Logfiler - nogen der vil se dem igennem. Tak! :-)

Jeg har gang i denne tråd, og har via en guide læst mig frem til, at logfilerne for malwarebytes, ComboFix og HijackThis skal herind. Min tråd:
http://www.eksperten.dk/spm/871764

Her kommer filerne:

Malwarebytes:

Malwarebytes' Anti-Malware 1.36
Database version: 2082
Windows 6.0.6001 Service Pack 1

06-05-2009 20:00:35
mbam-log-2009-05-06 (20-00-35).txt

Skan type: Fuldstændig skanning (C:\|D:\|)
Objekter skannet: 202559
Tid tilbagelagt: 2 hour(s), 26 minute(s), 1 second(s)

Inficerede Hukommelses Processer: 0
Inficerede Hukommelses Moduler: 0
Inficerede Registeringsdatabase Nøgler: 0
Inficerede Registeringsdatabase Værdier: 0
Inficerede Registeringsdatabase Filer: 0
Inficerede Mapper: 0
Inficerede Filer: 0

Inficerede Hukommelses Processer:
(Ingen mistænkelige filer fundet)

Inficerede Hukommelses Moduler:
(Ingen mistænkelige filer fundet)

Inficerede Registeringsdatabase Nøgler:
(Ingen mistænkelige filer fundet)

Inficerede Registeringsdatabase Værdier:
(Ingen mistænkelige filer fundet)

Inficerede Registeringsdatabase Filer:
(Ingen mistænkelige filer fundet)

Inficerede Mapper:
(Ingen mistænkelige filer fundet)

Inficerede Filer:
(Ingen mistænkelige filer fundet)

Combofix:
ComboFix 09-05-05.05 - peter 06-05-2009 22:07.1 - NTFSx86
Microsoft® Windows Vista™ Home Premium  6.0.6001.1.1252.45.1030.18.3070.2068 [GMT 2:00]
Kører fra: d:\downloads\ComboFix.exe
AV: AVG Anti-Virus Free *On-access scanning enabled* (Updated)
FW: ZoneAlarm Firewall *disabled*
.

(((((((((((((((((((((((((((((((((((((((  Andet, der er slettet  )))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\windows\system32\acovcnt.exe
D:\install.exe

.
(((((((((((((((((((((((((((((  Filer skabt fra 2009-04-06 til 2009-05-06  )))))))))))))))))))))))))))))))))))
.

2009-05-06 15:08 . 2009-05-06 15:08    --------    d-----w    c:\users\peter\AppData\Roaming\Malwarebytes
2009-05-06 15:08 . 2009-04-06 13:32    15504    ----a-w    c:\windows\system32\drivers\mbam.sys
2009-05-06 15:08 . 2009-04-06 13:32    38496    ----a-w    c:\windows\system32\drivers\mbamswissarmy.sys
2009-05-06 15:08 . 2009-05-06 15:08    --------    d-----w    c:\programdata\Malwarebytes
2009-05-05 16:36 . 2009-05-05 16:44    --------    d-----w    c:\users\peter\fdrprojects
2009-05-05 16:36 . 2009-05-05 16:39    --------    d-----w    c:\users\peter\AppData\Roaming\fdrtools.com
2009-05-04 20:06 . 2009-05-04 20:10    --------    d-----w    c:\users\peter\AppData\Local\LaCie
2009-05-01 11:19 . 2009-05-01 12:47    --------    d-----w    c:\users\peter\AppData\Roaming\XnView
2009-04-26 18:10 . 2009-04-26 18:10    --------    d-----w    c:\users\peter\AppData\Roaming\ASUS Security Protect Manager
2009-04-16 19:46 . 2009-04-16 20:06    --------    d-----w    c:\users\peter\AppData\Roaming\PanoramaStudio
2009-04-15 15:20 . 2008-11-27 04:43    268288    ----a-w    c:\windows\system32\schannel.dll
2009-04-15 15:20 . 2009-02-13 08:49    1255936    ----a-w    c:\windows\system32\lsasrv.dll
2009-04-15 15:20 . 2009-02-13 08:49    72704    ----a-w    c:\windows\system32\secur32.dll
2009-04-15 15:20 . 2009-03-17 03:38    13824    ----a-w    c:\windows\system32\apilogen.dll
2009-04-15 15:20 . 2009-03-17 03:38    24064    ----a-w    c:\windows\system32\amxread.dll
2009-04-15 15:20 . 2008-12-06 04:42    376832    ----a-w    c:\windows\system32\winhttp.dll
2009-04-15 15:20 . 2009-02-09 03:10    2033152    ----a-w    c:\windows\system32\win32k.sys
2009-04-15 15:18 . 2009-03-03 04:40    827392    ----a-w    c:\windows\system32\wininet.dll
2009-04-15 15:18 . 2009-03-03 02:28    26624    ----a-w    c:\windows\system32\ieUnatt.exe
2009-04-15 15:18 . 2009-03-03 04:37    78336    ----a-w    c:\windows\system32\ieencode.dll

