Hjølp til log-filer
Malwarebytes' Anti-Malware 1.36Database version: 1989
Windows 6.0.6001 Service Pack 1
16-04-2009 17:54:00
mbam-log-2009-04-16 (17-54-00).txt
Skan type: Fuldstændig skanning (C:\|D:\|)
Objekter skannet: 253335
Tid tilbagelagt: 5 hour(s), 54 minute(s), 0 second(s)
Inficerede Hukommelses Processer: 0
Inficerede Hukommelses Moduler: 0
Inficerede Registeringsdatabase Nøgler: 0
Inficerede Registeringsdatabase Værdier: 0
Inficerede Registeringsdatabase Filer: 0
Inficerede Mapper: 0
Inficerede Filer: 0
Inficerede Hukommelses Processer:
(Ingen mistænkelige filer fundet)
Inficerede Hukommelses Moduler:
(Ingen mistænkelige filer fundet)
Inficerede Registeringsdatabase Nøgler:
(Ingen mistænkelige filer fundet)
Inficerede Registeringsdatabase Værdier:
(Ingen mistænkelige filer fundet)
Inficerede Registeringsdatabase Filer:
(Ingen mistænkelige filer fundet)
Inficerede Mapper:
(Ingen mistænkelige filer fundet)
Inficerede Filer:
(Ingen mistænkelige filer fundet)
______________________________________________________________
ComboFix 09-04-17.01 - Tina Nissen 16-04-2009 18:49:01.2 - NTFSx86 MINIMAL
Microsoft® Windows Vista™ Home Premium 6.0.6001.1.1252.45.1030.18.3002.2546 [GMT 2:00]
Kører fra: C:\Users\Tina Nissen\Desktop\spywarefri\ComboFix.exe
.
((((((((((((((((((((((((((((( Filer skabt fra 2009-03-17 til 2009-04-17 )))))))))))))))))))))))))))))))))))
.
2009-04-16 16:46:06 . 2009-04-16 16:46:50 248715283 ----a-w C:\Windows\MEMORY.DMP
2009-04-16 09:58:50 . 2009-04-16 09:58:50 0 d-----w C:\Users\Tina Nissen\AppData\Roaming\Malwarebytes
2009-04-16 09:58:48 . 2009-04-06 13:32:46 15504 ----a-w C:\Windows\system32\drivers\mbam.sys
2009-04-16 09:58:45 . 2009-04-06 13:32:54 38496 ----a-w C:\Windows\system32\drivers\mbamswissarmy.sys
2009-04-16 09:58:44 . 2009-04-16 09:58:44 0 d-----w C:\Users\All Users\Malwarebytes
2009-04-16 09:58:44 . 2009-04-16 09:58:44 0 d-----w C:\ProgramData\Malwarebytes
.
(((((((((((((((((((((((((((((((((((((((( Find3M Rapport ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-04-16 16:39:03 . 2009-02-08 22:05:57 0 d-----w C:\Users\Tina Nissen\AppData\Roaming\Skype
2009-04-16 16:38:43 . 2009-02-09 09:20:26 0 d-----w C:\Users\Tina Nissen\AppData\Roaming\skypePM
2009-04-16 16:37:56 . 2008-12-30 10:20:27 68824 ----a-w C:\Users\Tina Nissen\AppData\Local\GDIPFONTCACHEV1.DAT
2009-04-16 09:58:49 . 2009-04-16 09:58:44 0 d-----w C:\Program Files\Malwarebytes' Anti-Malware
2009-04-16 09:54:48 . 2009-04-16 09:54:46 0 d-----w C:\Program Files\CCleaner
2009-04-16 09:29:55 . 2009-03-12 20:28:04 0 d-----w C:\Program Files\Common Files\Apple
2009-04-16 08:11:00 . 2008-07-12 10:14:48 589296 ----a-w C:\Windows\System32\perfh01D.dat
2009-04-16 08:11:00 . 2008-07-12 10:14:48 117296 ----a-w C:\Windows\System32\perfc01D.dat
2009-04-16 08:11:00 . 2008-07-12 10:09:51 76390 ----a-w C:\Windows\System32\perfc014.dat
2009-04-16 08:11:00 . 2008-07-12 10:09:51 443832 ----a-w C:\Windows\System32\perfh014.dat
2009-04-16 08:11:00 . 2008-07-12 10:04:59 80612 ----a-w C:\Windows\System32\perfc00B.dat
