Hej nva.
Tak for dit hurtige svar!
Har nu fixet dem i din første kommentar, og kørt alle programmerne i tråden!
Her er alle loggene!!
SuperAntiSpyware log!
SUPERAntiSpyware Scan Log
http://www.superantispyware.comGenerated 05/13/2008 at 04:45 PM
Application Version : 4.0.1154
Core Rules Database Version : 3459
Trace Rules Database Version: 1450
Scan type : Complete Scan
Total Scan Time : 00:49:11
Memory items scanned : 169
Memory threats detected : 0
Registry items scanned : 4358
Registry threats detected : 0
File items scanned : 20283
File threats detected : 5
Adware.Tracking Cookie
C:\Documents and Settings\Rikke Nielsen\Cookies\rikke_nielsen@atdmt[1].txt
Trojan.Unclassified/AffiliateBundle
C:\DOCUMENTS AND SETTINGS\RIKKE NIELSEN\SKRIVEBORD\BACKUPS\BACKUP-20080513-153141-115.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{2F5B5478-1EDD-4D80-BB77-D4BDB957066C}\RP15\A0001940.DLL
Trojan.VXGame-Variant/D
E:\GAMES\REFLEXIVE.ARCADE.GAMES.UNIVERSAL.KEYGEN-TSRH\REFLEXIVE.ARCADE.GAMES.UNIVERSAL.KEYGEN-TSRH.EXE
Adware.ClickSpring/Yazzle
E:\SDK\SUDOKUINSTALL.EXE
ComboFix log
ComboFix 08-05-12.1 - Rikke Nielsen 2008-05-13 17:00:29.1 - NTFSx86
Microsoft Windows XP Home Edition 5.1.2600.2.1252.1.1030.18.1529 [GMT 2:00]
Running from: C:\Documents and Settings\Rikke Nielsen\Skrivebord\Ny mappe\ComboFix.exe
* Created a new restore point
WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !!.
((((((((((((((((((((((((( Files Created from 2008-04-13 to 2008-05-13 )))))))))))))))))))))))))))))))
.
2008-05-13 15:45 . 2008-05-13 15:51 <DIR> d-------- C:\Programmer\SUPERAntiSpyware
2008-05-13 15:45 . 2008-05-13 15:45 <DIR> d-------- C:\Documents and Settings\Rikke Nielsen\Application Data\SUPERAntiSpyware.com
2008-05-13 15:45 . 2008-05-13 15:45 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\SUPERAntiSpyware.com
2008-05-13 15:38 . 2008-05-13 15:38 <DIR> d-------- C:\Programmer\CCleaner
2008-05-13 15:36 . 2008-05-13 15:36 147,456 --a------ C:\VundoFix.exe
2008-05-12 23:36 . 2008-05-13 16:55 <DIR> d-------- C:\Programmer\WinClamAVShield
2008-05-12 23:20 . 2008-05-13 10:17 <DIR> d-------- C:\Programmer\Spyware Terminator
2008-05-12 23:20 . 2008-05-13 10:17 <DIR> d-------- C:\Documents and Settings\Rikke Nielsen\Application Data\Spyware Terminator
2008-05-12 23:20 . 2008-05-13 00:46 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Spyware Terminator
2008-05-12 23:20 . 2008-05-12 23:20 141,312 --a------ C:\WINDOWS\system32\drivers\sp_rsdrv2.sys
2008-05-12 23:18 . 2008-05-12 23:23 <DIR> d-------- C:\Programmer\SpywareGuard
2008-05-12 21:23 . 2008-05-13 15:45 <DIR> d-------- C:\Programmer\Fælles filer\Wise Installation Wizard
2008-05-11 20:57 . 2008-05-11 20:57 <DIR> d-------- C:\Programmer\C-Media 3D Audio