.
((((((((((((((((((((((((((((((((((((((((  Find3M Rapport  ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-05-06 19:52 . 2008-04-29 06:07    77202    ----a-w    c:\windows\system32\perfc006.dat
2009-05-06 19:52 . 2008-04-29 06:07    463344    ----a-w    c:\windows\system32\perfh006.dat
2009-05-06 19:46 . 2008-11-17 16:36    350192    ---ha-w    c:\windows\system32\drivers\vsconfig.xml
2009-05-06 19:20 . 2008-04-29 05:18    12    ----a-w    c:\windows\bthservsdp.dat
2009-04-12 08:55 . 2009-01-20 19:26    8393484    ----a-w    c:\windows\Internet Logs\tvDebug.Zip
2009-03-28 20:11 . 2008-11-17 16:37    --------    d-----w    c:\program files\Zone Labs
2009-03-03 04:46 . 2009-04-15 15:19    3599328    ----a-w    c:\windows\system32\ntkrnlpa.exe
2009-03-03 04:46 . 2009-04-15 15:19    3547632    ----a-w    c:\windows\system32\ntoskrnl.exe
2009-03-03 04:39 . 2009-04-15 15:19    183296    ----a-w    c:\windows\system32\sdohlp.dll
2009-03-03 04:39 . 2009-04-15 15:19    551424    ----a-w    c:\windows\system32\rpcss.dll
2009-03-03 04:39 . 2009-04-15 15:19    26112    ----a-w    c:\windows\system32\printfilterpipelineprxy.dll
2009-03-03 04:37 . 2009-04-15 15:19    98304    ----a-w    c:\windows\system32\iasrecst.dll
2009-03-03 04:37 . 2009-04-15 15:19    54784    ----a-w    c:\windows\system32\iasads.dll
2009-03-03 04:37 . 2009-04-15 15:19    44032    ----a-w    c:\windows\system32\iasdatastore.dll
2009-03-03 03:04 . 2009-04-15 15:19    666624    ----a-w    c:\windows\system32\printfilterpipelinesvc.exe
2009-03-03 02:38 . 2009-04-15 15:19    17408    ----a-w    c:\windows\system32\iashost.exe
2009-02-19 08:31 . 2009-02-19 08:30    33316392    ----a-w    c:\windows\Internet Logs\vsmon_on_demand_thread_2009_02_18_23_54_45_full.dmp.zip
2009-02-15 23:11 . 2008-11-17 16:36    293528    ----a-w    c:\windows\system32\drivers\vsdatant.sys
2009-02-15 23:10 . 2009-03-28 20:11    1221512    ----a-w    c:\windows\system32\zpeng25.dll
2008-01-21 02:43 . 2006-11-02 12:50    174    --sha-w    c:\program files\desktop.ini
.