2009-04-16 08:11:00 . 2008-07-12 10:04:59 427118 ----a-w C:\Windows\System32\perfh00B.dat
2009-04-16 08:11:00 . 2008-07-12 10:00:20 77202 ----a-w C:\Windows\System32\perfc006.dat
2009-04-16 08:11:00 . 2008-07-12 10:00:20 463344 ----a-w C:\Windows\System32\perfh006.dat
2009-04-16 07:21:04 . 2009-03-06 08:32:58 0 d-----w C:\Users\Tina Nissen\AppData\Roaming\EndNote
2009-04-16 06:47:20 . 2009-03-12 21:24:04 0 d-----w C:\ProgramData\Google Updater
2009-03-12 21:25:02 . 2009-01-03 21:47:08 0 d-----w C:\Program Files\Google
2009-03-12 20:30:45 . 2009-03-12 20:30:45 0 d-----w C:\Users\Tina Nissen\AppData\Roaming\Apple Computer
2009-03-12 20:30:36 . 2009-03-12 20:30:21 0 d-----w C:\ProgramData\{00D89592-F643-4D8D-8F0F-AFAE0F14D4C3}
2009-03-12 20:30:21 . 2009-03-12 20:29:18 0 d-----w C:\ProgramData\Apple Computer
2009-03-12 20:29:53 . 2009-03-12 20:29:53 0 d-----w C:\Program Files\Bonjour
2009-03-12 20:29:40 . 2009-03-12 20:29:18 0 d-----w C:\Program Files\QuickTime
2009-03-12 20:28:56 . 2009-03-12 20:28:55 0 d-----w C:\Program Files\Apple Software Update
2009-03-12 20:28:44 . 2006-11-02 10:25:05 86016 ----a-w C:\Windows\Inf\infstrng.dat
2009-03-12 20:28:44 . 2006-11-02 10:25:05 86016 ----a-w C:\Windows\Inf\infstor.dat
2009-03-12 20:28:44 . 2006-11-02 10:25:05 51200 ----a-w C:\Windows\Inf\infpub.dat
2009-03-12 20:28:03 . 2009-03-12 20:28:03 0 d-----w C:\ProgramData\Apple
2009-03-11 17:29:56 . 2006-11-02 11:18:33 0 d-----w C:\Program Files\Windows Mail
2009-03-06 08:16:21 . 2009-03-06 08:14:46 0 d-----w C:\ProgramData\Thomson.ResearchSoft.Installers
2009-03-06 08:16:20 . 2009-03-06 08:16:20 0 d-----w C:\Users\Tina Nissen\AppData\Roaming\ISI ResearchSoft
2009-03-06 08:16:20 . 2009-03-06 08:16:19 0 d-----w C:\Program Files\Common Files\Risxtd
2009-03-06 08:16:18 . 2009-03-06 08:16:18 0 d-----w C:\ProgramData\ISI ResearchSoft
2009-03-06 08:16:18 . 2009-03-06 08:16:18 0 d-----w C:\Program Files\Common Files\ResearchSoft
2009-03-06 08:16:10 . 2009-03-06 08:15:20 0 d-----w C:\Program Files\Reference Manager 12
2009-03-06 08:12:25 . 2009-03-06 08:12:25 0 d-----w C:\Program Files\Common Files\Wise Installation Wizard
2009-02-25 17:33:53 . 2009-02-25 17:33:53 0 ---ha-w C:\Windows\system32\drivers\Msft_User_WpdMtpDr_01_00_00.Wdf
2009-02-20 10:45:12 . 2009-02-20 10:45:12 0 d-----w C:\ProgramData\e-Safekey
2009-02-09 09:20:26 . 2009-02-09 09:20:26 56 ---ha-w C:\Users\All Users\ezsidmv.dat
2009-02-09 09:20:26 . 2009-02-09 09:20:26 56 ---ha-w C:\ProgramData\ezsidmv.dat
2009-02-09 03:10:34 . 2009-03-11 08:13:55 2033152 ----a-w C:\Windows\System32\win32k.sys
2009-01-08 20:41:18 . 2009-01-05 15:45:27 2126 ----a-w C:\Users\Tina Nissen\AppData\Roaming\wklnhst.dat
2009-01-06 08:30:42 . 2009-01-06 08:30:42 68824 ----a-w C:\Users\Tina Nissen\AppData\Roaming\GDIPFONTCACHEV1.DAT
2008-01-21 02:43:21 . 2006-11-02 12:50:50 174 --sha-w C:\Program Files\desktop.ini
2008-07-12 10:16:49 . 2008-07-12 10:16:47 8192 --sha-w C:\Windows\Users\Default\NTUSER.DAT
.
