min computer brød sammen, men fik dog startet den i reperationstilstand... så nu er jeg her igen med log.. skal siges jeg ikke kan starte computeren i normal tilstand, da den bare viser sort skærm og ikke kommer videre.. ved ikke hvad jeg kan gøre nu - har skannet og kørt ccleaner osv..
Malwarebytes' Anti-Malware 1.46
www.malwarebytes.orgDatabase version: 4466
Windows 5.1.2600 Service Pack 3 (Safe Mode)
Internet Explorer 7.0.5730.13
25-08-2010 14:29:10
mbam-log-2010-08-25 (14-29-10).txt
Skanningstype: Fuldstændig skanning (C:\|D:\|)
Objekter skannet: 376366
Tid gået: 2 time(e), 32 minut(ter), 56 sekund(er)
Hukommelses Processorer Inficeret: 0
Hukommelses Moduler Inficeret: 0
Registreringsdatabasenøgler Inficeret: 19
Registreringsdatabaseværdier Inficeret: 5
Registreringsdatabasedata Objekter Inficeret: 1
Inficerede Mapper: 9
Inficerede Filer: 32
Hukommelses Processorer Inficeret:
(Ingen skadelige objekter blev fundet)
Hukommelses Moduler Inficeret:
(Ingen skadelige objekter blev fundet)
Registreringsdatabasenøgler Inficeret:
HKEY_CLASSES_ROOT\CLSID\{1b28b62d-16aa-4a5c-aa40-ad1a6f5080c2} (Trojan.BHO) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{1b28b62d-16aa-4a5c-aa40-ad1a6f5080c2} (Trojan.BHO) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1b28b62d-16aa-4a5c-aa40-ad1a6f5080c2} (Trojan.BHO) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{ca6704fb-6b46-4058-a797-befd9d378576} (Trojan.BHO) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\chkaqpyxhst.chkaqpyxhst (Trojan.BHO) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\chkaqpyxhst.chkaqpyxhst.1.0 (Trojan.BHO) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\AppID\{84c3c236-f588-4c93-84f4-147b2abbe67b} (Adware.Adrotator) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{0bfa252e-7577-4bd7-b7ae-08973c012a0d} (Trojan.BHO) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{0bfa252e-7577-4bd7-b7ae-08973c012a0d} (Trojan.BHO) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0bfa252e-7577-4bd7-b7ae-08973c012a0d} (Trojan.BHO) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\209K1I9HN8 (Trojan.FakeAlert) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\XBV6RD5SZF (Trojan.FakeAlert) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Handle (Malware.Trace) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Sky-Banners (Adware.Adrotator) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\Software\Street-Ads (Adware.Adrotator) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\XML (Trojan.FakeAlert) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\$NtUninstallMTF1011$ (Adware.Adrotator) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Sky-Banners (Adware.Adrotator) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Street-Ads (Adware.Adrotator) -> Quarantined and deleted successfully.
Registreringsdatabaseværdier Inficeret:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\bipro (Trojan.BHO) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\ruvviugi (Rogue.SecuritySuite) -> Quarantined and deleted successfully.
HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\ruvviugi (Rogue.SecuritySuite) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\xbv6rd5szf (Trojan.FakeAlert) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\taskman (Worm.Palevo) -> Delete on reboot.
Registreringsdatabasedata Objekter Inficeret:
HKEY_CLASSES_ROOT\regfile\shell\open\command\(default) (Broken.OpenCommand) -> Bad: ("regedit.exe" "%1") Good: (regedit.exe "%1") -> Quarantined and deleted successfully.
Inficerede Mapper:
C:\Documents and Settings\Kjeld\Application Data\Sky-Banners (Adware.Adrotator) -> Quarantined and deleted successfully.
C:\Documents and Settings\Kjeld\Application Data\Sky-Banners\skb (Adware.Adrotator) -> Quarantined and deleted successfully.
C:\Documents and Settings\NetworkService\Application Data\Sky-Banners (Adware.Adrotator) -> Quarantined and deleted successfully.
C:\Documents and Settings\NetworkService\Application Data\Sky-Banners\skb (Adware.Adrotator) -> Quarantined and deleted successfully.
