Langsom opstart og Outlook åbningsbesvær!
HejJeg håber der er nogen der kan hjælpe mig med denne log.
Mvh
Elsebeth
Jeg har fulgt Artikel 1232 og har følgende log:
Malwarebytes' Anti-Malware 1.35
Database version: 1917
Windows 5.1.2600 Service Pack 3
30-03-2009 13:25:39
mbam-log-2009-03-30 (13-25-39).txt
Skan type: Fuldstændig skanning (C:\|D:\|)
Objekter skannet: 280913
Tid tilbagelagt: 3 hour(s), 49 minute(s), 21 second(s)
Inficerede Hukommelses Processer: 0
Inficerede Hukommelses Moduler: 0
Inficerede Registeringsdatabase Nøgler: 0
Inficerede Registeringsdatabase Værdier: 0
Inficerede Registeringsdatabase Filer: 0
Inficerede Mapper: 0
Inficerede Filer: 0
Inficerede Hukommelses Processer:
(Ingen mistænkelige filer fundet)
Inficerede Hukommelses Moduler:
(Ingen mistænkelige filer fundet)
Inficerede Registeringsdatabase Nøgler:
(Ingen mistænkelige filer fundet)
Inficerede Registeringsdatabase Værdier:
(Ingen mistænkelige filer fundet)
Inficerede Registeringsdatabase Filer:
(Ingen mistænkelige filer fundet)
Inficerede Mapper:
(Ingen mistænkelige filer fundet)
Inficerede Filer:
(Ingen mistænkelige filer fundet)
ComboFix 09-03-29.04 - Orkiderejser 2009-03-30 18:27:00.2 - FAT32x86
K°rer fra: c:\documents and settings\Orkiderejser\Skrivebord\Ny mappe (3)\ComboFix.exe
AV: avast! antivirus 4.8.1335 [VPS 090330-0] *On-access scanning disabled* (Updated)
.
((((((((((((((((((((((((((((( Filer skabt fra 2009-02-28 til 2009-03-30 )))))))))))))))))))))))))))))))))))
.
2009-03-30 18:10 . 2009-03-29 22:33 <DIR> d-------- C:\32788R22FWJFW
2009-03-30 09:30 . 2009-03-30 09:30 <DIR> d-------- c:\programmer\Malwarebytes' Anti-Malware
2009-03-30 09:30 . 2009-03-30 09:30 <DIR> d-------- c:\documents and settings\Orkiderejser\Application Data\Malwarebytes
2009-03-30 09:30 . 2009-03-26 16:49 38,496 --a------ c:\windows\system32\drivers\mbamswissarmy.sys
2009-03-30 09:30 . 2009-03-26 16:49 15,504 --a------ c:\windows\system32\drivers\mbam.sys
2009-03-24 11:13 . 2009-03-24 11:13 <DIR> d-------- c:\programmer\TomTom International B.V
2009-03-24 11:13 . 2009-03-24 11:13 <DIR> d-------- c:\documents and settings\Orkiderejser\Application Data\TomTom
2009-03-24 11:13 . 2009-03-24 11:13 <DIR> d-------- c:\documents and settings\All Users\Application Data\TomTom
2009-03-24 11:12 . 2009-03-24 11:12 <DIR> d-------- c:\programmer\TomTom HOME 2
2009-03-20 13:16 . 2009-03-20 13:16 <DIR> d-------- c:\documents and settings\Orkiderejser\Application Data\Download Manager
2009-03-14 17:23 . 2009-03-14 17:23 <DIR> d--hs---- C:\FOUND.006
2009-03-10 11:41 . 2009-03-10 11:41 <DIR> d-------- c:\windows\usbbin
2009-03-10 11:41 . 2001-10-04 17:07 61,440 --a------ c:\windows\system32\dllcache\acerscad.dll
2009-03-10 11:41 . 2001-10-04 17:07 61,440 --a------ c:\windows\system32\AcerScaD.dll
2009-03-08 06:43 . 2009-03-08 06:43 <DIR> d-------- c:\documents and settings\Orkiderejser\Library
2009-03-08 06:43 . 2009-03-08 06:43 <DIR> d-------- c:\documents and settings\Orkiderejser\Application Data\com.adobe.ExMan
2009-03-04 10:44 . 2009-03-04 10:44 <DIR> d-------- c:\documents and settings\All Users\Application Data\WinZip
2009-02-27 06:01 . 2009-02-27 06:01 <DIR> d--hs---- C:\FOUND.005
2009-02-20 11:14 . 2009-02-20 11:14 <DIR> d-------- c:\documents and settings\Orkiderejser\.oces-virk-brs
.
