jeg er også røget i gyngen med security tools og har nu en meget forsinket pc, hvor jeg ikke kan komme af med s.t.
jeg har fulgt dine råd og sidder nu med de to logssom jeg kopiuerer og paster herunder.
Malwarebytes' Anti-Malware 1.50
www.malwarebytes.orgDatabase version: 5262
Windows 5.1.2600 Service Pack 3
Internet Explorer 8.0.6001.18702
07-12-2010 19:02:34
mbam-log-2010-12-07 (19-02-34).txt
Skanningstype: Fuldstændig skanning (C:\|D:\|E:\|)
Objekter skannet: 307124
Tid gået: 1 time(e), 20 minut(ter), 19 sekund(er)
Hukommelses Processorer Inficeret: 2
Hukommelses Moduler Inficeret: 0
Registreringsdatabasenøgler Inficeret: 25
Registreringsdatabaseværdier Inficeret: 15
Registreringsdatabasedata Objekter Inficeret: 1
Inficerede Mapper: 27
Inficerede Filer: 26
Hukommelses Processorer Inficeret:
c:\documents and settings\hanne&henrik\application data\MSA\mscj.exe (Backdoor.Bot) -> 4028 -> Unloaded process successfully.
c:\documents and settings\hanne&henrik\application data\MSA\mscj.exe (Backdoor.Bot) -> 1928 -> Unloaded process successfully.
Hukommelses Moduler Inficeret:
(Ingen skadelige objekter blev fundet)
Registreringsdatabasenøgler Inficeret:
HKEY_CLASSES_ROOT\CLSID\{2AA2FBF8-9C76-4E97-A226-25C5F4AB6358} (Adware.Hotbar) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Explorer Bars\{2AA2FBF8-9C76-4E97-A226-25C5F4AB6358} (Adware.Hotbar) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Explorer Bars\{2AA2FBF8-9C76-4E97-A226-25C5F4AB6358} (Adware.Hotbar) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{2B96D5CC-C5B5-49A5-A69D-CC0A30F9028C} (Adware.Minibug) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{8113B5DE-F7EB-4154-A311-497FB80D8BD0} (Trojan.Zlob) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{8113B5DE-F7EB-4154-A311-497FB80D8BD0} (Trojan.Zlob) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{90B8B761-DF2B-48AC-BBE0-BCC03A819B3B} (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{90B8B761-DF2B-48AC-BBE0-BCC03A819B3B} (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{90B8B761-DF2B-48AC-BBE0-BCC03A819B3B} (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Typelib\{3C2D2A1E-031F-4397-9614-87C932A848E0} (Adware.Minibug) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{DAED9266-8C28-4C1C-8B58-5C66EFF1D302} (Search.Hijacker) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\58FA5318502C61E40BB21991AECB25E5 (Rogue.RegistrySmart) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\61BEF09E2D118194E96583C90B1516AC (Rogue.RegistrySmart) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\7E5EAD8FA251C5A45A24533A7762DC9E (Rogue.RegistrySmart) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\9DE13AA5855D8404B8E108518D8A827B (Rogue.RegistrySmart) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\BC59F3451579E1940A4C1D66DF324D81 (Rogue.RegistrySmart) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D3FBC9A707FA89D43A63227C7E3B0B6D (Rogue.RegistrySmart) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\E6F73C824F88EB9409FCF5976F4C9C4B (Rogue.RegistrySmart) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{3788E535-897B-463d-B6D6-FEE5B86EC144} (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\multimediaControls.chl (Trojan.Zlob) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\NetProject (Trojan.Zlob) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\RegistrySmart (Rogue.RegistrySmart) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Zango (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\RegistrySmart (Rogue.RegistrySmart) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Zango (Adware.180Solutions) -> Quarantined and deleted successfully.