2008-05-11 20:57 . 2004-09-04 04:31 2,596,864 --a------ C:\WINDOWS\system\cmicnfg.cpl
2008-05-11 20:35 . 2008-02-22 02:33 69,632 --a------ C:\WINDOWS\system32\javacpl.cpl
2008-05-11 20:12 . 2008-05-11 20:12 <DIR> d-------- C:\Programmer\Lavalys
2008-05-11 20:02 . 2008-05-11 20:02 9,963 --a------ C:\WINDOWS\Ascd_tmp.ini
2008-05-11 20:02 . 2004-04-29 01:26 5,824 --a------ C:\WINDOWS\system32\drivers\ASUSHWIO.SYS
2008-05-11 19:56 . 2008-05-11 19:56 278,728 --a------ C:\WINDOWS\system32\drivers\atksgt.sys
2008-05-11 19:56 . 2008-05-11 19:56 25,416 --a------ C:\WINDOWS\system32\drivers\lirsgt.sys
2008-05-11 19:55 . 2008-05-11 19:55 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\InstallShield
2008-05-11 19:54 . 2008-05-11 19:55 <DIR> d-------- C:\Programmer\Fælles filer\Jasc Software Inc
2008-05-11 19:54 . 2008-05-11 19:54 <DIR> d-------- C:\Documents and Settings\Rikke Nielsen\Application Data\Jasc Software Inc
2008-05-11 19:52 . 2008-05-11 19:54 <DIR> d-------- C:\Programmer\Jasc Software Inc
2008-05-11 19:51 . 2008-05-11 19:51 <DIR> d-------- C:\Elektrogames
2008-05-11 19:50 . 2008-05-11 19:50 <DIR> d-------- C:\Programmer\DAEMON Tools
2008-05-11 13:31 . 2008-05-11 13:31 <DIR> d-------- C:\Programmer\MSXML 4.0
2008-05-11 12:40 . 2007-07-30 19:19 271,224 --a------ C:\WINDOWS\system32\mucltui.dll
2008-05-11 12:40 . 2007-07-30 19:19 207,736 --a------ C:\WINDOWS\system32\muweb.dll
2008-05-11 12:40 . 2007-07-30 19:18 30,072 --a------ C:\WINDOWS\system32\mucltui.dll.mui
2008-05-11 01:50 . 2008-05-11 01:50 611,064 --a------ C:\WINDOWS\system32\drivers\sptd.sys
2008-05-11 01:10 . 2008-05-11 01:10 <DIR> d-------- C:\WINDOWS\The Game of Life - Path to Success
2008-05-11 01:10 . 2008-05-11 01:10 <DIR> d--hs---- C:\WINDOWS\ftpcache
2008-05-10 21:26 . 2008-05-10 21:26 376 --a------ C:\WINDOWS\ODBC.INI
2008-05-10 21:25 . 2008-05-10 21:25 <DIR> d-------- C:\Programmer\Microsoft ActiveSync
2008-05-10 21:24 . 2008-05-10 21:25 <DIR> d-------- C:\WINDOWS\ShellNew
2008-05-10 21:08 . 2008-05-10 21:08 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\e-Safekey
2008-05-10 20:02 . 2008-05-10 20:02 <DIR> d-------- C:\WINDOWS\Sun
2008-05-10 20:01 . 2008-05-11 20:35 <DIR> d-------- C:\Programmer\Java
2008-05-10 20:00 . 2008-05-10 20:00 <DIR> d-------- C:\Programmer\Fælles filer\Java
2008-05-10 19:44 . 2008-05-10 19:44 <DIR> d-------- C:\Documents and Settings\Rikke Nielsen\Application Data\SecondLife
2008-05-10 19:44 . 2008-05-10 19:44 24 --a------ C:\url_history.xml
2008-05-10 19:43 . 2008-05-10 19:44 <DIR> d-------- C:\Programmer\SecondLife
2008-05-10 18:31 . 2008-05-11 01:51 <DIR> d-------- C:\Documents and Settings\Rikke Nielsen\Application Data\Azureus
