
Memory threats detected : 0
Registry items scanned : 6131
Registry threats detected : 0
File items scanned : 40348
File threats detected : 129
Adware.Tracking Cookie
C:\Documents and Settings\Marie\Cookies\marie@fastclick[2].txt
C:\Documents and Settings\Marie\Cookies\marie@www.googleadservices[5].txt
C:\Documents and Settings\Marie\Cookies\marie@statse.webtrendslive[2].txt
C:\Documents and Settings\Marie\Cookies\marie@stat.inleadmedia[1].txt
C:\Documents and Settings\Marie\Cookies\marie@media.mtvnservices[2].txt
C:\Documents and Settings\Marie\Cookies\marie@hit.stat[1].txt
C:\Documents and Settings\Marie\Cookies\marie@m1.webstats.motigo[1].txt
C:\Documents and Settings\Marie\Cookies\marie@mybannercreator[2].txt
C:\Documents and Settings\Marie\Cookies\marie@atwola[2].txt
C:\Documents and Settings\Marie\Cookies\marie@specificclick[2].txt
C:\Documents and Settings\Marie\Cookies\marie@ad.adocean[2].txt
C:\Documents and Settings\Marie\Cookies\marie@revsci[2].txt
C:\Documents and Settings\Marie\Cookies\marie@www.googleadservices[3].txt
C:\Documents and Settings\Marie\Cookies\marie@mediaplex[1].txt
C:\Documents and Settings\Marie\Cookies\marie@ads.pointroll[1].txt
C:\Documents and Settings\Marie\Cookies\marie@questionmarket[2].txt
C:\Documents and Settings\Marie\Cookies\marie@spamfighter.112.2o7[1].txt
C:\Documents and Settings\Marie\Cookies\marie@bs.serving-sys[1].txt
C:\Documents and Settings\Marie\Cookies\marie@ads[1].txt
C:\Documents and Settings\Marie\Cookies\marie@adtech[1].txt
C:\Documents and Settings\Marie\Cookies\marie@precisionclick[1].txt
C:\Documents and Settings\Marie\Cookies\marie@advertising[2].txt
C:\Documents and Settings\Marie\Cookies\marie@imrworldwide[1].txt
C:\Documents and Settings\Marie\Cookies\marie@track.adform[1].txt
C:\Documents and Settings\Marie\Cookies\marie@shinystat[2].txt
C:\Documents and Settings\Marie\Cookies\marie@doubleclick[2].txt
C:\Documents and Settings\Marie\Cookies\marie@list[1].txt
C:\Documents and Settings\Marie\Cookies\marie@statcounter[1].txt
C:\Documents and Settings\Marie\Cookies\marie@burstnet[1].txt
C:\Documents and Settings\Marie\Cookies\marie@www.googleadservices[6].txt
C:\Documents and Settings\Marie\Cookies\marie@gamefinder.disney.go[1].txt
C:\Documents and Settings\Marie\Cookies\marie@eyewonder[1].txt
C:\Documents and Settings\Marie\Cookies\marie@clickbank[1].txt
C:\Documents and Settings\Marie\Cookies\marie@ehg-bskyb.hitbox[2].txt
C:\Documents and Settings\Marie\Cookies\marie@telmore.112.2o7[1].txt
C:\Documents and Settings\Marie\Cookies\marie@atdmt[3].txt
C:\Documents and Settings\Marie\Cookies\marie@www.burstnet[1].txt
C:\Documents and Settings\Marie\Cookies\marie@ehg-twi.hitbox[1].txt
C:\Documents and Settings\Marie\Cookies\marie@2o7[1].txt
C:\Documents and Settings\Marie\Cookies\marie@eas4.emediate[1].txt
C:\Documents and Settings\Marie\Cookies\marie@www.googleadservices[4].txt
C:\Documents and Settings\Marie\Cookies\marie@www.zanox-affiliate[2].txt
C:\Documents and Settings\Marie\Cookies\marie@saxocom.112.2o7[1].txt
C:\Documents and Settings\Marie\Cookies\marie@hitbox[2].txt
C:\Documents and Settings\Marie\Cookies\marie@ad.yieldmanager[2].txt
C:\Documents and Settings\Marie\Cookies\marie@ads.myyearbook[1].txt
C:\Documents and Settings\Marie\Cookies\marie@ad1.emediate[2].txt
C:\Documents and Settings\Marie\Cookies\marie@www5.addfreestats[1].txt
C:\Documents and Settings\Marie\Cookies\marie@tradedoubler[2].txt
C:\Documents and Settings\Marie\Cookies\marie@track.webgains[1].txt
C:\Documents and Settings\Marie\Cookies\marie@toplist[1].txt
C:\Documents and Settings\Marie\Cookies\marie@serving-sys[1].txt
