MSN Virus: Hjælp til logfiler

Hej Eksperter,

En af mine venner har desværre fået en MSN virus, hvilket jeg nu prøver at hjælpe hende af med.

Hun har fulgt følgende vejledning:
http://www.eksperten.dk/artikler/1021

Hvilket resulterede i følgende logfiler som jeg behøver hjælp til, hvad der skal renses i bl.a. HiJackThis.

- - - - -  - - - - - - EWIDO LOGFIL - - - - - - - - - - -
---------------------------------------------------------
ewido security suite - Scan report
---------------------------------------------------------

+ Created on:            01:40:49, 20-01-2008
+ Report-Checksum:        B5385D87

+ Scan result:

    C:\Documents and Settings\Pernille\Cookies\pernille@ads10.bpath[1].txt -> Spyware.Cookie.Bpath : Cleaned with backup
    C:\Documents and Settings\Pernille\Cookies\pernille@ads14.bpath[1].txt -> Spyware.Cookie.Bpath : Cleaned with backup
    C:\Documents and Settings\Pernille\Cookies\pernille@com[1].txt -> Spyware.Cookie.Com : Cleaned with backup
    C:\Documents and Settings\Pernille\Cookies\pernille@ivwbox[1].txt -> Spyware.Cookie.Ivwbox : Cleaned with backup
    C:\Documents and Settings\Pernille\Cookies\pernille@trafic[1].txt -> Spyware.Cookie.Trafic : Cleaned with backup
    C:\Documents and Settings\Pernille\Cookies\pernille@www.myaffiliateprogram[2].txt -> Spyware.Cookie.Myaffiliateprogram : Cleaned with backup

::Report End


- - - - -  - - - - - - SAS LOGFIL - - - - - - - - - - -

SUPERAntiSpyware Scan Log
Generated 01/19/2008 at 11:22 PM

Application Version : 3.5.1016

Core Rules Database Version : 3384
Trace Rules Database Version: 1378

Scan type      : Complete Scan
Total Scan Time : 01:13:51

Memory items scanned      : 183
Memory threats detected  : 0
Registry items scanned    : 6372
Registry threats detected : 0
File items scanned        : 33074
File threats detected    : 127