C:\Documents and Settings\Kjeld\Application Data\Street-Ads (Adware.Adrotator) -> Quarantined and deleted successfully.
C:\Documents and Settings\Kjeld\Application Data\Street-Ads\sta (Adware.Adrotator) -> Quarantined and deleted successfully.
C:\Documents and Settings\NetworkService\Application Data\Street-Ads (Adware.Adrotator) -> Quarantined and deleted successfully.
C:\Documents and Settings\NetworkService\Application Data\Street-Ads\sta (Adware.Adrotator) -> Quarantined and deleted successfully.
C:\WINDOWS\$NtUninstallMTF1011$ (Adware.Adrotator) -> Quarantined and deleted successfully.
Inficerede Filer:
C:\WINDOWS\$NtUninstallMTF1011$\mmduch.dll (Trojan.BHO) -> Quarantined and deleted successfully.
C:\Documents and Settings\NetworkService\Lokale indstillinger\Application Data\icllqjosj\lwaflkrshdw.exe (Rogue.SecuritySuite) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\vrddmjb.sys (Rootkit.Bubnix) -> Quarantined and deleted successfully.
C:\WINDOWS\Temp\lgwxdotl.exe (Adware.BHO) -> Quarantined and deleted successfully.
C:\WINDOWS\Temp\nhap.exe (Rogue.SecuritySuite) -> Quarantined and deleted successfully.
C:\WINDOWS\Temp\st_la819_1930.exe (Adware.BHO) -> Quarantined and deleted successfully.
C:\WINDOWS\$NtUninstallMTF1011$\mmx.dll (Trojan.BHO) -> Quarantined and deleted successfully.
C:\Documents and Settings\Kjeld\Dokumenter\Hentede filer\bjballroom.exe (Adware.Casino) -> Quarantined and deleted successfully.
C:\Documents and Settings\Kjeld\Dokumenter\Hentede filer\Setup_LadbrokesCasino.exe (Adware.Casino) -> Quarantined and deleted successfully.
C:\Documents and Settings\Kjeld\Dokumenter\Hentede filer\SpinPalace.exe (PUP.Adware.Casino) -> Quarantined and deleted successfully.
C:\Documents and Settings\Kjeld\Dokumenter\Hentede filer\virtualcity.exe (Adware.Casino) -> Quarantined and deleted successfully.
C:\Documents and Settings\Kjeld\Lokale indstillinger\Application Data\mpeoqgohg\aibvvxqshdw.exe (Trojan.FakeAlert.Gen) -> Quarantined and deleted successfully.
C:\Documents and Settings\Kjeld\Lokale indstillinger\Application Data\yqbnqhpjk\aihgsqfshdw.exe (Trojan.FakeAlert.Gen) -> Quarantined and deleted successfully.
C:\Documents and Settings\Kjeld\Lokale indstillinger\Temp\xjhjqiu.exe (Adware.BHO) -> Quarantined and deleted successfully.
C:\Documents and Settings\Kjeld\Lokale indstillinger\Temp\1ec2a9dc.tmp (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\Documents and Settings\Kjeld\Lokale indstillinger\Temp\23013.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Kjeld\Lokale indstillinger\Temp\3fd5e340.tmp (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\Documents and Settings\Kjeld\Lokale indstillinger\Temp\55E.tmp (Rootkit.Dropper) -> Quarantined and deleted successfully.
C:\Documents and Settings\Kjeld\Lokale indstillinger\Temp\560.tmp (Rootkit.Dropper) -> Quarantined and deleted successfully.
C:\Documents and Settings\Kjeld\Lokale indstillinger\Temp\562.tmp (Rootkit.Dropper) -> Quarantined and deleted successfully.
C:\Documents and Settings\Kjeld\Lokale indstillinger\Temp\80f904fc.tmp (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\Documents and Settings\Kjeld\Lokale indstillinger\Temp\st_la819_1930.exe (Adware.BHO) -> Quarantined and deleted successfully.
C:\Documents and Settings\Kjeld\Lokale indstillinger\Temp\sxcfgslr.exe (Trojan.FakeAlert.Gen) -> Quarantined and deleted successfully.