2008-05-10 18:31 . 2008-05-10 18:31 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Azureus
2008-05-10 17:57 . 2008-05-10 17:57 <DIR> d-------- C:\Documents and Settings\Rikke Nielsen\Application Data\SPAMfighter
2008-05-10 17:56 . 2008-05-13 16:55 <DIR> d-------- C:\Programmer\SPAMfighter
2008-05-10 17:56 . 2008-05-10 17:56 <DIR> d-------- C:\Programmer\Fælles filer\Application
2008-05-10 17:56 . 2008-05-10 17:56 <DIR> d-------- C:\Programmer\Fælles filer\Ankiro
2008-05-10 17:52 . 2008-05-10 17:52 <DIR> d-------- C:\Documents and Settings\Rikke Nielsen\Application Data\vlc
2008-05-10 17:45 . 2008-05-10 17:45 <DIR> d-------- C:\Programmer\VideoLAN
2008-05-10 17:44 . 2008-05-13 15:46 <DIR> d-------- C:\WINDOWS\CAVTemp
2008-05-10 17:44 . 2008-05-11 01:51 <DIR> d-------- C:\Programmer\PeerGuardian2
2008-05-10 17:40 . 2008-05-10 17:40 <DIR> d-------- C:\Programmer\Azureus
2008-05-10 17:29 . 2008-05-10 17:29 <DIR> d-------- C:\Documents and Settings\Rikke Nielsen\Application Data\Talkback
2008-05-10 17:28 . 2008-05-11 01:42 3,401 --a------ C:\WINDOWS\mozver.dat
2008-05-10 17:28 . 2008-05-10 17:28 0 --a------ C:\WINDOWS\nsreg.dat
2008-05-10 17:15 . 2008-05-10 17:42 <DIR> d-------- C:\Documents and Settings\Rikke Nielsen\Contacts
2008-05-10 17:13 . 2008-05-10 17:13 <DIR> d----c--- C:\WINDOWS\system32\DRVSTORE
2008-05-10 17:09 . 2008-05-10 17:13 <DIR> d-------- C:\Programmer\Windows Live
2008-05-10 17:09 . 2008-05-10 17:13 <DIR> d--hsc--- C:\Programmer\Fælles filer\WindowsLiveInstaller
2008-05-10 17:09 . 2008-05-10 17:09 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\WLInstaller
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-05-11 18:57 --------- d--h--w C:\Programmer\InstallShield Installation Information
2008-05-11 17:54 --------- d-----w C:\Programmer\Fælles filer\InstallShield
2008-05-10 14:56 --------- d-----w C:\Documents and Settings\Rikke Nielsen\Application Data\ATI
2008-05-10 14:56 --------- d-----w C:\Documents and Settings\All Users\Application Data\ATI
2008-05-10 14:55 879,832 ----a-w C:\WINDOWS\system32\drivers\VetEFile.sys
2008-05-10 14:55 26,787 ----a-w C:\WINDOWS\system32\drivers\vetmonnt.sys
2008-05-10 14:55 108,360 ----a-w C:\WINDOWS\system32\drivers\VetEBoot.sys
2008-05-10 14:55 --------- d-----w C:\Documents and Settings\All Users\Application Data\CA
2008-05-10 14:54 74,864 ----a-w C:\WINDOWS\system32\VetRedir.dll
2008-05-10 14:54 21,031 ----a-w C:\WINDOWS\system32\drivers\Vet-Filt.sys
2008-05-10 14:54 15,735 ----a-w C:\WINDOWS\system32\drivers\VetFDDNT.sys
2008-05-10 14:54 15,478 ----a-w C:\WINDOWS\system32\drivers\Vet-Rec.sys
2008-05-10 14:54 115,824 ----a-w C:\WINDOWS\UnVet32.exe
2008-05-10 14:54 111,728 ----a-w C:\WINDOWS\AVShlExt.dll
2008-05-10 14:54 --------- d-----w C:\Programmer\CA