Adware.Tracking Cookie
    C:\Documents and Settings\Pernille\Cookies\pernille@mediaonenetwork[1].txt
    C:\Documents and Settings\Pernille\Cookies\pernille@rambler[1].txt
    C:\Documents and Settings\Pernille\Cookies\pernille@smartadserver[1].txt
    C:\Documents and Settings\Pernille\Cookies\pernille@specificclick[1].txt
    C:\Documents and Settings\Pernille\Cookies\pernille@ads.vg.basefarm[1].txt
    C:\Documents and Settings\Pernille\Cookies\pernille@tracking.dc-storm[1].txt
    C:\Documents and Settings\Pernille\Cookies\pernille@microsoftwllivemkt.112.2o7[1].txt
    C:\Documents and Settings\Pernille\Cookies\pernille@questionmarket[2].txt
    C:\Documents and Settings\Pernille\Cookies\pernille@perf.overture[1].txt
    C:\Documents and Settings\Pernille\Cookies\pernille@warnerbrothersrecords.112.2o7[1].txt
    C:\Documents and Settings\Pernille\Cookies\pernille@xiti[1].txt
    C:\Documents and Settings\Pernille\Cookies\pernille@login.tracking101[1].txt
    C:\Documents and Settings\Pernille\Cookies\pernille@ads.adsag[1].txt
    C:\Documents and Settings\Pernille\Cookies\pernille@anad.tacoda[2].txt
    C:\Documents and Settings\Pernille\Cookies\pernille@s[1].txt
    C:\Documents and Settings\Pernille\Cookies\pernille@serving-sys[1].txt
    C:\Documents and Settings\Pernille\Cookies\pernille@server.iad.liveperson[2].txt
    C:\Documents and Settings\Pernille\Cookies\pernille@adtech[2].txt
    C:\Documents and Settings\Pernille\Cookies\pernille@2o7[1].txt
    C:\Documents and Settings\Pernille\Cookies\pernille@ad[2].txt
    C:\Documents and Settings\Pernille\Cookies\pernille@eas.apm.emediate[2].txt
    C:\Documents and Settings\Pernille\Cookies\pernille@pulz.banneradministration[1].txt
    C:\Documents and Settings\Pernille\Cookies\pernille@mb[3].txt
    C:\Documents and Settings\Pernille\Cookies\pernille@stat.katalysatormedia[1].txt
    C:\Documents and Settings\Pernille\Cookies\pernille@bonnier.banneradministration[1].txt
    C:\Documents and Settings\Pernille\Cookies\pernille@realmedia[2].txt
    C:\Documents and Settings\Pernille\Cookies\pernille@ads.l-word[2].txt
    C:\Documents and Settings\Pernille\Cookies\pernille@ads.contactmusic[1].txt
    C:\Documents and Settings\Pernille\Cookies\pernille@cbs.112.2o7[1].txt
    C:\Documents and Settings\Pernille\Cookies\pernille@mtg.banneradministration[1].txt
    C:\Documents and Settings\Pernille\Cookies\pernille@web-stat[1].txt
    C:\Documents and Settings\Pernille\Cookies\pernille@ad1.emediate[1].txt
    C:\Documents and Settings\Pernille\Cookies\pernille@6658999[1].txt
    C:\Documents and Settings\Pernille\Cookies\pernille@ads.as4x.tmcs[1].txt
    C:\Documents and Settings\Pernille\Cookies\pernille@tacoda[2].txt
    C:\Documents and Settings\Pernille\Cookies\pernille@trafficmp[1].txt
    C:\Documents and Settings\Pernille\Cookies\pernille@tripod[1].txt
    C:\Documents and Settings\Pernille\Cookies\pernille@oasc02.247realmedia[1].txt
    C:\Documents and Settings\Pernille\Cookies\pernille@picturetheloan[1].txt
    C:\Documents and Settings\Pernille\Cookies\pernille@www.burstbeacon[2].txt
    C:\Documents and Settings\Pernille\Cookies\pernille@belnk[1].txt
    C:\Documents and Settings\Pernille\Cookies\pernille@adserver[1].txt