C:\Documents and Settings\Kjeld\Lokale indstillinger\Temp\eqhff.exe (Trojan.FakeAlert.Gen) -> Quarantined and deleted successfully.
C:\Documents and Settings\Kjeld\Lokale indstillinger\Temp\knam.exe (Adware.BHO) -> Quarantined and deleted successfully.
C:\WINDOWS\$NtUninstallMTF1011$\apUninstall.exe (Adware.Adrotator) -> Quarantined and deleted successfully.
C:\WINDOWS\$NtUninstallMTF1011$\zrpt.xml (Adware.Adrotator) -> Quarantined and deleted successfully.
C:\Documents and Settings\Kjeld\Lokale indstillinger\Temp\Gq0.exe (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\Documents and Settings\Kjeld\Application Data\ohydy.exe (Worm.Palevo) -> Delete on reboot.
C:\WINDOWS\system32\Drivers\ntndis.sys (Rootkit.Agent) -> Delete on reboot.
C:\WINDOWS\system32\ipsecndis.sys (Rootkit.Agent) -> Delete on reboot.
C:\WINDOWS\Tasks\{22116563-108C-42c0-A7CE-60161B75E508}.job (Trojan.Downloader) -> Quarantined and deleted successfully.
og hjijack this:
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 12:22:44, on 27-08-2010
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.17080)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Programmer\Microsoft Security Essentials\MsMpEng.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\svchost.exe
C:\Programmer\Adobe\Photoshop Elements 6.0\PhotoshopElementsFileAgent.exe
C:\WINDOWS\Explorer.exe
D:\Programmer\IEInspector\HTTPAnalyzerFullV5\InjectWinSockServiceV5.exe
C:\Programmer\HTTP Debugger Pro\mfnsvc.exe
C:\Programmer\Java\jre6\bin\jqs.exe
C:\WINDOWS\system32\PnkBstrA.exe
C:\Programmer\CyberLink\Shared files\RichVideo.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\wdfmgr.exe
C:\WINDOWS\system32\fxssvc.exe
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Programmer\Malwarebytes' Anti-Malware\mbam.exe
C:\Programmer\Mozilla Firefox\firefox.exe
C:\WINDOWS\system32\NOTEPAD.EXE
C:\WINDOWS\System32\alg.exe
C:\Programmer\Microsoft Security Essentials\MpCmdRun.exe
C:\Programmer\Mozilla Firefox\plugin-container.exe
C:\Documents and Settings\Kjeld\Dokumenter\Hentede filer\HiJackThis.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =
http://www.facebook.com/ (...)R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
http://www.packardbell.comR1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
http://go.microsoft.com/ (...)R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =
http://go.microsoft.com/ (...)R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =
http://go.microsoft.com/ (...)R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext =
http://go.microsoft.com/ (...)R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = http=127.0.0.1:6522
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Hyperlinks
R3 - URLSearchHook: (no name) - - (no file)
F2 - REG:system.ini: Shell=Explorer.exe
O2 - BHO: SnagIt Toolbar Loader - {00C6482D-C502-44C8-8409-FCE54AD9C208} - C:\Programmer\TechSmith\Snagit 9\SnagitBHO.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Programmer\Fælles filer\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: CyberFlash - {5FC650AA-7947-405F-986E-FD894CE69723} - C:\CYBERF~1\Program\CYBERF~1.DLL
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Programmer\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: (no name) - {75B895B3-7025-4F8C-A464-60E66A46C7AA} - c:\windows\system32\diidvdy.dll (file missing)
