CIO Tech Eksperten IT-JOB IT-Kurser Events Podcast Søg
Cookie ikon
Avatar billede mollelone Nybegynder
03. august 2008 - 20:44 Der er 6 kommentarer

Msn virus - Vil nogen tjekke mine log filer?

Hejsa

Jeg har før fået hjælp til at fjerne min MSN virus. Dengang lavet jeg en scanning med Hijackthis og fik hjælp herinde fra. Det ser dog ud til at den ikke er fjernet helt. Har prøvet at køre msnvirrem, men den finder dog ikke noget. Men en af mine venner fra msn sagde forleden at jeg havde sendt ham et underligt link, hvilket jeg ikke selv havde. Så må stadig have den.

Har fulgt denne artikel af fromsej: http://www.eksperten.dk/artikler/1021

og får følgende log filer:

Ewido:
---------------------------------------------------------
ewido anti-spyware - Scan Report
---------------------------------------------------------

+ Created at:    20:18:02 03-08-2008

+ Scan result:   



:mozilla.13:C:\Documents and Settings\Morten Holm\Application Data\Mozilla\Firefox\Profiles\g9aiwlew.default\cookies.txt -> TrackingCookie.2o7 : No action taken.
:mozilla.14:C:\Documents and Settings\Morten Holm\Application Data\Mozilla\Firefox\Profiles\g9aiwlew.default\cookies.txt -> TrackingCookie.2o7 : No action taken.
:mozilla.15:C:\Documents and Settings\Morten Holm\Application Data\Mozilla\Firefox\Profiles\g9aiwlew.default\cookies.txt -> TrackingCookie.2o7 : No action taken.
:mozilla.16:C:\Documents and Settings\Morten Holm\Application Data\Mozilla\Firefox\Profiles\g9aiwlew.default\cookies.txt -> TrackingCookie.2o7 : No action taken.
:mozilla.17:C:\Documents and Settings\Morten Holm\Application Data\Mozilla\Firefox\Profiles\g9aiwlew.default\cookies.txt -> TrackingCookie.2o7 : No action taken.
:mozilla.18:C:\Documents and Settings\Morten Holm\Application Data\Mozilla\Firefox\Profiles\g9aiwlew.default\cookies.txt -> TrackingCookie.2o7 : No action taken.
:mozilla.19:C:\Documents and Settings\Morten Holm\Application Data\Mozilla\Firefox\Profiles\g9aiwlew.default\cookies.txt -> TrackingCookie.2o7 : No action taken.
:mozilla.53:C:\Documents and Settings\Morten Holm\Application Data\Mozilla\Firefox\Profiles\g9aiwlew.default\cookies.txt -> TrackingCookie.2o7 : No action taken.
:mozilla.74:C:\Documents and Settings\Morten Holm\Application Data\Mozilla\Firefox\Profiles\g9aiwlew.default\cookies.txt -> TrackingCookie.2o7 : No action taken.
:mozilla.92:C:\Documents and Settings\Morten Holm\Application Data\Mozilla\Firefox\Profiles\g9aiwlew.default\cookies.txt -> TrackingCookie.2o7 : No action taken.
:mozilla.61:C:\Documents and Settings\Morten Holm\Application Data\Mozilla\Firefox\Profiles\g9aiwlew.default\cookies.txt -> TrackingCookie.Adrevolver : No action taken.
:mozilla.62:C:\Documents and Settings\Morten Holm\Application Data\Mozilla\Firefox\Profiles\g9aiwlew.default\cookies.txt -> TrackingCookie.Adrevolver : No action taken.
:mozilla.55:C:\Documents and Settings\Morten Holm\Application Data\Mozilla\Firefox\Profiles\g9aiwlew.default\cookies.txt -> TrackingCookie.Adtech : No action taken.
:mozilla.56:C:\Documents and Settings\Morten Holm\Application Data\Mozilla\Firefox\Profiles\g9aiwlew.default\cookies.txt -> TrackingCookie.Adtech : No action taken.
:mozilla.29:C:\Documents and Settings\Morten Holm\Application Data\Mozilla\Firefox\Profiles\g9aiwlew.default\cookies.txt -> TrackingCookie.Advertising : No action taken.
:mozilla.30:C:\Documents and Settings\Morten Holm\Application Data\Mozilla\Firefox\Profiles\g9aiwlew.default\cookies.txt -> TrackingCookie.Advertising : No action taken.
:mozilla.31:C:\Documents and Settings\Morten Holm\Application Data\Mozilla\Firefox\Profiles\g9aiwlew.default\cookies.txt -> TrackingCookie.Advertising : No action taken.
:mozilla.32:C:\Documents and Settings\Morten Holm\Application Data\Mozilla\Firefox\Profiles\g9aiwlew.default\cookies.txt -> TrackingCookie.Advertising : No action taken.
:mozilla.33:C:\Documents and Settings\Morten Holm\Application Data\Mozilla\Firefox\Profiles\g9aiwlew.default\cookies.txt -> TrackingCookie.Advertising : No action taken.
:mozilla.78:C:\Documents and Settings\Morten Holm\Application Data\Mozilla\Firefox\Profiles\g9aiwlew.default\cookies.txt -> TrackingCookie.Atdmt : No action taken.
:mozilla.50:C:\Documents and Settings\Morten Holm\Application Data\Mozilla\Firefox\Profiles\g9aiwlew.default\cookies.txt -> TrackingCookie.Bluestreak : No action taken.
:mozilla.72:C:\Documents and Settings\Morten Holm\Application Data\Mozilla\Firefox\Profiles\g9aiwlew.default\cookies.txt -> TrackingCookie.Connextra : No action taken.
C:\Documents and Settings\Morten Holm\Cookies\morten holm@CAZT9KD4.txt -> TrackingCookie.Connextra : No action taken.
:mozilla.28:C:\Documents and Settings\Morten Holm\Application Data\Mozilla\Firefox\Profiles\g9aiwlew.default\cookies.txt -> TrackingCookie.Doubleclick : No action taken.
:mozilla.165:C:\Documents and Settings\Morten Holm\Application Data\Mozilla\Firefox\Profiles\g9aiwlew.default\cookies.txt -> TrackingCookie.Fastclick : No action taken.
:mozilla.166:C:\Documents and Settings\Morten Holm\Application Data\Mozilla\Firefox\Profiles\g9aiwlew.default\cookies.txt -> TrackingCookie.Fastclick : No action taken.
:mozilla.48:C:\Documents and Settings\Morten Holm\Application Data\Mozilla\Firefox\Profiles\g9aiwlew.default\cookies.txt -> TrackingCookie.Gemius : No action taken.
:mozilla.49:C:\Documents and Settings\Morten Holm\Application Data\Mozilla\Firefox\Profiles\g9aiwlew.default\cookies.txt -> TrackingCookie.Gemius : No action taken.
C:\Documents and Settings\Morten Holm\Cookies\morten_holm@hit.gemius[2].txt -> TrackingCookie.Gemius : No action taken.
C:\Documents and Settings\Morten Holm\Cookies\morten_holm@goldenpalace[2].txt -> TrackingCookie.Goldenpalace : No action taken.
:mozilla.40:C:\Documents and Settings\Morten Holm\Application Data\Mozilla\Firefox\Profiles\g9aiwlew.default\cookies.txt -> TrackingCookie.Imrworldwide : No action taken.
:mozilla.41:C:\Documents and Settings\Morten Holm\Application Data\Mozilla\Firefox\Profiles\g9aiwlew.default\cookies.txt -> TrackingCookie.Imrworldwide : No action taken.
:mozilla.156:C:\Documents and Settings\Morten Holm\Application Data\Mozilla\Firefox\Profiles\g9aiwlew.default\cookies.txt -> TrackingCookie.Information : No action taken.
C:\Documents and Settings\Morten Holm\Cookies\morten_holm@searchportal.information[1].txt -> TrackingCookie.Information : No action taken.
C:\Documents and Settings\Morten Holm\Cookies\morten_holm@ivwbox[1].txt -> TrackingCookie.Ivwbox : No action taken.
:mozilla.77:C:\Documents and Settings\Morten Holm\Application Data\Mozilla\Firefox\Profiles\g9aiwlew.default\cookies.txt -> TrackingCookie.Mediaplex : No action taken.
C:\Documents and Settings\Morten Holm\Cookies\morten_holm@ssl-hints.netflame[1].txt -> TrackingCookie.Netflame : No action taken.
C:\Documents and Settings\Morten Holm\Cookies\morten_holm@messagesignup.real[1].txt -> TrackingCookie.Real : No action taken.
:mozilla.124:C:\Documents and Settings\Morten Holm\Application Data\Mozilla\Firefox\Profiles\g9aiwlew.default\cookies.txt -> TrackingCookie.Revenue : No action taken.
C:\Documents and Settings\Morten Holm\Cookies\morten_holm@site.skype[1].txt -> TrackingCookie.Skype : No action taken.
C:\Documents and Settings\Morten Holm\Cookies\morten_holm@skype[1].txt -> TrackingCookie.Skype : No action taken.
:mozilla.71:C:\Documents and Settings\Morten Holm\Application Data\Mozilla\Firefox\Profiles\g9aiwlew.default\cookies.txt -> TrackingCookie.Statcounter : No action taken.
:mozilla.54:C:\Documents and Settings\Morten Holm\Application Data\Mozilla\Firefox\Profiles\g9aiwlew.default\cookies.txt -> TrackingCookie.Statistik-gallup : No action taken.
C:\Documents and Settings\Morten Holm\Cookies\morten_holm@statistik-gallup[1].txt -> TrackingCookie.Statistik-gallup : No action taken.
:mozilla.66:C:\Documents and Settings\Morten Holm\Application Data\Mozilla\Firefox\Profiles\g9aiwlew.default\cookies.txt -> TrackingCookie.Tradedoubler : No action taken.
:mozilla.67:C:\Documents and Settings\Morten Holm\Application Data\Mozilla\Firefox\Profiles\g9aiwlew.default\cookies.txt -> TrackingCookie.Tradedoubler : No action taken.
:mozilla.68:C:\Documents and Settings\Morten Holm\Application Data\Mozilla\Firefox\Profiles\g9aiwlew.default\cookies.txt -> TrackingCookie.Tradedoubler : No action taken.
:mozilla.39:C:\Documents and Settings\Morten Holm\Application Data\Mozilla\Firefox\Profiles\g9aiwlew.default\cookies.txt -> TrackingCookie.Tribalfusion : No action taken.
:mozilla.95:C:\Documents and Settings\Morten Holm\Application Data\Mozilla\Firefox\Profiles\g9aiwlew.default\cookies.txt -> TrackingCookie.Webtrends : No action taken.
C:\Documents and Settings\Morten Holm\Cookies\morten_holm@m.webtrends[1].txt -> TrackingCookie.Webtrends : No action taken.
:mozilla.22:C:\Documents and Settings\Morten Holm\Application Data\Mozilla\Firefox\Profiles\g9aiwlew.default\cookies.txt -> TrackingCookie.Yieldmanager : No action taken.
:mozilla.23:C:\Documents and Settings\Morten Holm\Application Data\Mozilla\Firefox\Profiles\g9aiwlew.default\cookies.txt -> TrackingCookie.Yieldmanager : No action taken.
:mozilla.140:C:\Documents and Settings\Morten Holm\Application Data\Mozilla\Firefox\Profiles\g9aiwlew.default\cookies.txt -> TrackingCookie.Zedo : No action taken.