Registreringsdatabaseværdier Inficeret:
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\mscj.exe (Backdoor.Bot) -> Value: mscj.exe -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\mscj (Backdoor.Bot) -> Value: mscj -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce\9565335418 (Rogue.Installer) -> Value: 9565335418 -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Toolbar\WebBrowser\{8113B5DE-F7EB-4154-A311-497FB80D8BD0} (Trojan.Zlob) -> Value: {8113B5DE-F7EB-4154-A311-497FB80D8BD0} -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar\{8113B5DE-F7EB-4154-A311-497FB80D8BD0} (Trojan.Zlob) -> Value: {8113B5DE-F7EB-4154-A311-497FB80D8BD0} -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar\{90B8B761-DF2B-48AC-BBE0-BCC03A819B3B} (Adware.Zango) -> Value: {90B8B761-DF2B-48AC-BBE0-BCC03A819B3B} -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Extensions\CmdMapping\{9034A523-D068-4BE8-A284-9DF278BE776E} (Trojan.Zlob) -> Value: {9034A523-D068-4BE8-A284-9DF278BE776E} -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Extensions\CmdMapping\{9034A523-D068-4BE8-A284-9DF278BE776E} (Trojan.Zlob) -> Value: {9034A523-D068-4BE8-A284-9DF278BE776E} -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Toolbar\WebBrowser\{8113B5DE-F7EB-4154-A311-497FB80D8BD0} (Trojan.Zlob) -> Value: {8113B5DE-F7EB-4154-A311-497FB80D8BD0} -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar\{8113B5DE-F7EB-4154-A311-497FB80D8BD0} (Trojan.Zlob) -> Value: {8113B5DE-F7EB-4154-A311-497FB80D8BD0} -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar\{90B8B761-DF2B-48AC-BBE0-BCC03A819B3B} (Adware.Zango) -> Value: {90B8B761-DF2B-48AC-BBE0-BCC03A819B3B} -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\New Windows\Allow\*.securewebinfo.com (Trojan.Zlob) -> Value: *.securewebinfo.com -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\New Windows\Allow\*.safetyincludes.com (Trojan.Zlob) -> Value: *.safetyincludes.com -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\New Windows\Allow\*.securemanaging.com (Trojan.Zlob) -> Value: *.securemanaging.com -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\User Agent\Post Platform\Zango 10.3.37.0 (Adware.Zango) -> Value: Zango 10.3.37.0 -> Quarantined and deleted successfully.
Registreringsdatabasedata Objekter Inficeret:
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\DisableTaskMgr (PUM.Hijack.TaskManager) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.
Inficerede Mapper:
c:\documents and settings\Emil\application data\registrysmart (Rogue.RegistrySmart) -> Quarantined and deleted successfully.
c:\documents and settings\Emil\application data\registrysmart\Log (Rogue.RegistrySmart) -> Quarantined and deleted successfully.
c:\documents and settings\hanne&henrik\application data\registrysmart (Rogue.RegistrySmart) -> Quarantined and deleted successfully.
c:\documents and settings\hanne&henrik\application data\registrysmart\Log (Rogue.RegistrySmart) -> Quarantined and deleted successfully.
c:\documents and settings\hanne&henrik\application data\registrysmart\registry backups (Rogue.RegistrySmart) -> Quarantined and deleted successfully.
c:\documents and settings\Emil\application data\Zango (Adware.Zango) -> Quarantined and deleted successfully.
c:\documents and settings\Emil\application data\Zango\v3.0 (Adware.Zango) -> Quarantined and deleted successfully.
c:\documents and settings\Emil\application data\Zango\v3.0\Zango (Adware.Zango) -> Quarantined and deleted successfully.
c:\documents and settings\Emil\application data\Zango\v3.0\Zango\static (Adware.Zango) -> Quarantined and deleted successfully.
c:\documents and settings\Emil\application data\Zango\v3.0\Zango\static\1 (Adware.Zango) -> Quarantined and deleted successfully.
c:\documents and settings\hanne&henrik\application data\Zango (Adware.Zango) -> Quarantined and deleted successfully.
c:\documents and settings\hanne&henrik\application data\Zango\v3.0 (Adware.Zango) -> Quarantined and deleted successfully.
c:\documents and settings\hanne&henrik\application data\Zango\v3.0\Zango (Adware.Zango) -> Quarantined and deleted successfully.
c:\documents and settings\hanne&henrik\application data\Zango\v3.0\Zango\static (Adware.Zango) -> Quarantined and deleted successfully.
