SUPERAntiSpyware Scan Log
Generated 07/23/2006 at 02:01 PM
Core Rules Database Version : 3029
Trace Rules Database Version: 1093
Memory threats detected : 0
Registry threats detected : 44
File threats detected : 126
BearShare File Sharing Client
[BearShare] C:\Programmer\BearShare\BearShare.exe
C:\Programmer\BearShare\BearShare.exe
C:\Documents and Settings\All Users\Menuen Start\Programmer\BearShare.lnk
C:\Documents and Settings\dgfg\Skrivebord\BearShare.lnk
C:\System Volume Information\_restore{973552C9-F42B-4288-BBC5-4EB26BE78424}\RP106\A0023033.lnk
C:\System Volume Information\_restore{973552C9-F42B-4288-BBC5-4EB26BE78424}\RP106\A0023034.lnk
C:\WINDOWS\Prefetch\BEARSHARE.EXE-1F7FB804.pf
Trojan.NewDotNet
HKLM\Software\Classes\CLSID\{4A2AACF3-ADF6-11D5-98A9-00E018981B9E}
HKCR\CLSID\{4A2AACF3-ADF6-11D5-98A9-00E018981B9E}
HKCR\CLSID\{4A2AACF3-ADF6-11D5-98A9-00E018981B9E}
HKCR\CLSID\{4A2AACF3-ADF6-11D5-98A9-00E018981B9E}\InprocServer32
HKCR\CLSID\{4A2AACF3-ADF6-11D5-98A9-00E018981B9E}\InprocServer32#ThreadingModel
HKCR\CLSID\{4A2AACF3-ADF6-11D5-98A9-00E018981B9E}\ProgID
HKCR\CLSID\{4A2AACF3-ADF6-11D5-98A9-00E018981B9E}\Programmable
HKCR\CLSID\{4A2AACF3-ADF6-11D5-98A9-00E018981B9E}\TypeLib
HKCR\CLSID\{4A2AACF3-ADF6-11D5-98A9-00E018981B9E}\VersionIndependentProgID
C:\Programmer\NewDotNet\newdotnet7_22.dll
HKCR\Tldctl2.URLLink
HKCR\Tldctl2.URLLink\CLSID
HKCR\Tldctl2.URLLink\CurVer
HKCR\Tldctl2.URLLink.1
HKCR\Tldctl2.URLLink.1\CLSID
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\New.net
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\New.net#DisplayName
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\New.net#UninstallString
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\New.net#DisplayIcon
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\New.net#DisplayVersion
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\New.net#Publisher
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\New.net#URLInfoAbout
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\New.net#HelpLink
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\New.net#URLUpdateInfo
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\New.net#VersionMajor
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\New.net#VersionMinor
HKU\.DEFAULT\Software\New.net
HKU\S-1-5-21-343818398-1801674531-725345543-1004\Software\New.net
HKU\S-1-5-18\Software\New.net
HKLM\Software\New.net
HKLM\Software\New.net#InstalledVersion
HKLM\Software\New.net#InstalledPath
HKLM\Software\New.net#Tag
HKLM\Software\New.net#DiscardTag
HKLM\Software\New.net#FirstTime
HKLM\Software\New.net#Source
HKLM\Software\New.net#Prt
HKLM\Software\New.net#LSPStatus
HKLM\Software\New.net#NextUpgradeHi
HKLM\Software\New.net#NextUpgradeLo
HKLM\Software\New.net#UpgradeCounter
HKLM\Software\New.net#Search
HKLM\Software\New.net#Activity
HKLM\Software\New.net#XpiDone
C:\Programmer\NewDotNet\readme.html
C:\Programmer\NewDotNet\uninstall6_38.#xe
C:\Programmer\NewDotNet\uninstall7_22.#xe
C:\Programmer\NewDotNet
C:\System Volume Information\_restore{973552C9-F42B-4288-BBC5-4EB26BE78424}\RP122\A0025377.exe