::Report end

Superantispyware:
SUPERAntiSpyware Scan Log
http://www.superantispyware.com

Generated 08/03/2008 at 12:02 PM

Application Version : 4.0.1154

Core Rules Database Version : 3524
Trace Rules Database Version: 1514

Scan type      : Complete Scan
Total Scan Time : 02:03:03

Memory items scanned      : 206
Memory threats detected  : 0
Registry items scanned    : 8148
Registry threats detected : 0
File items scanned        : 30318
File threats detected    : 185

Adware.Tracking Cookie
    C:\Documents and Settings\Morten Holm\Cookies\morten_holm@advertising[2].txt
    C:\Documents and Settings\Morten Holm\Cookies\morten_holm@bluestreak[1].txt
    C:\Documents and Settings\Morten Holm\Cookies\morten_holm@memedia[1].txt
    C:\Documents and Settings\Morten Holm\Cookies\morten_holm@trafficmp[2].txt
    C:\Documents and Settings\Morten Holm\Cookies\morten_holm@secure.partyaccount[2].txt
    C:\Documents and Settings\Morten Holm\Cookies\morten_holm@ehg-zoomerang.hitbox[1].txt
    C:\Documents and Settings\Morten Holm\Cookies\morten_holm@sterlingairlines.112.2o7[1].txt
    C:\Documents and Settings\Morten Holm\Cookies\morten_holm@2o7[1].txt
    C:\Documents and Settings\Morten Holm\Cookies\morten_holm@zedo[2].txt
    C:\Documents and Settings\Morten Holm\Cookies\morten_holm@atdmt[2].txt
    C:\Documents and Settings\Morten Holm\Cookies\morten_holm@ads2.jubii[1].txt
    C:\Documents and Settings\Morten Holm\Cookies\morten_holm@e2.emediate[2].txt
    C:\Documents and Settings\Morten Holm\Cookies\morten_holm@account.live[2].txt
    C:\Documents and Settings\Morten Holm\Cookies\morten_holm@bwincom.122.2o7[2].txt
    C:\Documents and Settings\Morten Holm\Cookies\morten_holm@partypoker[2].txt
    C:\Documents and Settings\Morten Holm\Cookies\morten_holm@imrworldwide[1].txt
    C:\Documents and Settings\Morten Holm\Cookies\morten_holm@mediawatch.vertikal[1].txt
    C:\Documents and Settings\Morten Holm\Cookies\morten_holm@revsci[2].txt
    C:\Documents and Settings\Morten Holm\Cookies\morten_holm@tipsbladet.banneradministration[1].txt
    C:\Documents and Settings\Morten Holm\Cookies\morten_holm@ad.yieldmanager[1].txt
    C:\Documents and Settings\Morten Holm\Cookies\morten_holm@ehg-deltatre.hitbox[2].txt
    C:\Documents and Settings\Morten Holm\Cookies\morten_holm@edsa.122.2o7[1].txt
    C:\Documents and Settings\Morten Holm\Cookies\morten_holm@apmebf[1].txt
    C:\Documents and Settings\Morten Holm\Cookies\morten_holm@semlerit.112.2o7[1].txt
    C:\Documents and Settings\Morten Holm\Cookies\morten_holm@politiken.112.2o7[1].txt
    C:\Documents and Settings\Morten Holm\Cookies\morten_holm@hitbox[2].txt
    C:\Documents and Settings\Morten Holm\Cookies\morten_holm@www.sexsygdomme[1].txt
    C:\Documents and Settings\Morten Holm\Cookies\morten_holm@ad1.emediate[2].txt
    C:\Documents and Settings\Morten Holm\Cookies\morten_holm@server.iad.liveperson[1].txt
    C:\Documents and Settings\Morten Holm\Cookies\morten_holm@ads.beamfile[2].txt
    C:\Documents and Settings\Morten Holm\Cookies\morten_holm@youporngay[2].txt
    C:\Documents and Settings\Morten Holm\Cookies\morten_holm@adtech[2].txt
    C:\Documents and Settings\Morten Holm\Cookies\morten_holm@media.adrevolver[1].txt
    C:\Documents and Settings\Morten Holm\Cookies\morten_holm@media.adrevolver[3].txt
    C:\Documents and Settings\Morten Holm\Cookies\morten_holm@stats.zmags[2].txt
    C:\Documents and Settings\Morten Holm\Cookies\morten_holm@rezidor.112.2o7[1].txt
    C:\Documents and Settings\Morten Holm\Cookies\morten_holm@adbrite[2].txt
    C:\Documents and Settings\Morten Holm\Cookies\morten_holm@casalemedia[2].txt
    C:\Documents and Settings\Morten Holm\Cookies\morten_holm@track.adform[1].txt
    C:\Documents and Settings\Morten Holm\Cookies\morten_holm@mediaplex[1].txt
    C:\Documents and Settings\Morten Holm\Cookies\morten_holm@server.lon.liveperson[3].txt
    C:\Documents and Settings\Morten Holm\Cookies\morten_holm@youporn[2].txt
    C:\Documents and Settings\Morten Holm\Cookies\morten_holm@phg.hitbox[1].txt
    C:\Documents and Settings\Morten Holm\Cookies\morten_holm@server.lon.liveperson[2].txt
    C:\Documents and Settings\Morten Holm\Cookies\morten_holm@eas4.emediate[2].txt
    C:\Documents and Settings\Morten Holm\Cookies\morten_holm@adserver.adservinginternational[2].txt
    C:\Documents and Settings\Morten Holm\Cookies\morten_holm@statse.webtrendslive[1].txt
    C:\Documents and Settings\Morten Holm\Cookies\morten_holm@thomascookag.122.2o7[1].txt
    C:\Documents and Settings\Morten Holm\Cookies\morten_holm@ad.bolddk[2].txt
    C:\Documents and Settings\Morten Holm\Cookies\morten_holm@msnportal.112.2o7[1].txt
    C:\Documents and Settings\Morten Holm\Cookies\morten_holm@ad.zanox[2].txt
    C:\Documents and Settings\Morten Holm\Cookies\morten_holm@bravenet[1].txt
    C:\Documents and Settings\Morten Holm\Cookies\morten_holm@eas.apm.emediate[2].txt
    C:\Documents and Settings\Morten Holm\Cookies\morten_holm@nielsen.112.2o7[1].txt
    C:\Documents and Settings\Morten Holm\Cookies\morten_holm@doubleclick[1].txt
    C:\Documents and Settings\Morten Holm\Cookies\morten_holm@asw.valueclick[1].txt
    C:\Documents and Settings\Morten Holm\Cookies\morten_holm@ehg-vcbs.hitbox[1].txt
    C:\Documents and Settings\Morten Holm\Cookies\morten_holm@sonofoncybercity.112.2o7[1].txt
    C:\Documents and Settings\Morten Holm\Cookies\morten_holm@autocom.112.2o7[1].txt
    C:\Documents and Settings\Morten Holm\Cookies\morten_holm@earlyexperience.partyaccount[2].txt
    C:\Documents and Settings\Morten Holm\Cookies\morten_holm@ads.ookla[2].txt
    C:\Documents and Settings\Morten Holm\Cookies\morten_holm@insightexpressai[2].txt
    C:\Documents and Settings\Morten Holm\Cookies\morten_holm@statcounter[2].txt
    C:\Documents and Settings\Morten Holm\Cookies\morten_holm@adrevolver[2].txt
    C:\Documents and Settings\Morten Holm\Cookies\morten_holm@freefind[1].txt
    C:\Documents and Settings\Morten Holm\Cookies\morten_holm@fastclick[2].txt
    C:\Documents and Settings\Morten Holm\Cookies\morten_holm@ads.pubmatic[1].txt
    C:\Documents and Settings\Morten Holm\Cookies\morten_holm@www.burstnet[1].txt
    C:\Documents and Settings\Morten Holm\Cookies\morten_holm@burstnet[2].txt
    C:\Documents and Settings\Morten Holm\Cookies\morten_holm@as1.falkag[1].txt
    C:\Documents and Settings\Morten Holm\Cookies\morten_holm@linksynergy[1].txt
    C:\Documents and Settings\Morten Holm\Cookies\morten_holm@bs.serving-sys[2].txt
    C:\Documents and Settings\Morten Holm\Cookies\morten_holm@nordea.112.2o7[1].txt
    C:\Documents and Settings\Morten Holm\Cookies\morten_holm@telmore.112.2o7[1].txt
    C:\Documents and Settings\Morten Holm\Cookies\morten_holm@ads-dev.youporn[2].txt
    C:\Documents and Settings\Morten Holm\Cookies\morten_holm@adserver.admeen[1].txt
    C:\Documents and Settings\Morten Holm\Cookies\morten_holm@ehg.hitbox[2].txt
    C:\Documents and Settings\Morten Holm\Cookies\morten_holm@valueclick[1].txt
    C:\Documents and Settings\Morten Holm\Cookies\morten_holm@indextools[1].txt
    C:\Documents and Settings\Morten Holm\Cookies\morten_holm@adfarm1.adition[1].txt
    C:\Documents and Settings\Morten Holm\Cookies\morten_holm@serving-sys[3].txt
    C:\Documents and Settings\Morten Holm\Cookies\morten_holm@server.iad.liveperson[2].txt
    C:\Documents and Settings\Morten Holm\Cookies\morten_holm@kontera[2].txt
    C:\Documents and Settings\Morten Holm\Cookies\morten_holm@ads.revsci[1].txt
    C:\Documents and Settings\Morten Holm\Cookies\morten_holm@socialmedia[1].txt
    C:\Documents and Settings\Morten Holm\Cookies\morten_holm@tradedoubler[1].txt
    C:\Documents and Settings\Morten Holm\Cookies\morten_holm@www.livewebstats[1].txt
    C:\Documents and Settings\Morten Holm\Cookies\morten_holm@ehg-adidas.hitbox[2].txt
    C:\Documents and Settings\Morten Holm\Cookies\morten_holm@jobzonen.112.2o7[1].txt