C:\Documents and Settings\Marie\Cookies\marie@tacoda[2].txt
C:\Documents and Settings\Marie\Cookies\marie@eas.apm.emediate[1].txt
C:\Documents and Settings\Marie\Cookies\marie@saxoomis.122.2o7[1].txt
C:\Documents and Settings\Marie\Cookies\marie@overture[1].txt
C:\Documents and Settings\Marie\Cookies\marie@ehg-oreilly.hitbox[2].txt
C:\Documents and Settings\Hanne\Cookies\hanne@imrworldwide[2].txt
C:\Documents and Settings\Jorn\Cookies\jorn@2o7[2].txt
C:\Documents and Settings\Jorn\Cookies\jorn@ad.yieldmanager[1].txt
C:\Documents and Settings\Jorn\Cookies\jorn@ad1.emediate[1].txt
C:\Documents and Settings\Jorn\Cookies\jorn@adbrite[2].txt
C:\Documents and Settings\Jorn\Cookies\jorn@adopt.specificclick[2].txt
C:\Documents and Settings\Jorn\Cookies\jorn@ads.adbrite[2].txt
C:\Documents and Settings\Jorn\Cookies\jorn@adserver.banneradministration[1].txt
C:\Documents and Settings\Jorn\Cookies\jorn@advertising[1].txt
C:\Documents and Settings\Jorn\Cookies\jorn@as-eu.falkag[1].txt
C:\Documents and Settings\Jorn\Cookies\jorn@as1.falkag[2].txt
C:\Documents and Settings\Jorn\Cookies\jorn@atdmt[1].txt
C:\Documents and Settings\Jorn\Cookies\jorn@banner.fynskemedier[2].txt
C:\Documents and Settings\Jorn\Cookies\jorn@bluestreak[2].txt
C:\Documents and Settings\Jorn\Cookies\jorn@bs.serving-sys[1].txt
C:\Documents and Settings\Jorn\Cookies\jorn@casalemedia[2].txt
C:\Documents and Settings\Jorn\Cookies\jorn@cbs.112.2o7[1].txt
C:\Documents and Settings\Jorn\Cookies\jorn@counter.hitslink[1].txt
C:\Documents and Settings\Jorn\Cookies\jorn@eas.apm.emediate[1].txt
C:\Documents and Settings\Jorn\Cookies\jorn@eas4.emediate[1].txt
C:\Documents and Settings\Jorn\Cookies\jorn@edsa.122.2o7[1].txt
C:\Documents and Settings\Jorn\Cookies\jorn@ehg-techtarget.hitbox[2].txt
C:\Documents and Settings\Jorn\Cookies\jorn@ehg-ti.hitbox[1].txt
C:\Documents and Settings\Jorn\Cookies\jorn@fastclick[2].txt
C:\Documents and Settings\Jorn\Cookies\jorn@fortunecity[2].txt
C:\Documents and Settings\Jorn\Cookies\jorn@hitbox[1].txt
C:\Documents and Settings\Jorn\Cookies\jorn@ilead.itrack[1].txt
C:\Documents and Settings\Jorn\Cookies\jorn@imrworldwide[2].txt
C:\Documents and Settings\Jorn\Cookies\jorn@indextools[1].txt
C:\Documents and Settings\Jorn\Cookies\jorn@jobzonen.112.2o7[1].txt
C:\Documents and Settings\Jorn\Cookies\jorn@mediaplex[1].txt
C:\Documents and Settings\Jorn\Cookies\jorn@msnportal.112.2o7[1].txt
C:\Documents and Settings\Jorn\Cookies\jorn@ncom.banneradministration[1].txt
C:\Documents and Settings\Jorn\Cookies\jorn@questionmarket[2].txt
C:\Documents and Settings\Jorn\Cookies\jorn@revenue[1].txt
C:\Documents and Settings\Jorn\Cookies\jorn@revsci[2].txt
C:\Documents and Settings\Jorn\Cookies\jorn@saxobfdk.122.2o7[1].txt
C:\Documents and Settings\Jorn\Cookies\jorn@serving-sys[2].txt
C:\Documents and Settings\Jorn\Cookies\jorn@specificclick[2].txt
C:\Documents and Settings\Jorn\Cookies\jorn@statcounter[1].txt
C:\Documents and Settings\Jorn\Cookies\jorn@tacoda[2].txt
C:\Documents and Settings\Jorn\Cookies\jorn@track.adform[2].txt
C:\Documents and Settings\Jorn\Cookies\jorn@tracking.notabenestats[2].txt
C:\Documents and Settings\Jorn\Cookies\jorn@tradedoubler[2].txt
C:\Documents and Settings\Jorn\Cookies\jorn@tribalfusion[1].txt
C:\Documents and Settings\Jorn\Cookies\jorn@www.googleadservices[2].txt
C:\Documents and Settings\Jorn\Cookies\jorn@www.jobfinder[1].txt
C:\Documents and Settings\Marie\Cookies\marie@3.adbrite[2].txt
C:\Documents and Settings\Marie\Cookies\marie@4.adbrite[2].txt
C:\Documents and Settings\Marie\Cookies\marie@ad.uk.tangozebra[1].txt