C:\WINDOWS\NDNuninstall6_38.#xe
C:\WINDOWS\NDNUNI~2.EXE.#ir
Adware.Tracking Cookie
C:\Documents and Settings\dgfg\Cookies\dgfg@msnportal.112.2o7[1].txt
C:\Documents and Settings\dgfg\Cookies\dgfg@xxxcounter[1].txt
C:\Documents and Settings\dgfg\Cookies\dgfg@statse.webtrendslive[2].txt
C:\Documents and Settings\dgfg\Cookies\dgfg@winfixer[2].txt
C:\Documents and Settings\dgfg\Cookies\dgfg@media.fastclick[2].txt
C:\Documents and Settings\dgfg\Cookies\dgfg@www.sexyerotic[1].txt
C:\Documents and Settings\dgfg\Cookies\dgfg@track.adform[2].txt
C:\Documents and Settings\dgfg\Cookies\dgfg@interclick[2].txt
C:\Documents and Settings\dgfg\Cookies\dgfg@www.0stats[2].txt
C:\Documents and Settings\dgfg\Cookies\dgfg@as1.falkag[2].txt
C:\Documents and Settings\dgfg\Cookies\dgfg@1070527576[1].txt
C:\Documents and Settings\dgfg\Cookies\dgfg@ad1.emediate[2].txt
C:\Documents and Settings\dgfg\Cookies\dgfg@e2.emediate[1].txt
C:\Documents and Settings\dgfg\Cookies\dgfg@www.sexbanden[1].txt
C:\Documents and Settings\dgfg\Cookies\dgfg@www.belstat[2].txt
C:\Documents and Settings\dgfg\Cookies\dgfg@cgi-bin[2].txt
C:\Documents and Settings\dgfg\Cookies\dgfg@adopt.euroclick[1].txt
C:\Documents and Settings\dgfg\Cookies\dgfg@cts.metricsdirect[1].txt
C:\Documents and Settings\dgfg\Cookies\dgfg@counter1.sextracker[1].txt
C:\Documents and Settings\dgfg\Cookies\dgfg@sextracker[2].txt
C:\Documents and Settings\dgfg\Cookies\dgfg@tradedoubler[2].txt
C:\Documents and Settings\dgfg\Cookies\dgfg@counter9.sextracker[1].txt
C:\Documents and Settings\dgfg\Cookies\dgfg@cassava[1].txt
C:\Documents and Settings\dgfg\Cookies\dgfg@stat.postdanmark[2].txt
C:\Documents and Settings\dgfg\Cookies\dgfg@ad.yieldmanager[1].txt
C:\Documents and Settings\dgfg\Cookies\dgfg@ads.arto[1].txt
C:\Documents and Settings\dgfg\Cookies\dgfg@ads.beamfile[1].txt
C:\Documents and Settings\dgfg\Cookies\dgfg@ad.adocean[2].txt
C:\Documents and Settings\dgfg\Cookies\dgfg@ads2.jubii[1].txt
C:\Documents and Settings\dgfg\Cookies\dgfg@counter4.sextracker[1].txt
C:\Documents and Settings\dgfg\Cookies\dgfg@as-eu.falkag[1].txt
C:\Documents and Settings\dgfg\Cookies\dgfg@atdmt[2].txt
C:\Documents and Settings\dgfg\Cookies\dgfg@vhost.oddcast[2].txt
C:\Documents and Settings\dgfg\Cookies\dgfg@clicktorrent[1].txt
C:\Documents and Settings\dgfg\Cookies\dgfg@adtech[2].txt
C:\Documents and Settings\dgfg\Cookies\dgfg@www.winfixer[1].txt
C:\Documents and Settings\dgfg\Cookies\dgfg@hit.stat[2].txt
C:\Documents and Settings\dgfg\Cookies\dgfg@m1.webstats4u[1].txt
C:\Documents and Settings\dgfg\Cookies\dgfg@adultfriendfinder[2].txt
C:\Documents and Settings\dgfg\Cookies\dgfg@ad2.adecn[1].txt
C:\Documents and Settings\dgfg\Cookies\dgfg@a[1].txt
C:\Documents and Settings\dgfg\Cookies\dgfg@indextools[1].txt
C:\Documents and Settings\dgfg\Cookies\dgfg@bannere.fyens[1].txt
C:\Documents and Settings\dgfg\Cookies\dgfg@888[2].txt
C:\Documents and Settings\dgfg\Cookies\dgfg@ilead.itrack[2].txt
C:\Documents and Settings\dgfg\Cookies\dgfg@stats1.reliablestats[1].txt
C:\Documents and Settings\dgfg\Cookies\dgfg@mb[2].txt