O2 - BHO: Hjælp til tilmelding til Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programmer\Fælles filer\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: IEInspector Browser Helper - {9B43B7B1-BF56-4708-81D2-332D708B0DD9} - D:\Programmer\IEInspector\HTTPAnalyzerFullV5\IEInspectorBHO.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Programmer\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Programmer\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O2 - BHO: HttpWatch Basic - {F1F69322-008F-4895-B2BF-AD194219825A} - C:\Programmer\HttpWatch\httpwatchsc.dll
O3 - Toolbar: Snagit - {8FF5E183-ABDE-46EB-B09E-D2AAB95CABE3} - C:\Programmer\TechSmith\Snagit 9\SnagitIEAddin.dll
O3 - Toolbar: TextAloud - {F053C368-5458-45B2-9B4D-D8914BDDDBFF} - C:\Programmer\TextAloud\TAForIE.dll
O4 - HKLM\..\Run: [ISTray] "C:\Programmer\Spyware Doctor\pctsTray.exe"
O4 - HKLM\..\Run: [SWPROguard] C:\Programmer\Fighters\SPYWAREfighter\SWPROTray.exe
O4 - HKLM\..\Run: [Malwarebytes Anti-Malware (reboot)] "C:\Programmer\Malwarebytes' Anti-Malware\mbam.exe" /runcleanupscript
O4 - HKLM\..\Run: [MSSE] "C:\Programmer\Microsoft Security Essentials\msseces.exe" -hide -runkey
O4 - HKCU\..\Run: [SUPERAntiSpyware] C:\Programmer\SUPERAntiSpyware\SUPERAntiSpyware.exe
O4 - HKCU\..\Run: [H/PC Connection Agent] "C:\Programmer\Microsoft ActiveSync\wcescomm.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOKAL TJENESTE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETVÆRKSTJENESTE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: OneNote 2007 Screen Clipper and Launcher.lnk = C:\Programmer\Microsoft Office\Office12\ONENOTEM.EXE
O8 - Extra context menu item: E&xport to Microsoft Excel -
res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000O8 - Extra context menu item: Free YouTube to Mp3 Converter - C:\Documents and Settings\Kjeld\Application Data\DVDVideoSoftIEHelpers\youtubetomp3.htm
O8 - Extra context menu item: Sothink SWF Catcher - C:\Programmer\Fælles filer\SourceTec\SWF Catcher\InternetExplorer.htm
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra button: Create Mobile Favorite - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MICROS~4\INetRepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MICROS~4\INetRepl.dll
O9 - Extra 'Tools' menuitem: Create Mobile Favorite... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MICROS~4\INetRepl.dll
O9 - Extra button: Betway Casino - {3063c161-2f7e-4225-ba73-08bc8f64c67e} - C:\Programmer\Betway\Casino\casinogame.exe (file missing)
O9 - Extra button: PokerStars - {3AD14F0C-ED16-4e43-B6D8-661B03F6A1EF} - C:\Programmer\PokerStars\PokerStarsUpdate.exe
O9 - Extra button: Betway.com Poker - {4CBB5C71-1BA0-49ca-93CD-159AF8AA0CC9} - C:\Programmer\Betway\Poker\MPPoker.exe (file missing)
O9 - Extra button: CyberFlash - {696bbd5a-950e-445b-b9c9-dfc7b9f3cfc6} - C:\CYBERF~1\Program\CYBERF~1.DLL
O9 - Extra 'Tools' menuitem: CyberFlash - {696bbd5a-950e-445b-b9c9-dfc7b9f3cfc6} - C:\CYBERF~1\Program\CYBERF~1.DLL
O9 - Extra button: IEWatch Professional - {78E5BB46-9A20-402F-BA66-B5634D177D77} - C:\Programmer\IEWatch\IEWatch.dll
O9 - Extra 'Tools' menuitem: IEWatch - {78E5BB46-9A20-402F-BA66-B5634D177D77} - C:\Programmer\IEWatch\IEWatch.dll
O9 - Extra button: IE HTTPAnalyzer V5 - {858CFDE9-D018-453E-80D9-FD4FC3EF631E} - D:\Programmer\IEInspector\HTTPAnalyzerFullV5\IEHTTPAnalyzerV5.dll
O9 - Extra 'Tools' menuitem: IE HTTPAnalyzer V5 - {858CFDE9-D018-453E-80D9-FD4FC3EF631E} - D:\Programmer\IEInspector\HTTPAnalyzerFullV5\IEHTTPAnalyzerV5.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL
O9 - Extra button: PartyCasino - {B4B52284-A248-4c51-9F7C-F0A0C67FCC9D} - C:\Programmer\PartyGaming\PartyCasino\RunApp.exe (file missing)
O9 - Extra 'Tools' menuitem: PartyCasino - {B4B52284-A248-4c51-9F7C-F0A0C67FCC9D} - C:\Programmer\PartyGaming\PartyCasino\RunApp.exe (file missing)
O9 - Extra button: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Programmer\PartyGaming\PartyPoker\RunApp.exe
O9 - Extra 'Tools' menuitem: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Programmer\PartyGaming\PartyPoker\RunApp.exe
O9 - Extra button: Ladbrokes Poker - {C2A80015-C447-4dc4-82DD-AED83D6ED57E} - C:\Microgaming\Poker\ladbrokesMPP\MPPoker.exe (file missing)
O9 - Extra button: HttpWatch Basic - {D103E85B-5D67-42c1-8C83-F01079DBAB26} - C:\Programmer\HttpWatch\httpwatch.dll
O9 - Extra 'Tools' menuitem: HttpWatch Basic - {D103E85B-5D67-42c1-8C83-F01079DBAB26} - C:\Programmer\HttpWatch\httpwatch.dll
O9 - Extra button: Sothink SWF Catcher - {E19ADC6E-3909-43E4-9A89-B7B676377EE3} - C:\Programmer\Fælles filer\SourceTec\SWF Catcher\InternetExplorer.htm
O9 - Extra 'Tools' menuitem: Sothink SWF Catcher - {E19ADC6E-3909-43E4-9A89-B7B676377EE3} - C:\Programmer\Fælles filer\SourceTec\SWF Catcher\InternetExplorer.htm
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Bodog Poker - {F47C1DB5-ED21-4dc1-853E-D1495792D4C5} - C:\Programmer\Bodog Poker\BPGame.exe (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programmer\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programmer\Messenger\msmsgs.exe
O9 - Extra button: Spin Palace Casino - BBB4C19B-5A18-4D83-B260-FCA59A04C46A - C:\Microgaming\Casino\SpinPalace\Casinogame.exe (file missing) (HKCU)
O9 - Extra button: Unibet - {00000000-0000-0000-0000-000000000000} - C:\MicroGaming\Poker\unibetpokerMPP\MPPoker.exe (file missing) (HKCU)
O9 - Extra button: InterCasino GBP - {03588886-5C50-4645-BD5D-F105F84417DE} - C:\Documents and Settings\Kjeld\Skrivebord\InterCasino GBP.lnk (HKCU)
O9 - Extra 'Tools' menuitem: InterCasino GBP - {03588886-5C50-4645-BD5D-F105F84417DE} - C:\Documents and Settings\Kjeld\Skrivebord\InterCasino GBP.lnk (HKCU)
O9 - Extra button: Absolute Poker - {1FBA04EE-3024-11d2-8F1F-0000F87ABD16} - C:\Documents and Settings\Kjeld\Menuen Start\Programmer\Absolute Poker\Absolute Poker.lnk (file missing) (HKCU)
O9 - Extra 'Tools' menuitem: Absolute Poker - {1FBA04EE-3024-11d2-8F1F-0000F87ABD16} - C:\Documents and Settings\Kjeld\Menuen Start\Programmer\Absolute Poker\Absolute Poker.lnk (file missing) (HKCU)
O9 - Extra button: Blackjack Ballroom Casino - {34B7C227-B9CA-4DD2-8A9C-FD7E0C7D9616} - C:\Microgaming\Casino\BJBallroom\casinogame.exe (file missing) (HKCU)
O9 - Extra button: VIP Casino - {3B501CBC-D009-4DAB-ADAF-B882F2F0A447} - C:\Documents and Settings\Kjeld\Skrivebord\VIP Casino.lnk (file missing) (HKCU)
O9 - Extra 'Tools' menuitem: VIP Casino - {3B501CBC-D009-4DAB-ADAF-B882F2F0A447} - C:\Documents and Settings\Kjeld\Skrivebord\VIP Casino.lnk (file missing) (HKCU)
O9 - Extra button: All Slots Casino - {3BA6346F-1B71-45B9-A6DE-C97C0B19255E} - C:\Microgaming\Casino\AllSlots\casinogame.exe (file missing) (HKCU)
O9 - Extra button: Spin Palace Casino - {43D91B34-30BF-4758-B2B3-B4B7EFE0BF1F} - C:\Microgaming\Casino\SpinPalace\casinogame.exe (file missing) (HKCU)
O9 - Extra button: Virtual City Casino - {489699BD-7B15-4993-88F4-239416A88992} - C:\Microgaming\Casino\VirtualCity\casinogame.exe (file missing) (HKCU)
O9 - Extra button: InterCasino USD - {909AAEB6-C2CB-4AB5-A7BB-C33B72AB4BFB} - C:\Documents and Settings\Kjeld\Skrivebord\InterCasino USD.lnk (HKCU)
O9 - Extra 'Tools' menuitem: InterCasino USD - {909AAEB6-C2CB-4AB5-A7BB-C33B72AB4BFB} - C:\Documents and Settings\Kjeld\Skrivebord\InterCasino USD.lnk (HKCU)
O9 - Extra button: Sportsbook.com - {a0cadf8e-1c3d-4463-89f9-b6db8e1fe580} - C:\Documents and Settings\Kjeld\Menuen Start\Programmer\Sportsbook.com\Sportsbook.com.lnk (file missing) (HKCU)
O9 - Extra button: CarbonPoker - {e4e8c758-34b4-44bb-8ef9-1f0786e81d2d} - C:\Documents and Settings\Kjeld\Menuen Start\Programmer\CarbonPoker\CarbonPoker.lnk (file missing) (HKCU)
O9 - Extra button: All Slots Casino - {EC175276-BA9B-464C-99D3-E05A388B4EE0} - C:\Microgaming\Casino\AllSlots\casinogame.exe (file missing) (HKCU)
O9 - Extra button: 32Red Casino - {F84A9D04-1A2F-4BE4-B6A9-8D8B184A66C6} - C:\Microgaming\Casino\32Red\casinogame.exe (file missing) (HKCU)
O10 - Unknown file in Winsock LSP: c:\programmer\http debugger pro\mfnsp32.dll
O10 - Unknown file in Winsock LSP: c:\programmer\http debugger pro\mfnsp32.dll
O10 - Unknown file in Winsock LSP: c:\programmer\http debugger pro\mfnsp32.dll
O10 - Unknown file in Winsock LSP: c:\programmer\http debugger pro\mfnsp32.dll
O10 - Unknown file in Winsock LSP: c:\programmer\http debugger pro\mfnsp32.dll
O10 - Unknown file in Winsock LSP: c:\programmer\http debugger pro\mfnsp32.dll
O16 - DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} (Facebook Photo Uploader 5 Control) -
http://upload.facebook.com/ (...)O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) -
http://messenger.zone.msn.com/ (...)O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) -
http://messenger.zone.msn.com/ (...)O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) -
https://fpdownload.macromedia.com/ (...)O17 - HKLM\System\CCS\Services\Tcpip\..\{6A4678B7-B6B2-4EB7-9A78-EDF770BECE08}: NameServer = 208.67.222.222,208.67.220.222
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Programmer\Microsoft Office\Office12\GrooveSystemServices.dll
O20 - Winlogon Notify: !SASWinLogon - C:\WINDOWS\
O23 - Service: Adobe Active File Monitor V6 (AdobeActiveFileMonitor6.0) - Unknown owner - C:\Programmer\Adobe\Photoshop Elements 6.0\PhotoshopElementsFileAgent.exe
O23 - Service: Apache2.2 - Apache Software Foundation - D:\xampp\apache\bin\httpd.exe
O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Programmer\Fælles filer\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: HttpAnalyzerV5 CodeHook service (HttpAnalyzerV5 DllInjectService) - Unknown owner - D:\Programmer\IEInspector\HTTPAnalyzerFullV5\InjectWinSockServiceV5.exe
O23 - Service: HTTP Debugger (HTTPDebugger) - MadeForNet.com - C:\Programmer\HTTP Debugger Pro\mfnsvc.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Programmer\Fælles filer\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Programmer\Java\jre6\bin\jqs.exe
O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Programmer\CyberLink\Shared files\RichVideo.exe
O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - Unknown owner - C:\Programmer\WinPcap\rpcapd.exe (file missing)
--
End of file - 15047 bytes