    C:\Documents and Settings\Pernille\Cookies\pernille@adopt.specificclick[2].txt
    C:\Documents and Settings\Pernille\Cookies\pernille@tunefind[1].txt
    C:\Documents and Settings\Pernille\Cookies\pernille@ads.pointroll[1].txt
    C:\Documents and Settings\Pernille\Cookies\pernille@adfair[1].txt
    C:\Documents and Settings\Pernille\Cookies\pernille@atdmt[2].txt
    C:\Documents and Settings\Pernille\Cookies\pernille@m1.webstats4u[1].txt
    C:\Documents and Settings\Pernille\Cookies\pernille@track.adform[2].txt
    C:\Documents and Settings\Pernille\Cookies\pernille@ads.adbrite[1].txt
    C:\Documents and Settings\Pernille\Cookies\pernille@eas4.emediate[2].txt
    C:\Documents and Settings\Pernille\Cookies\pernille@dist.belnk[2].txt
    C:\Documents and Settings\Pernille\Cookies\pernille@adopt.euroclick[1].txt
    C:\Documents and Settings\Pernille\Cookies\pernille@advertising[1].txt
    C:\Documents and Settings\Pernille\Cookies\pernille@msnportal.112.2o7[1].txt
    C:\Documents and Settings\Pernille\Cookies\pernille@adcentriconline[2].txt
    C:\Documents and Settings\Pernille\Cookies\pernille@cgi-bin[2].txt
    C:\Documents and Settings\Pernille\Cookies\pernille@overture[1].txt
    C:\Documents and Settings\Pernille\Cookies\pernille@vialogoonline.112.2o7[2].txt
    C:\Documents and Settings\Pernille\Cookies\pernille@ad.ofir[1].txt
    C:\Documents and Settings\Pernille\Cookies\pernille@mediablvd.us.intellitxt[1].txt
    C:\Documents and Settings\Pernille\Cookies\pernille@1072674847[2].txt
    C:\Documents and Settings\Pernille\Cookies\pernille@bs.serving-sys[1].txt
    C:\Documents and Settings\Pernille\Cookies\pernille@a[1].txt
    C:\Documents and Settings\Pernille\Cookies\pernille@tribalfusion[1].txt
    C:\Documents and Settings\Pernille\Cookies\pernille@adbrite[2].txt
    C:\Documents and Settings\Pernille\Cookies\pernille@atwola[1].txt
    C:\Documents and Settings\Pernille\Cookies\pernille@revsci[2].txt
    C:\Documents and Settings\Pernille\Cookies\pernille@banner.bolddk[2].txt
    C:\Documents and Settings\Pernille\Cookies\pernille@adinterax[1].txt
    C:\Documents and Settings\Pernille\Cookies\pernille@brightcove.112.2o7[1].txt
    C:\Documents and Settings\Pernille\Cookies\pernille@1070527576[1].txt
    C:\Documents and Settings\Pernille\Cookies\pernille@e2.emediate[1].txt
    C:\Documents and Settings\Pernille\Cookies\pernille@saxoomis.122.2o7[1].txt
    C:\Documents and Settings\Pernille\Cookies\pernille@members.tripod[1].txt
    C:\Documents and Settings\Pernille\Cookies\pernille@adserver.banneradministration[1].txt
    C:\Documents and Settings\Pernille\Cookies\pernille@tscounter[1].txt
    C:\Documents and Settings\Pernille\Cookies\pernille@as1.falkag[1].txt
    C:\Documents and Settings\Pernille\Cookies\pernille@wrigley.122.2o7[1].txt
    C:\Documents and Settings\Pernille\Cookies\pernille@viacomedycentralrl.112.2o7[1].txt
    C:\Documents and Settings\Pernille\Cookies\pernille@247realmedia[1].txt
    C:\Documents and Settings\Pernille\Cookies\pernille@list[1].txt
    C:\Documents and Settings\Pernille\Cookies\pernille@4.adbrite[2].txt
    C:\Documents and Settings\Pernille\Cookies\pernille@track.webgains[1].txt
    C:\Documents and Settings\Pernille\Cookies\pernille@adserve.v-store.co[1].txt