C:\Documents and Settings\dgfg\Cookies\dgfg@307[1].txt
C:\Documents and Settings\dgfg\Cookies\dgfg@fixionmedia[1].txt
C:\Documents and Settings\dgfg\Cookies\dgfg@ads.habbohotel[1].txt
C:\Documents and Settings\dgfg\Cookies\dgfg@indexstats[1].txt
C:\Documents and Settings\dgfg\Cookies\dgfg@www.burstnet[1].txt
C:\Documents and Settings\dgfg\Cookies\dgfg@adecn[1].txt
C:\Documents and Settings\dgfg\Cookies\dgfg@cs.sexcounter[2].txt
C:\Documents and Settings\dgfg\Cookies\dgfg@43126847[1].txt
C:\Documents and Settings\dgfg\Cookies\dgfg@adfair[1].txt
C:\Documents and Settings\dgfg\Cookies\dgfg@www.webstat[1].txt
C:\Documents and Settings\dgfg\Cookies\dgfg@www.sexfarmer[1].txt
C:\Documents and Settings\dgfg\Cookies\dgfg@ads.habbogroup[2].txt
C:\Documents and Settings\dgfg\Cookies\dgfg@sexlist[2].txt
C:\Documents and Settings\dgfg\Cookies\dgfg@mediaplex[1].txt
C:\Documents and Settings\dgfg\Cookies\dgfg@advertising[1].txt
C:\Documents and Settings\dgfg\Cookies\dgfg@2o7[1].txt
C:\Documents and Settings\dgfg\Cookies\dgfg@click.cashengines[1].txt
C:\Documents and Settings\dgfg\Cookies\dgfg@doubleclick[2].txt
C:\Documents and Settings\dgfg\Cookies\dgfg@fastclick[2].txt
C:\Documents and Settings\dgfg\Cookies\dgfg@www.888[1].txt
C:\Documents and Settings\dgfg\Cookies\dgfg@data2.perf.overture[1].txt
C:\Documents and Settings\dgfg\Cookies\dgfg@1069940886[1].txt
C:\Documents and Settings\dgfg\Cookies\dgfg@us01.xmlsearch.findwhat[1].txt
C:\Documents and Settings\Gæst\Cookies\gæst@stats1.reliablestats[1].txt
Trojan.WinAntiSpyware/WinAntiVirus 2006
C:\WINDOWS\system32\stera.job
Adware.Starware
C:\Documents and Settings\All Users\Application Data\Starware\buttons\cursorcafe.bmp
C:\Documents and Settings\All Users\Application Data\Starware\buttons\cursorcafeA.bmp
C:\Documents and Settings\All Users\Application Data\Starware\buttons\FindIt.bmp
C:\Documents and Settings\All Users\Application Data\Starware\buttons\FindItHot.bmp
C:\Documents and Settings\All Users\Application Data\Starware\buttons\findithotxp.png
C:\Documents and Settings\All Users\Application Data\Starware\buttons\finditxp.png
C:\Documents and Settings\All Users\Application Data\Starware\buttons\games.bmp
C:\Documents and Settings\All Users\Application Data\Starware\buttons\gamesA.bmp
C:\Documents and Settings\All Users\Application Data\Starware\buttons\Highlight.bmp
C:\Documents and Settings\All Users\Application Data\Starware\buttons\HighlightHot.bmp
C:\Documents and Settings\All Users\Application Data\Starware\buttons\highlighthotxp.png
C:\Documents and Settings\All Users\Application Data\Starware\buttons\highlightxp.png
C:\Documents and Settings\All Users\Application Data\Starware\buttons\logo.bmp
C:\Documents and Settings\All Users\Application Data\Starware\buttons\logoxp.bmp
C:\Documents and Settings\All Users\Application Data\Starware\buttons\moviesA.bmp
C:\Documents and Settings\All Users\Application Data\Starware\buttons\Reference.bmp
C:\Documents and Settings\All Users\Application Data\Starware\buttons\ReferenceHot.bmp