c:\documents and settings\hanne&henrik\application data\Zango\v3.0\Zango\static\1 (Adware.Zango) -> Quarantined and deleted successfully.
c:\programmer\adwarealert (Rogue.AdwareAlert) -> Quarantined and deleted successfully.
c:\programmer\online add-on (Trojan.Zlob) -> Quarantined and deleted successfully.
c:\programmer\registrysmart (Rogue.RegistrySmart) -> Quarantined and deleted successfully.
c:\programmer\Sotfone (Trojan.Zlob) -> Quarantined and deleted successfully.
c:\programmer\Zango (Adware.180Solutions) -> Quarantined and deleted successfully.
c:\programmer\Zango\bin (Adware.180Solutions) -> Quarantined and deleted successfully.
c:\programmer\Zango\bin\10.3.37.0 (Adware.180Solutions) -> Quarantined and deleted successfully.
c:\programmer\Zango\bin\10.3.37.0\firefox (Adware.180Solutions) -> Quarantined and deleted successfully.
c:\programmer\Zango\bin\10.3.37.0\firefox\extensions (Adware.180Solutions) -> Quarantined and deleted successfully.
c:\programmer\Zango\bin\10.3.37.0\firefox\extensions\components (Adware.180Solutions) -> Quarantined and deleted successfully.
c:\programmer\Zango\bin\10.3.37.0\firefox\extensions\plugins (Adware.180Solutions) -> Quarantined and deleted successfully.
c:\WINDOWS\system32\892267 (Trojan.BHO) -> Quarantined and deleted successfully.
Inficerede Filer:
c:\documents and settings\hanne&henrik\application data\MSA\mscj.exe (Backdoor.Bot) -> Quarantined and deleted successfully.
c:\documents and settings\hanne&henrik\lokale indstillinger\application data\9565335418.exe (Rogue.Installer) -> Quarantined and deleted successfully.
c:\documents and settings\hanne&henrik\application data\MSA\781.exe (Rogue.Installer) -> Quarantined and deleted successfully.
c:\documents and settings\hanne&henrik\lokale indstillinger\application data\88156256.exe (Rogue.Installer) -> Quarantined and deleted successfully.
c:\documents and settings\hanne&henrik\lokale indstillinger\Temp\0.30602193094561825.exe (Trojan.Vilsel) -> Quarantined and deleted successfully.
c:\programmer\Zango\bin\10.3.37.0\Weather.exe (Adware.Seekmo) -> Quarantined and deleted successfully.
c:\programmer\Zango\bin\10.3.37.0\zangosaax.dll (Adware.Zango) -> Quarantined and deleted successfully.
c:\programmer\Zango\bin\10.3.37.0\zangosahook.dll (Adware.Seekmo) -> Quarantined and deleted successfully.
c:\system volume information\_restore{fdff6704-b445-46dc-a83c-5857ed410a5e}\RP850\A0138673.exe (Trojan.VB) -> Quarantined and deleted successfully.
c:\documents and settings\hanne&henrik\menuen start\programmer\security tool.lnk (Rogue.SecurityTool) -> Quarantined and deleted successfully.
c:\WINDOWS\Tasks\registrysmart scheduled scan.job (Rogue.RegistrySmart) -> Quarantined and deleted successfully.
c:\documents and settings\Emil\application data\registrysmart\Log\2008 sep 23 - 10_39_22 am_296.log (Rogue.RegistrySmart) -> Quarantined and deleted successfully.
c:\documents and settings\hanne&henrik\application data\registrysmart\Log\2008 oct 12 - 09_18_23 pm_843.log (Rogue.RegistrySmart) -> Quarantined and deleted successfully.
c:\documents and settings\hanne&henrik\application data\registrysmart\registry backups\2008-04-14_19-19-30.reg (Rogue.RegistrySmart) -> Quarantined and deleted successfully.
c:\documents and settings\hanne&henrik\application data\registrysmart\registry backups\2008-04-14_20-56-22.reg (Rogue.RegistrySmart) -> Quarantined and deleted successfully.
c:\programmer\online add-on\ot.ico (Trojan.Zlob) -> Quarantined and deleted successfully.