    C:\Documents and Settings\Pernille\Cookies\pernille@monstersandcritics.advertserve[1].txt
    C:\Documents and Settings\Pernille\Cookies\pernille@mediablvd[2].txt
    C:\Documents and Settings\Pernille\Cookies\pernille@www.mediablvd[2].txt
    C:\Documents and Settings\Pernille\Cookies\pernille@neocounter.neoworx-blog-tools[1].txt
    C:\Documents and Settings\Pernille\Cookies\pernille@findbolig[1].txt
    C:\Documents and Settings\Pernille\Cookies\pernille@windowsmedia[1].txt
    C:\Documents and Settings\Pernille\Cookies\pernille@ads.lookery[1].txt
    C:\Documents and Settings\Pernille\Cookies\pernille@ads2.jubii[2].txt
    C:\Documents and Settings\Pernille\Cookies\pernille@1070926688[1].txt
    C:\Documents and Settings\Pernille\Cookies\pernille@ad.adtoma[1].txt
    C:\Documents and Settings\Pernille\Cookies\pernille@tracking.notabenestats[2].txt
    C:\Documents and Settings\Pernille\Cookies\pernille@jobzonen.112.2o7[1].txt
    C:\Documents and Settings\Pernille\Cookies\pernille@keywordmax[1].txt
    C:\Documents and Settings\Pernille\Cookies\pernille@ads.guardian.co[1].txt
    C:\Documents and Settings\Pernille\Cookies\pernille@www.searchenginetracking[1].txt
    C:\Documents and Settings\Pernille\Cookies\pernille@ad.zanox[1].txt
    C:\Documents and Settings\Pernille\Cookies\pernille@audit.median[1].txt
    C:\Documents and Settings\Pernille\Cookies\pernille@m1.webstats.motigo[1].txt
    C:\Documents and Settings\Pernille\Cookies\pernille@rocku.adbureau[2].txt
    C:\Documents and Settings\Pernille\Cookies\pernille@politiken.112.2o7[1].txt
    C:\Documents and Settings\Pernille\Cookies\pernille@ad.directanetworks[2].txt
    C:\Documents and Settings\Pernille\Cookies\pernille@date.ventivmedia[2].txt
    C:\Documents and Settings\Pernille\Cookies\pernille@cbsdigitalmedia.112.2o7[1].txt
    C:\Documents and Settings\Pernille\Cookies\pernille@www.findbolig[1].txt
    C:\Documents and Settings\Pernille\Cookies\pernille@adfarm1.adition[1].txt
    C:\Documents and Settings\Pernille\Cookies\pernille@stat.onestat[2].txt
    C:\Documents and Settings\Pernille\Cookies\pernille@data3.perf.overture[1].txt
    C:\Documents and Settings\Pernille\Cookies\pernille@edsa.122.2o7[1].txt
    C:\Documents and Settings\Pernille\Cookies\pernille@videoegg.adbureau[2].txt
    C:\Documents and Settings\Pernille\Cookies\pernille@saxobfdk.122.2o7[2].txt
    C:\Documents and Settings\Pernille\Cookies\pernille@acvs.mediaonenetwork[1].txt
    C:\Documents and Settings\Pernille\Cookies\pernille@ads.lookery[3].txt
    C:\Documents and Settings\Pernille\Cookies\pernille@ads.softure[1].txt
    C:\Documents and Settings\Pernille\Cookies\pernille@lastminute.112.2o7[1].txt
    C:\Documents and Settings\Pernille\Cookies\pernille@counter[2].txt
    C:\Documents and Settings\Pernille\Lokale indstillinger\Temp\Cookies\pernille@advertising[1].txt
    C:\Documents and Settings\Pernille\Lokale indstillinger\Temp\Cookies\pernille@atdmt[2].txt
    C:\Documents and Settings\Pernille\Lokale indstillinger\Temp\Cookies\pernille@msnportal.112.2o7[1].txt
    C:\WINDOWS\Temp\Cookies\pernille@adserver.banneradministration[1].txt
    C:\WINDOWS\Temp\Cookies\pernille@mtg.banneradministration[1].txt
    C:\WINDOWS\Temp\Cookies\pernille@track.adform[1].txt
    C:\WINDOWS\Temp\Cookies\pernille@tradedoubler[1].txt