C:\Documents and Settings\All Users\Application Data\Starware\buttons\referencehotxp.png
C:\Documents and Settings\All Users\Application Data\Starware\buttons\referencexp.png
C:\Documents and Settings\All Users\Application Data\Starware\buttons\screensaver.bmp
C:\Documents and Settings\All Users\Application Data\Starware\buttons\screensaverA.bmp
C:\Documents and Settings\All Users\Application Data\Starware\buttons\Weather.bmp
C:\Documents and Settings\All Users\Application Data\Starware\buttons\weatherhotxp.png
C:\Documents and Settings\All Users\Application Data\Starware\buttons\weatherxp.png
C:\Documents and Settings\All Users\Application Data\Starware\buttons
C:\Documents and Settings\All Users\Application Data\Starware\contexts\error.xml
C:\Documents and Settings\All Users\Application Data\Starware\contexts\related.xml
C:\Documents and Settings\All Users\Application Data\Starware\contexts\travel.xml
C:\Documents and Settings\All Users\Application Data\Starware\contexts
C:\Documents and Settings\All Users\Application Data\Starware\images\walertXP.bmp
C:\Documents and Settings\All Users\Application Data\Starware\images
C:\Documents and Settings\All Users\Application Data\Starware\SimpleUpdate\ProductMessagingConfig.xml
C:\Documents and Settings\All Users\Application Data\Starware\SimpleUpdate\ProductMessagingConfig.xml.backup
C:\Documents and Settings\All Users\Application Data\Starware\SimpleUpdate\SimpleUpdateConfig.xml
C:\Documents and Settings\All Users\Application Data\Starware\SimpleUpdate\SimpleUpdateConfig.xml.backup
C:\Documents and Settings\All Users\Application Data\Starware\SimpleUpdate\TimerManagerConfig.xml
C:\Documents and Settings\All Users\Application Data\Starware\SimpleUpdate\TimerManagerConfig.xml.backup
C:\Documents and Settings\All Users\Application Data\Starware\SimpleUpdate
C:\Documents and Settings\All Users\Application Data\Starware
Adware.Casino Games (Golden Palace Casino)
C:\Programmer\GrandVirtual\Everest Poker\casino.exe
_____________________________________________________________________________________
setup.exe;C:\Documents and Settings\dgfg\Lokale indstillinger\Temp\NI.UWA6PK_0001_N73M1204;Trojan.Fakealert;Deleted.;
cstart-tmp.exe;C:\Programmer\GrandVirtual\Everest Poker;Adware.Casino;Renamed.;
cstart.exe;C:\Programmer\GrandVirtual\Everest Poker;Adware.Casino;Renamed.;
Everest Poker.exe;C:\Programmer\GrandVirtual\Everest Poker;Adware.Casino;Renamed.;
uninstall6_38.exe;C:\Programmer\NewDotNet;Adware.NewDotNet;Renamed.;
uninstall7_22.exe;C:\Programmer\NewDotNet;Adware.NewDotNet;Renamed.;
A0024867.dll;C:\System Volume Information\_restore{973552C9-F42B-4288-BBC5-4EB26BE78424}\RP118;Adware.Zango;Renamed.;
A0025348.exe;C:\System Volume Information\_restore{973552C9-F42B-4288-BBC5-4EB26BE78424}\RP121;Adware.Zango;Renamed.;
A0025351.dll;C:\System Volume Information\_restore{973552C9-F42B-4288-BBC5-4EB26BE78424}\RP121;Adware.Zango;Renamed.;
A0025372.exe;C:\System Volume Information\_restore{973552C9-F42B-4288-BBC5-4EB26BE78424}\RP122;Adware.Casino;Renamed.;
A0025373.exe;C:\System Volume Information\_restore{973552C9-F42B-4288-BBC5-4EB26BE78424}\RP122;Adware.Casino;Renamed.;