((((((((((((((((((((((((((((((((((( Start steder i reg.basen ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Bemærk* tomme linier & lovlige standard linier vises ikke
REGEDIT4
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="C:\Program Files\Windows Sidebar\sidebar.exe" [2008-01-21 02:23:29 1233920]
"MsnMsgr"="C:\Program Files\MSN Messenger\MsnMsgr.Exe" [2007-01-19 11:55:08 5674352]
"LightScribe Control Panel"="C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe" [2008-02-26 21:08:32 2289664]
"swg"="C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2009-01-03 21:47:18 39408]
"Skype"="C:\Program Files\Skype\Phone\Skype.exe" [2009-02-04 11:27:34 23975720]
"ehTray.exe"="C:\Windows\ehome\ehTray.exe" [2008-01-21 02:25:11 125952]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SynTPEnh"="C:\Program Files\Synaptics\SynTP\SynTPEnh.exe" [2008-04-17 18:05:10 1049896]
"IgfxTray"="C:\Windows\system32\igfxtray.exe" [2008-06-17 13:39:48 150040]
"HotKeysCmds"="C:\Windows\system32\hkcmd.exe" [2008-06-17 13:39:24 170520]
"Persistence"="C:\Windows\system32\igfxpers.exe" [2008-06-17 13:39:36 145944]
"UCam_Menu"="C:\Program Files\CyberLink\YouCam\MUITransfer\MUIStartMenu.exe" [2007-12-24 22:55:34 222504]
"QPService"="C:\Program Files\HP\QuickPlay\QPService.exe" [2008-06-12 05:17:52 468264]
"QlbCtrl.exe"="C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe" [2008-05-12 22:10:40 202032]
"HP Health Check Scheduler"="c:\Program Files\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe" [2008-04-15 20:42:16 70912]
"HP Software Update"="C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe" [2007-05-08 23:24:20 54840]
"hpWirelessAssistant"="C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe" [2008-04-15 21:51:00 488752]
"SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe" [2008-02-22 11:25:21 144784]
"Adobe Reader Speed Launcher"="C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2008-01-11 21:16:38 39792]
"OrderReminder"="C:\Program Files\Hewlett-Packard\OrderReminder\OrderReminder.exe" [2006-01-30 16:00:00 98304]
"QuickTime Task"="C:\Program Files\QuickTime\QTTask.exe" [2009-01-05 15:18:48 413696]
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\
Microsoft Office.lnk - C:\Program Files\Microsoft Office\Office10\OSA.EXE [2001-2-13 83360]
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableUIADesktopToggle"= 0 (0x0)
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"msacm.l3codecp"= l3codecp.acm
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring]
"DisableMonitoring"=dword:00000001
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]
"DisableMonitoring"=dword:00000001
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]
"DisableMonitoring"=dword:00000001
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\FirewallRules]
"{D31C0ED7-B046-41B6-9A1F-F204CCACC791}"= C:\Program Files\HP\QuickPlay\QP.exe:Quick Play
"{03BD8B47-5375-4AE4-ABD4-73C60EF2D061}"= C:\Program Files\HP\QuickPlay\QPService.exe:Quick Play Resident Program
"{6ABBFF79-FA15-4D05-8C4D-49454DAA3756}"= C:\Program Files\Cyberlink\PowerDirector\PDR.EXE:CyberLink PowerDirector
"{E2CDE957-502A-4967-865D-CCADDE48C41C}"= C:\Program Files\MSN Messenger\livecall.exe:Windows Live Messenger 8.1 (Phone)
"TCP Query User{996F67A9-F27D-4EB8-BC6F-F0384832FBD3}C:\\program files\\internet explorer\\iexplore.exe"= UDP:C:\program files\internet explorer\iexplore.exe:Internet Explorer
"UDP Query User{43D0E1A1-D499-4621-AF2F-DD772E250B6F}C:\\program files\\internet explorer\\iexplore.exe"= TCP:C:\program files\internet explorer\iexplore.exe:Internet Explorer
"{C4D9D2A8-9F27-4B58-B953-072EEFBCCD7B}"= C:\Program Files\Skype\Phone\Skype.exe:Skype
"{A5FBE599-1B96-4A8E-89AB-D9E7CF922DCA}"= UDP:C:\Program Files\Bonjour\mDNSResponder.exe:Bonjour
"{5A24062F-2539-4B07-93EB-9F4E86CBA751}"= TCP:C:\Program Files\Bonjour\mDNSResponder.exe:Bonjour
R2 ezSharedSvc;Easybits Shared Services for Windows;C:\Windows\system32\svchost.exe [2008-01-21 02:23:43 21504]
R2 gupdate1c9a358f7e85da0;Tjenesten Google Update (gupdate1c9a358f7e85da0);C:\Program Files\Google\Update\GoogleUpdate.exe [2009-03-12 21:24:36 133104]
R2 Recovery Service for Windows;Recovery Service for Windows;C:\Windows\SMINST\BLService.exe [2008-04-26 08:15:26 361808]
R3 Com4QLBEx;Com4QLBEx;C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe [2008-04-03 18:33:26 193840]
R3 IntcHdmiAddService;Intel(R) High Definition Audio HDMI;C:\Windows\system32\drivers\IntcHdmi.sys [2008-06-04 17:54:22 113664]
--- Andre Services/Drivers i Hukommelsen ---
*NewlyCreated* - ECACHE
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
ezSharedSvc
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{10880D85-AAD9-4558-ABDC-2AB1552D831F}]
"C:\Program Files\Common Files\LightScribe\LSRunOnce.exe"
.
Indhold af mappen 'Planlagte Opgaver'
2009-04-16 C:\Windows\Tasks\Google Software Updater.job
- C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2009-01-03 21:47:17 . 2009-03-25 08:10:10]
2009-04-16 C:\Windows\Tasks\GoogleUpdateTaskMachine.job
- C:\Program Files\Google\Update\GoogleUpdate.exe [2009-03-12 21:24:45 . 2009-03-12 21:24:36]
2009-04-16 C:\Windows\Tasks\User_Feed_Synchronization-{D2A451A7-66AA-4600-8EB7-F3F1583BFFD0}.job
- C:\Windows\system32\msfeedssync.exe [2008-01-21 02:24:52 . 2008-01-21 02:24:52]
.
.
------- Yderligere scanning -------
.
uStart Page = hxxp://dk.yahoo.com/
mStart Page = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=da_dk&c=83&bd=Presario&pf=cnnb
uInternet Settings,ProxyOverride = *.local
IE: E&xport to Microsoft Excel - C:\PROGRA~1\MICROS~3\Office10\EXCEL.EXE/3000
Trusted Zone: danskebank.dk
DPF: {D8575CE3-3432-4540-88A9-85A1325D3375} - hxxps://netbank.danskebank.dk/html/activex/e-Safekey/DB/e-Safekey.cab
DPF: {DC6FEBC5-0A2D-458A-A01B-5DB15EEC4305} - hxxp://webc.tinanissen.dk/auth/controls/IlosoftImageUpload.dll
DPF: {F27237D7-93C8-44C2-AC6E-D6057B9A918F} - hxxps://logon.sdu.dk/dana-cached/sc/JuniperSetupClient.cab
.
**************************************************************************
catchme 0.3.1375 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-04-16 18:54:34
Windows 6.0.6001 Service Pack 1 NTFS
scanner skjulte processer ...
scanner skjulte autostarter ...
scanner skjulte filer ...
scanning gennemført med succes
skjulte filer: 0
**************************************************************************
.
Gennemført tid: 2009-04-16 18:56:52
ComboFix-quarantined-files.txt 2009-04-16 16:56:51
Pre-Kørsel: 176.450.801.664 byte ledig
Post-Kørsel: 176.341.049.344 byte ledig
158 --- E O F --- 2009-04-14 06:01:38
_________________________________________________________________
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 19:03:56, on 16-04-2009
Platform: Windows Vista SP1 (WinNT 6.00.1905)
MSIE: Internet Explorer v7.00 (7.00.6001.18000)
Boot mode: Normal
Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskeng.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Windows\System32\igfxtray.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Program Files\HP\QuickPlay\QPService.exe
C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QLBCTRL.exe
C:\Program Files\HP\HP Software Update\hpwuSchd2.exe
C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe
C:\Windows\system32\igfxsrvc.exe
C:\Program Files\Adobe\Reader 8.0\Reader\reader_sl.exe
C:\Program Files\Hewlett-Packard\HP wireless Assistant\WiFiMsg.EXE
C:\Program Files\Hewlett-Packard\OrderReminder\OrderReminder.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\Hewlett-Packard\Shared\HpqToaster.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\Windows\ehome\ehtray.exe
C:\Windows\ehome\ehmsas.exe
C:\Program Files\Skype\Plugin Manager\skypePM.exe
C:\Program Files\Internet Explorer\ieuser.exe
C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\system32\wuauclt.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://dk.yahoo.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=da_dk&c=83&bd=Presario&pf=cnnb
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O1 - Hosts: ::1 localhost
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.1.1309.3572\swg.dll
O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_219B3E1547538286.dll
O3 - Toolbar: &Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [IgfxTray] C:\Windows\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\Windows\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\Windows\system32\igfxpers.exe
O4 - HKLM\..\Run: [UCam_Menu] "C:\Program Files\CyberLink\YouCam\MUITransfer\MUIStartMenu.exe" "C:\Program Files\CyberLink\YouCam" update "Software\CyberLink\YouCam\2.0"
O4 - HKLM\..\Run: [QPService] "C:\Program Files\HP\QuickPlay\QPService.exe"
O4 - HKLM\..\Run: [QlbCtrl.exe] C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe /Start
O4 - HKLM\..\Run: [HP Health Check Scheduler] c:\Program Files\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [hpWirelessAssistant] C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [OrderReminder] C:\Program Files\Hewlett-Packard\OrderReminder\OrderReminder.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [LightScribe Control Panel] C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe -hidden
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office10\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O13 - Gopher Prefix:
O15 - Trusted Zone: *.danskebank.dk
O16 - DPF: {D8575CE3-3432-4540-88A9-85A1325D3375} (e-Safekey) - https://netbank.danskebank.dk/html/activex/e-Safekey/DB/e-Safekey.cab
O16 - DPF: {DC6FEBC5-0A2D-458A-A01B-5DB15EEC4305} (IlosoftImageUploadCtl Class) - http://webc.tinanissen.dk/auth/controls/IlosoftImageUpload.dll
O16 - DPF: {F27237D7-93C8-44C2-AC6E-D6057B9A918F} (JuniperSetupClientControl Class) - https://logon.sdu.dk/dana-cached/sc/JuniperSetupClient.cab
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Bonjour-tjeneste (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Com4QLBEx - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe
O23 - Service: GameConsoleService - WildTangent, Inc. - C:\Program Files\HP Games\My HP Game Console\GameConsoleService.exe
O23 - Service: Tjenesten Google Update (gupdate1c9a358f7e85da0) (gupdate1c9a358f7e85da0) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: HP Health Check Service - Hewlett-Packard - c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe
O23 - Service: hpqwmiex - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: Recovery Service for Windows - Unknown owner - C:\Windows\SMINST\BLService.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exe
O23 - Service: XAudioService - Conexant Systems, Inc. - C:\Windows\system32\DRIVERS\xaudio.exe
--
End of file - 8009 bytes