c:\programmer\online add-on\ts.ico (Trojan.Zlob) -> Quarantined and deleted successfully.
c:\programmer\registrysmart\DataBase.ref (Rogue.RegistrySmart) -> Quarantined and deleted successfully.
c:\programmer\registrysmart\regcleaner.dll (Rogue.RegistrySmart) -> Quarantined and deleted successfully.
c:\programmer\registrysmart\registrysmart.url (Rogue.RegistrySmart) -> Quarantined and deleted successfully.
c:\programmer\Zango\bin\10.3.37.0\arrow.ico (Adware.180Solutions) -> Quarantined and deleted successfully.
c:\programmer\Zango\bin\10.3.37.0\copyright.txt (Adware.180Solutions) -> Quarantined and deleted successfully.
c:\programmer\Zango\bin\10.3.37.0\link.ico (Adware.180Solutions) -> Quarantined and deleted successfully.
c:\programmer\Zango\bin\10.3.37.0\firefox\extensions\chrome.manifest (Adware.180Solutions) -> Quarantined and deleted successfully.
c:\programmer\Zango\bin\10.3.37.0\firefox\extensions\install.rdf (Adware.180Solutions) -> Quarantined and deleted successfully.
c:\programmer\Zango\bin\10.3.37.0\firefox\extensions\components\npclntax.xpt (Adware.180Solutions) -> Quarantined and deleted successfully.
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 16:51:26, on 07-12-2010
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\System32\svchost.exe
C:\Programmer\Fælles filer\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Programmer\Bonjour\mDNSResponder.exe
C:\Programmer\Home Cinema\PowerCinema\Kernel\TV\CLCapSvc.exe
C:\Programmer\Home Cinema\PowerCinema\Kernel\CLML_NTService\CLMLServer.exe
C:\Programmer\Canon\IJPLM\IJPLMSVC.EXE
C:\Programmer\Java\jre6\bin\jqs.exe
C:\Programmer\Fælles filer\LightScribe\LSSrvc.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\HPZipm12.exe
C:\Programmer\CyberLink\Shared Files\RichVideo.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\nipalsm.exe
C:\Programmer\Home Cinema\PowerCinema\Kernel\TV\CLSched.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\Programmer\Home Cinema\PowerCinema\PCMService.exe
C:\WINDOWS\RTHDCPL.EXE
C:\Programmer\Canon\MyPrinter\BJMyPrt.exe
C:\Programmer\ScanSoft\OmniPageSE4\OpwareSE4.exe
C:\Programmer\iTunes\iTunesHelper.exe
C:\Programmer\SilverCrest OML807 Driver\MouClient_FD2_9063RL.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Programmer\Messenger\msmsgs.exe
C:\Programmer\Microsoft ActiveSync\wcescomm.exe
C:\PROGRA~1\COMMON~1\X10\Common\x10nets.exe
C:\Programmer\RayV\RayV\RayV.exe
C:\PROGRA~1\MI3AA1~1\rapimgr.exe
C:\Programmer\Windows Media Player\WMPNSCFG.exe
C:\Documents and Settings\Hanne&Henrik\Application Data\MSA\mscj.exe
C:\documents and settings\hanne&henrik\application data\msa\mscj.exe
C:\Programmer\Internet Explorer\IEXPLORE.EXE
C:\Programmer\iPod\bin\iPodService.exe
C:\Programmer\Internet Explorer\IEXPLORE.EXE
C:\WINDOWS\system32\ctfmon.exe
C:\Programmer\Internet Explorer\IEXPLORE.EXE
C:\Programmer\Internet Explorer\IEXPLORE.EXE
C:\Programmer\Internet Explorer\IEXPLORE.EXE
C:\Programmer\Internet Explorer\IEXPLORE.EXE
C:\Programmer\Internet Explorer\IEXPLORE.EXE
C:\Programmer\Internet Explorer\IEXPLORE.EXE
C:\Programmer\Internet Explorer\IEXPLORE.EXE
C:\Programmer\Mozilla Firefox\firefox.exe
C:\Programmer\Microsoft Office\OFFICE11\WINWORD.EXE
C:\Programmer\Outlook Express\msimn.exe
C:\Programmer\Mozilla Firefox\plugin-container.exe
C:\Programmer\Internet Explorer\IEXPLORE.EXE
C:\Programmer\Internet Explorer\IEXPLORE.EXE
C:\Programmer\Uniblue\RegistryBooster\rbmonitor.exe
C:\Programmer\Uniblue\RegistryBooster\registrybooster.exe
C:\Programmer\Internet Explorer\IEXPLORE.EXE
C:\Documents and Settings\Hanne&Henrik\Skrivebord\HiJackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =
http://www.google.dk/R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
http://go.microsoft.com/fwlink/?LinkId=69157R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
http://go.microsoft.com/fwlink/?LinkId=54896R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =
http://go.microsoft.com/fwlink/?LinkId=54896R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =
http://go.microsoft.com/fwlink/?LinkId=69157R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Hyperlinks
F2 - REG:system.ini: UserInit=C:\WINDOWS\system32\userinit.exe
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programmer\Fælles filer\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {7C109800-A5D5-438F-9640-18D17E168B88} - (no file)
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Zango - {90B8B761-DF2B-48AC-BBE0-BCC03A819B3B} - (no file)
O2 - BHO: (no name) - {C2A1C5CB-C0EF-4689-9436-F62CCA1C5383} - (no file)
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Programmer\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Programmer\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: IE Custom Tools - {8113B5DE-F7EB-4154-A311-497FB80D8BD0} - (no file)
O3 - Toolbar: (no name) - {51D81DD5-55B7-497F-95DB-D356429BB54E} - (no file)
O3 - Toolbar: Zango - {90B8B761-DF2B-48AC-BBE0-BCC03A819B3B} - (no file)
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RunDLL32.exe NvMCTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
O4 - HKLM\..\Run: [MSPY2002] C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe /SYNC
O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [PCMService] "C:\Programmer\Home Cinema\PowerCinema\PCMService.exe"
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [CanonSolutionMenu] C:\Programmer\Canon\SolutionMenu\CNSLMAIN.exe /logon
O4 - HKLM\..\Run: [CanonMyPrinter] C:\Programmer\Canon\MyPrinter\BJMyPrt.exe /logon
O4 - HKLM\..\Run: [SSBkgdUpdate] "C:\Programmer\Fælles filer\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" -Embedding -boot
O4 - HKLM\..\Run: [OpwareSE4] "C:\Programmer\ScanSoft\OmniPageSE4\OpwareSE4.exe"
O4 - HKLM\..\Run: [AppleSyncNotifier] C:\Programmer\Fælles filer\Apple\Mobile Device Support\AppleSyncNotifier.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Programmer\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Programmer\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [Launch SilverCrest OML807] C:\Programmer\SilverCrest OML807 Driver\MouClient_FD2_9063RL.exe
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Programmer\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [H/PC Connection Agent] "C:\Programmer\Microsoft ActiveSync\wcescomm.exe"
O4 - HKCU\..\Run: [RayV] C:\Programmer\RayV\RayV\RayV.exe /background
O4 - HKCU\..\Run: [WMPNSCFG] C:\Programmer\Windows Media Player\WMPNSCFG.exe
O4 - HKCU\..\Run: [mscj.exe] C:\Documents and Settings\Hanne&Henrik\Application Data\MSA\mscj.exe
O4 - HKCU\..\Run: [mscj] c:\documents and settings\hanne&henrik\application data\msa\mscj.exe
O4 - HKCU\..\RunOnce: [9565335418] "C:\Documents and Settings\Hanne&Henrik\Lokale indstillinger\Application Data\9565335418.exe" 4 27 64C665BE-4DE7-423B-A6B6-BC0172B25DF2
O4 - HKCU\..\RunOnce: [RegistryBooster] "C:\Programmer\Uniblue\RegistryBooster\launcher.exe" -w
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOKAL TJENESTE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETVÆRKSTJENESTE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O8 - Extra context menu item: Add to Google Photos Screensa&ver -
res://C:\WINDOWS\system32\GPhotos.scr/200O8 - Extra context menu item: E&ksporter til Microsoft Excel -
res://C:\PROGRA~1\MICROS~4\Office10\EXCEL.EXE/3000O9 - Extra button: FirstClass® - {02011FE3-C22B-451d-9A25-BF4DBB38B8E7} - C:\WINDOWS\Downloaded Program Files\CONFLICT.1\fcplugin.dll
O9 - Extra button: Create Mobile Favorite - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MI3AA1~1\INetRepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MI3AA1~1\INetRepl.dll
O9 - Extra 'Tools' menuitem: Create Mobile Favorite... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MI3AA1~1\INetRepl.dll
O9 - Extra button: Opslag - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~4\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {B205A35E-1FC4-4CE3-818B-899DBBB3388C} - C:\Programmer\Fælles filer\Microsoft Shared\Encarta Search Bar\ENCSBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programmer\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programmer\Messenger\msmsgs.exe
O16 - DPF: {149E45D8-163E-4189-86FC-45022AB2B6C9} (SpinTop DRM Control) -
file:///C:/Programmer/Mahjong%20Escape%20-%20Ancient%20Japan/Images/stg_drm.ocxO16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) -
http://go.microsoft.com/fwlink/?linkid=48835O16 - DPF: {1C11B948-582A-433F-A98D-A8C4D5CC64F2} (20-20 3D Viewer) -
http://kitchenplanner.ikea.com/DK/Core/Player/2020PlayerAX_Win32.cabO16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) -
http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1130600261343O16 - DPF: {9C196458-4145-46AF-8A77-1506878DFECA} (FirstClass® Control) -
ftp://ftp.sektornet.dk/sektornet/skolekom/fcplugin.cabO16 - DPF: {CC450D71-CC90-424C-8638-1F2DBAC87A54} (ArmHelper Control) -
file:///C:/Programmer/Mahjong%20Escape%20-%20Ancient%20Japan/Images/armhelper.ocxO16 - DPF: {D216644A-C6DB-49D9-BBCF-D38FE7991BF2} -
https://udstedelse.certifikat.tdc.dk/csp/authenticode/tdccsp-0506.exeO17 - HKLM\System\CCS\Services\Tcpip\..\{D2219074-D47C-4454-A032-1C5B70DCB933}: NameServer = 208.67.223.233,208.67.220.220
O18 - Protocol: fcp - {B3133379-8789-4D3C-9593-C205D7297501} - C:\WINDOWS\Downloaded Program Files\CONFLICT.1\fcplugin.dll
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Programmer\Fælles filer\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: Bonjour tjeneste (Bonjour Service) - Apple Inc. - C:\Programmer\Bonjour\mDNSResponder.exe
O23 - Service: CyberLink Background Capture Service (CBCS) (CLCapSvc) - Unknown owner - C:\Programmer\Home Cinema\PowerCinema\Kernel\TV\CLCapSvc.exe
O23 - Service: CyberLink Task Scheduler (CTS) (CLSched) - Unknown owner - C:\Programmer\Home Cinema\PowerCinema\Kernel\TV\CLSched.exe
O23 - Service: CyberLink Media Library Service - Cyberlink - C:\Programmer\Home Cinema\PowerCinema\Kernel\CLML_NTService\CLMLServer.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Programmer\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Programmer\Fælles filer\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: PIXMA Extended Survey Program (IJPLMSVC) - Unknown owner - C:\Programmer\Canon\IJPLM\IJPLMSVC.EXE
O23 - Service: iPod-tjeneste (iPod Service) - Apple Inc. - C:\Programmer\iPod\bin\iPodService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Programmer\Java\jre6\bin\jqs.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Programmer\Fælles filer\LightScribe\LSSrvc.exe
O23 - Service: nipxirmu - National Instruments Corporation - C:\WINDOWS\system32\nipalsm.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Programmer\CyberLink\Shared Files\RichVideo.exe
O23 - Service: X10 Device Network Service (x10nets) - X10 - C:\PROGRA~1\COMMON~1\X10\Common\x10nets.exe
--
End of file - 12202 bytes
Hvad gør jeg så herefter?
Mange hilsner
aarde
