chrome virker ikke, internet explorer viser fejlmeddelse og den starter op 3 ud af 4 gange uden ikoner og taskbar
  GunnerG
Antal indlæg: 62

Hej

Jeg håber I kan hjælpe, for nu er den da helt gal smile

For en lille månede siden begyndte jeg at bruge www. ,?gametap.com, nogen af spillene fik mit virus program (Avira) til at poppe op, men i følge gametap og brugerne skulle det bare være en fejl.
For 2 uger siden holdte Chrome så op med at virke, nu vil den kun vise “Øv, siden kunne ikke loades” - jeg har prøvet at skifte bruger og afinstaller/installer men lige lidt hjælper det.
Jeg tænkte at min computer var på vej på losepladsen og jeg heller måtte redde det jeg gerne ville gemme, så jeg flyttede en del over på ny indkøbt ekstren harddisk. Derefter slettede jeg lidt og ændre størrelsen på hvor meget plads der skulle reserveres til “system restore”.
Jeg ved ikke om det har noget med mine problemer at gøre, men siden da er computeren begyndt at gå ned med blå skærm “IRQL_NOT_LESS_OR_EQUAL:”

I går og i dag er den så startet op uden ikoner på skrivebordet og taskbar, jeg kan dog godt komme ind i task manager og kan se explorer kører. Har prøvet at stoppe og starte det, men det hjælper ikke.
Efter et par genstart, bliver alt dog “normalt”.

Jeg har kørt Avast og Spyware Termiantor samt opdateret xp pro.
Håber jeg har husket det hele og at I kan hjælpe.
Vh Gunnera

Link ændret af f-arn

Administrator
Antal indlæg: 8531

Hej smile

Hent “Malwarebytes’ Anti-Malware” her: http://www.malwarebytes.org/mbam.php

Eller her ->
http://www.download.com/Malwarebytes-Anti-Malware/3000-8022_4-10804572.html?tag=mncol;pop&cdlPid=10878968

Installer og start programmet, klik på fanen opdater, klik Tjek for opdatering, lav “Hurtig skan” under fanebladet “skanner”
Bagefter klik på “vis resultater”, tryk på “Fjern det valgte” og send loggen herind sammen med en log fra Hijackthis som du finder her:

http://go.trendmicro.com/free-tools/hijackthis/HiJackThis.exe
Kør HijackThis, klik på “Do a systemscan scan and save a logfile”  kopier loggens tekst og send den herind.

Bemærk Hijackthis skal gemmes på computeren og ikke køres fra nettet

Mht.: Vista og Windows 7 - højreklik på filen - Kør som Administrator.

NB Når du opdaterer Malwarebytes, så klik på Tjek for opdatering til den skriver at der ikke er flere opdateringer.

Signatur

Undlad venligst at vedhæfte logs, medmindre du bliver bedt om det !

  GunnerG
Antal indlæg: 62

Tak for hjælpen…

Efter at have køre Malware skal jeg genstarte for at færdiggøre processen, mens windows lukkes får jeg fejlmeddelsen at malware har lavet en fejl og skal lukkes. Computeren starter op uden ikoner, derefter to gange med blåskærm så snart jeg trykker på noget. Men nu virker den lidt igen.

Her er log’sne tror dog ikke malware blev helt færdig

Malwarebytes’ Anti-Malware 1.46
http://www.malwarebytes.org

Database version: 4433

Windows 5.1.2600 Service Pack 3
Internet Explorer 8.0.6001.18702

15-08-2010 19:47:39
mbam-log-2010-08-15 (19-47-39).txt

Scan type: Quick scan
Objects scanned: 206884
Time elapsed: 44 minute(s), 53 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 2
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 1
Files Infected: 6

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{6fd31ed6-7c94-4bbc-8e95-f927f4d3a949} (Adware.180Solutions) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Screensavers.com (Adware.Comet) -> Quarantined and deleted successfully.

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
C:\Documents and Settings\Torbjørn\Start Menu\Programs\malware Defense (Rogue.MalwareDefense) -> Quarantined and deleted successfully.

Files Infected:
C:\Documents and Settings\Torbjørn\Start Menu\Programs\malware Defense\Malware Defense Support.lnk (Rogue.MalwareDefense) -> Quarantined and deleted successfully.
C:\Documents and Settings\Torbjørn\Start Menu\Programs\malware Defense\Malware Defense.lnk (Rogue.MalwareDefense) -> Quarantined and deleted successfully.
C:\Documents and Settings\Torbjørn\Start Menu\Programs\malware Defense\Uninstall Malware Defense.lnk (Rogue.MalwareDefense) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users\Application Data\sysReserve.ini (Malware.Trace) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\H8SRTwuudafllic.dat (Rootkit.TDSS) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\krl32mainweq.dll (Trojan.DNSChanger) -> Quarantined and deleted successfully.

 

Her er Hijack - jeg kunne dog ikke bruge linket, men fandt programmet gennem trendmicro hjemmeside. Derudover opstod der to fejl under scanningen.