- - - - -  - - - - - - HIJACKTHIS LOGFIL - - - - - - - - - - -

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 13:36:27, on 20-01-2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16574)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Programmer\Fælles filer\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Programmer\ewido\security suite\ewidoctrl.exe
C:\Programmer\ewido\security suite\ewidoguard.exe
C:\Programmer\Fælles filer\LightScribe\LSSrvc.exe
C:\Programmer\Network Associates\Common Framework\FrameworkService.exe
C:\Programmer\Network Associates\VirusScan\Mcshield.exe
C:\Programmer\Network Associates\VirusScan\VsTskMgr.exe
C:\WINDOWS\system32\igfxtray.exe
C:\WINDOWS\system32\hkcmd.exe
C:\Programmer\Java\jre1.6.0_03\bin\jusched.exe
C:\Programmer\Synaptics\SynTP\SynTPLpr.exe
C:\Programmer\Synaptics\SynTP\SynTPEnh.exe
C:\Programmer\Hp\HP Software Update\HPWuSchd2.exe
C:\Programmer\HPQ\Quick Launch Buttons\EabServr.exe
C:\Programmer\HPQ\HP Wireless Assistant\HP Wireless Assistant.exe
C:\Programmer\D-Tools\daemon.exe
C:\Programmer\Mindjet\MindManager 6\MMReminderService.exe
C:\Programmer\Network Associates\VirusScan\SHSTAT.EXE
C:\Programmer\Network Associates\Common Framework\UpdaterUI.exe
C:\Programmer\Fælles filer\Network Associates\TalkBack\TBMon.exe
C:\Programmer\QuickTime\QTTask.exe
C:\Programmer\iTunes\iTunesHelper.exe
C:\Programmer\Microsoft Office\Office12\GrooveMonitor.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Programmer\Tracker Software\PDF-XChange 3\pdfSaver\pdfSaver3.exe
C:\Programmer\KNet Utility\KNet Utility.exe
C:\Programmer\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Programmer\Spybot - Search & Destroy\TeaTimer.exe
C:\Programmer\SUPERAntiSpyware\SUPERAntiSpyware.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Programmer\HPQ\SHARED\HPQWMI.exe
C:\Programmer\iPod\bin\iPodService.exe
C:\Programmer\OpenOffice.org 2.0\program\soffice.exe
C:\Programmer\OpenOffice.org 2.0\program\soffice.BIN
C:\Programmer\Internet Explorer\iexplore.exe
C:\Documents and Settings\Pernille\Skrivebord\HiJackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://www.hp.com/
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Hyperlinks
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Programmer\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Programmer\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programmer\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~2\Office12\GRA8E1~1.DLL
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programmer\Java\jre1.6.0_03\bin\ssv.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\programmer\google\googletoolbar2.dll
O2 - BHO: CmjBrowserHelperObject Object - {AC41D38F-B56D-40AD-94E0-B493D130C959} - C:\Programmer\Mindjet\MindManager 6\Mm6InternetExplorer.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Programmer\Google\GoogleToolbarNotifier\2.0.1121.2472\swg.dll
O2 - BHO: (no name) - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - (no file)
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Programmer\Yahoo!\Companion\Installs\cpn\yt.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\programmer\google\googletoolbar2.dll
O3 - Toolbar: (no name) - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - (no file)
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Programmer\Java\jre1.6.0_03\bin\jusched.exe"
O4 - HKLM\..\Run: [SynTPLpr] C:\Programmer\Synaptics\SynTP\SynTPLpr.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Programmer\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [HP Software Update] C:\Programmer\Hp\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [eabconfg.cpl] C:\Programmer\HPQ\Quick Launch Buttons\EabServr.exe /Start
O4 - HKLM\..\Run: [Cpqset] C:\Programmer\HPQ\Default Settings\cpqset.exe
O4 - HKLM\..\Run: [LSBWatcher] c:\hp\drivers\hplsbwatcher\lsburnwatcher.exe
O4 - HKLM\..\Run: [hpWirelessAssistant] "%ProgramFiles%\HPQ\HP Wireless Assistant\HP Wireless Assistant.exe"
O4 - HKLM\..\Run: [DAEMON Tools-1033] "C:\Programmer\D-Tools\daemon.exe"  -lang 1033
O4 - HKLM\..\Run: [MMReminderService] C:\Programmer\Mindjet\MindManager 6\MMReminderService.exe
O4 - HKLM\..\Run: [ShStatEXE] "C:\Programmer\Network Associates\VirusScan\SHSTAT.EXE" /STANDALONE
O4 - HKLM\..\Run: [McAfeeUpdaterUI] "C:\Programmer\Network Associates\Common Framework\UpdaterUI.exe" /StartedFromRunKey