2008-05-10 14:37 --------- d-----w C:\Programmer\MSXML 6.0
2008-05-10 14:30 --------- d-----w C:\Programmer\ATI Technologies
2008-05-10 13:07 --------- d-----w C:\Programmer\microsoft frontpage
2008-05-10 13:05 --------- d-----w C:\Programmer\Onlinetjenester
2008-05-10 13:04 --------- d-----w C:\Programmer\Fælles filer\Tjenester
2008-03-29 06:21 2,873,856 ----a-w C:\WINDOWS\system32\drivers\ati2mtag.sys
2008-03-29 05:19 9,801,728 ----a-w C:\WINDOWS\system32\atioglx2.dll
2008-03-29 04:40 167,936 ----a-w C:\WINDOWS\system32\atiok3x2.dll
2008-03-29 04:05 372,736 ----a-w C:\WINDOWS\system32\ATIDEMGX.dll
2008-03-29 04:04 299,008 ----a-w C:\WINDOWS\system32\ati2dvag.dll
2008-03-29 03:56 172,032 ----a-w C:\WINDOWS\system32\atipdlxx.dll
2008-03-29 03:56 126,976 ----a-w C:\WINDOWS\system32\Oemdspif.dll
2008-03-29 03:55 43,520 ----a-w C:\WINDOWS\system32\ati2edxx.dll
2008-03-29 03:55 26,112 ----a-w C:\WINDOWS\system32\Ati2mdxx.exe
2008-03-29 03:55 126,976 ----a-w C:\WINDOWS\system32\ati2evxx.dll
2008-03-29 03:54 536,576 ----a-w C:\WINDOWS\system32\ati2evxx.exe
2008-03-29 03:52 53,248 ----a-w C:\WINDOWS\system32\ATIDDC.DLL
2008-03-29 03:43 3,176,480 ----a-w C:\WINDOWS\system32\ati3duag.dll
2008-03-29 03:39 307,200 ----a-w C:\WINDOWS\system32\atiiiexx.dll
2008-03-29 03:36 1,765,120 ----a-w C:\WINDOWS\system32\ativvaxx.dll
2008-03-29 03:24 46,080 ----a-w C:\WINDOWS\system32\amdpcom32.dll
2008-03-29 03:23 5,439,488 ----a-w C:\WINDOWS\system32\atioglxx.dll
2008-03-29 03:21 393,216 ----a-w C:\WINDOWS\system32\atikvmag.dll
2008-03-29 03:19 17,408 ----a-w C:\WINDOWS\system32\atitvo32.dll
2008-03-29 03:18 49,152 ----a-w C:\WINDOWS\system32\drivers\ati2erec.dll
2008-03-29 03:12 520,192 ----a-w C:\WINDOWS\system32\ati2cqag.dll
2008-03-28 19:05 593,920 ------w C:\WINDOWS\system32\ati2sgag.exe
2008-03-20 08:09 1,845,248 ----a-w C:\WINDOWS\system32\win32k.sys
2008-03-01 12:58 826,368 ----a-w C:\WINDOWS\system32\wininet.dll
2008-02-20 06:51 282,624 ----a-w C:\WINDOWS\system32\gdi32.dll
2008-02-20 05:37 45,568 ----a-w C:\WINDOWS\system32\dnsrslvr.dll
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{1FC54CF8-19C5-4009-9C87-77CD1222A7D8}]
C:\WINDOWS\system32\ssqRIYqr.dll
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-27 14:00 15360]
"MsnMsgr"="C:\Programmer\Windows Live\Messenger\MsnMsgr.exe" [2007-10-18 11:34 5724184]
"MSMSGS"="C:\Programmer\Messenger\msmsgs.exe" [2004-10-13 18:24 1694208]
"SUPERAntiSpyware"="C:\Programmer\SUPERAntiSpyware\SUPERAntiSpyware.exe" [2008-02-29 16:03 1481968]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"StartCCC"="C:\Programmer\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2008-01-21 12:17 61440]
"CaAvTray"="C:\Programmer\CA\eTrust EZ Armor\eTrust EZ Antivirus\CAVTray.exe" [2008-05-10 16:54 230512]