C:\Documents and Settings\Marie\Cookies\marie@ad.zanox[1].txt
C:\Documents and Settings\Marie\Cookies\marie@ads.aol.co[2].txt
C:\Documents and Settings\Marie\Cookies\marie@ads.cartoonnetwork[1].txt
C:\Documents and Settings\Marie\Cookies\marie@ads2.jubii[1].txt
C:\Documents and Settings\Marie\Cookies\marie@as1.falkag[1].txt
C:\Documents and Settings\Marie\Cookies\marie@atdmt[1].txt
C:\Documents and Settings\Marie\Cookies\marie@casalemedia[1].txt
C:\Documents and Settings\Marie\Cookies\marie@cbs.112.2o7[1].txt
C:\Documents and Settings\Marie\Cookies\marie@dhs.click2dial[2].txt
C:\Documents and Settings\Marie\Cookies\marie@e2.emediate[2].txt
C:\Documents and Settings\Marie\Cookies\marie@edsa.122.2o7[1].txt
C:\Documents and Settings\Marie\Cookies\marie@imrworldwide[2].txt
C:\Documents and Settings\Marie\Cookies\marie@lenovo.112.2o7[1].txt
C:\Documents and Settings\Marie\Cookies\marie@m1.webstats4u[1].txt
C:\Documents and Settings\Marie\Cookies\marie@media.adrevolver[1].txt
C:\Documents and Settings\Marie\Cookies\marie@ncom.banneradministration[2].txt
C:\Documents and Settings\Marie\Cookies\marie@saxobfdk.122.2o7[1].txt
C:\Documents and Settings\Marie\Cookies\marie@smileycentral[2].txt
C:\Documents and Settings\Marie\Cookies\marie@tribalfusion[1].txt
C:\Documents and Settings\Marie\Cookies\marie@www.googleadservices[1].txt
C:\Documents and Settings\Marie\Cookies\marie@www.googleadservices[2].txt
C:\Documents and Settings\Marie\Cookies\marie@zedo[1].txt
*** HiJackThis
***********************
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 17:29:36, on 18-01-2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16574)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\Programmer\Windows Defender\MsMpEng.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Programmer\Intel\Wireless\Bin\EvtEng.exe
C:\Programmer\Intel\Wireless\Bin\S24EvMon.exe
C:\Programmer\Lavasoft\Ad-Aware 2007\aawservice.exe
C:\Programmer\Alwil Software\Avast4\aswUpdSv.exe
C:\Programmer\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\spoolsv.exe
c:\APPS\Powercinema\Kernel\TV\CLCapSvc.exe
C:\Programmer\CyberLink\Shared Files\CLML_NTService\CLMLServer.exe
C:\Programmer\CyberLink\Shared Files\CLML_NTService\CLMLService.exe
C:\Programmer\ewido\security suite\ewidoctrl.exe
C:\Programmer\ewido\security suite\ewidoguard.exe
c:\APPS\HIDSERVICE\HIDSERVICE.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Programmer\Fælles filer\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\WINDOWS\System32\svchost.exe
C:\Programmer\Intel\Wireless\Bin\ZcfgSvc.exe
C:\WINDOWS\Explorer.EXE
C:\Programmer\Intel\Wireless\Bin\OProtSvc.exe
C:\WINDOWS\System32\svchost.exe
C:\Programmer\Intel\Wireless\Bin\RegSrvc.exe
C:\WINDOWS\system32\svchost.exe
c:\APPS\Powercinema\Kernel\TV\CLSched.exe
C:\PROGRA~1\Intel\Wireless\Bin\1XConfig.exe
C:\Programmer\TortoiseSVN\bin\TSVNCache.exe
C:\Programmer\Alwil Software\Avast4\ashMaiSv.exe
C:\Programmer\Alwil Software\Avast4\ashWebSv.exe
C:\WINDOWS\RTHDCPL.EXE
C:\Programmer\Synaptics\SynTP\SynTPEnh.exe
C:\WINDOWS\AGRSMMSG.exe
C:\Apps\Powercinema\PCMService.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Programmer\Intel\Wireless\Bin\ifrmewrk.exe
C:\Programmer\Intel\Wireless\Bin\EOUWiz.exe
C:\Programmer\QuickTime\qttask.exe
C:\Programmer\Picasa2\PicasaMediaDetector.exe
C:\Programmer\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe
C:\WINDOWS\system32\igfxtray.exe
C:\Programmer\Fælles filer\Teleca Shared\CapabilityManager.exe
C:\WINDOWS\system32\hkcmd.exe
C:\WINDOWS\system32\igfxpers.exe
C:\Programmer\Java\jre1.6.0_03\bin\jusched.exe