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 20:19:04, on 15-08-2010
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\acs.exe
C:\WINDOWS\system32\agrsmsvc.exe
C:\Program Files\BlueTooth-WIDCOMM\Bluetooth Software\bin\btwdins.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Google\Update\GoogleUpdate.exe
C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe
C:\Program Files\NVIDIA Corporation\nTune\nTuneService.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\Softex\OmniPass\Omniserv.exe
C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
C:\Program Files\Spyware Terminator\sp_rsser.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\TUProgSt.exe
C:\Program Files\Softex\OmniPass\OPXPApp.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\taskmgr.exe
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe
C:\Program Files\Microsoft IntelliPoint\ipoint.exe
C:\Program Files\Intel\Wireless\Bin\EOUWiz.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe
C:\Program Files\Logitech\SetPointP\SetPoint.exe
C:\PROGRA~1\ALWILS~1\Avast5\avastUI.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Documents and Settings\Torbjørn\Local Settings\Application Data\Google\Update\GoogleUpdate.exe
C:\Program Files\Common Files\LogiShrd\KHAL3\KHALMNPR.EXE
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\WINDOWS\System32\msiexec.exe
C:\Program Files\hijack\Trend Micro\HiJackThis\HiJackThis.exe
C:\Documents and Settings\Torbjørn\Local Settings\Application Data\Google\Chrome\Application\chrome.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.dk/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.5.5126.1836\swg.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [KTPWare] C:\Program Files\Elantech\ktp.exe
O4 - HKLM\..\Run: [IntelWireless] “C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe” /tf Intel PROSet/Wireless
O4 - HKLM\..\Run: [IntelliPoint] “c:\Program Files\Microsoft IntelliPoint\ipoint.exe”
O4 - HKLM\..\Run: [EOUApp] “C:\Program Files\Intel\Wireless\Bin\EOUWiz.exe”
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] “C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe”
O4 - HKLM\..\Run: [Adobe ARM] “C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe”
O4 - HKLM\..\Run: [EvtMgr6] C:\Program Files\Logitech\SetPointP\SetPoint.exe /launchGaming
O4 - HKLM\..\Run: [avast5] C:\PROGRA~1\ALWILS~1\Avast5\avastUI.exe /nogui
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [NVIDIA nTune] “C:\Program Files\NVIDIA Corporation\nTune\nTuneCmd.exe” clear
O4 - HKCU\..\Run: [swg] “C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe”
O4 - HKCU\..\Run: [Google Update] “C:\Documents and Settings\Torbjørn\Local Settings\Application Data\Google\Update\GoogleUpdate.exe” /c
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User ‘LOCAL SERVICE’)
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User ‘NETWORK SERVICE’)
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User ‘SYSTEM’)
O4 - HKUS\S-1-5-18\..\RunOnce: [FlashPlayerUpdate] C:\WINDOWS\system32\Macromed\Flash\FlashUtil10h_ActiveX.exe -update activex (User ‘SYSTEM’)
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User ‘Default user’)
O4 - HKUS\.DEFAULT\..\RunOnce: [FlashPlayerUpdate] C:\WINDOWS\system32\Macromed\Flash\FlashUtil10h_ActiveX.exe -update activex (User ‘Default user’)
O4 - Startup: Secunia PSI.lnk = C:\Program Files\Secunia\PSI\psi.exe
O8 - Extra context menu item: E&ksporter; til Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office10\EXCEL.EXE/3000
O8 - Extra context menu item: Google Sidewiki ... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_89D8574934B26AC4.dll/cmsidewiki.html
O9 - Extra button: FirstClass® - {02011FE3-C22B-451d-9A25-BF4DBB38B8E7} - C:\WINDOWS\Downloaded Program Files\fcplugin.dll
O9 - Extra button: PartyGammon.com - {59A861EE-32B3-42cd-8CCA-FC130EDF3A44} - C:\games\poker\PartyGaming\PartyGammon\RunBackGammon.exe (file missing)
O9 - Extra ‘Tools’ menuitem: PartyGammon.com - {59A861EE-32B3-42cd-8CCA-FC130EDF3A44} - C:\games\poker\PartyGaming\PartyGammon\RunBackGammon.exe (file missing)
O9 - Extra button: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\games\poker\PartyGaming\PartyPoker\RunApp.exe
O9 - Extra ‘Tools’ menuitem: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\games\poker\PartyGaming\PartyPoker\RunApp.exe
O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\BlueTooth-WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra ‘Tools’ menuitem: @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\BlueTooth-WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra ‘Tools’ menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O16 - DPF: {0067DBFC-A752-458C-AE6E-B9C7E63D4824} (Device Detection) - http://www.logitech.com/devicedetector/plugins/LogitechDeviceDetection32.cab
O16 - DPF: {029FDBA6-3547-11D7-AA4C-0050BF051A00} (Rawflow ICD Client) - http://downol.dr.dk/download/netradio/Rawflow.cab
O16 - DPF: {05CA9FB0-3E3E-4B36-BF41-0E3A5CAA8CD8} (Office Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=58813
O16 - DPF: {0835BC90-6ABC-4F52-A103-4FC3A61F2C33} (A18X Control) - http://www.albatross18.com/season2/cabs/A18X.ocx
O16 - DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} (Facebook Photo Uploader 5 Control) - http://upload.facebook.com/controls/2008.10.10_v5.5.8/FacebookPhotoUploader5.cab
O16 - DPF: {149E45D8-163E-4189-86FC-45022AB2B6C9} (SpinTop DRM Control) -
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {18C3FD15-74F6-4280-9C98-3590C966B7B8} (SkillGam Control) - http://www.worldwinner.com/games/v47/skillgam/skillgam.cab
O16 - DPF: {1E54D648-B804-468d-BC78-4AFFED8E262F} (System Requirements Lab) - http://www.nvidia.com/content/DriverDownload/srl/3.0.0.4/srl_bin/sysreqlab_nvd.cab
O16 - DPF: {2019DC25-D1C0-11D6-97B3-0008A124F542} (StreamPlug Class) - http://www.streamplug.com/StreamPlug/SP.cab
O16 - DPF: {215B8138-A3CF-44C5-803F-8226143CFC0A} (Trend Micro ActiveX Scan Agent 6.6) - http://housecall65.trendmicro.com/housecall/applet/html/native/x86/win32/activex/hcImpl.cab
O16 - DPF: {39B0684F-D7BF-4743-B050-FDC3F48F7E3B} - http://www.fileplanet.com/fpdlmgr/cabs/FPDC_2.3.7.109.cab
O16 - DPF: {4AB16005-E995-4A60-89DE-8B8A3E6EB5B0} (TrivialPursuit Control) - http://www.worldwinner.com/games/v56/trivialpursuit/trivialpursuit.cab
O16 - DPF: {4F29DE54-5EB7-4D76-B610-A86B5CD2A234} (GameTap Player) - http://archives.gametap.com/static/cab_headless/GameTapWebPlayer.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1179151264062
O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} (DivXBrowserPlugin Object) - http://go.divx.com/plugin/DivXBrowserPlugin.cab
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1181232373484
O16 - DPF: {784797A8-342D-4072-9486-03C8D0F2F0A1} (Battlefield Heroes Updater) - https://www.battlefieldheroes.com/static/updater/BFHUpdater_5.0.18.0.cab
O16 - DPF: {8A94C905-FF9D-43B6-8708-F0F22D22B1CB} (Wwlaunch Control) - http://www.worldwinner.com/games/shared/wwlaunch.cab
O16 - DPF: {8F6E7FB2-E56B-4F66-A4E1-9765D2565280} (WorldWinner ActiveX Launcher Control) - http://www.worldwinner.com/games/launcher/ie/v2.22.01.0/iewwload.cab
O16 - DPF: {95A311CD-EC8E-452A-BCEC-B844EB616D03} (BejeweledTwist Control) - http://www.worldwinner.com/games/v51/bejeweledtwist/bejeweledtwist.cab
O16 - DPF: {9C196458-4145-46AF-8A77-1506878DFECA} (FirstClass® Control) - ftp://ftp.sektornet.dk/sektornet/skolekom/fcplugin.cab
O16 - DPF: {B516CA4E-A5BA-405C-AFCF-A97F08CC7429} (GoBit Games Player) - http://aolsvc.aol.com/onlinegames/free-trial-burger-shop/GoBitGamesPlayer_v4.cab
O16 - DPF: {BB21F850-63F4-4EC9-BF9D-565BD30C9AE9} (a-squared Scanner) - http://ax.emsisoft.com/asquared.cab
O16 - DPF: {CC450D71-CC90-424C-8638-1F2DBAC87A54} (ArmHelper Control) -
O16 - DPF: {D8089245-3211-40F6-819B-9E5E92CD61A2} (FlashXControl Object) - https://signin9.valueactive.com/Register/Branding/olr3313/OCX/v1018/flashax.cab
O16 - DPF: {D821DC4A-0814-435E-9820-661C543A4679} (CRLDownloadWrapper Class) - http://drmlicense.one.microsoft.com/crlupdate/en/crlocx.ocx
O16 - DPF: {E87F6C8E-16C0-11D3-BEF7-009027438003} (Persits Software XUpload) - http://www.skolenvedsoerne.dk/Li/_includes/XUpload.ocx
O16 - DPF: {E8F628B5-259A-4734-97EE-BA914D7BE941} (Driver Agent ActiveX Control) - http://driveragent.com/files/driveragent.cab
O16 - DPF: {F6A56D95-A3A3-11D2-AC26-400000058481} (Danske e-Sec) - https://netbank.danskebank.dk/html/activex/danskesikker/DB/DanskeSikker.cab
O16 - DPF: {F7EDBBEA-1AD2-4EBF-AA07-D453CC29EE65} (Flash Casino Helper Object) - https://bellerock.microgaming.com/freeplay/FlashAX2.cab
O18 - Protocol: fcp - {B3133379-8789-4D3C-9593-C205D7297501} - C:\WINDOWS\Downloaded Program Files\fcplugin.dll
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\System32\browseui.dll
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\System32\browseui.dll
O23 - Service: Atheros Configuration Service (acs) - Atheros - C:\WINDOWS\system32\acs.exe
O23 - Service: Agere Modem Call Progress Audio (AgereModemAudio) - Agere Systems - C:\WINDOWS\system32\agrsmsvc.exe
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: avast! Mail Scanner - AVAST Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: avast! Web Scanner - AVAST Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\BlueTooth-WIDCOMM\Bluetooth Software\bin\btwdins.exe
O23 - Service: Intel(R) PROSet/Wireless Event Log (EvtEng) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
O23 - Service: Tjenesten Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: Logitech Bluetooth Service (LBTServ) - Logitech, Inc. - C:\Program Files\Common Files\LogiShrd\Bluetooth\lbtserv.exe
O23 - Service: nProtect GameGuard Service (npggsvc) - Unknown owner - C:\WINDOWS\system32\GameMon.des.exe (file missing)
O23 - Service: nTune Service (nTuneService) - NVIDIA - C:\Program Files\NVIDIA Corporation\nTune\nTuneService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Softex OmniPass Service (omniserv) - Softex Inc. - C:\Program Files\Softex\OmniPass\Omniserv.exe
O23 - Service: Intel(R) PROSet/Wireless Registry Service (RegSrvc) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
O23 - Service: Intel(R) PROSet/Wireless Service (S24EventMonitor) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
O23 - Service: ServiceLayer - Nokia - C:\Program Files\Nokia\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: Spyware Terminator Realtime Shield Service (sp_rssrv) - Crawler.com - C:\Program Files\Spyware Terminator\sp_rsser.exe
O23 - Service: TuneUp Program Statistics Service (TuneUp.ProgramStatisticsSvc) - TuneUp Software - C:\WINDOWS\System32\TUProgSt.exe