"CAVRID"="C:\Programmer\CA\eTrust EZ Armor\eTrust EZ Antivirus\CAVRID.exe" [2008-05-10 16:54 185456]
"SPAMfighter Agent"="C:\Programmer\SPAMfighter\SFAgent.exe" [2008-04-29 14:49 321160]
"SunJavaUpdateSched"="C:\Programmer\Java\jre1.6.0_05\bin\jusched.exe" [2008-02-22 04:25 144784]
"DAEMON Tools"="C:\Programmer\DAEMON Tools\daemon.exe" [2006-09-14 22:09 157592]
"SpywareTerminator"="C:\Programmer\Spyware Terminator\SpywareTerminatorShield.exe" [2008-05-12 23:20 1817600]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\system32\CTFMON.EXE" [2004-08-27 14:00 15360]
C:\Documents and Settings\All Users\Menuen Start\Programmer\Start\
Microsoft Office.lnk - C:\Programmer\Microsoft Office\Office10\OSA.EXE [2001-02-13 01:01:04 83360]
[hkey_local_machine\software\microsoft\windows\currentversion\explorer\shellexecutehooks]
"{1FC54CF8-19C5-4009-9C87-77CD1222A7D8}"= C:\WINDOWS\system32\ssqRIYqr.dll [ ]
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= C:\Programmer\SUPERAntiSpyware\SASSEH.DLL [2006-12-20 12:55 77824]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\!SASWinLogon]
C:\Programmer\SUPERAntiSpyware\SASWINLO.dll 2007-04-19 12:41 294912 C:\Programmer\SUPERAntiSpyware\SASWINLO.dll
[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"AntiVirusOverride"=dword:00000001
"FirewallOverride"=dword:00000001
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\ComputerAssociatesAntiVirus]
"DisableMonitoring"=dword:00000001
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"C:\\Programmer\\Windows Live\\Messenger\\msnmsgr.exe"=
"C:\\Programmer\\Windows Live\\Messenger\\livecall.exe"=
R1 sp_rsdrv2;Spyware Terminator Driver 2;C:\WINDOWS\system32\drivers\sp_rsdrv2.sys [2008-05-12 23:20]
R2 SPAMfighter Update Service;SPAMfighter Update Service;C:\Programmer\SPAMfighter\sfus.exe [2008-04-29 14:49]
*Newly Created Service* - CATCHME
.
**************************************************************************
catchme 0.3.1361 W2K/XP/Vista - rootkit/stealth malware detector by Gmer,
http://www.gmer.netRootkit scan 2008-05-13 17:05:17
Windows 5.1.2600 Service Pack 2 NTFS
scanning hidden processes ...
scanning hidden autostart entries ...
scanning hidden files ...
scan completed successfully
hidden files: 0
**************************************************************************
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"CaAvTray"="\"C:\\Programmer\\CA\\eTrust EZ Armor\\eTrust EZ Antivirus\\CAVTray.exe\""
.
Completion time: 2008-05-13 17:07:06
ComboFix-quarantined-files.txt 2008-05-13 15:06:37
Pre-Run: 21,882,671,104 byte ledig
Post-Run: 22,003,343,360 byte ledig
182 --- E O F --- 2008-05-12 12:50:48
Vundofix fandt ikke noget
her er den sidste HJT log lige kørt!