(((((((((((((((((((((((((((((((((((((((( Find3M Rapport ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-03-18 05:37 0 ----a-w c:\documents and settings\Orkiderejser\temp.dat
2009-02-09 13:07 1,846,784 ----a-w c:\windows\system32\win32k.sys
2009-02-09 13:07 1,846,784 ------w c:\windows\system32\dllcache\win32k.sys
2009-01-16 19:19 3,594,752 ------w c:\windows\system32\dllcache\mshtml.dll
2008-12-31 15:04 691,560 ----a-w c:\windows\system32\OGACheckControl.dll
2008-12-31 15:04 528,744 ----a-w c:\windows\system32\OGAVerify.exe
2008-12-31 15:04 502,120 ----a-w c:\windows\system32\OGAAddin.dll
2008-12-28 20:00 130 ----a-w c:\documents and settings\Orkiderejser\BackupResult.DAT
2008-12-19 08:10 13,824 ------w c:\windows\system32\dllcache\ieudinit.exe
2008-12-19 08:09 70,656 ------w c:\windows\system32\dllcache\ie4uinit.exe
2008-12-19 04:25 634,024 ------w c:\windows\system32\dllcache\iexplore.exe
2008-12-19 04:23 161,792 ------w c:\windows\system32\dllcache\ieakui.dll
2008-12-18 08:39 410,984 ----a-w c:\windows\system32\deploytk.dll
2008-12-11 09:57 333,952 ------w c:\windows\system32\dllcache\srv.sys
2008-12-10 23:33 86,016 ----a-w c:\windows\system32\dpl100.dll
2008-12-10 23:33 200,704 ----a-w c:\windows\system32\dtu100.dll
2008-12-09 01:28 593,920 ----a-w c:\windows\system32\dpuGUI11.dll
2008-12-09 01:28 57,344 ----a-w c:\windows\system32\dpv11.dll
2008-12-09 01:28 344,064 ----a-w c:\windows\system32\dpus11.dll
2008-12-09 01:28 294,912 ----a-w c:\windows\system32\dpu11.dll
2008-12-05 05:57 144,896 ----a-w c:\windows\system32\schannel.dll
2008-12-05 05:57 144,896 ------w c:\windows\system32\dllcache\schannel.dll
2008-06-11 07:28 32,768 --sha-w c:\windows\system32\config\systemprofile\Lokale indstillinger\Oversigt\History.IE5\MSHist012008061120080612\index.dat
.