End of file - 14975 bytes

Administrator
Antal indlæg: 8531

Hent DDS.

Den laver to logs,(DDS.txt og Attach.txt) gem dem på skrivebordet og kopier indholdet af DDS.txt og Attach.txt herind.

OBS - DDS skal gemmes på computeren og ikke køres fra nettet

Mht.: Vista og Windows 7 - Højreklik på filen - Kør som Administrator.

Signatur

Undlad venligst at vedhæfte logs, medmindre du bliver bedt om det !

  GunnerG
Antal indlæg: 62

DDS (Ver_10-03-17.01) - NTFSx86
Run by Torbj›rn at 21:25:33,82 on 15-08-2010
Internet Explorer: 8.0.6001.18702
Microsoft Windows XP Professional 5.1.2600.3.1252.45.1033.18.1022.482 [GMT 2:00]

AV: avast! Antivirus *On-access scanning disabled* (Updated)  {7591DB91-41F0-48A3-B128-1A293FD8233D}

============== Running Processes ===============

svchost.exe 4
C:\WINDOWS\system32\svchost -k DcomLaunch
svchost.exe
svchost.exe 4
C:\WINDOWS\System32\svchost.exe -k netsvcs
C:\WINDOWS\system32\svchost.exe -k WudfServiceGroup
C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
svchost.exe
svchost.exe
C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\acs.exe
C:\WINDOWS\system32\agrsmsvc.exe
C:\Program Files\BlueTooth-WIDCOMM\Bluetooth Software\bin\btwdins.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Google\Update\GoogleUpdate.exe
C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe
C:\Program Files\NVIDIA Corporation\nTune\nTuneService.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\Softex\OmniPass\Omniserv.exe
C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
C:\Program Files\Spyware Terminator\sp_rsser.exe
C:\WINDOWS\System32\svchost.exe -k imgsvc
C:\WINDOWS\System32\TUProgSt.exe
C:\Program Files\Softex\OmniPass\OPXPApp.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\taskmgr.exe
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe
C:\Program Files\Microsoft IntelliPoint\ipoint.exe
C:\Program Files\Intel\Wireless\Bin\EOUWiz.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\Logitech\SetPointP\SetPoint.exe
C:\PROGRA~1\ALWILS~1\Avast5\avastUI.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Documents and Settings\Torbjørn\Local Settings\Application Data\Google\Update\GoogleUpdate.exe
C:\Program Files\Common Files\LogiShrd\KHAL3\KHALMNPR.EXE
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\WINDOWS\system32\dwwin.exe
C:\Documents and Settings\Torbjørn\Desktop\dds.scr

