Langsom og mister forbindelse med printer.
Langsom computer og den mister forbindelse med netværksprinter.Har kørt Ccleaner, SaS og ComboFix.
Er der nogen der vil se disse log igennem?
;-))
Elsebeth
SUPERAntiSpyware Scan Log
http://www.superantispyware.com
Generated 06/10/2008 at 08:27 PM
Application Version : 4.0.1154
Core Rules Database Version : 3478
Trace Rules Database Version: 1469
Scan type : Complete Scan
Total Scan Time : 01:11:52
Memory items scanned : 209
Memory threats detected : 0
Registry items scanned : 6252
Registry threats detected : 0
File items scanned : 32322
File threats detected : 75
Adware.Tracking Cookie
C:\Documents and Settings\Orkiderejser\Cookies\orkiderejser@indexstats[2].txt
C:\Documents and Settings\Orkiderejser\Cookies\orkiderejser@apmebf[1].txt
C:\Documents and Settings\Orkiderejser\Cookies\orkiderejser@ad1.emediate[1].txt
C:\Documents and Settings\Orkiderejser\Cookies\orkiderejser@burstnet[2].txt
C:\Documents and Settings\Orkiderejser\Cookies\orkiderejser@cgi-bin[4].txt
C:\Documents and Settings\Orkiderejser\Cookies\orkiderejser@ads.dk-kogebogen[1].txt
C:\Documents and Settings\Orkiderejser\Cookies\orkiderejser@43425925[1].txt
C:\Documents and Settings\Orkiderejser\Cookies\orkiderejser@1070262136[1].txt
C:\Documents and Settings\Orkiderejser\Cookies\orkiderejser@hotels-and-discounts[1].txt
C:\Documents and Settings\Orkiderejser\Cookies\orkiderejser@dk[4].txt
C:\Documents and Settings\Orkiderejser\Cookies\orkiderejser@1064398213[2].txt
C:\Documents and Settings\Orkiderejser\Cookies\orkiderejser@advertising[2].txt
C:\Documents and Settings\Orkiderejser\Cookies\orkiderejser@1071419498[1].txt
C:\Documents and Settings\Orkiderejser\Cookies\orkiderejser@fastclick[2].txt
C:\Documents and Settings\Orkiderejser\Cookies\orkiderejser@adserver.adservinginternational[1].txt
C:\Documents and Settings\Orkiderejser\Cookies\orkiderejser@1063167844[1].txt
C:\Documents and Settings\Orkiderejser\Cookies\orkiderejser@ad.ofir[1].txt
C:\Documents and Settings\Orkiderejser\Cookies\orkiderejser@adrevolver[2].txt
C:\Documents and Settings\Orkiderejser\Cookies\orkiderejser@adopt.specificclick[2].txt
C:\Documents and Settings\Orkiderejser\Cookies\orkiderejser@9843591[2].txt
C:\Documents and Settings\Orkiderejser\Cookies\orkiderejser@adserver[1].txt
C:\Documents and Settings\Orkiderejser\Cookies\orkiderejser@cgi-bin[3].txt
C:\Documents and Settings\Orkiderejser\Cookies\orkiderejser@1071427968[1].txt
C:\Documents and Settings\Orkiderejser\Cookies\orkiderejser@eas4.emediate[2].txt
C:\Documents and Settings\Orkiderejser\Cookies\orkiderejser@ads.planetactive[1].txt
C:\Documents and Settings\Orkiderejser\Cookies\orkiderejser@1067849426[1].txt
C:\Documents and Settings\Orkiderejser\Cookies\orkiderejser@1068803954[2].txt
C:\Documents and Settings\Orkiderejser\Cookies\orkiderejser@adopt.euroclick[1].txt
C:\Documents and Settings\Orkiderejser\Cookies\orkiderejser@ad.zanox[1].txt
C:\Documents and Settings\Orkiderejser\Cookies\orkiderejser@banner.fynskemedier[1].txt
C:\Documents and Settings\Orkiderejser\Cookies\orkiderejser@ads.expedia[1].txt
C:\Documents and Settings\Orkiderejser\Cookies\orkiderejser@ads.sun[1].txt
C:\Documents and Settings\Orkiderejser\Cookies\orkiderejser@banner2.fynskemedier[1].txt
C:\Documents and Settings\Orkiderejser\Cookies\orkiderejser@atdmt[2].txt
C:\Documents and Settings\Orkiderejser\Cookies\orkiderejser@adserver.banneradministration[2].txt
C:\Documents and Settings\Orkiderejser\Cookies\orkiderejser@adfair[2].txt
C:\Documents and Settings\Orkiderejser\Cookies\orkiderejser@ads.as4x.tmcs[1].txt
C:\Documents and Settings\Orkiderejser\Cookies\orkiderejser@adtech[1].txt
C:\Documents and Settings\Orkiderejser\Cookies\orkiderejser@ad.yieldmanager[2].txt
C:\Documents and Settings\Orkiderejser\Cookies\orkiderejser@doubleclick[2].txt
C:\Documents and Settings\Orkiderejser\Cookies\orkiderejser@eas.apm.emediate[2].txt
C:\Documents and Settings\Orkiderejser\Cookies\orkiderejser@media.adrevolver[1].txt
C:\Documents and Settings\Orkiderejser\Cookies\orkiderejser@server.iad.liveperson[1].txt
C:\Documents and Settings\Orkiderejser\Cookies\orkiderejser@specificclick[2].txt
C:\Documents and Settings\Orkiderejser\Cookies\orkiderejser@mbdk[1].txt
C:\Documents and Settings\Orkiderejser\Cookies\orkiderejser@travel.hotels-and-discounts[1].txt
C:\Documents and Settings\Orkiderejser\Cookies\orkiderejser@media.hotels[1].txt
C:\Documents and Settings\Orkiderejser\Cookies\orkiderejser@e2.emediate[2].txt
C:\Documents and Settings\Orkiderejser\Cookies\orkiderejser@partner.smartresponse-media[2].txt
C:\Documents and Settings\Orkiderejser\Cookies\orkiderejser@en[2].txt
C:\Documents and Settings\Orkiderejser\Cookies\orkiderejser@roiservice[2].txt
C:\Documents and Settings\Orkiderejser\Cookies\orkiderejser@hitcount[2].txt
C:\Documents and Settings\Orkiderejser\Cookies\orkiderejser@ilead.itrack[2].txt
C:\Documents and Settings\Orkiderejser\Cookies\orkiderejser@pro-market[1].txt
C:\Documents and Settings\Orkiderejser\Cookies\orkiderejser@realmedia[2].txt
C:\Documents and Settings\Orkiderejser\Cookies\orkiderejser@tacoda[2].txt
C:\Documents and Settings\Orkiderejser\Cookies\orkiderejser@skyscanner[1].txt
C:\Documents and Settings\Orkiderejser\Cookies\orkiderejser@stat.onestat[2].txt
C:\Documents and Settings\Orkiderejser\Cookies\orkiderejser@stat.visible[1].txt
C:\Documents and Settings\Orkiderejser\Cookies\orkiderejser@stat.postdanmark[1].txt
C:\Documents and Settings\Orkiderejser\Cookies\orkiderejser@panasonic[1].txt
C:\Documents and Settings\Orkiderejser\Cookies\orkiderejser@voipdiscount[2].txt
C:\Documents and Settings\Orkiderejser\Cookies\orkiderejser@track.adform[1].txt
C:\Documents and Settings\Orkiderejser\Cookies\orkiderejser@track.webgains[1].txt
C:\Documents and Settings\Orkiderejser\Cookies\orkiderejser@tracking.fastbooking[1].txt
C:\Documents and Settings\Orkiderejser\Cookies\orkiderejser@tribalfusion[2].txt
C:\Documents and Settings\Orkiderejser\Cookies\orkiderejser@zedo[2].txt
C:\Documents and Settings\Orkiderejser\Cookies\orkiderejser@www.skyscanner[2].txt
C:\Documents and Settings\Orkiderejser\Cookies\orkiderejser@www.voipdiscount[2].txt
C:\Documents and Settings\Orkiderejser\Cookies\orkiderejser@bravenet[2].txt
C:\Documents and Settings\Orkiderejser\Cookies\orkiderejser@stats[2].txt
C:\Documents and Settings\Orkiderejser\Cookies\orkiderejser@stats[3].txt
C:\Documents and Settings\Orkiderejser\Cookies\orkiderejser@bfast[1].txt
C:\Documents and Settings\Orkiderejser\Cookies\orkiderejser@metatraffic[1].txt
C:\Documents and Settings\Orkiderejser\Cookies\orkiderejser@accounts[2].txt
ComboFix 08-06-09.7 - Orkiderejser 2008-06-10 20:46:16.2 - NTFSx86
Microsoft Windows XP Professional 5.1.2600.3.1252.1.1030.18.1784 [GMT 2:00]
Running from: C:\Documents and Settings\Orkiderejser\Skrivebord\Ny mappe (2)\ComboFix.exe
* Created a new restore point
* Resident AV is active
WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !!
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
C:\Documents and Settings\All Users\Application Data\Microsoft\Network\Downloader\qmgr0.dat
C:\Documents and Settings\All Users\Application Data\Microsoft\Network\Downloader\qmgr1.dat
----- BITS: Possible infected sites -----
hxxp://ftp.hp.com
.
((((((((((((((((((((((((( Files Created from 2008-05-10 to 2008-06-10 )))))))))))))))))))))))))))))))
.
2008-06-10 18:39 . 2008-06-10 18:39 <DIR> d-------- C:\Programmer\Fælles filer\Wise Installation Wizard
2008-06-10 11:29 . 2008-06-10 11:29 <DIR> d-------- C:\WINDOWS\system32\da-dk
2008-06-10 11:29 . 2008-06-10 11:29 <DIR> d-------- C:\WINDOWS\system32\da
2008-06-10 11:29 . 2008-06-10 11:29 <DIR> d-------- C:\WINDOWS\l2schemas
2008-06-10 10:37 . 2008-04-14 18:05 1,306,624 --------- C:\WINDOWS\system32\msxml6.dll
2008-06-10 10:36 . 2008-04-14 18:05 136,192 --------- C:\WINDOWS\system32\aaclient.dll
2008-06-10 10:36 . 2008-04-14 17:35 8,192 -----c--- C:\WINDOWS\system32\dllcache\asferror.dll
2008-06-09 15:23 . 2008-03-25 02:37 69,632 --a------ C:\WINDOWS\system32\javacpl.cpl
2008-06-03 21:44 . 2008-06-03 21:44 <DIR> d-------- C:\Programmer\Sun
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-06-10 18:41 --------- d-----w C:\Programmer\SUPERAntiSpyware
2008-06-10 15:32 --------- d-----w C:\Programmer\DesignPro
2008-06-10 09:51 --------- d-----w C:\Documents and Settings\Orkiderejser\Application Data\Amadeus
2008-06-10 06:31 --------- d-----w C:\Documents and Settings\All Users\Application Data\SiteAdvisor
2008-06-09 18:17 --------- d-----w C:\Programmer\Java
2008-06-09 17:57 --------- d-----w C:\Documents and Settings\Orkiderejser\Application Data\Lavasoft
2008-05-23 07:20 --------- d-----w C:\Programmer\SiteAdvisor
2008-05-20 15:58 --------- d-----w C:\Programmer\SummaSummarum
2008-05-12 08:17 --------- d-----w C:\Documents and Settings\Orkiderejser\Application Data\AdobeUM
2008-04-14 16:20 1,804 ----a-w C:\WINDOWS\system32\dcache.bin
2008-04-14 16:09 331,264 ----a-w C:\WINDOWS\system32\netsetup.exe
2008-04-14 16:05 998,400 ----a-w C:\WINDOWS\system32\msgina.dll
2008-04-14 16:04 759,296 ----a-w C:\WINDOWS\system32\winntbbu.dll
2008-04-14 16:03 9,344 ----a-w C:\WINDOWS\system32\framebuf.dll
2008-04-14 16:03 6,656 ----a-w C:\WINDOWS\system32\fxsres.dll
2008-04-14 16:03 539,648 ----a-w C:\WINDOWS\system32\comuid.dll
2008-04-14 16:03 3,072 ----a-w C:\WINDOWS\system32\dpnlobby.dll
2008-04-14 16:03 3,072 ----a-w C:\WINDOWS\system32\dpnaddr.dll
2008-04-14 16:03 285,696 ----a-w C:\WINDOWS\system32\atmfd.dll
2008-04-14 16:03 16,896 ----a-w C:\WINDOWS\system32\cfgmgr32.dll
2008-04-14 15:46 80,256 ----a-w C:\WINDOWS\system32\drivers\parport.sys
2008-04-14 15:46 73,344 ----a-w C:\WINDOWS\system32\drivers\sr.sys
2008-04-14 15:46 68,096 ----a-w C:\WINDOWS\system32\drivers\pci.sys
2008-04-14 15:46 46,592 ----a-w C:\WINDOWS\system32\drivers\p3.sys
2008-04-14 15:46 120,320 ----a-w C:\WINDOWS\system32\drivers\pcmcia.sys
2008-04-14 15:45 2,026,496 ----a-w C:\WINDOWS\system32\ntkrnlpa.exe
2008-04-14 15:44 4,096 ----a-w C:\WINDOWS\system32\dsprpres.dll
2008-04-14 15:44 2,147,840 ----a-w C:\WINDOWS\system32\ntoskrnl.exe
2008-04-14 15:43 800,000 ----a-w C:\WINDOWS\system32\drivers\dmboot.sys
2008-04-14 15:43 153,600 ----a-w C:\WINDOWS\system32\drivers\dmio.sys
2008-04-14 15:42 83,456 ------w C:\WINDOWS\system32\msxml6r.dll
2008-04-14 15:42 77,824 ------w C:\WINDOWS\system32\msshavmsg.dll
2008-04-14 15:42 24,832 ----a-w C:\WINDOWS\system32\drivers\kbdclass.sys
2008-04-14 15:41 40,576 ----a-w C:\WINDOWS\system32\drivers\crusoe.sys
2008-04-14 15:41 40,192 ------w C:\WINDOWS\system32\drivers\intelppm.sys
2008-04-14 15:41 37,504 ----a-w C:\WINDOWS\system32\drivers\isapnp.sys
2008-04-14 15:41 2,953,216 ----a-w C:\WINDOWS\system32\wmploc.dll
2008-04-14 15:40 559,104 ----a-w C:\WINDOWS\system32\shdoclc.dll
2008-04-14 15:40 49,152 ----a-w C:\WINDOWS\system32\inetres.dll
2008-04-14 15:39 64,768 ----a-w C:\WINDOWS\system32\drivers\serial.sys
2008-04-14 15:39 52,864 ----a-w C:\WINDOWS\system32\drivers\i8042prt.sys
2008-04-14 15:39 178,176 ------w C:\WINDOWS\system32\wmerror.dll
2008-04-14 15:38 9,728 ----a-w C:\WINDOWS\system32\gpkrsrc.dll
2008-04-14 15:38 25,728 ------w C:\WINDOWS\system32\drivers\hidbth.sys
2008-04-14 15:38 1,845,632 ----a-w C:\WINDOWS\system32\win32k.sys
2008-04-14 15:37 65,536 ----a-w C:\WINDOWS\system32\browselc.dll
2008-04-14 15:37 58,112 ----a-w C:\WINDOWS\system32\drivers\redbook.sys
2008-04-14 15:37 53,504 ----a-w C:\WINDOWS\system32\drivers\volsnap.sys
2008-04-14 15:37 273,152 ------w C:\WINDOWS\system32\drivers\bthport.sys
2008-04-14 15:36 57,344 ----a-w C:\WINDOWS\system32\mshtmler.dll
2008-04-14 15:36 44,544 ----a-w C:\WINDOWS\system32\drivers\fips.sys
2008-04-14 15:36 39,680 ----a-w C:\WINDOWS\system32\drivers\processr.sys
2008-04-14 15:35 8,192 ----a-w C:\WINDOWS\system32\asferror.dll
2008-04-14 15:35 41,600 ----a-w C:\WINDOWS\system32\drivers\amdk7.sys
2008-04-14 15:35 41,216 ----a-w C:\WINDOWS\system32\drivers\amdk6.sys
2008-04-14 15:34 30,336 ----a-w C:\WINDOWS\system32\drivers\modem.sys
2008-04-14 15:34 23,296 ----a-w C:\WINDOWS\system32\drivers\mouclass.sys
2008-04-14 15:34 188,032 ----a-w C:\WINDOWS\system32\drivers\acpi.sys
2008-04-14 08:48 20,480 ----a-w C:\WINDOWS\system32\cabSCAToolkitDLLs.dll
2008-04-14 07:06 11,264 ------w C:\WINDOWS\system32\spnpinst.exe
2008-04-14 07:05 995,328 ----a-w C:\WINDOWS\system32\setupapi.dll
2008-04-14 07:05 423,936 ----a-w C:\WINDOWS\system32\licdll.dll
2008-04-13 19:28 175,744 ----a-w C:\WINDOWS\system32\drivers\rdbss.sys
2008-04-13 19:21 162,816 ----a-w C:\WINDOWS\system32\drivers\netbt.sys
2008-04-13 19:20 91,520 ----a-w C:\WINDOWS\system32\drivers\ndiswan.sys
2008-04-13 19:20 361,344 ----a-w C:\WINDOWS\system32\drivers\tcpip.sys
2008-04-13 19:20 182,656 ----a-w C:\WINDOWS\system32\drivers\ndis.sys
2008-04-13 19:19 75,264 ----a-w C:\WINDOWS\system32\drivers\ipsec.sys
2008-04-13 19:19 51,328 ----a-w C:\WINDOWS\system32\drivers\rasl2tp.sys
2008-04-13 19:19 48,384 ----a-w C:\WINDOWS\system32\drivers\raspptp.sys
2008-04-13 19:19 146,048 ----a-w C:\WINDOWS\system32\drivers\portcls.sys
2008-04-13 19:19 138,112 ----a-w C:\WINDOWS\system32\drivers\afd.sys
2008-04-13 19:17 83,072 ----a-w C:\WINDOWS\system32\drivers\wdmaud.sys
2008-04-13 19:17 456,576 ----a-w C:\WINDOWS\system32\drivers\mrxsmb.sys
2008-04-13 19:17 105,344 ----a-w C:\WINDOWS\system32\drivers\mup.sys
2008-04-13 19:16 49,536 ----a-w C:\WINDOWS\system32\drivers\classpnp.sys
2008-04-13 19:16 141,056 ----a-w C:\WINDOWS\system32\drivers\ks.sys
2008-04-13 19:15 60,800 ----a-w C:\WINDOWS\system32\drivers\sysaudio.sys
2008-04-13 19:15 574,976 ----a-w C:\WINDOWS\system32\drivers\ntfs.sys
2008-04-13 19:15 334,848 ----a-w C:\WINDOWS\system32\drivers\srv.sys
2008-04-13 19:14 63,744 ----a-w C:\WINDOWS\system32\drivers\cdfs.sys
2008-04-13 19:14 143,744 ----a-w C:\WINDOWS\system32\drivers\fastfat.sys
2008-04-13 19:00 225,664 ----a-w C:\WINDOWS\system32\drivers\tcpip6.sys
2008-04-13 19:00 19,072 ----a-w C:\WINDOWS\system32\drivers\tdi.sys
2008-04-13 18:57 41,472 ----a-w C:\WINDOWS\system32\drivers\raspppoe.sys
2008-04-13 18:57 40,576 ----a-w C:\WINDOWS\system32\drivers\ndproxy.sys
2008-04-13 18:57 34,560 ----a-w C:\WINDOWS\system32\drivers\wanarp.sys
2008-04-13 18:57 20,864 ----a-w C:\WINDOWS\system32\drivers\ipinip.sys
2008-04-13 18:57 152,832 ----a-w C:\WINDOWS\system32\drivers\ipnat.sys
2008-04-13 18:57 14,336 ----a-w C:\WINDOWS\system32\drivers\asyncmac.sys
2008-04-13 18:57 10,112 ----a-w C:\WINDOWS\system32\drivers\ndistapi.sys
2008-04-13 18:56 88,320 ----a-w C:\WINDOWS\system32\drivers\nwlnkipx.sys
2008-04-13 18:56 69,120 ----a-w C:\WINDOWS\system32\drivers\psched.sys
2008-04-13 18:56 35,072 ----a-w C:\WINDOWS\system32\drivers\msgpc.sys
2008-04-13 18:56 34,688 ----a-w C:\WINDOWS\system32\drivers\netbios.sys
2008-04-13 18:56 30,592 ----a-w C:\WINDOWS\system32\drivers\rndismp.sys
2008-04-13 18:56 30,592 ------w C:\WINDOWS\system32\drivers\rndismpx.sys
2008-04-13 18:56 12,800 ----a-w C:\WINDOWS\system32\drivers\usb8023.sys
2008-04-13 18:56 12,800 ------w C:\WINDOWS\system32\drivers\usb8023x.sys
2008-04-13 18:56 12,288 ----a-w C:\WINDOWS\system32\drivers\tunmp.sys
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NvMediaCenter"="C:\WINDOWS\System32\NVMCTRAY.DLL" [2003-10-06 14:16 49152]
"Spyware Doctor"="C:\Programmer\Spyware Doctor\swdoctor.exe" [2005-05-26 09:52 1506544]
"ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [2008-04-14 18:05 15360]
"swg"="C:\Programmer\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2007-06-15 15:19 68856]
"SummaAlarm"="C:\Programmer\SummaSummarum\SummaAlarm.exe" [2007-04-09 22:00 530048]
"SUPERAntiSpyware"="C:\Programmer\SUPERAntiSpyware\SUPERAntiSpyware.exe" [2008-06-10 20:41 1506544]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SoundMAXPnP"="C:\Programmer\Analog Devices\SoundMAX\SMax4PNP.exe" [2003-03-11 19:45 774144]
"SoundMAX"="C:\Programmer\Analog Devices\SoundMAX\Smax4.exe" [2003-03-11 19:58 593920]
"IgfxTray"="C:\WINDOWS\System32\igfxtray.exe" [2003-03-11 20:24 155648]
"HotKeysCmds"="C:\WINDOWS\System32\hkcmd.exe" [2003-03-11 20:11 114688]
"NvCplDaemon"="C:\WINDOWS\System32\NvCpl.dll" [2003-10-06 14:16 5058560]
"nwiz"="nwiz.exe" [2003-10-06 14:16 741376 C:\WINDOWS\system32\nwiz.exe]
"SiteAdvisor"="C:\Programmer\SiteAdvisor\6261\SiteAdv.exe" [2007-01-17 21:24 36904]
"mcagent_exe"="C:\Programmer\McAfee.com\Agent\mcagent.exe" [2007-08-04 02:33 582992]
"HP Software Update"="C:\Programmer\Hewlett-Packard\HP Software Update\HPWuSchd2.exe" [2007-03-11 22:34 49152]
"SunJavaUpdateSched"="C:\Programmer\Java\jre1.6.0_06\bin\jusched.exe" [2008-03-25 04:28 144784]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\System32\CTFMON.EXE" [2008-04-14 18:05 15360]
"Ordbogen.com"="C:\Programmer\CoolSystems\ordbogen.com\ordbogen.exe" [2007-10-19 16:58 274432]
C:\Documents and Settings\All Users\Menuen Start\Programmer\Start\
Adobe Reader Hurtigstart.lnk - C:\Programmer\Adobe\Acrobat 7.0\Reader\reader_sl.exe [2008-04-23 03:38:16 29696]
HP Digital Imaging Monitor.lnk - C:\Programmer\Hewlett-Packard\Digital Imaging\bin\hpqtra08.exe [2007-03-11 22:26:24 210520]
hpoddt01.exe.lnk - C:\Programmer\Hewlett-Packard\Digital Imaging\bin\hpotdd01.exe [2003-04-09 18:11:12 28672]
officejet 6100.lnk - C:\Programmer\Hewlett-Packard\Digital Imaging\bin\hposol08.exe [2003-04-09 17:42:06 147456]
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer]
"DisableWindowsUpdateAccess"= 0 (0x0)
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer]
"NoAutoUpdate"= 1 (0x1)
[HKEY_USERS\.default\software\microsoft\windows\currentversion\policies\explorer]
"NoAutoUpdate"= 1 (0x1)
[hkey_local_machine\software\microsoft\windows\currentversion\explorer\shellexecutehooks]
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= C:\Programmer\SUPERAntiSpyware\SASSEH.DLL [2008-06-10 20:41 77824]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\!SASWinLogon]
C:\Programmer\SUPERAntiSpyware\SASWINLO.dll 2007-04-19 12:41 294912 C:\Programmer\SUPERAntiSpyware\SASWINLO.dll
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=0 (0x0)
[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"AntiVirusDisableNotify"=dword:00000001
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\McAfeeAntiVirus]
"DisableMonitoring"=dword:00000001
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\McAfeeFirewall]
"DisableMonitoring"=dword:00000001
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"C:\\WINDOWS\\system32\\dllhost.exe"=
"C:\\Programmer\\Fælles filer\\McAfee\\MNA\\McNASvc.exe"=
"C:\\Programmer\\Internet Explorer\\iexplore.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"%windir%\\system32\\sessmgr.exe"=
R2 AmadeusProPrinter;AmadeusProPrinter;C:\Programmer\Amadeus\Pro Printer\Mainsrv.exe [2005-10-18 14:20]
R2 HPSLPSVC;HP Network Devices Support;C:\WINDOWS\system32\svchost.exe [2008-04-14 18:06]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12
hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc
HPService REG_MULTI_SZ HPSLPSVC
*Newly Created Service* - SASDIFSV
.
Contents of the 'Scheduled Tasks' folder
"2006-01-15 00:21:21 C:\WINDOWS\Tasks\FRU Task #Hewlett-Packard#hp officejet 6100 series#1129318845.job"
- C:\Programmer\Hewlett-Packard\Digital Imaging\Bin\hpqfrucl.exe:-I
"2007-05-14 23:14:53 C:\WINDOWS\Tasks\McDefragTask.job"
- c:\programmer\mcafee\mqc\QcConsol.exe'
"2008-01-01 00:02:42 C:\WINDOWS\Tasks\McQcTask.job"
- c:\programmer\mcafee\mqc\QcConsol.exe
.
**************************************************************************
catchme 0.3.1361 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-06-10 20:52:25
Windows 5.1.2600 Service Pack 3 NTFS
scanning hidden processes ...
scanning hidden autostart entries ...
scanning hidden files ...
scan completed successfully
hidden files: 0
**************************************************************************
.
Completion time: 2008-06-10 20:55:06
ComboFix-quarantined-files.txt 2008-06-10 18:54:43
ComboFix2.txt 2008-01-18 06:02:39
Pre-Run: 15,027,220,480 byte ledig
Post-Run: 15,021,809,664 byte ledig
216 --- E O F --- 2008-05-16 20:20:45
Logfile of HijackThis v1.99.1
Scan saved at 20:35:33, on 10-06-2008
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP3 (6.00.2900.5512)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Programmer\Automatic Update\AutoUpdate.exe
C:\Programmer\Amadeus\Pro Printer\Mainsrv.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\inetsrv\inetinfo.exe
C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe
c:\programmer\fælles filer\mcafee\mna\mcnasvc.exe
c:\PROGRA~1\FLLESF~1\mcafee\mcproxy\mcproxy.exe
C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe
C:\Programmer\McAfee\MPF\MPFSrv.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\nvsvc32.exe
C:\WINDOWS\System32\svchost.exe
C:\Programmer\SiteAdvisor\6261\SAService.exe
C:\Programmer\Analog Devices\SoundMAX\SMAgent.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\tlntsvr.exe
C:\Programmer\Canon\CAL\CALMAIN.exe
C:\WINDOWS\System32\svchost.exe
C:\PROGRA~1\McAfee.com\Agent\mcagent.exe
C:\WINDOWS\Explorer.EXE
C:\Programmer\Automatic Update\AutoUpdateGUI.exe
C:\Programmer\Amadeus\Pro Printer\AmaPrt.exe
C:\Programmer\Amadeus\Pro Printer\ComAdapt.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Programmer\Analog Devices\SoundMAX\SMax4PNP.exe
C:\Programmer\Analog Devices\SoundMAX\Smax4.exe
C:\Programmer\SiteAdvisor\6261\SiteAdv.exe
C:\Programmer\Hewlett-Packard\HP Software Update\HPWuSchd2.exe
C:\Programmer\Java\jre1.6.0_06\bin\jusched.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Programmer\Messenger\msmsgs.exe
C:\Programmer\Spyware Doctor\swdoctor.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Programmer\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Programmer\SummaSummarum\SummaAlarm.exe
C:\Programmer\SUPERAntiSpyware\SUPERAntiSpyware.exe
C:\Programmer\Adobe\Acrobat 7.0\Reader\reader_sl.exe
C:\Programmer\Hewlett-Packard\Digital Imaging\bin\hpqtra08.exe
C:\Programmer\Hewlett-Packard\Digital Imaging\bin\hpotdd01.exe
C:\Programmer\Hewlett-Packard\Digital Imaging\bin\hposol08.exe
C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe
C:\Documents and Settings\Orkiderejser\Skrivebord\Ny mappe (2)\alternativ.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.orkiderejser.dk/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.nemdirect.dk
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Hyperlinks
O2 - BHO: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Programmer\Hewlett-Packard\Smart Web Printing\hpswp_printenhancer.dll
O2 - BHO: HP Print Clips - {053F9267-DC04-4294-A72C-58F732D338C0} - C:\Programmer\Hewlett-Packard\Smart Web Printing\hpswp_framework.dll
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programmer\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {089FD14D-132B-48FC-8861-0048AE113215} - C:\Programmer\SiteAdvisor\6261\SiteAdv.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programmer\Java\jre1.6.0_06\bin\ssv.dll
O2 - BHO: scriptproxy - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Programmer\McAfee\VirusScan\scriptsn.dll
O2 - BHO: ST - {9394EDE7-C8B5-483E-8773-474BF36AF6E4} - C:\Programmer\MSN Apps\ST\01.03.0000.1005\en-xu\stmain.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\programmer\google\googletoolbar1.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Programmer\Google\GoogleToolbarNotifier\3.0.1225.9868\swg.dll
O2 - BHO: MSNToolBandBHO - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Programmer\MSN Apps\MSN Toolbar\MSN Toolbar\01.02.5000.1021\da\msntb.dll
O3 - Toolbar: MSN - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Programmer\MSN Apps\MSN Toolbar\MSN Toolbar\01.02.5000.1021\da\msntb.dll
O3 - Toolbar: McAfee SiteAdvisor - {0BF43445-2F28-4351-9252-17FE6E806AA0} - C:\Programmer\SiteAdvisor\6261\SiteAdv.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\programmer\google\googletoolbar1.dll
O4 - HKLM\..\Run: [SoundMAXPnP] C:\Programmer\Analog Devices\SoundMAX\SMax4PNP.exe
O4 - HKLM\..\Run: [SoundMAX] "C:\Programmer\Analog Devices\SoundMAX\Smax4.exe" /tray
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\System32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\System32\hkcmd.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [SiteAdvisor] "C:\Programmer\SiteAdvisor\6261\SiteAdv.exe"
O4 - HKLM\..\Run: [mcagent_exe] C:\Programmer\McAfee.com\Agent\mcagent.exe /runkey
O4 - HKLM\..\Run: [HP Software Update] C:\Programmer\Hewlett-Packard\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Programmer\Java\jre1.6.0_06\bin\jusched.exe"
O4 - HKCU\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\System32\NVMCTRAY.DLL,NvTaskbarInit
O4 - HKCU\..\Run: [MSMSGS] "C:\Programmer\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [Spyware Doctor] "C:\Programmer\Spyware Doctor\swdoctor.exe" /Q
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [swg] C:\Programmer\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [SummaAlarm] "C:\Programmer\SummaSummarum\SummaAlarm.exe"
O4 - HKCU\..\Run: [SUPERAntiSpyware] C:\Programmer\SUPERAntiSpyware\SUPERAntiSpyware.exe
O4 - Global Startup: Adobe Reader Hurtigstart.lnk = C:\Programmer\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Programmer\Hewlett-Packard\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: hpoddt01.exe.lnk = ?
O4 - Global Startup: officejet 6100.lnk = ?
O8 - Extra context menu item: E&ksporter til Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programmer\Java\jre1.6.0_06\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programmer\Java\jre1.6.0_06\bin\ssv.dll
O9 - Extra button: HP Klipsamling - {58ECB495-38F0-49cb-A538-10282ABF65E7} - C:\Programmer\Hewlett-Packard\Smart Web Printing\hpswp_extensions.dll
O9 - Extra button: HP Smart markering - {700259D7-1666-479a-93B1-3250410481E8} - C:\Programmer\Hewlett-Packard\Smart Web Printing\hpswp_extensions.dll
O9 - Extra button: Opslag - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programmer\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programmer\Messenger\msmsgs.exe
O14 - IERESET.INF: START_PAGE_URL=http://www.nemdirect.dk
O15 - Trusted Zone: http://*.sca.amadeus.com
O15 - Trusted Zone: http://diagnostic.amadeus.com
O15 - Trusted Zone: http://*.amadeus.com
O15 - Trusted Zone: http://diagnostic.1a.amadeus.net
O15 - Trusted Zone: http://*.amadeuscruise.com
O15 - Trusted Zone: http://*.amadeusferry.com
O15 - Trusted Zone: http://*.amadeusproprinter.com
O15 - Trusted Zone: http://*.amadeusproweb.com
O15 - Trusted Zone: http://*.amadeusproweb.com
O15 - Trusted Zone: http://*.amadeusvista.com
O15 - Trusted Zone: http://*.amadeusvista.com
O15 - Trusted Zone: www.farewise.dk
O15 - Trusted Zone: http://*.worldspan.com
O15 - Trusted Zone: http://*.amadeuscruise.com (HKLM)
O15 - Trusted Zone: http://*.amadeusferry.com (HKLM)
O15 - Trusted Zone: http://*.amadeusproprinter.com (HKLM)
O15 - Trusted Zone: http://*.amadeusproweb.com (HKLM)
O15 - Trusted Zone: http://*.amadeusproweb.com (HKLM)
O15 - Trusted Zone: http://*.amadeusvista.com (HKLM)
O15 - Trusted Zone: http://*.amadeusvista.com (HKLM)
O16 - DPF: {029FDBA6-3547-11D7-AA4C-0050BF051A00} (Rawflow ICD Client) - http://downol.dr.dk/download/netradio/Rawflow.cab
O16 - DPF: {03DF0933-6E10-4D32-9835-B9A815622831} (WSSystemInfo Class) - https://gopublic.wspan.com/secure/DLLs/WSSystemInformation.cab
O16 - DPF: {051FE707-9706-11D5-A836-000102A7C938} (Amadeus Automatic Update) - http://certificates.amadeusvista.com/sgwadmin/common/AutoUpdateATL25P231.CAB
O16 - DPF: {06765091-DF2F-462F-96AB-B779C2A9EA8B} (cabPTA_INC_CT.Class1) - http://externt.script.sca.amadeus.com/cabPTA_INC_CT.CAB
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {1C0963EC-9B08-45A4-BA78-ED122A8E37A4} (cabPNRCheckConfig.Class1) - http://externt.script.sca.amadeus.com/cabPNRCheckConfig.CAB
O16 - DPF: {266BB960-7DA8-11D4-A849-00008321B7D9} (Amadeus Cmd Page Cross Communication) - http://amadeusvista.com/VWP/common/cabs/VistaPWComms.CAB
O16 - DPF: {2E5C2AF3-84BC-46C4-AE86-85FB713F74AB} (cabSCAToolkitDLLs.cabSCAToolkit) - http://externt.script.sca.amadeus.com/cabSCAToolkitDLLs.CAB
O16 - DPF: {3D2CB570-D425-11D5-ABD0-00008369C46F} (CSMenu Class) - http://netbank.danskebank.dk/html/activex/DB/Menu.cab
O16 - DPF: {3D518D7D-422F-4787-AC71-10BB552E897B} (Amadeus_SP2_Patcher Class) - http://amadeusvista.com/common/cabs/SP2Patch.CAB
O16 - DPF: {469C92F9-CA8E-4C3E-9AD4-F74EEF097BCA} (Amadeus DS Diagnostic Class) - http://diagnostic.amadeus.com/travelagencies/Cabs/DS_Diagnostic.cab
O16 - DPF: {4ED9DDF0-7479-4BBE-9335-5A1EDB1D8A21} (McAfee.com Operating System Class) - http://bin.mcafee.com/molbin/shared/mcinsctl/en-us/4,0,0,76/mcinsctl.cab
O16 - DPF: {677936D5-E729-4BD0-8084-DA226F0F6AF8} (cabFQP.Class1) - http://externt.script.sca.amadeus.com/cabFQP.CAB
O16 - DPF: {6784DEB6-533F-4306-9CC1-E9DE525E9617} (Project1.cabPTA) - http://externt.script.sca.amadeus.com/cabPTA.CAB
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1129357824031
O16 - DPF: {72BDCAC5-56B6-4A45-BCAB-527C52F18847} (cabPNRSearch.Class1) - http://externt.script.sca.amadeus.com/cabPNRSearch.CAB
O16 - DPF: {74690F1B-4B3A-4A50-987F-E3680A43451D} (cabPricingUpdate.Class1) - http://externt.script.sca.amadeus.com/cabPricingUpdate.CAB
O16 - DPF: {7B72C3FC-34B5-4504-B4BE-EB38971A0888} (WSFileIO Class 3) - https://gopublic.wspan.com/Secure/Dlls/WSFileIO3.cab
O16 - DPF: {853E81B1-9377-4685-8D93-376BD3EDF881} (Project1.cabPNRSearch) - http://externt.script.sca.amadeus.com/cabPNRSearch.CAB
O16 - DPF: {88D969C0-F192-11D4-A65F-0040963251E5} (XML DOM Document 4.0) - file://C:\Documents and Settings\Administrator\Lokale indstillinger\Temp\EI40_\msxml4.cab
O16 - DPF: {9029F38C-86D2-4DE0-A9E4-B93220EB418A} (cabPNRCheck.Class1) - http://externt.script.sca.amadeus.com/cabPNRCheck.CAB
O16 - DPF: {9145A52A-9B22-4858-AEE7-74D6C7D3F366} (BrowserConfig Class) - https://gopublic.wspan.com/Secure/DLLs/WSBrowserConfig.cab
O16 - DPF: {AB86CE53-AC9F-449F-9399-D8ABCA09EC09} (Get_ActiveX Control) - https://h17000.www1.hp.com/ewfrf-JAVA/Secure/HPGetDownloadManager.ocx
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/MsnMessengerSetupDownloader.cab
O16 - DPF: {BCC0FF27-31D9-4614-A68E-C18E1ADA4389} (DwnldGroupMgr Class) - http://bin.mcafee.com/molbin/shared/mcgdmgr/en-us/1,0,0,16/mcgdmgr.cab
O16 - DPF: {CFEC0ABB-68AA-4AAC-B926-E85A1D5AEA9B} (cabPNRCheckConfig.dummyPNRCC) - http://externt.script.sca.amadeus.com/cabPNRCheckConfig.CAB
O16 - DPF: {D7C51CB6-56F4-42A2-93B8-14DB47C0C0C4} (UpdateControl.FWUpdate) - http://www.farewise.dk/flight_update/UpdateControl.CAB
O16 - DPF: {D8575CE3-3432-4540-88A9-85A1325D3375} (e-Safekey) - https://netbank.danskebank.dk/html/activex/e-Safekey/DB/e-Safekey.cab
O16 - DPF: {E4389398-8E29-404E-86D6-27ADF2ECE396} (cabPNRCheck.dummyPNRCheck) - http://externt.script.sca.amadeus.com/cabPNRCheck.CAB
O16 - DPF: {E5511576-63F7-4447-A0BF-E08669B1A38F} (cabFQP.dummyFQP) - http://externt.script.sca.amadeus.com/cabFQP.CAB
O16 - DPF: {E90EF4C9-1476-4C49-B926-97C7D9D30A06} (Certificates_Info Class) - http://certificates.amadeusvista.com/certificateinfo/CCCert_Info.CAB
O16 - DPF: {EB387D2F-E27B-4D36-979E-847D1036C65D} (QDiagHUpdateObj Class) - http://h30043.www3.hp.com/aio/en/check/qdiagh.cab?323
O18 - Protocol: siteadvisor - {3A5DC592-7723-4EAA-9EE6-AF4222BCF879} - C:\Programmer\SiteAdvisor\6261\SiteAdv.dll
O20 - Winlogon Notify: !SASWinLogon - C:\Programmer\SUPERAntiSpyware\SASWINLO.dll
O20 - Winlogon Notify: dimsntfy - %SystemRoot%\System32\dimsntfy.dll (file missing)
O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxsrvc.dll
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O23 - Service: Amadeus Automatic Update - Amadeus - C:\Programmer\Automatic Update\AutoUpdate.exe
O23 - Service: AmadeusProPrinter - Amadeus - C:\Programmer\Amadeus\Pro Printer\Mainsrv.exe
O23 - Service: Canon Camera Access Library 8 (CCALib8) - Canon Inc. - C:\Programmer\Canon\CAL\CALMAIN.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Programmer\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: McAfee Services (mcmscsvc) - McAfee, Inc. - C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe
O23 - Service: McAfee Network Agent (McNASvc) - McAfee, Inc. - c:\programmer\fælles filer\mcafee\mna\mcnasvc.exe
O23 - Service: McAfee Scanner (McODS) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcods.exe
O23 - Service: McAfee Proxy Service (McProxy) - McAfee, Inc. - c:\PROGRA~1\FLLESF~1\mcafee\mcproxy\mcproxy.exe
O23 - Service: McAfee Real-time Scanner (McShield) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe
O23 - Service: McAfee SystemGuards (McSysmon) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe
O23 - Service: McAfee Personal Firewall Service (MpfService) - McAfee, Inc. - C:\Programmer\McAfee\MPF\MPFSrv.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
O23 - Service: SiteAdvisor Service - Unknown owner - C:\Programmer\SiteAdvisor\6261\SAService.exe
O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) - Analog Devices, Inc. - C:\Programmer\Analog Devices\SoundMAX\SMAgent.exe