((((((((((((((((((((((((((((((((((( Start steder i reg.basen ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Bemµrk* tomme linier & lovlige standard linier vises ikke
REGEDIT4
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\ctfmon.exe" [2008-04-14 15360]
"SUPERAntiSpyware"="c:\programmer\SUPERAntiSpyware\SUPERAntiSpyware.exe" [2009-03-23 1830128]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"LaunchApp"="Alaunch" [X]
"SynTPLpr"="c:\programmer\Synaptics\SynTP\SynTPLpr.exe" [2005-01-07 102491]
"SynTPEnh"="c:\programmer\Synaptics\SynTP\SynTPEnh.exe" [2005-01-07 692315]
"IMJPMIG8.1"="c:\windows\IME\imjp8_1\IMJPMIG.EXE" [2004-08-27 208952]
"MSPY2002"="c:\windows\system32\IME\PINTLGNT\ImScInst.exe" [2004-08-27 59392]
"PHIME2002ASync"="c:\windows\system32\IME\TINTLGNT\TINTSETP.EXE" [2004-08-27 455168]
"PHIME2002A"="c:\windows\system32\IME\TINTLGNT\TINTSETP.EXE" [2004-08-27 455168]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2005-03-21 155648]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2005-03-21 126976]
"RemoteControl"="c:\programmer\r\CyberLink\PowerDVD\PDVDServ.exe" [2004-07-15 32768]
"EPM-DM"="c:\acer\epm\epm-dm.exe" [2005-04-21 188416]
"ePowerManagement"="c:\acer\ePM\ePM.exe" [2005-03-15 2893824]
"LManager"="c:\progra~1\LAUNCH~1\LManager.exe" [2005-10-14 487424]
"eRecoveryService"="c:\acer\Empowering Technology\eRecovery\Monitor.exe" [2005-11-16 385024]
"avast!"="c:\progra~1\ALWILS~1\Avast4\ashDisp.exe" [2009-02-05 81000]
"SunJavaUpdateSched"="c:\programmer\Java\jre6\bin\jusched.exe" [2008-12-18 136600]
"Acrobat Assistant 7.0"="c:\programmer\Adobe\Adobe Acrobat 7.0\Distillr\Acrotray.exe" [2008-04-23 483328]
"HP Software Update"="c:\programmer\Hewlett-Packard\HP Software Update\HPWuSchd2.exe" [2003-12-05 49152]
"AGRSMMSG"="AGRSMMSG.exe" [2005-04-15 c:\windows\AGRSMMSG.exe]
"BluetoothAuthenticationAgent"="bthprops.cpl" [2008-04-14 c:\windows\system32\bthprops.cpl]
"SoundMan"="SOUNDMAN.EXE" [2004-12-01 c:\windows\soundman.exe]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]
c:\documents and settings\All Users\Menuen Start\Programmer\Start\
BTTray.lnk - c:\programmer\WIDCOMM\Bluetooth-software\BTTray.exe [2005-08-16 577597]
Adobe Gamma.lnk - c:\programmer\F‘lles filer\Adobe\Calibration\Adobe Gamma Loader.exe [2005-03-16 113664]
Adobe Acrobat Speed Launcher.lnk - c:\windows\Installer\{AC76BA86-1033-0000-7760-000000000002}\SC_Acrobat.exe [2007-11-07 25214]
Windows-pc-s›gning.lnk - c:\programmer\Windows Desktop Search\WindowsSearch.exe [2007-02-05 118784]
WinZip Quick Pick.lnk - c:\programmer\WinZip\WZQKPICK.EXE [2009-01-14 525664]
[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
"{56F9679E-7826-4C84-81F3-532071A8BCC5}"= "c:\programmer\Windows Desktop Search\MSNLNamespaceMgr.dll" [2007-02-05 294400]
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= "c:\programmer\SUPERAntiSpyware\SASSEH.DLL" [2008-05-13 77824]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\!SASWinLogon]
2008-12-22 12:05 356352 c:\programmer\SUPERAntiSpyware\SASWINLO.dll
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TomTomHOME.exe]
--a------ 2009-03-18 01:03 251240 c:\programmer\TomTom HOME 2\TomTomHOMERunner.exe
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Programmer\\Bonjour\\mDNSResponder.exe"=
"c:\\Programmer\\Adobe\\Adobe Dreamweaver CS3\\Dreamweaver.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\xampp\\apache\\bin\\apache.exe"=
"d:\\wi\\WorkingEnvironment\\WorkEnv 3.2\\WorkEnv 3v2.EXE"=
"c:\\xampp\\MercuryMail\\mercury.exe"=
"c:\\Programmer\\Microsoft Office\\Office12\\OUTLOOK.EXE"=
"c:\\Programmer\\Zattoo\\Zattoo2.exe"=
R1 aswSP;avast! Self Protection;c:\windows\system32\drivers\aswSP.sys [2008-04-11 114768]
R1 SASDIFSV;SASDIFSV;c:\programmer\SUPERAntiSpyware\sasdifsv.sys [2009-03-23 9968]
R1 SASKUTIL;SASKUTIL;c:\programmer\SUPERAntiSpyware\SASKUTIL.SYS [2009-03-23 72944]
R2 Apache2.2;Apache2.2;c:\xampp\apache\bin\apache.exe [2007-12-21 17920]
R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [2008-04-11 20560]
R2 EpmPsd;Acer EPM Power Scheme Driver;c:\windows\system32\drivers\epm-psd.sys [2007-10-30 4096]
R2 EpmShd;Acer EPM System Hardware Driver;c:\windows\system32\drivers\epm-shd.sys [2007-10-30 78208]
R2 Koders Indexer;Koders Indexer;c:\programmer\Koders\Pro\Tools\XYNTService.exe [2007-09-17 77824]
R2 KodersWebServer;Koders Web Server;c:\programmer\Koders\Pro\WebServer\KodersWebService.exe [2007-11-25 20480]
R2 osaio;osaio;c:\windows\system32\drivers\osaio.sys [2007-10-30 7296]
R2 osanbm;osanbm;c:\windows\system32\drivers\osanbm.sys [2007-10-30 4010]
R2 TomTomHOMEService;TomTomHOMEService;c:\programmer\TomTom HOME 2\TomTomHOMEService.exe [2009-03-18 92008]
R3 SASENUM;SASENUM;c:\programmer\SUPERAntiSpyware\SASENUM.SYS [2009-03-23 7408]
S2 gupdate1c9861c1f915316;Google Update Service (gupdate1c9861c1f915316);c:\programmer\Google\Update\GoogleUpdate.exe [2009-02-03 133104]
S2 XAMPP;XAMPP Service;c:\xampp\service.exe [2007-12-21 60928]
--- Andre Services/Drivers i Hukommelsen ---
*NewlyCreated* - INT15.SYS
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{a34bcafd-185b-11de-9369-0013ce994d42}]
\Shell\AutoRun\command - G:\InstallTomTomHOME.exe
.
Indhold af mappen 'Planlagte Opgaver'
2009-03-30 c:\windows\Tasks\OGALogon.job
- c:\windows\system32\OGAVerify.exe [2008-12-31 17:04]
2009-03-30 c:\windows\Tasks\OGADaily.job
- c:\windows\system32\OGAVerify.exe [2008-12-31 17:04]
2009-03-30 c:\windows\Tasks\GoogleUpdateTaskMachine.job
- c:\programmer\Google\Update\GoogleUpdate.exe [2009-02-03 17:25]
.
.
------- Yderligere scanning -------
.
uStart Page = hxxp://www.orkiderejser.dk/
uSearchMigratedDefaultURL = hxxp://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8
uInternet Settings,ProxyOverride = *.local
IE: Convert link target to Adobe PDF - c:\programmer\Adobe\Adobe Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
IE: Convert link target to existing PDF - c:\programmer\Adobe\Adobe Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
IE: Convert selected links to Adobe PDF - c:\programmer\Adobe\Adobe Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
IE: Convert selected links to existing PDF - c:\programmer\Adobe\Adobe Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
IE: Convert selection to Adobe PDF - c:\programmer\Adobe\Adobe Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
IE: Convert selection to existing PDF - c:\programmer\Adobe\Adobe Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
IE: Convert to Adobe PDF - c:\programmer\Adobe\Adobe Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
IE: Convert to existing PDF - c:\programmer\Adobe\Adobe Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
IE: E&ksporter til Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
IE: Send til &Bluetooth - c:\programmer\WIDCOMM\Bluetooth-software\btsendto_ie_ctx.htm
DPF: {D216644A-C6DB-49D9-BBCF-D38FE7991BF2} - hxxps://udstedelse.certifikat.tdc.dk/csp/authenticode/tdccsp-0506.exe
DPF: {D8575CE3-3432-4540-88A9-85A1325D3375} - hxxps://netbank.danskebank.dk/html/activex/e-Safekey/DB/e-Safekey.cab
FF - ProfilePath - c:\documents and settings\Orkiderejser\Application Data\Mozilla\Firefox\Profiles\7xxhpjx5.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.orkiderejser.dk/
FF - plugin: c:\programmer\Adobe\Adobe Acrobat 7.0\Acrobat\browser\nppdf32.dll
FF - plugin: c:\programmer\Google\Update\1.2.141.5\npGoogleOneClick7.dll
FF - plugin: c:\programmer\Mozilla Firefox\plugins\npOGAPlugin.dll
.
**************************************************************************
catchme 0.3.1375 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-03-30 18:29:22
Windows 5.1.2600 Service Pack 3 FAT NTAPI
scanner skjulte processer ...
scanner skjulte autostarter ...
scanner skjulte filer ...
scanning gennemf°rt med succes
skjulte filer: 0
**************************************************************************
.
--------------------- L+STE REGISTRERINGS NÏGLER ---------------------
[HKEY_USERS\S-1-5-21-2246624503-617240018-2954653775-1004\Software\Microsoft\SystemCertificates\AddressBook*]
@Allowed: (Read) (RestrictedCode)
@Allowed: (Read) (RestrictedCode)
.
--------------------- DLLs startet under k°rende Processer ---------------------
- - - - - - - > 'winlogon.exe'(976)
c:\programmer\SUPERAntiSpyware\SASWINLO.dll
c:\documents and settings\Orkiderejser\Application Data\SUPERAntiSpyware.com\SUPERAntiSpyware\SDDLLS\UIREPAIR.DLL
c:\windows\system32\igfxsrvc.dll
c:\windows\system32\hccutils.DLL
.
Gennemf°rt tid: 2009-03-30 18:32:29
ComboFix-quarantined-files.txt 2009-03-30 16:32:28
Pre-K°rsel: 12.691.636.224 byte ledig
Post-K°rsel: 13,365,870,592 byte ledig
WindowsXP-KB310994-SP2-Home-BootDisk-DAN.exe
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(2)\WINDOWS
[operating systems]
c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
multi(0)disk(0)rdisk(0)partition(2)\WINDOWS="Microsoft Windows XP Professional" /noexecute=optin /fastdetect
195 --- E O F --- 2009-03-18 11:40:54
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 20:50, on 2009-03-30
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16791)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Programmer\Alwil Software\Avast4\aswUpdSv.exe
C:\Programmer\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Acer\eManager\anbmServ.exe
C:\xampp\apache\bin\apache.exe
C:\Programmer\Bonjour\mDNSResponder.exe
c:\Programmer\WIDCOMM\Bluetooth-software\bin\btwdins.exe
C:\xampp\filezillaftp\filezillaserver.exe
C:\Programmer\Java\jre6\bin\jqs.exe
C:\Programmer\Google\Update\GoogleUpdate.exe
C:\Programmer\Koders\Pro\Tools\XYNTService.exe
C:\Programmer\Koders\Pro\WebServer\KodersWebService.exe
C:\Programmer\Koders\Pro\KodeBot\KodeBot.exe
C:\Programmer\Fælles filer\LightScribe\LSSrvc.exe
C:\xampp\apache\bin\apache.exe
C:\xampp\mysql\bin\mysqld-nt.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Programmer\TomTom HOME 2\TomTomHOMEService.exe
C:\WINDOWS\system32\SearchIndexer.exe
C:\Programmer\Canon\CAL\CALMAIN.exe
C:\Programmer\Alwil Software\Avast4\ashMaiSv.exe
C:\Programmer\Alwil Software\Avast4\ashWebSv.exe
C:\WINDOWS\Explorer.EXE
C:\Programmer\Synaptics\SynTP\SynTPLpr.exe
C:\Programmer\Synaptics\SynTP\SynTPEnh.exe
C:\Acer\Empowering Technology\eRecovery\Monitor.exe
C:\WINDOWS\system32\igfxtray.exe
C:\WINDOWS\system32\hkcmd.exe
C:\Programmer\r\CyberLink\PowerDVD\PDVDServ.exe
C:\WINDOWS\AGRSMMSG.exe
C:\acer\epm\epm-dm.exe
C:\PROGRA~1\LAUNCH~1\LManager.exe
C:\WINDOWS\system32\rundll32.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Programmer\Java\jre6\bin\jusched.exe
C:\Programmer\Adobe\Adobe Acrobat 7.0\Distillr\Acrotray.exe
C:\Programmer\Hewlett-Packard\HP Software Update\HPWuSchd2.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\WINDOWS\system32\ctfmon.exe
C:\Programmer\SUPERAntiSpyware\SUPERAntiSpyware.exe
C:\Programmer\WIDCOMM\Bluetooth-software\BTTray.exe
C:\Programmer\Windows Desktop Search\WindowsSearch.exe
C:\Programmer\WinZip\WZQKPICK.EXE
C:\Programmer\Internet Explorer\IEXPLORE.EXE
C:\Documents and Settings\Orkiderejser\Skrivebord\Ny mappe (3)\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.orkiderejser.dk/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Hyperlinks
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programmer\Adobe\Adobe Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programmer\Java\jre6\bin\ssv.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\programmer\google\googletoolbar1.dll
O2 - BHO: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Programmer\Adobe\Adobe Acrobat 7.0\Acrobat\AcroIEFavClient.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Programmer\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Programmer\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Programmer\Adobe\Adobe Acrobat 7.0\Acrobat\AcroIEFavClient.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\programmer\google\googletoolbar1.dll
O3 - Toolbar: &Accessibility Toolbar - {11352A67-0178-46B1-8855-D50B2F81C054} - C:\Programmer\WAT_DK\Accessibility_Toolbar.dll
O4 - HKLM\..\Run: [LaunchApp] Alaunch
O4 - HKLM\..\Run: [SynTPLpr] C:\Programmer\Synaptics\SynTP\SynTPLpr.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Programmer\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
O4 - HKLM\..\Run: [MSPY2002] C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe /SYNC
O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [RemoteControl] C:\Programmer\r\CyberLink\PowerDVD\PDVDServ.exe
O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe
O4 - HKLM\..\Run: [EPM-DM] c:\acer\epm\epm-dm.exe
O4 - HKLM\..\Run: [ePowerManagement] C:\Acer\ePM\ePM.exe boot
O4 - HKLM\..\Run: [LManager] C:\PROGRA~1\LAUNCH~1\LManager.exe
O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
O4 - HKLM\..\Run: [eRecoveryService] C:\Acer\Empowering Technology\eRecovery\Monitor.exe
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Programmer\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [Acrobat Assistant 7.0] "C:\Programmer\Adobe\Adobe Acrobat 7.0\Distillr\Acrotray.exe"
O4 - HKLM\..\Run: [HP Software Update] "C:\Programmer\Hewlett-Packard\HP Software Update\HPWuSchd2.exe"
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [SUPERAntiSpyware] C:\Programmer\SUPERAntiSpyware\SUPERAntiSpyware.exe
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: BTTray.lnk = ?
O4 - Global Startup: Adobe Gamma.lnk = ?
O4 - Global Startup: Adobe Acrobat Speed Launcher.lnk = ?
O4 - Global Startup: Windows-pc-søgning.lnk = C:\Programmer\Windows Desktop Search\WindowsSearch.exe
O4 - Global Startup: WinZip Quick Pick.lnk = C:\Programmer\WinZip\WZQKPICK.EXE
O8 - Extra context menu item: Convert link target to Adobe PDF - res://C:\Programmer\Adobe\Adobe Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convert link target to existing PDF - res://C:\Programmer\Adobe\Adobe Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convert selected links to Adobe PDF - res://C:\Programmer\Adobe\Adobe Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
O8 - Extra context menu item: Convert selected links to existing PDF - res://C:\Programmer\Adobe\Adobe Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
O8 - Extra context menu item: Convert selection to Adobe PDF - res://C:\Programmer\Adobe\Adobe Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convert selection to existing PDF - res://C:\Programmer\Adobe\Adobe Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convert to Adobe PDF - res://C:\Programmer\Adobe\Adobe Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convert to existing PDF - res://C:\Programmer\Adobe\Adobe Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: E&ksporter til Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Send til &Bluetooth - c:\Programmer\WIDCOMM\Bluetooth-software\btsendto_ie_ctx.htm
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programmer\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programmer\Messenger\msmsgs.exe
O16 - DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} (Facebook Photo Uploader 5) - http://upload.facebook.com/controls/FacebookPhotoUploader5.cab
O16 - DPF: {54BE6B6F-3056-470B-97E1-BB92E051B6C4} (DeviceEnum Class) - http://h20264.www2.hp.com/ediags/dd/install/HPDriverDiagnosticsxp2k.cab
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1193756330703
O16 - DPF: {B1E2B96C-12FE-45E2-BEF1-44A219113CDD} (SABScanProcesses Class) - http://www.superadblocker.com/activex/sabspx.cab
O16 - DPF: {D216644A-C6DB-49D9-BBCF-D38FE7991BF2} (Util Class) - https://udstedelse.certifikat.tdc.dk/csp/authenticode/tdccsp-0506.exe
O16 - DPF: {D821DC4A-0814-435E-9820-661C543A4679} (CRLDownloadWrapper Class) - http://drmlicense.one.microsoft.com/crlupdate/en/crlocx.ocx
O16 - DPF: {D8575CE3-3432-4540-88A9-85A1325D3375} (e-Safekey) - https://netbank.danskebank.dk/html/activex/e-Safekey/DB/e-Safekey.cab
O20 - Winlogon Notify: !SASWinLogon - C:\Programmer\SUPERAntiSpyware\SASWINLO.dll
O23 - Service: Adobe LM Service - Adobe Systems - C:\Programmer\Fælles filer\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Notebook Manager Service (anbmService) - OSA Technologies Inc. - C:\Acer\eManager\anbmServ.exe
O23 - Service: Apache2.2 - Apache Software Foundation - C:\xampp\apache\bin\apache.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Programmer\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Programmer\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Programmer\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Programmer\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: ##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762## (Bonjour Service) - Apple Computer, Inc. - C:\Programmer\Bonjour\mDNSResponder.exe
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - c:\Programmer\WIDCOMM\Bluetooth-software\bin\btwdins.exe
O23 - Service: Canon Camera Access Library 8 (CCALib8) - Canon Inc. - C:\Programmer\Canon\CAL\CALMAIN.exe
O23 - Service: FileZilla Server FTP server (FileZilla Server) - FileZilla Project - C:\xampp\filezillaftp\filezillaserver.exe
O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Programmer\Fælles filer\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Google Update Service (gupdate1c9861c1f915316) (gupdate1c9861c1f915316) - Google Inc. - C:\Programmer\Google\Update\GoogleUpdate.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Programmer\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Programmer\Fælles filer\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Programmer\Java\jre6\bin\jqs.exe
O23 - Service: Koders Indexer - Unknown owner - C:\Programmer\Koders\Pro\Tools\XYNTService.exe
O23 - Service: Koders Web Server (KodersWebServer) - Unknown owner - C:\Programmer\Koders\Pro\WebServer\KodersWebService.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Programmer\Fælles filer\LightScribe\LSSrvc.exe
O23 - Service: mysql - Unknown owner - C:\xampp\mysql\bin\mysqld-nt.exe
O23 - Service: TomTomHOMEService - TomTom - C:\Programmer\TomTom HOME 2\TomTomHOMEService.exe
O23 - Service: XAMPP Service (XAMPP) - Unknown owner - C:\xampp\service.exe
--
End of file - 12209 bytes