============== Pseudo HJT Report ===============

uStart Page = hxxp://www.google.dk/
uSearch Page = hxxp://www.google.com
uSearch Bar = hxxp://www.google.com/ie
uSearchMigratedDefaultURL = hxxp://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8
uSearchAssistant = hxxp://www.google.com/ie
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
mSearchAssistant = hxxp://www.google.com/ie
mWinlogon: UIHost=%SystemRoot%\system32\logonui.exe
BHO: Adobe PDF Reader Link Helper: {06849e9f-c8d7-4d59-b87d-784b7d6be0b3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelper.dll
BHO: {5C255C8A-E604-49b4-9D64-90988571CECB} - No File
BHO: Windows Live Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll
BHO: Google Toolbar Helper: {aa58ed58-01dd-4d91-8333-cf10577473f7} - c:\program files\google\google toolbar\GoogleToolbar_32.dll
BHO: Google Toolbar Notifier BHO: {af69de43-7d58-4638-b6fa-ce66b5ad205d} - c:\program files\google\googletoolbarnotifier\5.5.5126.1836\swg.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll
BHO: JQSIEStartDetectorImpl Class: {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - c:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
TB: Google Toolbar: {2318c2b1-4965-11d4-9b18-009027a5cd4f} - c:\program files\google\google toolbar\GoogleToolbar_32.dll
TB: {31CF9EBE-5755-4A1D-AC25-2834D952D9B4} - No File
TB: {472734EA-242A-422B-ADF8-83D1E48CC825} - No File
EB: {32683183-48a0-441b-a342-7c2a440a9478} - No File
uRun: [CTFMON.EXE] c:\windows\system32\ctfmon.exe
uRun: [NVIDIA nTune] “c:\program files\nvidia corporation\ntune\nTuneCmd.exe” clear
uRun: [swg] “c:\program files\google\googletoolbarnotifier\GoogleToolbarNotifier.exe”
uRun: [Google Update] “c:\documents and settings\torbjørn\local settings\application data\google\update\GoogleUpdate.exe” /c
mRun: [nwiz] nwiz.exe /install
mRun: [NvCplDaemon] RUNDLL32.EXE c:\windows\system32\NvCpl.dll,NvStartup
mRun: [KTPWare] c:\program files\elantech\ktp.exe
mRun: [IntelWireless] “c:\program files\intel\wireless\bin\ifrmewrk.exe” /tf Intel PROSet/Wireless
mRun: [IntelliPoint] “c:\program files\microsoft intellipoint\ipoint.exe”
mRun: [EOUApp] “c:\program files\intel\wireless\bin\EOUWiz.exe”
mRun: [NvMediaCenter] RUNDLL32.EXE c:\windows\system32\NvMcTray.dll,NvTaskbarInit
mRun: [RTHDCPL] RTHDCPL.EXE
mRun: [Alcmtr] ALCMTR.EXE
mRun: [Adobe Reader Speed Launcher] “c:\program files\adobe\reader 8.0\reader\Reader_sl.exe”
mRun: [Adobe ARM] “c:\program files\common files\adobe\arm\1.0\AdobeARM.exe”
mRun: [EvtMgr6] c:\program files\logitech\setpointp\SetPoint.exe /launchGaming
mRun: [avast5] c:\progra~1\alwils~1\avast5\avastUI.exe /nogui
dRun: [CTFMON.EXE] c:\windows\system32\CTFMON.EXE
dRunOnce: [FlashPlayerUpdate] c:\windows\system32\macromed\flash\FlashUtil10h_ActiveX.exe -update activex
StartupFolder: c:\docume~1\torbjr~1\startm~1\programs\startup\secuni~1.lnk - c:\program files\secunia\psi\psi.exe
uPolicies-explorer: NoSMHelp = 01000000
uPolicies-explorer: NoLogoff = 01000000
uPolicies-explorer: NoSMMyDocs = 01000000
uPolicies-explorer: NoSMMyPictures = 01000000
IE: E&ksporter; til Microsoft Excel - c:\progra~1\micros~3\office10\EXCEL.EXE/3000
IE: Google Sidewiki ... - c:\program files\google\google toolbar\component\GoogleToolbarDynamic_mui_en_89D8574934B26AC4.dll/cmsidewiki.html
IE: {59A861EE-32B3-42cd-8CCA-FC130EDF3A44} - c:\games\poker\partygaming\partygammon\RunBackGammon.exe
IE: {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - c:\games\poker\partygaming\partypoker\RunApp.exe
IE: {CCA281CA-C863-46ef-9331-5C8D4460577F} - c:\program files\bluetooth-widcomm\bluetooth software\btsendto_ie.htm
IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
IE: {02011FE3-C22B-451d-9A25-BF4DBB38B8E7} - {2A947D7C-8B9F-457d-95B6-5D76CC1B7804} - c:\windows\downloaded program files\fcplugin.dll
Trusted Zone: mousebreaker.com\www
DPF: {0067DBFC-A752-458C-AE6E-B9C7E63D4824} - hxxp://www.logitech.com/devicedetector/plugins/LogitechDeviceDetection32.cab
DPF: {029FDBA6-3547-11D7-AA4C-0050BF051A00} - hxxp://downol.dr.dk/download/netradio/Rawflow.cab
DPF: {02BCC737-B171-4746-94C9-0D8A0B2C0089} - hxxp://office.microsoft.com/templates/ieawsdc.cab
DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} - hxxp://www.apple.com/qtactivex/qtplugin.cab
DPF: {05CA9FB0-3E3E-4B36-BF41-0E3A5CAA8CD8} - hxxp://go.microsoft.com/fwlink/?linkid=58813
DPF: {0835BC90-6ABC-4F52-A103-4FC3A61F2C33} - hxxp://www.albatross18.com/season2/cabs/A18X.ocx
DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} - hxxp://upload.facebook.com/controls/2008.10.10_v5.5.8/FacebookPhotoUploader5.cab
DPF: {149E45D8-163E-4189-86FC-45022AB2B6C9}
DPF: {166B1BCA-3F9C-11CF-8075-444553540000} - hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab
DPF: {17492023-C23A-453E-A040-C7C580BBF700} - hxxp://go.microsoft.com/fwlink/?linkid=39204
DPF: {18C3FD15-74F6-4280-9C98-3590C966B7B8} - hxxp://www.worldwinner.com/games/v47/skillgam/skillgam.cab
DPF: {1E54D648-B804-468d-BC78-4AFFED8E262F} - hxxp://www.nvidia.com/content/DriverDownload/srl/3.0.0.4/srl_bin/sysreqlab_nvd.cab
DPF: {2019DC25-D1C0-11D6-97B3-0008A124F542} - hxxp://www.streamplug.com/StreamPlug/SP.cab
DPF: {215B8138-A3CF-44C5-803F-8226143CFC0A} - hxxp://housecall65.trendmicro.com/housecall/applet/html/native/x86/win32/activex/hcImpl.cab
DPF: {233C1507-6A77-46A4-9443-F871F945D258} - hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab
DPF: {39B0684F-D7BF-4743-B050-FDC3F48F7E3B} - hxxp://www.fileplanet.com/fpdlmgr/cabs/FPDC_2.3.7.109.cab
DPF: {4AB16005-E995-4A60-89DE-8B8A3E6EB5B0} - hxxp://www.worldwinner.com/games/v56/trivialpursuit/trivialpursuit.cab
DPF: {4F29DE54-5EB7-4D76-B610-A86B5CD2A234} - hxxp://archives.gametap.com/static/cab_headless/GameTapWebPlayer.cab
DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} - hxxp://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1179151264062
DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} - hxxp://go.divx.com/plugin/DivXBrowserPlugin.cab
DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} - hxxp://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1181232373484
DPF: {784797A8-342D-4072-9486-03C8D0F2F0A1} - hxxps://www.battlefieldheroes.com/static/updater/BFHUpdater_5.0.18.0.cab
DPF: {8A94C905-FF9D-43B6-8708-F0F22D22B1CB} - hxxp://www.worldwinner.com/games/shared/wwlaunch.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab
DPF: {8F6E7FB2-E56B-4F66-A4E1-9765D2565280} - hxxp://www.worldwinner.com/games/launcher/ie/v2.22.01.0/iewwload.cab
DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} - hxxp://fpdownload.macromedia.com/get/flashplayer/current/polarbear/ultrashim.cab
DPF: {95A311CD-EC8E-452A-BCEC-B844EB616D03} - hxxp://www.worldwinner.com/games/v51/bejeweledtwist/bejeweledtwist.cab
DPF: {9C196458-4145-46AF-8A77-1506878DFECA} - ftp://ftp.sektornet.dk/sektornet/skolekom/fcplugin.cab
DPF: {B516CA4E-A5BA-405C-AFCF-A97F08CC7429} - hxxp://aolsvc.aol.com/onlinegames/free-trial-burger-shop/GoBitGamesPlayer_v4.cab
DPF: {BB21F850-63F4-4EC9-BF9D-565BD30C9AE9} - hxxp://ax.emsisoft.com/asquared.cab
DPF: {CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab
DPF: {CC450D71-CC90-424C-8638-1F2DBAC87A54}
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload.macromedia.com/pub/shockwave/cabs/flash/swflash.cab
DPF: {D8089245-3211-40F6-819B-9E5E92CD61A2} - hxxps://signin9.valueactive.com/Register/Branding/olr3313/OCX/v1018/flashax.cab
DPF: {D821DC4A-0814-435E-9820-661C543A4679} - hxxp://drmlicense.one.microsoft.com/crlupdate/en/crlocx.ocx
DPF: {E87F6C8E-16C0-11D3-BEF7-009027438003} - hxxp://www.skolenvedsoerne.dk/Li/_includes/XUpload.ocx
DPF: {E8F628B5-259A-4734-97EE-BA914D7BE941} - hxxp://driveragent.com/files/driveragent.cab
DPF: {F6A56D95-A3A3-11D2-AC26-400000058481} - hxxps://netbank.danskebank.dk/html/activex/danskesikker/DB/DanskeSikker.cab
DPF: {F7EDBBEA-1AD2-4EBF-AA07-D453CC29EE65} - hxxps://bellerock.microgaming.com/freeplay/FlashAX2.cab
Handler: fcp - {B3133379-8789-4d3c-9593-C205D7297501} - c:\windows\downloaded program files\fcplugin.dll
Notify: LBTWlgn - c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll
Notify: OPXPGina - c:\program files\softex\omnipass\opxpgina.dll
SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll
mASetup: {8D8BB7AA-34B8-4058-85C7-5F750A62BE2D} - c:\windows\system32\msiexec.exe /fup {8D8BB7AA-34B8-4058-85C7-5F750A62BE2D} /q