Logfile of HijackThis v1.99.1
Scan saved at 17:32:08, on 13-05-2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16640)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Programmer\CA\eTrust EZ Armor\eTrust EZ Antivirus\ISafe.exe
C:\Programmer\SPAMfighter\sfus.exe
C:\Programmer\Spyware Terminator\sp_rsser.exe
C:\WINDOWS\Explorer.EXE
C:\Programmer\CA\eTrust EZ Armor\eTrust EZ Antivirus\VetMsg.exe
C:\Programmer\CA\eTrust EZ Armor\eTrust EZ Antivirus\CAVTray.exe
C:\Programmer\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\Programmer\CA\eTrust EZ Armor\eTrust EZ Antivirus\CAVRID.exe
C:\Programmer\SPAMfighter\SFAgent.exe
C:\Programmer\Java\jre1.6.0_05\bin\jusched.exe
C:\Programmer\DAEMON Tools\daemon.exe
C:\Programmer\Spyware Terminator\SpywareTerminatorShield.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Programmer\Windows Live\Messenger\MsnMsgr.Exe
C:\Programmer\Messenger\msmsgs.exe
C:\Programmer\SUPERAntiSpyware\SUPERAntiSpyware.exe
C:\Programmer\ATI Technologies\ATI.ACE\Core-Static\ccc.exe
C:\Programmer\Windows Live\Messenger\usnsvc.exe
C:\Programmer\Mozilla Firefox\firefox.exe
C:\Documents and Settings\Rikke Nielsen\Skrivebord\Ny mappe\alternativ.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =
http://www.soendermarkskolen.skoleintra.dk/Infoweb/Designskabelon1/Rammeside.asp?Action=&Side=&Klasse=&Id=&Startside=&ForumID=R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
http://go.microsoft.com/fwlink/?LinkId=69157R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
http://go.microsoft.com/fwlink/?LinkId=54896R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =
http://go.microsoft.com/fwlink/?LinkId=54896R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =
http://go.microsoft.com/fwlink/?LinkId=69157R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Hyperlinks
O2 - BHO: (no name) - {1FC54CF8-19C5-4009-9C87-77CD1222A7D8} - C:\WINDOWS\system32\ssqRIYqr.dll (file missing)
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programmer\Java\jre1.6.0_05\bin\ssv.dll
O4 - HKLM\..\Run: [StartCCC] "C:\Programmer\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe"
O4 - HKLM\..\Run: [CaAvTray] "C:\Programmer\CA\eTrust EZ Armor\eTrust EZ Antivirus\CAVTray.exe"
O4 - HKLM\..\Run: [CAVRID] "C:\Programmer\CA\eTrust EZ Armor\eTrust EZ Antivirus\CAVRID.exe"
O4 - HKLM\..\Run: [SPAMfighter Agent] "C:\Programmer\SPAMfighter\SFAgent.exe" update delay 60
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Programmer\Java\jre1.6.0_05\bin\jusched.exe"
O4 - HKLM\..\Run: [DAEMON Tools] "C:\Programmer\DAEMON Tools\daemon.exe" -lang 1033
O4 - HKLM\..\Run: [SpywareTerminator] "C:\Programmer\Spyware Terminator\SpywareTerminatorShield.exe"
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Programmer\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [MSMSGS] "C:\Programmer\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [SUPERAntiSpyware] C:\Programmer\SUPERAntiSpyware\SUPERAntiSpyware.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Programmer\Microsoft Office\Office10\OSA.EXE
O8 - Extra context menu item: E&xport to Microsoft Excel -
res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programmer\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programmer\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programmer\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programmer\Messenger\msmsgs.exe
O11 - Options group: [INTERNATIONAL] International*
O15 - Trusted Zone:
http://www.ca.comO15 - Trusted Zone:
http://www.danskebank.dkO16 - DPF: {D8575CE3-3432-4540-88A9-85A1325D3375} (e-Safekey) -
https://netbank.danskebank.dk/html/activex/e-Safekey/DB/e-Safekey.cabO18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WINDOW~4\MESSEN~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WINDOW~4\MESSEN~1\MSGRAP~1.DLL
O20 - Winlogon Notify: !SASWinLogon - C:\Programmer\SUPERAntiSpyware\SASWINLO.dll
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: CAISafe - Computer Associates International, Inc. - C:\Programmer\CA\eTrust EZ Armor\eTrust EZ Antivirus\ISafe.exe
O23 - Service: SPAMfighter Update Service - SPAMfighter ApS - C:\Programmer\SPAMfighter\sfus.exe
O23 - Service: Spyware Terminator Realtime Shield Service (sp_rssrv) - Crawler.com - C:\Programmer\Spyware Terminator\sp_rsser.exe
O23 - Service: VET Message Service (VETMSGNT) - Computer Associates International, Inc. - C:\Programmer\CA\eTrust EZ Armor\eTrust EZ Antivirus\VetMsg.exe