    C:\Documents and Settings\Morten Holm\Cookies\morten_holm@secure.partyaccount[3].txt
    C:\Documents and Settings\Morten Holm\Cookies\morten_holm@247realmedia[2].txt
    C:\Documents and Settings\Morten Holm\Cookies\morten_holm@wt.sexsearch[1].txt
    C:\Documents and Settings\Morten Holm\Cookies\morten_holm@ehg-machinas.hitbox[2].txt
    C:\Documents and Settings\Morten Holm\Cookies\morten_holm@ehg-wpt.hitbox[2].txt
    C:\Documents and Settings\Morten Holm\Cookies\morten_holm@stepstone.112.2o7[1].txt
    C:\Documents and Settings\Morten Holm\Cookies\morten_holm@secure.partyaccount[1].txt
    C:\Documents and Settings\Morten Holm\Cookies\morten_holm@stat.katalysatormedia[1].txt
    C:\Documents and Settings\Morten Holm\Cookies\morten_holm@banner.goldenpalace[2].txt
    C:\Documents and Settings\Morten Holm\Cookies\morten_holm@adserver.adtech[1].txt
    C:\Documents and Settings\Morten Holm\Cookies\morten_holm@realmedia[2].txt
    C:\Documents and Settings\Morten Holm\Cookies\morten_holm@teliasonera.112.2o7[1].txt
    C:\Documents and Settings\Morten Holm\Cookies\morten_holm@ads.associatedcontent[2].txt
    C:\Documents and Settings\Morten Holm\Cookies\morten_holm@adserver.banneradministration[2].txt
    C:\Documents and Settings\Morten Holm\Cookies\morten_holm@traffictracker[1].txt
    C:\Documents and Settings\Morten Holm\Cookies\morten_holm@tacoda[1].txt
    C:\Documents and Settings\Morten Holm\Cookies\morten_holm@secure.partyaccount[5].txt
    C:\Documents and Settings\Morten Holm\Cookies\morten_holm@webstat[1].txt
    C:\Documents and Settings\Morten Holm\Cookies\morten_holm@danskespil.112.2o7[1].txt
    C:\Documents and Settings\Morten Holm\Cookies\morten_holm@ads.morethanaclub[1].txt
    C:\Documents and Settings\Morten Holm\Cookies\morten_holm@secure.partyaccount[7].txt
    C:\Documents and Settings\Morten Holm\Cookies\morten_holm@iframe.mediaplazza[1].txt
    C:\Documents and Settings\Morten Holm\Cookies\morten_holm@ehg-aarp.hitbox[2].txt
    C:\Documents and Settings\Morten Holm\Cookies\morten_holm@tribalfusion[1].txt
    C:\Documents and Settings\Morten Holm\Cookies\morten_holm@ice.112.2o7[1].txt
    C:\Documents and Settings\Morten Holm\Cookies\morten_holm@ad.ofir[1].txt
    C:\Documents and Settings\Morten Holm\Cookies\morten_holm@aller.112.2o7[1].txt
    C:\Documents and Settings\Morten Holm\Cookies\morten_holm@mediawatch[1].txt
    C:\Documents and Settings\Morten Holm\Cookies\morten_holm@int.sitestat[1].txt
    C:\Documents and Settings\Morten Holm\Cookies\morten_holm@adfair[2].txt
    C:\Documents and Settings\Morten Holm\Cookies\morten_holm@banner2.fynskemedier[2].txt
    C:\Documents and Settings\Morten Holm\Cookies\morten_holm@bold.adservinginternational[1].txt
    C:\Documents and Settings\Morten Holm\Cookies\morten_holm@adultfriendfinder[1].txt
    C:\Documents and Settings\Morten Holm\Cookies\morten_holm@ads.pointroll[1].txt
    C:\Documents and Settings\Morten Holm\Cookies\morten_holm@falklauritsen.112.2o7[1].txt
    C:\Documents and Settings\Morten Holm\Cookies\morten_holm@mediaservices.myspace[2].txt
    C:\Documents and Settings\Morten Holm\Cookies\morten_holm@mediaprovider.adservinginternational[2].txt
    C:\Documents and Settings\Morten Holm\Cookies\morten_holm@server.lon.liveperson[4].txt
    C:\Documents and Settings\Morten Holm\Cookies\morten_holm@ad.adtoma[1].txt
    C:\Documents and Settings\Morten Holm\Cookies\morten_holm@ads.mininova[1].txt
    C:\Documents and Settings\Morten Holm\Cookies\morten_holm@youporngay[1].txt
    C:\Documents and Settings\Morten Holm\Cookies\morten_holm@earlyexperience.partyaccount[1].txt
    C:\Documents and Settings\Morten Holm\Cookies\morten_holm@tour.sexsearchcom[1].txt
    C:\Documents and Settings\Morten Holm\Cookies\morten_holm@ehg-fifa.hitbox[1].txt
    C:\Documents and Settings\Morten Holm\Cookies\morten_holm@int.sitestat[2].txt
    C:\Documents and Settings\Morten Holm\Cookies\morten_holm@int.sitestat[3].txt
    C:\Documents and Settings\Morten Holm\Cookies\morten_holm@www2.mystats[2].txt
    C:\Documents and Settings\Morten Holm\Cookies\morten_holm@adopt.euroclick[2].txt
    C:\Documents and Settings\Morten Holm\Cookies\morten_holm@partygaming.122.2o7[1].txt
    C:\Documents and Settings\Morten Holm\Cookies\morten_holm@tracking.notabenestats[1].txt
    C:\Documents and Settings\Morten Holm\Cookies\morten_holm@divx.112.2o7[1].txt
    C:\Documents and Settings\Morten Holm\Cookies\morten_holm@ncom.banneradministration[2].txt
    C:\Documents and Settings\Morten Holm\Cookies\morten_holm@www.googleadservices[2].txt
    C:\Documents and Settings\Morten Holm\Cookies\morten_holm@ehg-ladbrokes.hitbox[2].txt
    C:\Documents and Settings\Morten Holm\Cookies\morten_holm@secure.partyaccount[4].txt
    C:\Documents and Settings\Morten Holm\Cookies\morten_holm@magasindn.112.2o7[1].txt
    C:\Documents and Settings\Morten Holm\Cookies\morten_holm@anad.tacoda[2].txt
    C:\Documents and Settings\Morten Holm\Cookies\morten_holm@warez-dk[2].txt
    C:\Documents and Settings\Morten Holm\Cookies\morten_holm@ads.viaweb[2].txt
    C:\Documents and Settings\Morten Holm\Cookies\morten_holm@clicktorrent[1].txt
    C:\Documents and Settings\Morten Holm\Cookies\morten_holm@ads.sun[1].txt
    C:\Documents and Settings\Morten Holm\Cookies\morten_holm@ads.dailyrush[2].txt
    C:\Documents and Settings\Morten Holm\Cookies\morten_holm@partner.smartresponse-media[2].txt
    C:\Documents and Settings\Morten Holm\Cookies\morten_holm@ads.ozonemedia.co[1].txt
    C:\Documents and Settings\Morten Holm\Cookies\morten_holm@ads.brazzers[1].txt
    C:\Documents and Settings\Morten Holm\Cookies\morten_holm@dtftravel.112.2o7[1].txt
    C:\Documents and Settings\Morten Holm\Cookies\morten_holm@ads.partnerlogic[1].txt
    C:\Documents and Settings\Morten Holm\Cookies\morten_holm@toplist[1].txt
    C:\Documents and Settings\Morten Holm\Cookies\morten_holm@atwola[1].txt
    C:\Documents and Settings\Morten Holm\Cookies\morten_holm@tripod[1].txt
    C:\Documents and Settings\Morten Holm\Cookies\morten_holm@usatoday1.112.2o7[1].txt
    C:\Documents and Settings\Morten Holm\Cookies\morten_holm@sexsearchcom[2].txt
    C:\Documents and Settings\Morten Holm\Cookies\morten_holm@revenue[2].txt
    C:\Documents and Settings\Morten Holm\Cookies\morten_holm@avgtechnologies.112.2o7[2].txt
    C:\Documents and Settings\Morten Holm\Cookies\morten_holm@files.youporn[2].txt
    C:\Documents and Settings\Morten Holm\Cookies\morten_holm@specificclick[2].txt
    C:\Documents and Settings\Morten Holm\Cookies\morten_holm@lenovo.112.2o7[1].txt
    C:\Documents and Settings\Morten Holm\Cookies\morten_holm@indexstats[1].txt
    C:\Documents and Settings\Morten Holm\Cookies\morten_holm@ads.cnn[1].txt
    C:\Documents and Settings\Morten Holm\Cookies\morten_holm@network.realmedia[2].txt
    C:\Documents and Settings\Morten Holm\Cookies\morten_holm@ads.mousesports[1].txt
    C:\Documents and Settings\Morten Holm\Cookies\morten_holm@ehg-nokiafin.hitbox[2].txt
    C:\Documents and Settings\Morten Holm\Cookies\morten_holm@www.googleadservices[3].txt
    C:\Documents and Settings\Morten Holm\Cookies\morten_holm@www.warez-dk[2].txt
    C:\Documents and Settings\Morten Holm\Cookies\morten_holm@questionmarket[2].txt
    C:\Documents and Settings\Morten Holm\Cookies\morten_holm@sexsygdomme[2].txt
    C:\Documents and Settings\Morten Holm\Cookies\morten_holm@ia.adserving[2].txt
    C:\Documents and Settings\Morten Holm\Cookies\morten_holm@www.googleadservices[1].txt
    C:\Documents and Settings\Morten Holm\Cookies\morten_holm@ads.betbrain[1].txt
    C:\Documents and Settings\Morten Holm\Cookies\morten_holm@ads.skisport[2].txt
    C:\Documents and Settings\Morten Holm\Cookies\morten_holm@fotbollsexpressen[2].txt
    C:\Documents and Settings\Morten Holm\Cookies\morten_holm@viasatsatelliteservices.112.2o7[1].txt
    C:\Documents and Settings\Morten Holm\Cookies\morten_holm@serving-sys[1].txt

Adware.Casino Games (Golden Palace Casino)
    C:\POKER\TITAN POKER\CASINO.EXE
    C:\DOCUMENTS AND SETTINGS\ALL USERS\MENUEN START\PROGRAMMER\TITAN POKER\TITAN POKER.LNK
    C:\DOCUMENTS AND SETTINGS\ALL USERS\MENUEN START\TITAN POKER.LNK

og endelig hijackthis:

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 20:30:07, on 03-08-2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16674)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\Programmer\Fælles filer\Virtual Token\vtserver.exe
C:\WINDOWS\system32\ibmpmsvc.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Programmer\Intel\Wireless\Bin\EvtEng.exe
C:\Programmer\Intel\Wireless\Bin\S24EvMon.exe
C:\Programmer\Lavasoft\Ad-Aware 2007\aawservice.exe
C:\Programmer\Alwil Software\Avast4\aswUpdSv.exe
C:\Programmer\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\IPSSVC.EXE
C:\Programmer\Fælles filer\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Programmer\Bonjour\mDNSResponder.exe
C:\Programmer\ThinkPad\Bluetooth Software\bin\btwdins.exe
C:\WINDOWS\system32\cisvc.exe
C:\Programmer\Comodo\Firewall\cmdagent.exe
C:\Programmer\Diskeeper Corporation\Diskeeper\DkService.exe
C:\Programmer\ewido anti-spyware 4.0\guard.exe
C:\WINDOWS\System32\svchost.exe
C:\Programmer\Canon\IJPLM\IJPLMSVC.EXE
C:\WINDOWS\system32\HPZipm12.exe
C:\WINDOWS\System32\QCONSVC.EXE
C:\Programmer\Intel\Wireless\Bin\RegSrvc.exe
C:\WINDOWS\system32\svchost.exe
C:\Programmer\Fælles filer\Lenovo\tvt_reg_monitor_svc.exe
C:\WINDOWS\System32\TPHDEXLG.EXE
C:\WINDOWS\system32\TpKmpSVC.exe
C:\Programmer\IBM ThinkVantage\Rescue and Recovery\rrservice.exe
C:\Programmer\Fælles filer\Lenovo\Scheduler\tvtsched.exe
c:\programmer\lenovo\system update\suservice.exe
C:\Programmer\Synaptics\SynTP\SynTPLpr.exe
C:\Programmer\Canon\CAL\CALMAIN.exe
C:\Programmer\Synaptics\SynTP\SynTPEnh.exe
C:\WINDOWS\system32\TpShocks.exe
C:\PROGRA~1\ThinkPad\UTILIT~1\EzEjMnAp.Exe
C:\PROGRA~1\Lenovo\PkgMgr\HOTKEY\TPHKMGR.exe
C:\PROGRA~1\THINKV~2\PrdCtr\LPMGR.exe
C:\WINDOWS\system32\dla\tfswctrl.exe
C:\Programmer\Fælles filer\InstallShield\UpdateService\issch.exe
C:\Programmer\IBM ThinkVantage\Client Security Solution\cssauth.exe
C:\Programmer\IBM ThinkVantage\SafeGuard PrivateDisk\pdservice.exe
C:\Programmer\ThinkPad\ConnectUtilities\QCWLICON.EXE
C:\WINDOWS\system32\rundll32.exe
C:\Programmer\Lenovo\PkgMgr\HOTKEY\TPONSCR.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Programmer\Lenovo\PkgMgr\HOTKEY_1\TpScrex.exe
C:\Programmer\Microsoft Office\Office12\GrooveMonitor.exe
C:\Programmer\Comodo\Firewall\cfp.exe
C:\Programmer\Fælles filer\Lenovo\Scheduler\scheduler_proxy.exe
C:\Programmer\Fælles filer\Real\Update_OB\realsched.exe
C:\Program Files\ThinkPad\UltraNav Wizard\UNavTray.EXE
C:\Programmer\ewido anti-spyware 4.0\ewido.exe
C:\Programmer\iTunes\iTunesHelper.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Programmer\DNA\btdna.exe
C:\Programmer\SUPERAntiSpyware\SUPERAntiSpyware.exe
C:\Program Files\Digital Line Detect\DLG.exe
C:\Programmer\Alwil Software\Avast4\ashMaiSv.exe
C:\Programmer\Alwil Software\Avast4\ashWebSv.exe
C:\WINDOWS\system32\wbem\wmiapsrv.exe
c:\programmer\fælles filer\installshield\updateservice\isuspm.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Programmer\iPod\bin\iPodService.exe
c:\Programmer\Fælles filer\InstallShield\UpdateService\agent.exe
C:\Programmer\Logitech\SetPoint\SetPoint.exe
C:\Programmer\3M\PSNLite\PsnLite.exe
C:\PROGRA~1\3M\PSNLite\PSNGive.exe
C:\Programmer\Fælles filer\Logishrd\KHAL2\KHALMNPR.EXE
C:\Programmer\Windows Live\Messenger\usnsvc.exe
C:\WINDOWS\system32\notepad.exe
C:\Programmer\Internet Explorer\iexplore.exe
C:\Programmer\Fælles filer\Microsoft Shared\Windows Live\WLLoginProxy.exe
C:\WINDOWS\system32\cidaemon.exe
C:\WINDOWS\system32\cidaemon.exe
C:\Documents and Settings\Morten Holm\Skrivebord\Alternativt\HiJackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Hyperlinks
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programmer\Fælles filer\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\system32\dla\tfswshx.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Programmer\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programmer\Java\jre1.6.0_05\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Hjælp til tilmelding til Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programmer\Fælles filer\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O4 - HKLM\..\Run: [SynTPLpr] C:\Programmer\Synaptics\SynTP\SynTPLpr.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Programmer\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [TpShocks] TpShocks.exe
O4 - HKLM\..\Run: [TP4EX] tp4ex.exe
O4 - HKLM\..\Run: [EZEJMNAP] C:\PROGRA~1\ThinkPad\UTILIT~1\EzEjMnAp.Exe
O4 - HKLM\..\Run: [TPHOTKEY] C:\PROGRA~1\Lenovo\PkgMgr\HOTKEY\TPHKMGR.exe
O4 - HKLM\..\Run: [ATIPTA] "C:\Programmer\ATI Technologies\ATI Control Panel\atiptaxx.exe"
O4 - HKLM\..\Run: [LPManager] C:\PROGRA~1\THINKV~2\PrdCtr\LPMGR.exe
O4 - HKLM\..\Run: [dla] C:\WINDOWS\system32\dla\tfswctrl.exe
O4 - HKLM\..\Run: [ISUSPM Startup] c:\PROGRA~1\FÆLLES~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup
O4 - HKLM\..\Run: [ISUSScheduler] "c:\Programmer\Fælles filer\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [cssauth] "C:\Programmer\IBM ThinkVantage\Client Security Solution\cssauth.exe" silent
O4 - HKLM\..\Run: [PDService.exe] "C:\Programmer\IBM ThinkVantage\SafeGuard PrivateDisk\pdservice.exe"
O4 - HKLM\..\Run: [DiskeeperSystray] "C:\Programmer\Diskeeper Corporation\Diskeeper\DkIcon.exe"
O4 - HKLM\..\Run: [QCWLICON] C:\Programmer\ThinkPad\ConnectUtilities\QCWLICON.EXE
O4 - HKLM\..\Run: [PWRMGRTR] rundll32 C:\PROGRA~1\ThinkPad\UTILIT~1\PWRMGRTR.DLL,PwrMgrBkGndMonitor
O4 - HKLM\..\Run: [BLOG] rundll32 C:\PROGRA~1\ThinkPad\UTILIT~1\BatLogEx.DLL,StartBattLog
O4 - HKLM\..\Run: [TPKMAPHELPER] C:\Programmer\ThinkPad\Utilities\TpKmapAp.exe -helper
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Programmer\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [COMODO Firewall Pro] "C:\Programmer\Comodo\Firewall\cfp.exe" -s
O4 - HKLM\..\Run: [Kernel and Hardware Abstraction Layer] KHALMNPR.EXE
O4 - HKLM\..\Run: [CanonSolutionMenu] C:\Programmer\Canon\SolutionMenu\CNSLMAIN.exe /logon
O4 - HKLM\..\Run: [CanonMyPrinter] C:\Programmer\Canon\MyPrinter\BJMyPrt.exe /logon
O4 - HKLM\..\Run: [TVT Scheduler Proxy] C:\Programmer\Fælles filer\Lenovo\Scheduler\scheduler_proxy.exe
O4 - HKLM\..\Run: [TkBellExe] "C:\Programmer\Fælles filer\Real\Update_OB\realsched.exe"  -osboot
O4 - HKLM\..\Run: [AppleSyncNotifier] C:\Programmer\Fælles filer\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Programmer\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [!ewido] "C:\Programmer\ewido anti-spyware 4.0\ewido.exe" /minimized
O4 - HKLM\..\Run: [iTunesHelper] "C:\Programmer\iTunes\iTunesHelper.exe"
O4 - HKCU\..\Run: [MsnMsgr] "C:\Programmer\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [BitTorrent DNA] "C:\Programmer\DNA\btdna.exe"