(((((((((((((((((((((((((((((((((((  Start steder i reg.basen  ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Bemærk* tomme linier & lovlige standard linier vises ikke 
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2008-01-21 1233920]
"ehTray.exe"="c:\windows\ehome\ehTray.exe" [2008-01-21 125952]
"WMPNSCFG"="c:\program files\Windows Media Player\WMPNSCFG.exe" [2008-01-21 202240]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"StartCCC"="c:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2006-11-10 90112]
"IAAnotif"="c:\program files\Intel\Intel Matrix Storage Manager\iaanotif.exe" [2007-10-24 178712]
"JMB36X IDE Setup"="c:\windows\RaidTool\xInsIDE.exe" [2007-03-20 36864]
"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2007-12-06 1029416]
"ATKMEDIA"="c:\program files\ASUS\ATK Media\DMEDIA.EXE" [2006-11-02 61440]
"ASUS Camera ScreenSaver"="c:\windows\ASScrProlog.exe" [2008-07-18 37232]
"ASUS Screen Saver Protector"="c:\windows\ASScrPro.exe" [2008-07-18 33136]
"CognizanceTS"="c:\progra~1\ASUSSE~1\ASUSSE~1\Bin\ASTSVCC.dll" [2003-12-21 17920]
"Adobe Photo Downloader"="d:\programmer\Adobe\Photoshop Elements 5.0\apdproxy.exe" [2006-09-14 61440]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2008-10-15 39792]
"ZoneAlarm Client"="c:\program files\Zone Labs\ZoneAlarm\zlclient.exe" [2009-02-15 981384]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"Nokia.PCSync"="c:\program files\Nokia\Nokia PC Suite 6\PcSync2.exe" [2007-03-27 1744896]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableUIADesktopToggle"= 0 (0x0)

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=c:\windows\System32\APSHook.dll

HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32
"wave1"= serwvdrv.dll

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Notification Packages    REG_MULTI_SZ      scecli ASWLNPkg

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring]
"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]
"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]
"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\ZoneLabsFirewall]
"DisableMonitoring"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\DomainProfile]
"EnableFirewall"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\FirewallRules]
"{B1DF5D04-EE7C-4637-8A7E-506AA68F7917}"= c:\program files\Windows Live\Messenger\livecall.exe:Windows Live Messenger (Phone)
"{52800EE9-4154-4DD7-8F50-BCD8FCC53B56}"= Disabled:UDP:d:\programmer\Adobe\Photoshop Elements 5.0\AdobePhotoshopElementsMediaServer.exe:Adobe Photoshop Elements Media Server
"{9A9E8DE0-14B3-49F8-8376-C13682BA0F68}"= Disabled:TCP:d:\programmer\Adobe\Photoshop Elements 5.0\AdobePhotoshopElementsMediaServer.exe:Adobe Photoshop Elements Media Server
"{5BF3E2D7-9183-4B58-B6C7-03E91440939B}"= c:\program files\AVG\AVG8\avgupd.exe:avgupd.exe
"{8B010F30-34B8-45C3-905D-C73B25AF60BA}"= c:\program files\AVG\AVG8\avgnsx.exe:avgnsx.exe

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\PublicProfile]
"EnableFirewall"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\StandardProfile]
"EnableFirewall"= 0 (0x0)

R1 PersonalSecureDrive;PersonalSecureDrive;c:\windows\System32\drivers\psd.sys [23-01-2007 14:07 39080]
R2 ASBroker;Logon Session Broker;c:\windows\System32\svchost.exe -k Cognizance [21-01-2008 04:23 21504]
R2 ASChannel;Local Communication Channel;c:\windows\System32\svchost.exe -k Cognizance [21-01-2008 04:23 21504]
R2 IAANTMON;Intel(R) Matrix Storage Event Monitor;c:\program files\Intel\Intel Matrix Storage Manager\IAANTMON.EXE [18-07-2008 07:09 358936]
R3 AtcL001;NDIS Miniport Driver for Atheros L1 Gigabit Ethernet Controller;c:\windows\System32\drivers\l160x86.sys [31-10-2007 13:55 46592]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
bthsvcs    REG_MULTI_SZ      BthServ
Cognizance    REG_MULTI_SZ      ASBroker ASChannel

[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{10880D85-AAD9-4558-ABDC-2AB1552D831F}]
"c:\program files\Common Files\LightScribe\LSRunOnce.exe"
.
.
------- Yderligere scanning -------
.
uStart Page = about:blank
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
Trusted Zone: al-bank.dk
Trusted Zone: bec.dk
Trusted Zone: danid.dk
FF - ProfilePath - c:\users\peter\AppData\Roaming\Mozilla\Firefox\Profiles\wvslj0c5.default\
FF - plugin: d:\programmer\Mozilla Firefox\plugins\np-mswmp.dll
.