C:\Programmer\HP\HP Software Update\HPWuSchd2.exe
C:\WINDOWS\system32\entvnvaqmu.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Programmer\MSN Messenger\msnmsgr.exe
C:\Programmer\SUPERAntiSpyware\SUPERAntiSpyware.exe
C:\Programmer\HP\Digital Imaging\bin\hpqtra08.exe
C:\Programmer\OpenOffice.org 2.2\program\soffice.exe
C:\Programmer\OpenOffice.org 2.2\program\soffice.BIN
C:\drweb\HiJackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = \blank.htm
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://go.microsoft.com/fwlink/?LinkId=74005
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Hyperlinks
O2 - BHO: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Programmer\HP\Smart Web Printing\hpswp_printenhancer.dll
O2 - BHO: HP Print Clips - {053F9267-DC04-4294-A72C-58F732D338C0} - C:\Programmer\HP\Smart Web Printing\hpswp_framework.dll
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programmer\Fælles filer\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programmer\Java\jre1.6.0_03\bin\ssv.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programmer\Fælles filer\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: IE DOM Explorer - {CC7E636D-39AA-49b6-B511-65413DA137A1} - C:\Programmer\Internet Explorer Developer Toolbar\IEDevToolbar.dll
O3 - Toolbar: Developer Toolbar - {CC962137-2E78-4f94-975E-FC0C07DBD78F} - C:\Programmer\Internet Explorer Developer Toolbar\IEDevToolbar.dll
O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - HKLM\..\Run: [Genvej til egenskabsside for High Definition Audio] HDAShCut.exe
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [SynTPEnh] C:\Programmer\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe
O4 - HKLM\..\Run: [PCMService] "c:\Apps\Powercinema\PCMService.exe"
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [IntelWireless] C:\Programmer\Intel\Wireless\Bin\ifrmewrk.exe /tf Intel PROSet/Wireless
O4 - HKLM\..\Run: [EOUApp] C:\Programmer\Intel\Wireless\Bin\EOUWiz.exe
O4 - HKLM\..\Run: [Sony Ericsson PC Suite] "C:\Programmer\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe" /startoptions
O4 - HKLM\..\Run: [QuickTime Task] "C:\Programmer\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [YeppStudioAgent] C:\Programmer\Samsung\SamsungMediaStudio4.1\SamsungMediaStudioAgent.exe
O4 - HKLM\..\Run: [Picasa Media Detector] C:\Programmer\Picasa2\PicasaMediaDetector.exe
O4 - HKLM\..\Run: [VirtualCloneDrive] "C:\Programmer\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe" /s
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\WINDOWS\system32\igfxpers.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Programmer\Java\jre1.6.0_03\bin\jusched.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Programmer\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [HP Software Update] C:\Programmer\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [vfdccgnsc] C:\WINDOWS\system32\vfdccgnsc.exe
O4 - HKLM\..\Run: [entvnvaqmu] C:\WINDOWS\system32\entvnvaqmu.exe
O4 - HKLM\..\RunServices: [entvnvaqmu] C:\WINDOWS\system32\entvnvaqmu.exe
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [msnmsgr] "C:\Programmer\MSN Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [SUPERAntiSpyware] C:\Programmer\SUPERAntiSpyware\SUPERAntiSpyware.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOKAL TJENESTE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETVÆRKSTJENESTE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: OpenOffice.org 2.1.lnk = C:\Programmer\OpenOffice.org 2.1\program\quickstart.exe
O4 - Startup: OpenOffice.org 2.2.lnk = C:\Programmer\OpenOffice.org 2.2\program\quickstart.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Programmer\HP\Digital Imaging\bin\hpqtra08.exe
O8 - Extra context menu item: E&ksporter til Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programmer\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programmer\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra button: HP Klipsamling - {58ECB495-38F0-49cb-A538-10282ABF65E7} - C:\Programmer\HP\Smart Web Printing\hpswp_extensions.dll
O9 - Extra button: HP Smart markering - {700259D7-1666-479a-93B1-3250410481E8} - C:\Programmer\HP\Smart Web Printing\hpswp_extensions.dll
O9 - Extra button: Opslag - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programmer\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programmer\Messenger\msmsgs.exe
O14 - IERESET.INF: START_PAGE_URL=file://C:\APPS\IE\offline\dan.htm
O16 - DPF: LearnKey LTF Applet - file:///C:/WINDOWS/system32/lktest.cab
O16 - DPF: {07D09E9E-C667-45DD-B035-217BC2A61A3B} (ActiveX sikkerhedssoftware Control) - https://www.portalbank.dk/package/sdc/external/activex/ActiveXSikkerhedssoftware-prod-1.10.cab
O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1171562397098
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O16 - DPF: {E862C832-3A5F-4CEB-BFAA-167B22010A71} (InfosFinder2.InfosFinder) - http://support.packardbell.com/files/activex/InfosFinder2.CAB
O16 - DPF: {E87F6C8E-16C0-11D3-BEF7-009027438003} (Persits Software XUpload) - http://tst.klubif.dk/admin/Editors/Upload/XUpload.ocx
O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab56986.cab
O20 - Winlogon Notify: !SASWinLogon - C:\Programmer\SUPERAntiSpyware\SASWINLO.dll
O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft - C:\Programmer\Lavasoft\Ad-Aware 2007\aawservice.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Programmer\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Programmer\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Programmer\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Programmer\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: CyberLink Background Capture Service (CBCS) (CLCapSvc) - Unknown owner - c:\APPS\Powercinema\Kernel\TV\CLCapSvc.exe
O23 - Service: CyberLink Task Scheduler (CTS) (CLSched) - Unknown owner - c:\APPS\Powercinema\Kernel\TV\CLSched.exe
O23 - Service: CyberLink Media Library Service - Cyberlink - C:\Programmer\CyberLink\Shared Files\CLML_NTService\CLMLServer.exe
O23 - Service: EvtEng - Intel Corporation - C:\Programmer\Intel\Wireless\Bin\EvtEng.exe
O23 - Service: ewido security suite control - ewido networks - C:\Programmer\ewido\security suite\ewidoctrl.exe
O23 - Service: ewido security suite guard - ewido networks - C:\Programmer\ewido\security suite\ewidoguard.exe
O23 - Service: Generic Service for HID Keyboard Input Collections (GenericHidService) - Unknown owner - c:\APPS\HIDSERVICE\HIDSERVICE.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Programmer\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Programmer\Fælles filer\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Print Spooler Service (o4u8koeanywoa) - Unknown owner - C:\WINDOWS\system32\vfdccgnsc.exe
O23 - Service: OwnershipProtocol - Intel Corporation - C:\Programmer\Intel\Wireless\Bin\OProtSvc.exe
O23 - Service: RegSrvc - Intel Corporation - C:\Programmer\Intel\Wireless\Bin\RegSrvc.exe
O23 - Service: Spectrum24 Event Monitor (S24EventMonitor) - Intel Corporation - C:\Programmer\Intel\Wireless\Bin\S24EvMon.exe
O23 - Service: XAMPP Service (XAMPP) - Unknown owner - C:\Programmer\xampp\service.exe (file missing)
--
End of file - 12235 bytes