O4 - HKLM\..\Run: [Network Associates Error Reporting Service] "C:\Programmer\Fælles filer\Network Associates\TalkBack\TBMon.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Programmer\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Programmer\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Programmer\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [xri] C:\WINDOWS\system32\xri.exe
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Programmer\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [pdfSaver3] "C:\Programmer\Tracker Software\PDF-XChange 3\pdfSaver\pdfSaver3.exe"
O4 - HKCU\..\Run: [MSKAGENTEXE] C:\PROGRA~1\McAfee\SPAMKI~1\MSKAgent.exe
O4 - HKCU\..\Run: [K-Net Utility] "C:\Programmer\KNet Utility\KNet Utility.exe" -winstart
O4 - HKCU\..\Run: [updateMgr] C:\Programmer\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe AcRdB7_0_9
O4 - HKCU\..\Run: [swg] C:\Programmer\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Programmer\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKCU\..\Run: [SUPERAntiSpyware] C:\Programmer\SUPERAntiSpyware\SUPERAntiSpyware.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOKAL TJENESTE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETVÆRKSTJENESTE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: OpenOffice.org 2.0.lnk = C:\Programmer\OpenOffice.org 2.0\program\quickstart.exe
O4 - Global Startup: Adobe Reader Hurtigstart.lnk = C:\Programmer\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O8 - Extra context menu item: E&ksporter til Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programmer\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programmer\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra button: Send til OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: S&end til OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: Send to Mindjet MindManager - {531B9DC0-D8EE-4c76-A6EE-6C1E50569655} - C:\Programmer\Mindjet\MindManager 6\Mm6InternetExplorer.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programmer\Messenger\msmsgs.exe (file missing)
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programmer\Messenger\msmsgs.exe (file missing)
O14 - IERESET.INF: START_PAGE_URL=http://www.hp.com
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://by110fd.bay110.hotmail.msn.com/resources/MsnPUpld.cab
O16 - DPF: {5F8469B4-B055-49DD-83F7-62B522420ECC} (Facebook Photo Uploader Control) - http://upload.facebook.com/controls/FacebookPhotoUploader.cab
O16 - DPF: {9059F30F-4EB1-4BD2-9FDC-36F43A218F4A} (Microsoft RDP Client Control (redist)) - http://intern.diplom-is.dk/msrdp.cab
O18 - Protocol: CDS300 - {AD43AA67-6860-4531-AC8A-0E68F9CF023E} - D:\Player\__CDS2.DLL (file missing)
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\PROGRA~1\MICROS~2\Office12\GR99D3~1.DLL
O20 - Winlogon Notify: !SASWinLogon - C:\Programmer\SUPERAntiSpyware\SASWINLO.dll
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Programmer\Fælles filer\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: ewido security suite control - ewido networks - C:\Programmer\ewido\security suite\ewidoctrl.exe
O23 - Service: ewido security suite guard - ewido networks - C:\Programmer\ewido\security suite\ewidoguard.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Programmer\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: HP WMI Interface (hpqwmi) - Hewlett-Packard Development Company, L.P. - C:\Programmer\HPQ\SHARED\HPQWMI.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Programmer\Fælles filer\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: iPod-tjeneste (iPod Service) - Apple Inc. - C:\Programmer\iPod\bin\iPodService.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Unknown owner - C:\Programmer\Fælles filer\LightScribe\LSSrvc.exe
O23 - Service: McAfee Framework Service (McAfeeFramework) - McAfee, Inc. - C:\Programmer\Network Associates\Common Framework\FrameworkService.exe
O23 - Service: Network Associates McShield (McShield) - Network Associates, Inc. - C:\Programmer\Network Associates\VirusScan\Mcshield.exe
O23 - Service: Network Associates Task Manager (McTaskManager) - Network Associates, Inc. - C:\Programmer\Network Associates\VirusScan\VsTskMgr.exe
O23 - Service: Print Spooler Service (ybaie7ica2radu) - Unknown owner - C:\WINDOWS\system32\xri.exe

--
End of file - 11662 bytes


Der blev vist ikke fundet nogle problemer, da hun kørte Dr.Web og derfor er der ingen logfil derfra.
Kan i hjælpe med at rense det sidste ud via hijackthis, hvis der skulle være noget tilbage?

Tak for hjælpen,
Alexander Holm Viborg