**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-05-06 22:24
Windows 6.0.6001 Service Pack 1 NTFS

scanner skjulte processer ... 

scanner skjulte autostarter ...

scanner skjulte filer ... 

scanning gennemført med succes
skjulte filer: 0

**************************************************************************
.
--------------------- LÅSTE REGISTRERINGS NØGLER ---------------------

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
"MSCurrentCountry"=dword:000000b5

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\Tcpip6\Parameters\Interfaces\{2027bebf-2886-47bc-9a0b-8370bf6de0ba}]
@DACL=(02 0000)
"Dhcpv6Iaid"=dword:11002215
"Dhcpv6State"=dword:00000000

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\Tcpip6\Parameters\Interfaces\{43eb1ee3-de1d-4559-9f26-293dcee8ebaf}]
@DACL=(02 0000)
"Dhcpv6Iaid"=dword:1a001fc6
"Dhcpv6State"=dword:00000000

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\Tcpip6\Parameters\Interfaces\{81778e67-edb0-4f05-881c-d13eb6222b9f}]
@DACL=(02 0000)
"Dhcpv6Iaid"=dword:0a001f3c
"Dhcpv6State"=dword:00000000

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\Tcpip6\Parameters\Interfaces\{990a34c7-ec10-4a4c-a413-dfc8013dfcd0}]
@DACL=(02 0000)
"Dhcpv6Iaid"=dword:15020054
"Dhcpv6State"=dword:00000000

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\Tcpip6\Parameters\Interfaces\{9c642153-bfe0-4511-a0b6-e778ddd5ea9e}]
@DACL=(02 0000)
"Dhcpv6Iaid"=dword:07001422
"Dhcpv6State"=dword:00000000

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\Tcpip6\Parameters\Interfaces\{b4c0d8b2-a61f-430e-adc8-1b8f0c3e3ffe}]
@DACL=(02 0000)
"Dhcpv6Iaid"=dword:0f001e8c
"Dhcpv6State"=dword:00000000

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\Tcpip6\Parameters\Interfaces\{ba32a50a-3d27-4fae-8591-5916311409be}]
@DACL=(02 0000)
"Dhcpv6Iaid"=dword:0c001422
"Dhcpv6State"=dword:00000000

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\Tcpip6\Parameters\Interfaces\{da98281d-5cb9-4c95-a9fb-3aac77b805fb}]
@DACL=(02 0000)
"Dhcpv6Iaid"=dword:12001d60
"Dhcpv6State"=dword:00000000

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\Tcpip6\Parameters\Interfaces\{f50c0996-5b4a-4c6a-a322-6e991d4caa0e}]
@DACL=(02 0000)
"Dhcpv6Iaid"=dword:06001422
"Dhcpv6State"=dword:00000000

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\Tcpip6\Parameters\Interfaces\{f70a361f-6437-4fcc-91a4-cd88d468d91b}]
@DACL=(02 0000)
"Dhcpv6Iaid"=dword:0e001422
"Dhcpv6State"=dword:00000000
.
--------------------- DLLs startet under kørende Processer ---------------------

- - - - - - - > 'winlogon.exe'(936)
c:\windows\system32\APSHook.dll

- - - - - - - > 'lsass.exe'(748)
c:\windows\system32\APSHook.dll
c:\program files\ASUS Security Center\ASUS Security Protect Manager\bin\ASWLNPkg.dll
c:\program files\ASUS Security Center\ASUS Security Protect Manager\bin\ItMsg.dll
.
Gennemført tid: 2009-05-06 22:25
ComboFix-quarantined-files.txt  2009-05-06 20:25

Pre-Kørsel: 113.690.505.216 byte ledig
Post-Kørsel: 113.660.895.232 byte ledig

211    --- E O F ---    2009-04-15 15:29

HijackThis
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 22:34:52, on 06-05-2009
Platform: Windows Vista SP1 (WinNT 6.00.1905)
MSIE: Internet Explorer v7.00 (7.00.6001.18226)
Boot mode: Normal