============= SERVICES / DRIVERS ===============

R1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [2010-8-8 165456]
R1 CPEb;CPEB;c:\windows\system32\drivers\CPEb.sys [2006-2-23 8192]
R1 sp_rsdrv2;Spyware Terminator Driver 2;c:\windows\system32\drivers\sp_rsdrv2.sys [2010-8-9 142592]
R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [2010-8-8 17744]
R2 avast! Antivirus;avast! Antivirus;c:\program files\alwil software\avast5\AvastSvc.exe [2010-8-8 40384]
R3 avast! Mail Scanner;avast! Mail Scanner;c:\program files\alwil software\avast5\AvastSvc.exe [2010-8-8 40384]
R3 avast! Web Scanner;avast! Web Scanner;c:\program files\alwil software\avast5\AvastSvc.exe [2010-8-8 40384]
R3 IFXTPM;IFXTPM;c:\windows\system32\drivers\ifxtpm.sys [2007-5-14 36352]
R3 PSI;PSI;c:\windows\system32\drivers\psi_mf.sys [2010-7-7 14904]
S0 Lbd;Lbd;c:\windows\system32\drivers\lbd.sys—> c:\windows\system32\drivers\Lbd.sys [?]
S2 gupdate;Tjenesten Google Update (gupdate);c:\program files\google\update\GoogleUpdate.exe [2010-8-2 135664]
S3 CamFilter;CamFilter;c:\windows\system32\drivers\CamFilter.sys [2007-5-14 16640]
S3 Mkd2kfNt;Mkd2kfNt;c:\windows\system32\drivers\Mkd2kfNT.sys [2010-1-2 131072]
S3 Mkd2Nadr;Mkd2Nadr;c:\windows\system32\drivers\Mkd2Nadr.sys [2010-1-2 79104]
S3 nmwcdnsu;Nokia USB Flashing Phone Parent;c:\windows\system32\drivers\nmwcdnsu.sys [2009-10-4 136704]
S3 nmwcdnsuc;Nokia USB Flashing Generic;c:\windows\system32\drivers\nmwcdnsuc.sys [2009-10-4 8320]
S3 npggsvc;nProtect GameGuard Service;c:\windows\system32\gamemon.des -service—> c:\windows\system32\GameMon.des -service [?]
S3 USBAAPL;Apple Mobile USB Driver;c:\windows\system32\drivers\usbaapl.sys [2008-1-22 30464]
S3 WPRO_40_1340;WinPcap Packet Driver (WPRO_40_1340);c:\windows\system32\drivers\wpro_40_1340.sys—> c:\windows\system32\drivers\WPRO_40_1340.sys [?]
S3 XDva281;XDva281;\??\c:\windows\system32\xdva281.sys—> c:\windows\system32\XDva281.sys [?]
S4 Boonty Games;Boonty Games;c:\program files\common files\boonty shared\service\Boonty.exe [2010-1-3 69120]

=============== Created Last 30 ================

2010-08-15 18:18:29   0   d——-w-  c:\program files\hijack
2010-08-15 17:00:30   0   d——-w-  c:\docume~1\torbjr~1\applic~1\Malwarebytes
2010-08-15 17:00:16   38224   ——a-w-  c:\windows\system32\drivers\mbamswissarmy.sys
2010-08-15 17:00:15   0   d——-w-  c:\docume~1\alluse~1\applic~1\Malwarebytes
2010-08-15 17:00:14   20952   ——a-w-  c:\windows\system32\drivers\mbam.sys
2010-08-15 17:00:14   0   d——-w-  c:\program files\Malwarebytes’ Anti-Malware
2010-08-15 16:44:01   0   d——-w-  c:\program files\Secunia
2010-08-14 10:40:53   0   d-sh—w-  c:\documents and settings\torbjørn\PrivacIE
2010-08-09 13:58:05   142592   ——a-w-  c:\windows\system32\drivers\sp_rsdrv2.sys
2010-08-09 13:58:01   0   d——-w-  c:\docume~1\torbjr~1\applic~1\Spyware Terminator
2010-08-09 13:57:47   0   d——-w-  c:\docume~1\alluse~1\applic~1\Spyware Terminator
2010-08-09 13:57:45   0   d——-w-  c:\program files\Spyware Terminator
2010-08-08 10:37:42   28880   ——a-w-  c:\windows\system32\drivers\aavmker4.sys
2010-08-08 10:37:09   38848   ——a-w-  c:\windows\avastSS.scr
2010-08-08 10:36:52   0   d——-w-  c:\docume~1\alluse~1\applic~1\Alwil Software
2010-07-30 03:30:49   0   d——-w-  c:\docume~1\alluse~1\applic~1\Youdagames
2010-07-27 20:22:15   0   d——-w-  c:\program files\AWS
2010-07-27 20:22:07   0   d——-w-  c:\program files\GameSpy Arcade

==================== Find3M ====================

2010-08-15 17:49:27   10747904   ——a-w-  c:\documents and settings\torbjørn\ntuser.dat
2010-07-07 14:05:32   14904   ——a-w-  c:\windows\system32\drivers\psi_mf.sys
2010-06-30 20:07:22   292208   ——a-w-  c:\windows\system32\YSys.dll
2010-06-30 12:31:35   149504   ——a-w-  c:\windows\system32\schannel.dll
2010-06-24 12:22:03   916480   ——a-w-  c:\windows\system32\wininet.dll
2010-06-23 13:44:04   1851904   ——a-w-  c:\windows\system32\win32k.sys
2010-06-21 15:27:11   354304   ——a-w-  c:\windows\system32\drivers\srv.sys
2010-06-17 14:03:00   80384   ——a-w-  c:\windows\system32\iccvid.dll
2010-06-14 07:41:45   1172480   ——a-w-  c:\windows\system32\msxml3.dll
2010-06-06 12:18:13   138056   ——a-w-  c:\docume~1\torbjr~1\applic~1\PnkBstrK.sys
2008-03-27 15:28:45   14290   ——a-w-  c:\program files\settings.dat
2008-03-24 23:31:36   0   ——a-w-  c:\program files\temp01
2008-07-18 20:18:36   80   —sh—r-  c:\windows\system32\3FB25DEACE.dll

============= FINISH: 21:26:31,56 ===============

 

 

 

 

OG Attach


UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT

DDS (Ver_10-03-17.01)

Microsoft Windows XP Professional
Boot Device: \Device\HarddiskVolume1
Install Date: 14-05-2007 14:01:51
System Uptime: 15-08-2010 20:10:53 (1 hours ago)

Motherboard: COMPAL |  | HEL8X
Processor: Intel(R) Celeron(R) M CPU     430 @ 1.73GHz | U2E1 | 1728/mhz

==== Disk Partitions =========================

C: is FIXED (NTFS) - 112 GiB total, 46,124 GiB free.
D: is CDROM ()
E: is CDROM ()