A0025374.exe;C:\System Volume Information\_restore{973552C9-F42B-4288-BBC5-4EB26BE78424}\RP122;Adware.Casino;Renamed.;
A0025375.exe;C:\System Volume Information\_restore{973552C9-F42B-4288-BBC5-4EB26BE78424}\RP122;Adware.NewDotNet;Renamed.;
A0025376.exe;C:\System Volume Information\_restore{973552C9-F42B-4288-BBC5-4EB26BE78424}\RP122;Adware.NewDotNet;Renamed.;
A0009359.exe;C:\System Volume Information\_restore{973552C9-F42B-4288-BBC5-4EB26BE78424}\RP59;Adware.Zango;Renamed.;
A0009444.dll;C:\System Volume Information\_restore{973552C9-F42B-4288-BBC5-4EB26BE78424}\RP59;Adware.Zango;Renamed.;
A0012202.old;C:\System Volume Information\_restore{973552C9-F42B-4288-BBC5-4EB26BE78424}\RP68;Adware.Casino;Renamed.;
A0016408.exe;C:\System Volume Information\_restore{973552C9-F42B-4288-BBC5-4EB26BE78424}\RP79;Adware.Casino;Renamed.;
A0016528.exe;C:\System Volume Information\_restore{973552C9-F42B-4288-BBC5-4EB26BE78424}\RP79;Adware.Casino;Renamed.;
A0016555.exe;C:\System Volume Information\_restore{973552C9-F42B-4288-BBC5-4EB26BE78424}\RP79;Adware.Casino;Renamed.;
A0016865.exe;C:\System Volume Information\_restore{973552C9-F42B-4288-BBC5-4EB26BE78424}\RP82;Adware.Casino;Renamed.;
A0017044.exe;C:\System Volume Information\_restore{973552C9-F42B-4288-BBC5-4EB26BE78424}\RP83;Adware.Casino;Renamed.;
A0017078.exe;C:\System Volume Information\_restore{973552C9-F42B-4288-BBC5-4EB26BE78424}\RP84;Adware.Casino;Renamed.;
A0017154.dll;C:\System Volume Information\_restore{973552C9-F42B-4288-BBC5-4EB26BE78424}\RP85;Adware.NewDotNet;Renamed.;
A0017240.exe;C:\System Volume Information\_restore{973552C9-F42B-4288-BBC5-4EB26BE78424}\RP85;Adware.NewDotNet;Renamed.;
A0017382.exe;C:\System Volume Information\_restore{973552C9-F42B-4288-BBC5-4EB26BE78424}\RP85;Adware.Casino;Renamed.;
NDNuninstall6_38.exe;C:\WINDOWS;Adware.NewDotNet;Renamed.;
____________________________________________________________________________________
Logfile of HijackThis v1.99.1
Scan saved at 14:14:23, on 23-07-2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Programmer\Alwil Software\Avast4\aswUpdSv.exe
C:\Programmer\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\Programmer\Roxio\Easy CD Creator 5\DirectCD\DirectCD.exe
C:\Programmer\Java\jre1.5.0_06\bin\jusched.exe
C:\Programmer\Nokia\Nokia PC Suite 6\LaunchApplication.exe
C:\Programmer\Fælles filer\PCSuite\DataLayer\DataLayer.exe
C:\WINDOWS\system32\Pd7tPan.Exe
C:\WINDOWS\system32\USBPlug.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Programmer\iTunes\iTunesHelper.exe
C:\Programmer\QuickTime\qttask.exe
C:\Programmer\MSN Messenger\msnmsgr.exe
C:\Programmer\SUPERAntiSpyware\SUPERAntiSpyware.exe
C:\Programmer\Alwil Software\Avast4\ashMaiSv.exe
C:\Programmer\Alwil Software\Avast4\ashWebSv.exe
C:\PROGRA~1\FLLESF~1\PCSuite\Services\SERVIC~1.EXE
C:\Programmer\iPod\bin\iPodService.exe
C:\Programmer\WinZip\WZQKPICK.EXE
C:\Programmer\Internet Explorer\iexplore.exe
C:\WINDOWS\system32\msiexec.exe
C:\Documents and Settings\dgfg\Skrivebord\hijackthis\hijackthis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =
http://runonce.msn.com/?v=msgrv75R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Hyperlinks
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programmer\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programmer\Java\jre1.5.0_06\bin\ssv.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programmer\Fælles filer\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [AdaptecDirectCD] "C:\Programmer\Roxio\Easy CD Creator 5\DirectCD\DirectCD.exe"
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Programmer\Java\jre1.5.0_06\bin\jusched.exe
O4 - HKLM\..\Run: [PCSuiteTrayApplication] C:\Programmer\Nokia\Nokia PC Suite 6\LaunchApplication.exe -onlytray
O4 - HKLM\..\Run: [DataLayer] C:\Programmer\Fælles filer\PCSuite\DataLayer\DataLayer.exe
O4 - HKLM\..\Run: [BearShare] "C:\Programmer\BearShare\BearShare.exe" /pause
O4 - HKLM\..\Run: [Pd7tPan] Pd7tPan.Exe
O4 - HKLM\..\Run: [dscService] C:\WINDOWS\system32\USBPlug.exe
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [iTunesHelper] "C:\Programmer\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Programmer\QuickTime\qttask.exe" -atboottime
O4 - HKCU\..\Run: [msnmsgr] "C:\Programmer\MSN Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [SUPERAntiSpyware] C:\Programmer\SUPERAntiSpyware\SUPERAntiSpyware.exe
O4 - Global Startup: Adobe Reader Hurtigstart.lnk = C:\Programmer\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: WinZip Quick Pick.lnk = C:\Programmer\WinZip\WZQKPICK.EXE
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programmer\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programmer\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programmer\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programmer\Messenger\msmsgs.exe
O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags Class) -
http://messenger.zone.msn.com/binary/MineSweeper.cab31267.cabO16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) -
http://messenger.zone.msn.com/binary/MessengerStatsClient.cab31267.cabO16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) -
http://messenger.msn.com/download/MsnMessengerSetupDownloader.cabO16 - DPF: {F6BF0D00-0B2A-4A75-BF7B-F385591623AF} (Solitaire Showdown Class) -
http://messenger.zone.msn.com/binary/SolitaireShowdown.cab31267.cabO18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O20 - Winlogon Notify: SASWinLogon - C:\Programmer\SUPERAntiSpyware\SASWINLO.dll
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - Unknown owner - C:\Programmer\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - Unknown owner - C:\Programmer\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - Unknown owner - C:\Programmer\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)
O23 - Service: avast! Web Scanner - Unknown owner - C:\Programmer\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Programmer\Fælles filer\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPodService - Apple Computer, Inc. - C:\Programmer\iPod\bin\iPodService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe