hijackthis-log

Umiddelbar er loggen 'ren' for snavs. Dog lidt oprydning kunne måske være nyttigt...

Oplever du andre problemer ?

... Nu er det ikke alle (u)ønskede elementer som viser sig med en HiJackThis Log; hvis du har 'mod' på det så gennemfør proceduren herfra -> http://www.eksperten.dk/artikler/1123

Ja, mit IE er begyndt ikke at ville starte op... Det er en af grundene til at jeg er urolig...

Hent Dial-a-fix på dette link, og gem det på skrivebordet.

Direkte link
http://djlizard.net/software/Dial-a-fix-v0.60.0.24.zip

Brug kun nr. to link, hvis det første ikke virker.

Du får da lige et andet link hvis det ikke lykkedes med det første:
http://djlizard.net/Dial-a-fix-2006-09-19.exe

Sæt flueben i følgende, og klik herefter på "GO". Genstart og check om det har hjulpet:
IE

Det hjalp ikke...
Det er som om IE-vinduet lige kommer op, men så efter et split-sekund forsvinder igen...

Hent denne fil og pak den ud til skrivebordet:
http://www.fbeej.ctrlaltdel.dk/Programmer/iereg.zip
Dobbeltklik på IEReg.bat - når den er færdig, genstart PC og se om det giver noget ?

Det hjalp heller ikke...

http://www.eksperten.dk/artikler/1123 !!!

Jeg har prøvet alle de programmer der er i den artikel, med undtagelse af SuperSpywwareSweeper, og den er jeg i gang med at køre... Ind til videre uden resultat...

Sorry... Jeg mente selvfølgelig SuperAntiSpyware...

... bare kom med de Logs du kan ...

Her er de logs:

http://www.handberg-net.dk/combofix.txt
http://www.handberg-net.dk/hijackthis.log
http://www.handberg-net.dk/rootlog.txt

ComboFix 08-02-22.2 - Killer_R 2008-03-01 17:31:21.2 - NTFSx86
Microsoft Windows XP Home Edition  5.1.2600.2.1252.1.1030.18.174 [GMT 1:00]
Running from: C:\Documents and Settings\Killer_R\Skrivebord\IEFix\ComboFix.exe

WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !!
.

(((((((((((((((((((((((((  Files Created from 2008-02-01 to 2008-03-01  )))))))))))))))))))))))))))))))
.

2008-03-01 13:38 . 2008-03-01 13:38    <DIR>    d--------    C:\Documents and Settings\Administrator\Application Data\SUPERAntiSpyware.com
2008-02-26 18:33 . 2008-02-27 15:55    <DIR>    d--------    C:\Documents and Settings\Killer_R\workspace
2008-02-26 18:27 . 2008-02-27 15:50    <DIR>    d--------    C:\Programmer\Photran
2008-02-26 17:12 . 2008-02-26 17:30    <DIR>    d--------    C:\Programmer\Cygwin
2008-02-25 21:33 . 2008-02-25 21:34    <DIR>    d--------    C:\Programmer\OpenOffice.org 2.3
2008-02-25 20:38 . 2008-02-25 20:38    <DIR>    d--------    C:\Documents and Settings\All Users\Application Data\SUPERAntiSpyware.com
2008-02-25 20:36 . 2008-03-01 13:38    <DIR>    d--------    C:\Programmer\SUPERAntiSpyware
2008-02-25 20:36 . 2008-02-25 20:36    <DIR>    d--------    C:\Documents and Settings\Killer_R\Application Data\SUPERAntiSpyware.com
2008-02-25 20:05 . 2008-02-29 18:23    54,156    --ah-----    C:\WINDOWS\QTFont.qfn
2008-02-25 20:05 . 2008-02-25 20:05    1,409    --a------    C:\WINDOWS\QTFont.for
2008-02-22 10:50 . 2008-02-22 10:50    <DIR>    d--------    C:\Documents and Settings\Killer_R\Application Data\Subversion
2008-02-22 10:45 . 2008-02-26 17:15    <DIR>    d--------    C:\Programmer\TortoiseSVN
2008-02-21 16:09 . 2008-02-21 16:09    1,142,784    --a------    C:\WINDOWS\TMUPDATE.DLL
2008-02-21 16:09 . 2008-02-21 16:09    208,896    --a------    C:\WINDOWS\PATCH.EXE
2008-02-21 16:09 . 2008-02-21 16:09    69,689    --a------    C:\WINDOWS\UNZIP.DLL
2008-02-21 03:07 . 2007-08-01 22:47    102,664    --a------    C:\WINDOWS\system32\drivers\tmcomm.sys
2008-02-20 22:59 . 2008-02-21 20:04    <DIR>    d--------    C:\Documents and Settings\Killer_R\.housecall6.6
2008-02-17 00:22 . 2008-02-17 00:18    691,545    --a------    C:\WINDOWS\unins000.exe
2008-02-17 00:22 . 2008-02-17 00:22    3,450    --a------    C:\WINDOWS\unins000.dat
2008-02-16 23:21 . 2008-02-25 23:25    <DIR>    d--------    C:\Programmer\LEd
2008-02-10 13:39 . 2008-02-10 13:39    <DIR>    d--------    C:\Programmer\GSView
2008-02-10 13:37 . 2008-02-10 13:38    <DIR>    d--------    C:\Programmer\GhostScript
2008-02-09 19:25 . 2008-02-09 19:25    <DIR>    d--h-----    C:\WINDOWS\PIF
2008-02-09 12:40 . 2008-02-09 12:40    <DIR>    d--------    C:\Programmer\PUndu1

.
((((((((((((((((((((((((((((((((((((((((  Find3M Report  ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-03-01 12:25    ---------    d-----w    C:\Programmer\Mozilla Thunderbird
2008-02-29 15:24    ---------    d-----w    C:\Programmer\VPN Client
2008-02-27 19:44    ---------    d-----w    C:\Programmer\SpywareBlaster
2008-02-27 14:42    ---------    d-----w    C:\Programmer\Notepad++
2008-02-27 14:42    ---------    d-----w    C:\Documents and Settings\Killer_R\Application Data\Notepad++
2008-02-26 17:27    ---------    d-----w    C:\Programmer\PowerArchiver
2008-02-26 16:03    ---------    d-----w    C:\Programmer\Emacs
2008-02-25 20:50    ---------    d-----w    C:\Documents and Settings\Killer_R\Application Data\OpenOffice.org2
2008-02-25 20:26    ---------    d-----w    C:\Programmer\OpenOffice.org 2.2
2008-02-25 19:42    ---------    d-----w    C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
2008-02-25 19:33    ---------    d-----w    C:\Programmer\Fælles filer\Wise Installation Wizard
2008-02-23 11:20    ---------    d-----w    C:\Programmer\TSW WebCoder 2005
2008-02-22 20:55    ---------    d-----w    C:\Documents and Settings\Killer_R\Application Data\Azureus
2008-02-21 19:53    ---------    d-----w    C:\Programmer\Avast Antivirus 4
2008-02-21 19:53    ---------    d-----w    C:\Programmer\Ad-Aware 2007
2008-02-21 19:52    ---------    d-----w    C:\Programmer\Spybot - Search & Destroy
2008-02-21 19:52    ---------    d-----w    C:\Programmer\SmartFTP
2008-02-21 19:52    ---------    d-----w    C:\Programmer\FolderSize
2008-02-21 19:51    ---------    d-----w    C:\Programmer\Acronis True Image Home
2008-02-21 19:50    ---------    d-----w    C:\Programmer\Microsoft IntelliPoint
2008-02-21 19:50    ---------    d-----w    C:\Programmer\Lexmark X1100 Series
2008-02-21 19:49    ---------    d-----w    C:\Programmer\Messenger Plus! Live
2008-02-19 21:39    ---------    d-----w    C:\Programmer\Fælles filer\ACD Systems
2008-02-16 15:10    ---------    d--h--w    C:\Programmer\InstallShield Installation Information
2008-02-09 12:11    ---------    d-----w    C:\Programmer\Aspell
2008-02-09 09:53    ---------    d-----w    C:\Programmer\Adobe Reader 8.0
2008-02-09 09:51    ---------    d-----w    C:\Programmer\Fælles filer\Adobe
2008-02-09 09:36    ---------    d-----w    C:\Programmer\QuickTime
2008-02-06 08:55    194    ----a-w    C:\install_lpr.bat
2008-02-02 23:21    ---------    d-----w    C:\Programmer\WinAgile
2008-01-28 21:54    ---------    d-----w    C:\Programmer\Trend Micro
2008-01-28 19:33    ---------    d-----w    C:\Documents and Settings\Killer_R\Application Data\InfraRecorder
2008-01-26 11:41    ---------    d-----w    C:\Programmer\CountDown
2008-01-24 22:11    ---------    d-----w    C:\Documents and Settings\Killer_R\Application Data\xm1
2008-01-21 19:49    299,008    ------w    C:\WINDOWS\Setup1.exe
2008-01-20 15:13    ---------    d-----w    C:\Programmer\Morgan mmswitch
2008-01-18 16:57    ---------    d-----w    C:\Documents and Settings\All Users\Application Data\Lavasoft
2008-01-18 12:30    ---------    d-----w    C:\Programmer\WinAmp
2008-01-15 18:42    ---------    d-----w    C:\Documents and Settings\Killer_R\Application Data\.idlwave
2008-01-13 14:55    ---------    d-----w    C:\Documents and Settings\Killer_R\Application Data\ACD Systems
2008-01-13 14:50    ---------    d-----w    C:\Programmer\Slideshow XP
2008-01-13 14:41    73,216    ------w    C:\WINDOWS\ST6UNST.EXE
2008-01-12 21:39    ---------    d-----w    C:\Programmer\StarNet
2008-01-12 21:38    54    ----a-w    C:\install.bat
2008-01-10 18:29    ---------    d-----w    C:\Documents and Settings\Killer_R\Application Data\Hyperionics
2007-12-11 18:27    69,328    -c--a-w    C:\Documents and Settings\Killer_R\Application Data\GDIPFONTCACHEV1.DAT
.

(((((((((((((((((((((((((((((((((((((  Reg Loading Points  ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"msnmsgr"="C:\Programmer\Windows Live\Messenger\MsnMsgr.exe" [2007-12-11 19:45 5724184]
"ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-26 16:53 15360]
"SUPERAntiSpyware"="C:\Programmer\SUPERAntiSpyware\SUPERAntiSpyware.exe" [2007-04-23 15:46 1318128]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"MaxtorOneTouch"="C:\PROGRA~1\MAXTOR~1\Utils\OneTouch.exe" [2003-05-21 14:30 45056]
"MXO Auto Loader"="C:\WINDOWS\MXOALDR.EXE" [2003-04-07 17:09 118784]
"CARPService"="carpserv.exe" [2003-05-21 14:35 4608 C:\WINDOWS\system32\carpserv.exe]
"Display Settings"="C:\Programmer\HPQ\Notebook Utilities\hptasks.exe" [2002-08-15 05:26 45056]
"QT4HPOT"="C:\PROGRA~1\HPQ\ONE-TO~1\OneTouch.EXE" [2002-10-14 18:57 98304]
"Lexmark X1100 Series"="C:\Programmer\Lexmark X1100 Series\lxbkbmgr.exe" [2003-08-19 15:38 57344]
"IntelliPoint"="C:\Programmer\Microsoft IntelliPoint\point32.exe" [2005-06-10 10:21 217088]
"NeroFilterCheck"="C:\Programmer\Fælles filer\Ahead\Lib\NeroCheck.exe" [ ]
"SynTPLpr"="C:\Programmer\Synaptics\SynTP\SynTPLpr.exe" [2004-11-04 18:40 98394]
"SynTPEnh"="C:\Programmer\Synaptics\SynTP\SynTPEnh.exe" [2004-11-04 18:38 688218]
"TrueImageMonitor.exe"="C:\Programmer\Acronis True Image Home\TrueImageMonitor.exe" [2007-02-16 18:45 1169776]
"AcronisTimounterMonitor"="C:\Programmer\Acronis True Image Home\TimounterMonitor.exe" [2007-02-16 18:57 1945960]
"Acronis Scheduler2 Service"="C:\Programmer\Fælles filer\Acronis\Schedule2\schedhlp.exe" [ ]
"avast!"="C:\PROGRA~1\AVASTA~1\ashDisp.exe" [2007-12-04 14:00 79224]
"SunJavaUpdateSched"="C:\Programmer\Java\jre1.6.0_03\bin\jusched.exe" [2007-09-25 01:11 132496]
"Adobe Reader Speed Launcher"="C:\Programmer\Adobe Reader 8.0\Reader\Reader_sl.exe" [2008-01-11 22:16 39792]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\System32\CTFMON.EXE" [2004-08-26 16:53 15360]

[hkey_local_machine\software\microsoft\windows\currentversion\explorer\shellexecutehooks]
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= C:\Programmer\SUPERAntiSpyware\SASSEH.DLL [2006-12-20 13:55 77824]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\!SASWinLogon]
C:\Programmer\SUPERAntiSpyware\SASWINLO.dll 2007-04-19 13:41 294912 C:\Programmer\SUPERAntiSpyware\SASWINLO.dll

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Authentication Packages    REG_MULTI_SZ      msv1_0 relog_ap

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-]
"QuickTime Task"="C:\Programmer\QuickTime\QTTask.exe" -atboottime

R2 cvintdrv;cvintdrv;C:\WINDOWS\system32\drivers\cvintdrv.sys [2003-07-29 09:00]
R3 ALiIRDA;ALi infrarød enhedsdriver;C:\WINDOWS\system32\DRIVERS\alifir.sys [2001-08-17 21:49]
R3 CALIAUD;Conexant AMC 3D Environmental Audio;C:\WINDOWS\system32\drivers\caliaud.sys [2004-02-17 17:58]
R3 CALIHALA;CALIHALA;C:\WINDOWS\system32\drivers\calihal.sys [2004-02-17 17:59]
R3 DP83815;National Semiconductor Corp. DP83815/816 NDIS 5.0 Miniport Driver;C:\WINDOWS\system32\DRIVERS\DP83815.SYS [2004-05-04 14:24]
S3 FA312;Driver til NETGEAR FA330/FA312/FA311 Fast Ethernet-netværkskort;C:\WINDOWS\system32\DRIVERS\FA312nd5.sys [2001-08-17 20:12]
S3 LEX_NIC_SERVICE;IEEE 802.11 Wireless NIC Win2000 Driver;C:\WINDOWS\system32\DRIVERS\Express.sys [2002-01-18 11:00]
S3 TMPassthruMP;TMPassthruMP;C:\WINDOWS\system32\DRIVERS\TMPassthru.sys []

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{13b3b0b0-428a-11dc-baeb-00028a929e07}]
\Shell\AutoRun\command - G:\LaunchU3.exe -a

.
Contents of the 'Scheduled Tasks' folder
"2008-02-09 09:12:39 C:\WINDOWS\Tasks\AppleSoftwareUpdate.job"
- C:\Programmer\Apple Software Update\SoftwareUpdate.exe
.
**************************************************************************

catchme 0.3.1344 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-03-01 17:49:26
Windows 5.1.2600 Service Pack 2 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************
.
------------------------ Other Running Processes ------------------------
.
C:\Programmer\Ad-Aware 2007\aawservice.exe
C:\Programmer\Avast Antivirus 4\aswUpdSv.exe
C:\Programmer\Avast Antivirus 4\ashServ.exe
C:\WINDOWS\system32\LEXBCES.EXE
C:\WINDOWS\system32\LEXPPS.EXE
C:\Programmer\Fælles filer\Acronis\Schedule2\schedul2.exe
C:\Programmer\VPN Client\cvpnd.exe
C:\Programmer\FolderSize\FolderSizeSvc.exe
C:\WINDOWS\system32\HPConfig.exe
C:\Programmer\HPQ\Notebook Utilities\HPWirelessMgr.exe
C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\HPZipm12.exe
C:\Programmer\Avast Antivirus 4\ashMaiSv.exe
C:\Programmer\Avast Antivirus 4\ashWebSv.exe
C:\Programmer\Lexmark X1100 Series\lxbkbmon.exe
.
**************************************************************************
.
Completion time: 2008-03-01 18:02:00 - machine was rebooted
ComboFix2.txt  2008-02-22 09:33:10
.
2008-02-14 19:13:50    --- E O F --- 


********************************* ROOTCHK-(28-12-07)-LOG, by ejvindh
01-03-2008 17:27:34,71

NOTICE!! Rootchk is not being updated anymore, and is thus gradually getting outdated.
Last update was made 28-12-07

The rootkits that are detected by this tool were not found.

********************************* ROOTCHK-LOG-end


catchme 0.3.1333 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-03-01 17:27:37
Windows 5.1.2600 Service Pack 2
scanning hidden processes ...

scanning hidden services & system hive ...

scanning hidden registry entries ...

scanning hidden files ...

hidden processes: 0
hidden services: 0
hidden files: 0

PS: Kan ikke åbne http://www.handberg-net.dk/hijackthis.log

------------------------

Jeg ka' generelt ikke li' denne
"Messenger Plus! Live"
Please afinstaler den!!!

------------------------
Du tilsyneladende har / har haft gang i P2P programmer ->
"Azureus"
Please afinstaler den!!!

------------------------

Registreringsdatabase oprydning kan anbefales ->
RegCleaner http://www.ccleaner.com/ + http://www.spywarefri.dk/manualer/ccleaner-manual.htm (Specielt punktet [Register]...)
Under installationen får du tilbudt [Yahoo Toolbar]. Du kan sige ja eller NEJ til den.

------------------------

Denne her skulle virke:
http://www.handberg-net.dk/hijackthis.txt

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 17:23:21, on 01-03-2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16608)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Programmer\Ad-Aware 2007\aawservice.exe
C:\Programmer\Avast Antivirus 4\aswUpdSv.exe
C:\Programmer\Avast Antivirus 4\ashServ.exe
C:\WINDOWS\system32\LEXBCES.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\LEXPPS.EXE
C:\Programmer\Fælles filer\Acronis\Schedule2\schedul2.exe
C:\Programmer\VPN Client\cvpnd.exe
C:\Programmer\FolderSize\FolderSizeSvc.exe
C:\WINDOWS\system32\HPConfig.exe
C:\Programmer\HPQ\Notebook Utilities\HPWirelessMgr.exe
C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\HPZipm12.exe
C:\WINDOWS\System32\svchost.exe
C:\PROGRA~1\MAXTOR~1\Utils\OneTouch.exe
C:\WINDOWS\MXOALDR.EXE
C:\WINDOWS\system32\carpserv.exe
C:\PROGRA~1\HPQ\ONE-TO~1\OneTouch.EXE
C:\Programmer\Lexmark X1100 Series\lxbkbmgr.exe
C:\Programmer\Microsoft IntelliPoint\point32.exe
C:\Programmer\Synaptics\SynTP\SynTPLpr.exe
C:\Programmer\Synaptics\SynTP\SynTPEnh.exe
C:\Programmer\Lexmark X1100 Series\lxbkbmon.exe
C:\Programmer\Acronis True Image Home\TrueImageMonitor.exe
C:\Programmer\Acronis True Image Home\TimounterMonitor.exe
C:\Programmer\Fælles filer\Acronis\Schedule2\schedhlp.exe
C:\PROGRA~1\AVASTA~1\ashDisp.exe
C:\Programmer\Windows Live\Messenger\MsnMsgr.Exe
C:\WINDOWS\system32\ctfmon.exe
C:\Programmer\SUPERAntiSpyware\SUPERAntiSpyware.exe
C:\Programmer\Avast Antivirus 4\ashMaiSv.exe
C:\Programmer\Avast Antivirus 4\ashWebSv.exe
C:\Documents and Settings\Killer_R\Skrivebord\hjt_202.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.handberg-net.dk/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Hyperlinks
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programmer\Fælles filer\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programmer\Java\jre1.6.0_03\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O4 - HKLM\..\Run: [MaxtorOneTouch] C:\PROGRA~1\MAXTOR~1\Utils\OneTouch.exe
O4 - HKLM\..\Run: [MXO Auto Loader] C:\WINDOWS\MXOALDR.EXE
O4 - HKLM\..\Run: [CARPService] carpserv.exe
O4 - HKLM\..\Run: [Display Settings] C:\Programmer\HPQ\Notebook Utilities\hptasks.exe /s
O4 - HKLM\..\Run: [QT4HPOT] C:\PROGRA~1\HPQ\ONE-TO~1\OneTouch.EXE
O4 - HKLM\..\Run: [Lexmark X1100 Series] "C:\Programmer\Lexmark X1100 Series\lxbkbmgr.exe"
O4 - HKLM\..\Run: [IntelliPoint] "C:\Programmer\Microsoft IntelliPoint\point32.exe"
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Programmer\Fælles filer\Ahead\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [SynTPLpr] C:\Programmer\Synaptics\SynTP\SynTPLpr.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Programmer\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [TrueImageMonitor.exe] C:\Programmer\Acronis True Image Home\TrueImageMonitor.exe
O4 - HKLM\..\Run: [AcronisTimounterMonitor] C:\Programmer\Acronis True Image Home\TimounterMonitor.exe
O4 - HKLM\..\Run: [Acronis Scheduler2 Service] "C:\Programmer\Fælles filer\Acronis\Schedule2\schedhlp.exe"
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\AVASTA~1\ashDisp.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Programmer\Java\jre1.6.0_03\bin\jusched.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Programmer\Adobe Reader 8.0\Reader\Reader_sl.exe"
O4 - HKCU\..\Run: [msnmsgr] "C:\Programmer\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [SUPERAntiSpyware] C:\Programmer\SUPERAntiSpyware\SUPERAntiSpyware.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'LOKAL TJENESTE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'NETVÆRKSTJENESTE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: Cisco Systems VPN Client.lnk = C:\Programmer\VPN Client\vpngui.exe
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programmer\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programmer\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O16 - DPF: {04E214E5-63AF-4236-83C6-A7ADCBF9BD02} (HouseCall Control) - http://housecall60.trendmicro.com/housecall/xscan60.cab
O16 - DPF: {215B8138-A3CF-44C5-803F-8226143CFC0A} (Trend Micro ActiveX Scan Agent 6.6) - http://housecall65.trendmicro.com/housecall/applet/html/native/x86/win32/activex/hcImpl.cab
O16 - DPF: {2BC66F54-93A8-11D3-BEB6-00105AA9B6AE} (Symantec AntiVirus scanner) - http://security.symantec.com/sscv6/SharedContent/vc/bin/AvSniff.cab
O16 - DPF: {4EFA317A-8569-4788-B175-5BAF9731A549} (Microsoft Virtual Server VMRC Advanced Control) - http://www.windowsvistatestdrive.com/ActiveX/VMRCActiveXClient1.cab
O16 - DPF: {5ED80217-570B-4DA9-BF44-BE107C0EC166} (Windows Live Safety Center Base Module) - http://cdn.scan.onecare.live.com/resource/download/scanner/wlscbase8300.cab
O16 - DPF: {62789780-B744-11D0-986B-00609731A21D} (Autodesk MapGuide ActiveX Control) - http://gis.aakv.dk/viewer/mgaxctrl.cab
O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI Utility Class) - http://security.symantec.com/sscv6/SharedContent/common/bin/cabsa.cab
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1161415885168
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/activescan/as5free/asinst.cab
O16 - DPF: {CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA} (Java Runtime Environment 1.6.0) -
O20 - Winlogon Notify: !SASWinLogon - C:\Programmer\SUPERAntiSpyware\SASWINLO.dll
O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft - C:\Programmer\Ad-Aware 2007\aawservice.exe
O23 - Service: Acronis Scheduler2 Service (AcrSch2Svc) - Acronis - C:\Programmer\Fælles filer\Acronis\Schedule2\schedul2.exe
O23 - Service: Adobe LM Service - Adobe Systems - C:\Programmer\Fælles filer\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Programmer\Avast Antivirus 4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Programmer\Avast Antivirus 4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Programmer\Avast Antivirus 4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Programmer\Avast Antivirus 4\ashWebSv.exe
O23 - Service: Cisco Systems, Inc. VPN Service (CVPND) - Cisco Systems, Inc. - C:\Programmer\VPN Client\cvpnd.exe
O23 - Service: Folder Size (FolderSize) - Brio - C:\Programmer\FolderSize\FolderSizeSvc.exe
O23 - Service: HP Configuration Interface Service (HPConfig) - Hewlett-Packard - C:\WINDOWS\system32\HPConfig.exe
O23 - Service: HPWirelessMgr - Hewlett-Packard Co. - C:\Programmer\HPQ\Notebook Utilities\HPWirelessMgr.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Programmer\Fælles filer\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINDOWS\system32\LEXBCES.EXE
O23 - Service: SQL Server (SQLEXPRESS) (MSSQL$SQLEXPRESS) - Unknown owner - C:\Programmer\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe (file missing)
O23 - Service: NBService - Nero AG - C:\Programmer\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Programmer\Fælles filer\Ahead\Lib\NMIndexingService.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\HPZipm12.exe

--
End of file - 9242 bytes

Din log er 'ren' - du _kan_ disable følgende ved:

Start => Kør
Skriv: msconfig
Tryk OK
Vælg fanebladet Fanebladet Startup
Disse skal du fjerne fluebenet fra:

NeroFilterCheck
SunJavaUpdateSched
Adobe Reader Speed Launcher
ctfmon.exe

Når du næste gang genstarter, du får en advarsel om, at start er lavet om. Sig ok til det, og fjern flueben i vis denne advarsel. Er du i tvivl om hvad du skal gøre, så kig her:
http://www.spywareinfo.dk/#/tip-og-tricks/msconfig.htm