==== Disabled Device Manager Items =============

==== System Restore Points ===================

RP1045: 10-08-2010 17:37:27 - Fjernede Apple Software Update
RP1046: 10-08-2010 17:40:10 - Fjernede iTunes
RP1047: 10-08-2010 17:42:22 - Fjernede MobileMe Control Panel
RP1048: 10-08-2010 17:43:21 - Removed SUPERAntiSpyware Free Edition
RP1049: 10-08-2010 17:43:47 - Removed System Requirements Lab
RP1050: 10-08-2010 17:44:24 - Removed System Requirements Lab
RP1051: 10-08-2010 17:45:07 - Removed Youda Survivor - Survey Version
RP1052: 12-08-2010 16:55:56 - Software Distribution Service 3.0
RP1053: 12-08-2010 17:18:12 - Software Distribution Service 3.0
RP1054: 14-08-2010 09:59:55 - Software Distribution Service 3.0
RP1055: 14-08-2010 19:12:07 - Software Distribution Service 3.0
RP1056: 15-08-2010 09:47:28 - Software Distribution Service 3.0
RP1057: 15-08-2010 18:07:57 - Software Distribution Service 3.0
RP1058: 15-08-2010 20:18:28 - Installed HiJackThis

==== Installed Programs ======================


Adobe AIR
Adobe Digital Editions
Adobe Flash Player 10 ActiveX
Adobe Flash Player 10 Plugin
Adobe Reader 8.2.3
Adobe Shockwave Player 11.5
Adobe SVG Viewer 3.0
Agere Systems HDA Modem
avast! Free Antivirus
Battlefield Heroes
Bejeweled 2 Deluxe 1.0
Caplio Software
Compatibility Pack for the 2007 Office system
Critical Update for Windows Media Player 11 (KB959772)
dBpoweramp m4a Codec
dBpoweramp Music Converter
DivX Converter
DivX Setup
erLT
Facebook Plug-In
Fingerprint Sensor Minimum Install
FLV Player 1.3.3
Full Tilt Poker
GameSpy Arcade
GameTap Web Player
Google Chrome
Google Toolbar for Internet Explorer
Google Update Helper
Grand Theft Auto
Green Valley Fun on the Farm
Hamachi 1.0.2.5
Heroes of Might and Magic V
HiJackThis
Hotfix for Microsoft .NET Framework 3.0 (KB932471)
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)
Hotfix for Windows Media Format 11 SDK (KB929399)
Hotfix for Windows Media Format SDK (KB902344)
Hotfix for Windows Media Player 11 (KB939683)
Hotfix for Windows XP (KB915800-v4)
Hotfix for Windows XP (KB952287)
Hotfix for Windows XP (KB954550-v5)
Hotfix for Windows XP (KB961118)
Hotfix for Windows XP (KB970653-v3)
Hotfix for Windows XP (KB976002-v5)
Hotfix for Windows XP (KB976098-v2)
Hotfix for Windows XP (KB979306)
Hotfix for Windows XP (KB981793)
Indeo® software
Inst5657
Integrated Camera
Intel(R) PROSet/Wireless Software
Irodio Photo & Video Studio
Java(TM) 6 Update 17
Kabobo
Kings Bounty Armored Princess
KTP Ware PS/2-WDM 5.0.3.6
LaserJet 1020 series
LifeView MVP
Logitech SetPoint 6.0
Magic Online III
Malwarebytes’ Anti-Malware
MathType 5
mCore
mDriver
mDrWiFi
mEoU
Mermaid Poker
mHelp
Microsoft .NET Framework 1.1
Microsoft .NET Framework 1.1 Security Update (KB979906)
Microsoft .NET Framework 2.0 Service Pack 2
Microsoft .NET Framework 3.0 Service Pack 2
Microsoft .NET Framework 3.5 SP1
Microsoft Application Compatibility Toolkit 5.0
Microsoft Application Error Reporting
Microsoft Base Smart Card Cryptographic Service Provider Package
Microsoft Bootvis
Microsoft Choice Guard
Microsoft Compression Client Pack 1.0 for Windows XP
Microsoft Connection Manager
Microsoft Internationalized Domain Names Mitigation APIs
Microsoft Kernel-Mode Driver Framework Feature Pack 1.5
Microsoft Kernel-Mode Driver Framework Feature Pack 1.7
Microsoft National Language Support Downlevel APIs
Microsoft Office Excel Viewer 2003
Microsoft Office XP Professional
Microsoft Silverlight
Microsoft User-Mode Driver Framework Feature Pack 1.7
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
MiniRacingOnline
mIWA
mLogView
mMHouse
Monopoly Tycoon v1.4 Patch
mPfMgr
mPfWiz
mProSafe
MSVC80_x86
MSVCRT
MSXML 4.0 SP2 (KB927978)
MSXML 4.0 SP2 (KB936181)
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
MSXML 6 Service Pack 2 (KB954459)
Multimedia Designer Addon
mWlsSafe
mXML
mZConfig
Nokia Connectivity Cable Driver
Nokia Ovi Player
Nokia PC Suite
Nokia Software Updater
Nokia_Multimedia_Common_Components_2_5
NordicBet Poker
NVIDIA Drivers
NVIDIA nTune
NVIDIA PhysX
OmniPass 4.00.32
OpenAL
Pando Media Booster
ParadisePoker
PartyGammon
PartyPoker
PC Connectivity Solution
Peggle Nights Deluxe
Picture Resize Genius 2.7.3
PokerStars
Puzzle Quest - Challenge of the Warlords
QuickTime
REALTEK GbE & FE Ethernet PCI-E NIC Driver
Realtek High Definition Audio Driver
Scandic Bookmakers Poker
ScummVM 0.10.0
Secunia PSI
Security Update for Windows Internet Explorer 7 (KB938127-v2)
Security Update for Windows Internet Explorer 7 (KB956390)
Security Update for Windows Internet Explorer 7 (KB958215)
Security Update for Windows Internet Explorer 7 (KB960714)
Security Update for Windows Internet Explorer 7 (KB961260)
Security Update for Windows Internet Explorer 7 (KB963027)
Security Update for Windows Internet Explorer 7 (KB969897)
Security Update for Windows Internet Explorer 7 (KB972260)
Security Update for Windows Internet Explorer 8 (KB2183461)
Security Update for Windows Internet Explorer 8 (KB971961)
Security Update for Windows Internet Explorer 8 (KB972260)
Security Update for Windows Internet Explorer 8 (KB974455)
Security Update for Windows Internet Explorer 8 (KB976325)
Security Update for Windows Internet Explorer 8 (KB978207)
Security Update for Windows Internet Explorer 8 (KB981332)
Security Update for Windows Internet Explorer 8 (KB982381)
Security Update for Windows Media Player (KB911564)
Security Update for Windows Media Player (KB952069)
Security Update for Windows Media Player (KB954155)
Security Update for Windows Media Player (KB968816)
Security Update for Windows Media Player (KB973540)
Security Update for Windows Media Player (KB978695)
Security Update for Windows Media Player 11 (KB936782)
Security Update for Windows Media Player 11 (KB954154)
Security Update for Windows Media Player 8 (KB917734)
Security Update for Windows Media Player 9 (KB917734)
Security Update for Windows XP (KB2079403)
Security Update for Windows XP (KB2115168)
Security Update for Windows XP (KB2160329)
Security Update for Windows XP (KB2229593)
Security Update for Windows XP (KB2286198)
Security Update for Windows XP (KB923561)
Security Update for Windows XP (KB923789)
Security Update for Windows XP (KB938464-v2)
Security Update for Windows XP (KB938464)
Security Update for Windows XP (KB941569)
Security Update for Windows XP (KB946648)
Security Update for Windows XP (KB950759)
Security Update for Windows XP (KB950760)
Security Update for Windows XP (KB950762)
Security Update for Windows XP (KB950974)
Security Update for Windows XP (KB951066)
Security Update for Windows XP (KB951376-v2)
Security Update for Windows XP (KB951376)
Security Update for Windows XP (KB951698)
Security Update for Windows XP (KB951748)
Security Update for Windows XP (KB952004)
Security Update for Windows XP (KB952954)
Security Update for Windows XP (KB953838)
Security Update for Windows XP (KB953839)
Security Update for Windows XP (KB954211)
Security Update for Windows XP (KB954459)
Security Update for Windows XP (KB954600)
Security Update for Windows XP (KB955069)
Security Update for Windows XP (KB956390)
Security Update for Windows XP (KB956391)
Security Update for Windows XP (KB956572)
Security Update for Windows XP (KB956744)
Security Update for Windows XP (KB956802)
Security Update for Windows XP (KB956803)
Security Update for Windows XP (KB956841)
Security Update for Windows XP (KB956844)
Security Update for Windows XP (KB957095)
Security Update for Windows XP (KB957097)
Security Update for Windows XP (KB958215)
Security Update for Windows XP (KB958644)
Security Update for Windows XP (KB958687)
Security Update for Windows XP (KB958690)
Security Update for Windows XP (KB958869)
Security Update for Windows XP (KB959426)
Security Update for Windows XP (KB960225)
Security Update for Windows XP (KB960714)
Security Update for Windows XP (KB960715)
Security Update for Windows XP (KB960803)
Security Update for Windows XP (KB960859)
Security Update for Windows XP (KB961371)
Security Update for Windows XP (KB961373)
Security Update for Windows XP (KB961501)
Security Update for Windows XP (KB968537)
Security Update for Windows XP (KB969059)
Security Update for Windows XP (KB969898)
Security Update for Windows XP (KB969947)
Security Update for Windows XP (KB970238)
Security Update for Windows XP (KB970430)
Security Update for Windows XP (KB971468)
Security Update for Windows XP (KB971486)
Security Update for Windows XP (KB971557)
Security Update for Windows XP (KB971633)
Security Update for Windows XP (KB971657)
Security Update for Windows XP (KB971961)
Security Update for Windows XP (KB972270)
Security Update for Windows XP (KB973346)
Security Update for Windows XP (KB973354)
Security Update for Windows XP (KB973507)
Security Update for Windows XP (KB973525)
Security Update for Windows XP (KB973869)
Security Update for Windows XP (KB973904)
Security Update for Windows XP (KB974112)
Security Update for Windows XP (KB974318)
Security Update for Windows XP (KB974392)
Security Update for Windows XP (KB974571)
Security Update for Windows XP (KB975025)
Security Update for Windows XP (KB975467)
Security Update for Windows XP (KB975560)
Security Update for Windows XP (KB975561)
Security Update for Windows XP (KB975562)
Security Update for Windows XP (KB975713)
Security Update for Windows XP (KB977165)
Security Update for Windows XP (KB977816)
Security Update for Windows XP (KB977914)
Security Update for Windows XP (KB978037)
Security Update for Windows XP (KB978251)
Security Update for Windows XP (KB978262)
Security Update for Windows XP (KB978338)
Security Update for Windows XP (KB978542)
Security Update for Windows XP (KB978601)
Security Update for Windows XP (KB978706)
Security Update for Windows XP (KB979309)
Security Update for Windows XP (KB979482)
Security Update for Windows XP (KB979559)
Security Update for Windows XP (KB979683)
Security Update for Windows XP (KB980195)
Security Update for Windows XP (KB980218)
Security Update for Windows XP (KB980232)
Security Update for Windows XP (KB980436)
Security Update for Windows XP (KB981852)
Security Update for Windows XP (KB981997)
Security Update for Windows XP (KB982214)
Security Update for Windows XP (KB982665)
Segoe UI
Sid Meier’s Civilization 4
Sid Meier’s Civilization 4 - Beyond the Sword
Sidewalker
SkoleKom FirstClass Client 8.204
Smart Watchdog
Spelling Dictionaries Support For Adobe Reader 8
Spyware Terminator
SSIII Solo Ultratus 1.1
TetrisZone
ThinkPad 11a/b/g/n Wireless LAN Mini-PCI Express Adapter
Timershot Powertoy for Windows XP
TmNationsForever Update 2010-03-15
Torchlight
Trillian
TuneUp Utilities 2009
Tweakui Powertoy for Windows XP
Unibet Poker
Unity Web Player
Update for Microsoft .NET Framework 3.5 SP1 (KB963707)
Update for Microsoft Windows (KB971513)
Update for Windows Internet Explorer 8 (KB973874)
Update for Windows Internet Explorer 8 (KB976662)
Update for Windows Internet Explorer 8 (KB976749)
Update for Windows Internet Explorer 8 (KB980182)
Update for Windows Internet Explorer 8 (KB980302)
Update for Windows Internet Explorer 8 (KB982632)
Update for Windows Internet Explorer 8 (KB982664)
Update for Windows XP (KB951072-v2)
Update for Windows XP (KB951978)
Update for Windows XP (KB955759)
Update for Windows XP (KB955839)
Update for Windows XP (KB961503)
Update for Windows XP (KB967715)
Update for Windows XP (KB968389)
Update for Windows XP (KB971737)
Update for Windows XP (KB973687)
Update for Windows XP (KB973815)
VC80CRTRedist - 8.0.50727.4053
Veoh Web Player
Visual C++ 2008 x86 Runtime - (v9.0.30729)
Visual C++ 2008 x86 Runtime - v9.0.30729.01
WebFldrs XP
WIDCOMM Bluetooth Software
Windows Driver Package - Nokia Modem (03/05/2008 3.7)
Windows Driver Package - Nokia Modem (03/13/2008 6.86.0.1)
Windows Driver Package - Nokia Modem (05/22/2008 3.8)
Windows Driver Package - Nokia Modem (05/22/2008 7.00.0.1)
Windows Driver Package - Nokia Modem (06/01/2009 4.1)
Windows Driver Package - Nokia Modem (06/01/2009 7.01.0.3)
Windows Driver Package - Nokia pccsmcfd (08/22/2008 7.0.0.0)
Windows Imaging Component
Windows Internet Explorer 8
Windows Live Call
Windows Live Communications Platform
Windows Live Essentials
Windows Live Messenger
Windows Live Sign-in Assistant
Windows Live Upload Tool
Windows Media Format 11 runtime
Windows Media Format SDK Hotfix - KB891122
Windows Media Player 11
Windows Presentation Foundation
Windows XP Service Pack 3
WinRAR archiver
WinSCP 4.0.2 beta
Wireless Select Switch
WowAceUpdater
XML Paper Specification Shared Components Pack 1.0
Yummy Games