Running processes:
C:\Windows\system32\Dwm.exe
C:\Program Files\Windows Defender\MSASCui.exe
C:\Program Files\Intel\Intel Matrix Storage Manager\IAANOTIF.EXE
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\ASUS\ATK Media\DMedia.exe
C:\Windows\ASScrPro.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Windows\ehome\ehtray.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.EXE
C:\Program Files\ASUS Security Center\ASUS Security Protect Manager\Bin\AsGHost.exe
C:\Windows\ehome\ehmsas.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\ASUS\SmartLogon\sensorsrv.exe
C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
C:\Windows\system32\CF26519.exe
C:\Windows\system32\conime.exe
C:\Windows\system32\wuauclt.exe
C:\Windows\Explorer.exe
D:\Programmer\Mozilla Firefox\firefox.exe
D:\Programmer\Trend Micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O1 - Hosts: ::1 localhost
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - (no file)
O2 - BHO: NCO 2.0 IE BHO - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - (no file)
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Hjælp til tilmelding til Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: ASUS Security Protect Manager - {DF21F1DB-80C6-11D3-9483-B03D0EC10000} - C:\Program Files\ASUS Security Center\ASUS Security Protect Manager\Bin\ItIEAddIn.dll
O3 - Toolbar: (no name) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - (no file)
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe"
O4 - HKLM\..\Run: [IAAnotif] C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe
O4 - HKLM\..\Run: [JMB36X IDE Setup] C:\Windows\RaidTool\xInsIDE.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [ATKMEDIA] C:\Program Files\ASUS\ATK Media\DMEDIA.EXE
O4 - HKLM\..\Run: [ASUS Camera ScreenSaver] C:\Windows\ASScrProlog.exe
O4 - HKLM\..\Run: [ASUS Screen Saver Protector] C:\Windows\ASScrPro.exe
O4 - HKLM\..\Run: [CognizanceTS] rundll32.exe C:\PROGRA~1\ASUSSE~1\ASUSSE~1\Bin\ASTSVCC.dll,RegisterModule
O4 - HKLM\..\Run: [Adobe Photo Downloader] "D:\Programmer\Adobe\Photoshop Elements 5.0\apdproxy.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [ZoneAlarm Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe"
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKUS\S-1-5-18\..\Run: [Nokia.PCSync] C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe /NoDialog (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [Nokia.PCSync] C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe /NoDialog (User 'Default user')
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\PROGRA~1\Java\JRE16~2.0_0\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\PROGRA~1\Java\JRE16~2.0_0\bin\ssv.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O13 - Gopher Prefix:
O15 - Trusted Zone: *.al-bank.dk
O15 - Trusted Zone: *.bec.dk
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - (no file)
O20 - AppInit_DLLs: C:\Windows\System32\APSHook.dll
O23 - Service: Lavasoft Ad-Aware Service (aawservice) - Lavasoft - D:\Programmer\Ad-Aware\aawservice.exe
O23 - Service: Adobe Active File Monitor V5 (AdobeActiveFileMonitor5.0) - Unknown owner - D:\Programmer\Adobe\Photoshop Elements 5.0\PhotoshopElementsFileAgent.exe
O23 - Service: Agere Modem Call Progress Audio (AgereModemAudio) - Agere Systems - C:\Windows\system32\agrsmsvc.exe
O23 - Service: ASLDR Service (ASLDRService) - Unknown owner - C:\Program Files\ATK Hotkey\ASLDRSrv.exe
O23 - Service: Ati External Event Utility - ATI Technologies Inc. - C:\Windows\system32\Ati2evxx.exe
O23 - Service: ATKGFNEX Service (ATKGFNEXSrv) - Unknown owner - C:\Program Files\ATKGFNEX\GFNEXSrv.exe
O23 - Service: Intel(R) PROSet/Wireless Event Log (EvtEng) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
O23 - Service: Intel(R) Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe
O23 - Service: Security Platform Management Service (IFXSpMgtSrv) - Infineon Technologies AG - C:\Windows\system32\ifxspmgt.exe
O23 - Service: Trusted Platform Core Service (IFXTCS) - Infineon Technologies AG - C:\Windows\system32\ifxtcs.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: Personal Secure Drive Service (PersonalSecureDriveService) - Infineon Technologies AG - C:\Windows\system32\IfxPsdSv.exe
O23 - Service: Intel(R) PROSet/Wireless Registry Service (RegSrvc) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: spmgr - Unknown owner - C:\Program Files\ASUS\NB Probe\SPM\spmgr.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Check Point Software Technologies LTD - C:\Windows\System32\ZoneLabs\vsmon.exe

--
End of file - 7101 bytes