O4 - HKCU\..\Run: [SUPERAntiSpyware] C:\Programmer\SUPERAntiSpyware\SUPERAntiSpyware.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOKAL TJENESTE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETVÆRKSTJENESTE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: Digital Line Detect.lnk = ?
O4 - Global Startup: Logitech SetPoint.lnk = C:\Programmer\Logitech\SetPoint\SetPoint.exe
O4 - Global Startup: Post-it® Software Notes Lite.lnk = C:\Programmer\3M\PSNLite\PsnLite.exe
O8 - Extra context menu item: E&ksporter til Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Send til &Bluetooth - C:\Programmer\ThinkPad\Bluetooth Software\btsendto_ie_ctx.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programmer\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programmer\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra button: Blog det - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Programmer\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Blog det i Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Programmer\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Send til OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: S&end til OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: Titan Poker - {49783ED4-258D-4f9f-BE11-137C18D3E543} - C:\Poker\Titan Poker\casino.exe
O9 - Extra 'Tools' menuitem: Titan Poker - {49783ED4-258D-4f9f-BE11-137C18D3E543} - C:\Poker\Titan Poker\casino.exe
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Programmer\PartyGaming\PartyPoker\RunApp.exe (file missing)
O9 - Extra 'Tools' menuitem: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Programmer\PartyGaming\PartyPoker\RunApp.exe (file missing)
O9 - Extra button: Opdatér ThinkPad-programmer - {D1A4DEBD-C2EE-449f-B9FB-E8409F9A0BC5} - C:\Programmer\Lenovo\PkgMgr\\PkgMgr.exe
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programmer\Messenger\msmsgs.exe (file missing)
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programmer\Messenger\msmsgs.exe (file missing)
O11 - Options group: [JAVA_IBM] Java (IBM)
O16 - DPF: {029FDBA6-3547-11D7-AA4C-0050BF051A00} (Rawflow ICD Client) - http://downol.dr.dk/download/netradio/Rawflow.cab
O16 - DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} (Facebook Photo Uploader 5) - http://upload.facebook.com/controls/FacebookPhotoUploader5.cab
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {5F8469B4-B055-49DD-83F7-62B522420ECC} (Facebook Photo Uploader Control) - http://upload.facebook.com/controls/FacebookPhotoUploader.cab
O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} (DivXBrowserPlugin Object) - http://download.divx.com/player/DivXBrowserPlugin.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (MSN Games - Installer) - http://messenger.zone.msn.com/binary/ZIntro.cab56649.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O16 - DPF: {D8575CE3-3432-4540-88A9-85A1325D3375} (e-Safekey) - https://netbank.danskebank.dk/html/activex/e-Safekey/DB/e-Safekey.cab
O16 - DPF: {F7EDBBEA-1AD2-4EBF-AA07-D453CC29EE65} (Flash Casino Helper Object) - https://betway.microgaming.com/betway/FlashAX2.cab
O16 - DPF: {F9043C85-F6F2-101A-A3C9-08002B2F49FB} (Microsoft Common Dialog Control, version 6.0) - ms-its:C:\Programmer\The Tournament Director 2\TD.lib::/comdlg32.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{34DD755C-FB5D-4742-8C99-F7F8D845DA40}: NameServer = 212.242.40.3,212.242.40.51
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Programmer\Microsoft Office\Office12\GrooveSystemServices.dll
O20 - AppInit_DLLs:  C:\WINDOWS\system32\guard32.dll
O20 - Winlogon Notify: !SASWinLogon - C:\Programmer\SUPERAntiSpyware\SASWINLO.dll
O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft - C:\Programmer\Lavasoft\Ad-Aware 2007\aawservice.exe
O23 - Service: Adobe LM Service - Unknown owner - C:\Programmer\Fælles filer\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Programmer\Fælles filer\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Programmer\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Programmer\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Programmer\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Programmer\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: Bonjour-tjeneste (Bonjour Service) - Apple Inc. - C:\Programmer\Bonjour\mDNSResponder.exe
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Programmer\ThinkPad\Bluetooth Software\bin\btwdins.exe
O23 - Service: Canon Camera Access Library 8 (CCALib8) - Canon Inc. - C:\Programmer\Canon\CAL\CALMAIN.exe
O23 - Service: COMODO Firewall Pro Helper Service (cmdAgent) - COMODO - C:\Programmer\Comodo\Firewall\cmdagent.exe
O23 - Service: Diskeeper - Diskeeper Corporation - C:\Programmer\Diskeeper Corporation\Diskeeper\DkService.exe
O23 - Service: EvtEng - Intel Corporation - C:\Programmer\Intel\Wireless\Bin\EvtEng.exe
O23 - Service: ewido anti-spyware 4.0 guard - Anti-Malware Development a.s. - C:\Programmer\ewido anti-spyware 4.0\guard.exe
O23 - Service: ThinkPad PM Service (IBMPMSVC) - Unknown owner - C:\WINDOWS\system32\ibmpmsvc.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Programmer\Fælles filer\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: PIXMA Extended Survey Program (IJPLMSVC) - Unknown owner - C:\Programmer\Canon\IJPLM\IJPLMSVC.EXE
O23 - Service: iPod-tjeneste (iPod Service) - Apple Inc. - C:\Programmer\iPod\bin\iPodService.exe
O23 - Service: IPS Core Service (IPSSVC) - Lenovo Ltd. - C:\WINDOWS\system32\IPSSVC.EXE
O23 - Service: Logitech Bluetooth Service (LBTServ) - Logitech, Inc. - C:\Programmer\Fælles filer\Logitech\Bluetooth\LBTServ.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: IBM PSA Access Driver Control (PsaSrv) - Unknown owner - C:\WINDOWS\system32\PsaSrv.exe (file missing)
O23 - Service: QCONSVC - Lenovo - C:\WINDOWS\System32\QCONSVC.EXE
O23 - Service: RegSrvc - Intel Corporation - C:\Programmer\Intel\Wireless\Bin\RegSrvc.exe
O23 - Service: Spectrum24 Event Monitor (S24EventMonitor) - Intel Corporation  - C:\Programmer\Intel\Wireless\Bin\S24EvMon.exe
O23 - Service: ServiceLayer - Nokia. - C:\Programmer\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: System Update (SUService) - Lenovo Group Limited - c:\programmer\lenovo\system update\suservice.exe
O23 - Service: ThinkVantage Registry Monitor Service - Lenovo Group Limited - C:\Programmer\Fælles filer\Lenovo\tvt_reg_monitor_svc.exe
O23 - Service: ThinkPad HDD APS Logging Service (TPHDEXLGSVC) - Lenovo. - C:\WINDOWS\System32\TPHDEXLG.EXE
O23 - Service: IBM KCU Service (TpKmpSVC) - Unknown owner - C:\WINDOWS\system32\TpKmpSVC.exe
O23 - Service: TSS Core Service (TSSCoreService) - IBM - C:\Programmer\IBM ThinkVantage\Client Security Solution\ibmtcsd.exe
O23 - Service: TVT Backup Service - Unknown owner - C:\Programmer\IBM ThinkVantage\Rescue and Recovery\rrservice.exe
O23 - Service: TVT Scheduler - Lenovo Group Limited - C:\Programmer\Fælles filer\Lenovo\Scheduler\tvtsched.exe
O23 - Service: Protector Suite Virtual Token (vtserver) - UPEK Inc. - C:\Programmer\Fælles filer\Virtual Token\vtserver.exe

--
End of file - 17078 bytes

Håber der er nogen derude der kan hjælpe?

Mvh Morten Holm
Avatar billede Computer Hjælp (Gratis) Mester
03. august 2008 - 21:31 #1
Så længe du (stadig?) kører med  [BitTorrent DNA] så er du selv ude om det!

Afinstaller

* BitTorrent DNA
Grrrrr... Det er jo lige meget hvor meget folk har på af sikkerhed/opdateringer. Hvis de først begynder at 'lege' med P2P programmer - eller retterer relutater derfra - så er det lige vidt !!!
http://www.spywarefri.dk/forum/topic.asp?TOPIC_ID=40284

via
[Start][Indstilninger][Kontrolpanel][Tilføj/fjern programmer]

Genstart for at fuldføre afinstalationen...

---------------------------------------
Avatar billede Computer Hjælp (Gratis) Mester
03. august 2008 - 21:31 #2
Hent og instalér CCleaner http://www.ccleaner.com/ + http://www.spywarefri.dk/manualer/ccleaner-manual.htm
Under installationen får du tilbudt [Yahoo Toolbar]. Du kan sige ja eller *NEJ* til den.
Lad programmer foretage en oprydning...

--------

Hent Malwarebytes Anti-Malware herfra:
http://www.besttechie.net/tools/mbam-setup.exe
Eller herfra ->
http://www.majorgeeks.com/Malwarebytes_Anti-Malware_d5756.html

Installer programmet - når det er gjort skal du lade programmet opdatere sig. Herefter åbner et vindue, hvor du skal flytte prikken til "Kør et fuldstændigt systemscan" - klik på Skan Knappen - lad programmet arbejde. Når det er færdig (det tager lidt tid afhængig af hvor meget du har på computeren).
Derefter - Tryk på "Vis resultater" knappen efter scanningen - og herefter tryk på "Fjern det valgte" - nu åbnes log'en og du skal gemme den et sted, hvor du kan finde den igen.
Kopier indholdet herind sammen med en frisk log fra HiJackThis...
Avatar billede mollelone Nybegynder
04. august 2008 - 15:41 #3
Jeg har nu afinstalleret Bittorrent og kørt CCleaner to gange, samt kørt en skanning med Malwarebytes Anti-Malware, som gav følgende log:

Malwarebytes' Anti-Malware 1.24
Database version: 1022
Windows 5.1.2600 Service Pack 2

15:36:45 04-08-2008
mbam-log-8-4-2008 (15-36-45).txt

Skan type: Fuldstændig skanning (C:\|R:\|)
Objekter skannet: 149940
Tid tilbagelagt: 1 hour(s), 5 minute(s), 31 second(s)

Inficerede Hukommelses Processer: 0
Inficerede Hukommelses Moduler: 0
Inficerede Registeringsdatabase Nøgler: 0
Inficerede Registeringsdatabase Værdier: 0
Inficerede Registeringsdatabase Filer: 0
Inficerede Mapper: 0
Inficerede Filer: 2

Inficerede Hukommelses Processer:
(Ingen mistænkelige filer fundet)

Inficerede Hukommelses Moduler:
(Ingen mistænkelige filer fundet)

Inficerede Registeringsdatabase Nøgler:
(Ingen mistænkelige filer fundet)

Inficerede Registeringsdatabase Værdier:
(Ingen mistænkelige filer fundet)

Inficerede Registeringsdatabase Filer:
(Ingen mistænkelige filer fundet)

Inficerede Mapper:
(Ingen mistænkelige filer fundet)

Inficerede Filer:
C:\WINDOWS\system32\serauth1.dll (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\serauth2.dll (Trojan.Agent) -> Quarantined and deleted successfully.


HiJackThis loggen:

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 15:37:39, on 04-08-2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16674)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\Programmer\Fælles filer\Virtual Token\vtserver.exe
C:\WINDOWS\system32\ibmpmsvc.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Programmer\Intel\Wireless\Bin\EvtEng.exe
C:\Programmer\Intel\Wireless\Bin\S24EvMon.exe
C:\Programmer\Lavasoft\Ad-Aware 2007\aawservice.exe
C:\Programmer\Alwil Software\Avast4\aswUpdSv.exe
C:\Programmer\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\IPSSVC.EXE
C:\Programmer\Fælles filer\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Programmer\Bonjour\mDNSResponder.exe
C:\Programmer\ThinkPad\Bluetooth Software\bin\btwdins.exe
C:\WINDOWS\system32\cisvc.exe
C:\Programmer\Comodo\Firewall\cmdagent.exe
C:\Programmer\Diskeeper Corporation\Diskeeper\DkService.exe
C:\Programmer\ewido anti-spyware 4.0\guard.exe
C:\WINDOWS\System32\svchost.exe
C:\Programmer\Canon\IJPLM\IJPLMSVC.EXE
C:\WINDOWS\system32\HPZipm12.exe
C:\WINDOWS\System32\QCONSVC.EXE
C:\Programmer\Intel\Wireless\Bin\RegSrvc.exe
C:\WINDOWS\system32\svchost.exe
C:\Programmer\Fælles filer\Lenovo\tvt_reg_monitor_svc.exe
C:\WINDOWS\System32\TPHDEXLG.EXE
C:\WINDOWS\system32\TpKmpSVC.exe
C:\Programmer\IBM ThinkVantage\Rescue and Recovery\rrservice.exe
C:\Programmer\Fælles filer\Lenovo\Scheduler\tvtsched.exe
c:\programmer\lenovo\system update\suservice.exe
C:\Programmer\Canon\CAL\CALMAIN.exe
C:\Programmer\Alwil Software\Avast4\ashMaiSv.exe
C:\Programmer\Alwil Software\Avast4\ashWebSv.exe
C:\WINDOWS\system32\wbem\wmiapsrv.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\Programmer\Synaptics\SynTP\SynTPLpr.exe
C:\Programmer\Synaptics\SynTP\SynTPEnh.exe
C:\WINDOWS\system32\TpShocks.exe
C:\PROGRA~1\ThinkPad\UTILIT~1\EzEjMnAp.Exe
C:\PROGRA~1\Lenovo\PkgMgr\HOTKEY\TPHKMGR.exe
C:\PROGRA~1\THINKV~2\PrdCtr\LPMGR.exe
C:\WINDOWS\system32\dla\tfswctrl.exe
C:\Programmer\Fælles filer\InstallShield\UpdateService\issch.exe
C:\Programmer\Lenovo\PkgMgr\HOTKEY\TPONSCR.exe
C:\Programmer\Lenovo\PkgMgr\HOTKEY_1\TpScrex.exe
C:\Programmer\IBM ThinkVantage\Client Security Solution\cssauth.exe
C:\Programmer\IBM ThinkVantage\SafeGuard PrivateDisk\pdservice.exe
C:\Programmer\ThinkPad\ConnectUtilities\QCWLICON.EXE
C:\WINDOWS\system32\rundll32.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Programmer\Microsoft Office\Office12\GrooveMonitor.exe
C:\Programmer\Comodo\Firewall\cfp.exe
C:\Programmer\Fælles filer\Lenovo\Scheduler\scheduler_proxy.exe
C:\Programmer\Fælles filer\Real\Update_OB\realsched.exe
C:\Programmer\ewido anti-spyware 4.0\ewido.exe
C:\Programmer\iTunes\iTunesHelper.exe
C:\Programmer\Windows Live\Messenger\MsnMsgr.Exe
C:\WINDOWS\system32\ctfmon.exe
C:\Programmer\SUPERAntiSpyware\SUPERAntiSpyware.exe
C:\Program Files\Digital Line Detect\DLG.exe
C:\Programmer\Logitech\SetPoint\SetPoint.exe
C:\Programmer\IBM ThinkVantage\Client Security Solution\pwmgr.exe
C:\Programmer\Fælles filer\Logishrd\KHAL2\KHALMNPR.EXE
C:\Programmer\iPod\bin\iPodService.exe
C:\Programmer\3M\PSNLite\PsnLite.exe
C:\PROGRA~1\3M\PSNLite\PSNGive.exe
C:\Programmer\Windows Live\Messenger\usnsvc.exe
C:\WINDOWS\system32\cidaemon.exe
C:\WINDOWS\system32\cidaemon.exe
C:\Programmer\Internet Explorer\iexplore.exe
C:\Programmer\Fælles filer\Microsoft Shared\Windows Live\WLLoginProxy.exe
C:\Programmer\CCleaner\CCleaner.exe
C:\Programmer\Malwarebytes' Anti-Malware\mbam.exe
C:\Documents and Settings\Morten Holm\Skrivebord\Alternativt\HiJackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Hyperlinks
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programmer\Fælles filer\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\system32\dla\tfswshx.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Programmer\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programmer\Java\jre1.6.0_05\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Hjælp til tilmelding til Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programmer\Fælles filer\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O4 - HKLM\..\Run: [SynTPLpr] C:\Programmer\Synaptics\SynTP\SynTPLpr.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Programmer\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [TpShocks] TpShocks.exe
O4 - HKLM\..\Run: [TP4EX] tp4ex.exe
O4 - HKLM\..\Run: [EZEJMNAP] C:\PROGRA~1\ThinkPad\UTILIT~1\EzEjMnAp.Exe
O4 - HKLM\..\Run: [TPHOTKEY] C:\PROGRA~1\Lenovo\PkgMgr\HOTKEY\TPHKMGR.exe
O4 - HKLM\..\Run: [ATIPTA] "C:\Programmer\ATI Technologies\ATI Control Panel\atiptaxx.exe"
O4 - HKLM\..\Run: [LPManager] C:\PROGRA~1\THINKV~2\PrdCtr\LPMGR.exe
O4 - HKLM\..\Run: [dla] C:\WINDOWS\system32\dla\tfswctrl.exe
O4 - HKLM\..\Run: [ISUSPM Startup] c:\PROGRA~1\FÆLLES~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup
O4 - HKLM\..\Run: [ISUSScheduler] "c:\Programmer\Fælles filer\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [cssauth] "C:\Programmer\IBM ThinkVantage\Client Security Solution\cssauth.exe" silent
O4 - HKLM\..\Run: [PDService.exe] "C:\Programmer\IBM ThinkVantage\SafeGuard PrivateDisk\pdservice.exe"
O4 - HKLM\..\Run: [DiskeeperSystray] "C:\Programmer\Diskeeper Corporation\Diskeeper\DkIcon.exe"
O4 - HKLM\..\Run: [QCWLICON] C:\Programmer\ThinkPad\ConnectUtilities\QCWLICON.EXE
O4 - HKLM\..\Run: [PWRMGRTR] rundll32 C:\PROGRA~1\ThinkPad\UTILIT~1\PWRMGRTR.DLL,PwrMgrBkGndMonitor
O4 - HKLM\..\Run: [BLOG] rundll32 C:\PROGRA~1\ThinkPad\UTILIT~1\BatLogEx.DLL,StartBattLog
O4 - HKLM\..\Run: [TPKMAPHELPER] C:\Programmer\ThinkPad\Utilities\TpKmapAp.exe -helper
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Programmer\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [COMODO Firewall Pro] "C:\Programmer\Comodo\Firewall\cfp.exe" -s
O4 - HKLM\..\Run: [Kernel and Hardware Abstraction Layer] KHALMNPR.EXE
O4 - HKLM\..\Run: [CanonSolutionMenu] C:\Programmer\Canon\SolutionMenu\CNSLMAIN.exe /logon
O4 - HKLM\..\Run: [CanonMyPrinter] C:\Programmer\Canon\MyPrinter\BJMyPrt.exe /logon
O4 - HKLM\..\Run: [TVT Scheduler Proxy] C:\Programmer\Fælles filer\Lenovo\Scheduler\scheduler_proxy.exe
O4 - HKLM\..\Run: [TkBellExe] "C:\Programmer\Fælles filer\Real\Update_OB\realsched.exe"  -osboot
O4 - HKLM\..\Run: [AppleSyncNotifier] C:\Programmer\Fælles filer\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe
O4 - HKLM\..\Run: [!ewido] "C:\Programmer\ewido anti-spyware 4.0\ewido.exe" /minimized
O4 - HKCU\..\Run: [MsnMsgr] "C:\Programmer\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [SUPERAntiSpyware] C:\Programmer\SUPERAntiSpyware\SUPERAntiSpyware.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOKAL TJENESTE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETVÆRKSTJENESTE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: Digital Line Detect.lnk = ?
O4 - Global Startup: Logitech SetPoint.lnk = C:\Programmer\Logitech\SetPoint\SetPoint.exe
O4 - Global Startup: Post-it® Software Notes Lite.lnk = C:\Programmer\3M\PSNLite\PsnLite.exe
O8 - Extra context menu item: E&ksporter til Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Send til &Bluetooth - C:\Programmer\ThinkPad\Bluetooth Software\btsendto_ie_ctx.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programmer\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programmer\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra button: Blog det - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Programmer\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Blog det i Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Programmer\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Send til OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: S&end til OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: Titan Poker - {49783ED4-258D-4f9f-BE11-137C18D3E543} - C:\Poker\Titan Poker\casino.exe
O9 - Extra 'Tools' menuitem: Titan Poker - {49783ED4-258D-4f9f-BE11-137C18D3E543} - C:\Poker\Titan Poker\casino.exe
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Programmer\PartyGaming\PartyPoker\RunApp.exe (file missing)
O9 - Extra 'Tools' menuitem: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Programmer\PartyGaming\PartyPoker\RunApp.exe (file missing)
O9 - Extra button: Opdatér ThinkPad-programmer - {D1A4DEBD-C2EE-449f-B9FB-E8409F9A0BC5} - C:\Programmer\Lenovo\PkgMgr\\PkgMgr.exe
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programmer\Messenger\msmsgs.exe (file missing)
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programmer\Messenger\msmsgs.exe (file missing)
O11 - Options group: [JAVA_IBM] Java (IBM)
O16 - DPF: {029FDBA6-3547-11D7-AA4C-0050BF051A00} (Rawflow ICD Client) - http://downol.dr.dk/download/netradio/Rawflow.cab
O16 - DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} (Facebook Photo Uploader 5) - http://upload.facebook.com/controls/FacebookPhotoUploader5.cab
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {5F8469B4-B055-49DD-83F7-62B522420ECC} (Facebook Photo Uploader Control) - http://upload.facebook.com/controls/FacebookPhotoUploader.cab
O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} (DivXBrowserPlugin Object) - http://download.divx.com/player/DivXBrowserPlugin.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (MSN Games - Installer) - http://messenger.zone.msn.com/binary/ZIntro.cab56649.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O16 - DPF: {D8575CE3-3432-4540-88A9-85A1325D3375} (e-Safekey) - https://netbank.danskebank.dk/html/activex/e-Safekey/DB/e-Safekey.cab
O16 - DPF: {F7EDBBEA-1AD2-4EBF-AA07-D453CC29EE65} (Flash Casino Helper Object) - https://betway.microgaming.com/betway/FlashAX2.cab
O16 - DPF: {F9043C85-F6F2-101A-A3C9-08002B2F49FB} (Microsoft Common Dialog Control, version 6.0) - ms-its:C:\Programmer\The Tournament Director 2\TD.lib::/comdlg32.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{34DD755C-FB5D-4742-8C99-F7F8D845DA40}: NameServer = 212.242.40.3,212.242.40.51
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Programmer\Microsoft Office\Office12\GrooveSystemServices.dll
O20 - AppInit_DLLs:  C:\WINDOWS\system32\guard32.dll
O20 - Winlogon Notify: !SASWinLogon - C:\Programmer\SUPERAntiSpyware\SASWINLO.dll
O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft - C:\Programmer\Lavasoft\Ad-Aware 2007\aawservice.exe
O23 - Service: Adobe LM Service - Unknown owner - C:\Programmer\Fælles filer\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Programmer\Fælles filer\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Programmer\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Programmer\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Programmer\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Programmer\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: Bonjour-tjeneste (Bonjour Service) - Apple Inc. - C:\Programmer\Bonjour\mDNSResponder.exe
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Programmer\ThinkPad\Bluetooth Software\bin\btwdins.exe
O23 - Service: Canon Camera Access Library 8 (CCALib8) - Canon Inc. - C:\Programmer\Canon\CAL\CALMAIN.exe
O23 - Service: COMODO Firewall Pro Helper Service (cmdAgent) - COMODO - C:\Programmer\Comodo\Firewall\cmdagent.exe
O23 - Service: Diskeeper - Diskeeper Corporation - C:\Programmer\Diskeeper Corporation\Diskeeper\DkService.exe
O23 - Service: EvtEng - Intel Corporation - C:\Programmer\Intel\Wireless\Bin\EvtEng.exe
O23 - Service: ewido anti-spyware 4.0 guard - Anti-Malware Development a.s. - C:\Programmer\ewido anti-spyware 4.0\guard.exe
O23 - Service: ThinkPad PM Service (IBMPMSVC) - Unknown owner - C:\WINDOWS\system32\ibmpmsvc.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Programmer\Fælles filer\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: PIXMA Extended Survey Program (IJPLMSVC) - Unknown owner - C:\Programmer\Canon\IJPLM\IJPLMSVC.EXE
O23 - Service: iPod-tjeneste (iPod Service) - Apple Inc. - C:\Programmer\iPod\bin\iPodService.exe
O23 - Service: IPS Core Service (IPSSVC) - Lenovo Ltd. - C:\WINDOWS\system32\IPSSVC.EXE
O23 - Service: Logitech Bluetooth Service (LBTServ) - Logitech, Inc. - C:\Programmer\Fælles filer\Logitech\Bluetooth\LBTServ.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: IBM PSA Access Driver Control (PsaSrv) - Unknown owner - C:\WINDOWS\system32\PsaSrv.exe (file missing)
O23 - Service: QCONSVC - Lenovo - C:\WINDOWS\System32\QCONSVC.EXE
O23 - Service: RegSrvc - Intel Corporation - C:\Programmer\Intel\Wireless\Bin\RegSrvc.exe
O23 - Service: Spectrum24 Event Monitor (S24EventMonitor) - Intel Corporation  - C:\Programmer\Intel\Wireless\Bin\S24EvMon.exe
O23 - Service: ServiceLayer - Nokia. - C:\Programmer\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: System Update (SUService) - Lenovo Group Limited - c:\programmer\lenovo\system update\suservice.exe
O23 - Service: ThinkVantage Registry Monitor Service - Lenovo Group Limited - C:\Programmer\Fælles filer\Lenovo\tvt_reg_monitor_svc.exe
O23 - Service: ThinkPad HDD APS Logging Service (TPHDEXLGSVC) - Lenovo. - C:\WINDOWS\System32\TPHDEXLG.EXE
O23 - Service: IBM KCU Service (TpKmpSVC) - Unknown owner - C:\WINDOWS\system32\TpKmpSVC.exe
O23 - Service: TSS Core Service (TSSCoreService) - IBM - C:\Programmer\IBM ThinkVantage\Client Security Solution\ibmtcsd.exe
O23 - Service: TVT Backup Service - Unknown owner - C:\Programmer\IBM ThinkVantage\Rescue and Recovery\rrservice.exe
O23 - Service: TVT Scheduler - Lenovo Group Limited - C:\Programmer\Fælles filer\Lenovo\Scheduler\tvtsched.exe
O23 - Service: Protector Suite Virtual Token (vtserver) - UPEK Inc. - C:\Programmer\Fælles filer\Virtual Token\vtserver.exe

--
End of file - 16774 bytes


Og mange tak for hjælpen :D
Avatar billede Computer Hjælp (Gratis) Mester
04. august 2008 - 16:09 #4
Det er vist en færdig instaleret IBM/LENOVO bærbar du har ? Typisk med en masse mere eller mindre unyttige elementer i opstarten...
(Men det ka' du evt. selv forsøge dig med vha MSConfig -> http://www.spywareinfo.dk/#/tip-og-tricks/msconfig.htm )

Lidt generel efterfølgende oprydning ->

Kør en scanning med Hijackthis,
Du får herunder nogle filer, som du skal fixe. Det, du skal gøre, er at sætte et flueben ud for disse filer. Når du har gjort det, så lukker du alle andre vinduer ned. Det er meget vigtigt at det eneste vindue, som er åbent er HijackThis vinduet. Husk også at lukke dette vindue, når du har markeret filerne. Nu må du fixe. Klik på Fix checked.

Det er disse, som skal fixes:

O9 - Extra button: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Programmer\PartyGaming\PartyPoker\RunApp.exe (file missing)
O9 - Extra 'Tools' menuitem: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Programmer\PartyGaming\PartyPoker\RunApp.exe (file missing)
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programmer\Messenger\msmsgs.exe (file missing)
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programmer\Messenger\msmsgs.exe (file missing)

Genstart normalt...

------------------------------------------------------------------------
Husk M$ ServicePack3 til XP -> http://www.microsoft.com/downloads/details.aspx?FamilyID=5b33b5a8-5e76-401f-be08-1e1555d4f3d4&displaylang=da
Avatar billede mollelone Nybegynder
04. august 2008 - 16:51 #5
Det er nemlig lige præcis hvad jeg har. Og syns egentlig også den er lidt sløv i opstarten. Nogen prog du kan anbefale til ikke at starte op med windows?


tak for hjælpen endnu en gang :D
Avatar billede Computer Hjælp (Gratis) Mester
04. august 2008 - 17:41 #6
(Prøv dig frem med nævnte MSConfig - undtagen evt. skkerheds elementer/programmer)
Avatar billede Ny bruger Nybegynder

Din løsning...

Tilladte BB-code-tags: [b]fed[/b] [i]kursiv[/i] [u]understreget[/u] Web- og emailadresser omdannes automatisk til links. Der sættes "nofollow" på alle links.

Loading billede Opret Preview
Kategori
Se alle it-kurser fra Computerworld Kurser
IT-kurser om Microsoft 365, sikkerhed, personlig vækst, udvikling, digital markedsføring, grafisk design, SAP og forretningsanalyse.
Se alle it-kurser

Flere spørgsmål fra Virus kategorien

Titel Indlæg Oprettet Seneste aktivitet
Ukendte filer på min Pc Af jonpet i Virus 10 03/02/202514:20 04/02/202511:05
mulig ukendt virus Af jackie18 i Virus 3 18/01/202514:07 18/01/202516:39
virus popper op med jævne mellemrum Af Malm i Virus 13 18/01/202511:40 20/01/202517:53
Total AV Af Malm i Virus 10 16/01/202516:48 17/01/202520:47
pop up black friday Af Malm i Virus 12 22/11/202420:49 03/12/202411:04
Se alle spørgsmål i kategorien Opret spørgsmål

Log ind eller opret profil

Hov!

For at kunne deltage på Computerworld Eksperten skal du være logget ind.

Det er heldigvis nemt at oprette en bruger: Det tager to minutter og du kan vælge at bruge enten e-mail, Facebook eller Google som login.

Opret Log ind

Du kan også logge ind via nedenstående tjenester



Alle kategorier på Eksperten
Seneste spørgsmål Seneste aktivitet
I går 21:37 Mistes nøglen til mit Wi-Fi Af valby i Internetforbindelser
I går 20:45 Magnus & Myggen - script error: Af Mathilde i Andet software
I går 19:10 Acer gaming bærbar Af Heidip i Windows
I går 11:46 Fra SQL tll em MPP fil Af per2edb i Access
04/0519:43 Prime Video Af Jette i Andet software
White papers
Flere white papers »


Premium
Teaser billede
Efter hård kamp er Danmarks bedste hacker fundet: Her er vinderne af De Danske Cybermesterskaber
Læs mere »
Sådan forsøgte it-chef Henrik Brix at lokke sine kolleger i en falsk phishing-fælde: Se hans snedige snyde-mail her
NNIT har fyret 100 medarbejdere - nedjusterer markant
Tredje store kæde ramt på to uger: Berømt varehus er udsat for det, der ligner et koordineret cyberangreb
Se alle »
Computerworld
Teaser billede
Ændring af OneDrive: Microsoft vil lokke brugere til at synkronisere personlige filer til arbejds-pc'er
Læs mere »
Apple har netop opdateret dit kort: København er nærmest blevet helt forandret
NIS2-loven enstemmigt vedtaget i Folketinget: Her er den nye lov - træder i kraft 1. juli
Efter 25 millioner solgte bøger bliver dansk bestseller nu til en mørk Netflix-serie
Se alle »
CIO
Teaser billede
NIS2-loven enstemmigt vedtaget i Folketinget: Her er den nye lov - træder i kraft 1. juli
Læs mere »
Her er priserne: Europæiske cloud-løsninger er langt billigere end de amerikanske giganter
Europæisk alternativ til Microsoft 365 oplever enorm interesse: Donald Trump og JD Vance giver det kæmpe boost
Her er Microsofts fem vigtigste løfter til Europa: Vil modstå Trump og indsætte særlig europæisk bestyrelse
Se alle »
Job & Karriere
Teaser billede
Den danske it-branche er på vagt: Hvad nu hvis Trump lukker for Microsoft 365 og AWS fra på mandag?
Læs mere »
Danske it-folk lokkes med store tiltrædelses-bonusser: Nu kan du score mere end 100.000 kroner ved at skrive under på ny jobkontrakt
Så meget tjener en dansk it-udvikler i gennemsnit om måneden: Forventer at få solide lønstigninger inden længe
Husk det her, når du skal købe it-løsninger næste gang: Vi er vidner til it-branchens største maskefald nogensinde
Se alle »
White paper
Teaser billede
Udnyt Genesys Cloud CX optimalt og styrk kundeoplevelsen
Læs mere »
Revolutionér kundeoplevelsen med AI og automatisering
Sådan: Virtualisering uden vendor lock-in og høje omkostninger
Cybersikkerhed 2025: Er din branche blandt de mest udsatte?
Se alle »

Events
Flere events »
White papers
Flere white papers »
IT-Kurser
Se alle vores it-kurser »