==== Event Viewer Messages From Past Week ========

15-08-2010 20:15:36, error: System Error [1003]  - Error code 1000000a, parameter1 b8417ab8, parameter2 00000002, parameter3 00000000, parameter4 804e60bc.
15-08-2010 20:06:44, error: System Error [1003]  - Error code 00000006, parameter1 00000000, parameter2 00000000, parameter3 00000000, parameter4 00000000.
15-08-2010 18:15:03, error: MRxSmb [8003]  - The master browser has received a server announcement from the computer LLCOOLJAY that believes that it is the master browser for the domain on transport NetBT_Tcpip_{8D26E026-D585-4516. The master browser is stopping or an election is being forced.
14-08-2010 18:53:26, error: Service Control Manager [7034]  - The Intel(R) PROSet/Wireless Event Log service terminated unexpectedly.  It has done this 1 time(s).
14-08-2010 12:39:55, error: System Error [1003]  - Error code 0000000a, parameter1 b7ebdaac, parameter2 00000002, parameter3 00000001, parameter4 804fd047.
14-08-2010 10:21:42, error: System Error [1003]  - Error code 0000000a, parameter1 b6d44aa8, parameter2 00000002, parameter3 00000001, parameter4 804fd04a.
12-08-2010 16:56:13, error: Windows Update Agent [20]  - Installation Failure: Windows failed to install the following update with error 0x80070643: Office Genuine Advantage Notifications (KB949810).
12-08-2010 16:37:06, error: System Error [1003]  - Error code 1000000a, parameter1 b83b0aa8, parameter2 00000002, parameter3 00000001, parameter4 804fd02a.
12-08-2010 06:42:34, error: Service Control Manager [7009]  - Timeout (30000 milliseconds) waiting for the IMAPI CD-Burning COM Service service to connect.
12-08-2010 06:42:34, error: Service Control Manager [7000]  - The IMAPI CD-Burning COM Service service failed to start due to the following error:  The service did not respond to the start or control request in a timely fashion.
11-08-2010 07:13:35, error: System Error [1003]  - Error code 1000008e, parameter1 c0000005, parameter2 312f3030, parameter3 b68a1c8c, parameter4 00000000.
11-08-2010 07:03:57, error: System Error [1003]  - Error code 1000000a, parameter1 b86cfaac, parameter2 00000002, parameter3 00000001, parameter4 804fd027.
11-08-2010 06:51:05, error: Service Control Manager [7026]  - The following boot-start or system-start driver(s) failed to load:  Lbd
11-08-2010 06:50:36, error: DCOM [10005]  - DCOM got error “58” attempting to start the service upnphost with arguments “” in order to run the server: {204810B9-73B2-11D4-BF42-00B0D0118B56}
10-08-2010 18:54:29, error: System Error [1003]  - Error code 1000000a, parameter1 b718faa8, parameter2 00000002, parameter3 00000001, parameter4 804fd02a.
10-08-2010 18:50:20, error: ACPIEC [1]  - \Device\ACPIEC: The embedded controller (EC) hardware didn’t respond within the timeout period.  This may indicate an error in the EC hardware or firmware, or possibly a poorly designed BIOS which accesses the EC in an unsafe manner.  The EC driver will retry the failed transaction if possible.
09-08-2010 17:16:32, error: System Error [1003]  - Error code 1000008e, parameter1 c0000005, parameter2 00000000, parameter3 b6f29c8c, parameter4 00000000.
08-08-2010 20:00:50, error: Dhcp [1002]  - The IP address lease 192.168.1.2 for the Network Card with network address 0015AF24B445 has been denied by the DHCP server 192.168.1.1 (The DHCP Server sent a DHCPNACK message).
08-08-2010 11:37:47, error: System Error [1003]  - Error code 1000000a, parameter1 b87f7aa8, parameter2 00000002, parameter3 00000001, parameter4 804fd02a.

==== End Of File ===========================

Administrator
Antal indlæg: 8531

Jwg vil råde til at du får lavet et god “backup” inden vi fortsætter.
Dit system er ret ustabilt

Signatur

Undlad venligst at vedhæfte logs, medmindre du bliver bedt om det !

  GunnerG
Antal indlæg: 62

Ok - har ellers truet den med at den bliver solgt til en pige, men det hjælper heller ikke.
Har desværre ikke tid i aften, men vil se på det snarest. Så vender jeg tilbage. Det bliver nok i morgen eller i weekenden.

Har i en anbefaling til et gratis backup tool - det gør vel ikke noget det bliver til ekstern hd, fremfor online?
Indtil videre så tak for hjælpen.

Administrator
Avatar
Antal indlæg: 36034

Hent Combofix, og gem den på dit skrivebord:
ComboFix


Luk alle andre vinduer ned.

Kør så combofix.exe, og følg anvisningerne.

Når du får denne besked:
http://img.photobucket.com/albums/v666/sUBs/RC_update.png

Svarer du enten Ja eller Nej. Det er tilrådeligt at du siger Ja. Uanset hvad du svarer, har det ingen indflydelse på combofix scanningen.

Du må ikke klikke på vinduet imens værktøjet kører, idet det kan få din computer til at fryse.

Når Combofix er færdig, og efter det (muligvis) har genstartet, skulle der gerne åbnes en logfil: combofix.txt som ligger her C: Combofix txt

Indholdet af denne fil må du gerne lægge herind

Da de er forholdsvis lange, kan du blive nødt til at sende dem i flere indlæg.

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

  GunnerG
Antal indlæg: 62

hej
Her er del 1 af combolog

ComboFix 10-08-19.02 - Torbjørn 21-08-2010   0:08.1.1 - x86
Microsoft Windows XP Professional 5.1.2600.3.1252.45.1033.18.1022.671 [GMT 2:00]
Kører fra: c:\documents and settings\Torbjørn\Desktop\ComboFix.exe
AV: avast! Antivirus *On-access scanning disabled* (Updated) {7591DB91-41F0-48A3-B128-1A293FD8233D}

advarsel -DENNE MASKINE HAR IKKE GENOPRETTELSESKONSOL INSTALLERET !!
.

(((((((((((((((((((((((((((((((((((((((  Andet, der er slettet   )))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\documents and settings\Torbjørn\Recent\Thumbs.db
C:\Thumbs.db
c:\windows\server.txt
c:\windows\system32\srcr.dat
c:\windows\system32\Temp

.
\\.\PhysicalDrive0 - Bootkit Whistler was found and disinfected
.
\\.\PhysicalDrive0 - Bootkit Whistler was found and disinfected
.
(((((((((((((((((((((((((((((((((((((((  Drivers/Tjenester   )))))))))))))))))))))))))))))))))))))))))))))))))
.

———-\Legacy_BOONTY_GAMES
———-\Service_Boonty Games


(((((((((((((((((((((((((((((  Filer skabt fra 2010-07-20 til 2010-08-20 )))))))))))))))))))))))))))))))))))
.

2010-08-15 18:18 . 2010-08-15 18:18   ————  d——-w-  c:\program files\hijack
2010-08-15 17:00 . 2010-04-29 13:39   38224   ——a-w-  c:\windows\system32\drivers\mbamswissarmy.sys
2010-08-15 17:00 . 2010-08-15 17:00   ————  d——-w-  c:\documents and settings\All Users\Application Data\Malwarebytes
2010-08-15 17:00 . 2010-08-15 17:00   ————  d——-w-  c:\program files\Malwarebytes’ Anti-Malware
2010-08-15 17:00 . 2010-04-29 13:39   20952   ——a-w-  c:\windows\system32\drivers\mbam.sys
2010-08-15 16:44 . 2010-08-15 16:44   ————  d——-w-  c:\program files\Secunia
2010-08-09 13:58 . 2010-08-09 13:58   142592   ——a-w-  c:\windows\system32\drivers\sp_rsdrv2.sys
2010-08-09 13:57 . 2010-08-13 13:41   ————  d——-w-  c:\documents and settings\All Users\Application Data\Spyware Terminator
2010-08-09 13:57 . 2010-08-09 14:18   ————  d——-w-  c:\program files\Spyware Terminator
2010-08-08 10:37 . 2010-06-28 20:37   165456   ——a-w-  c:\windows\system32\drivers\aswSP.sys
2010-08-08 10:37 . 2010-06-28 20:32   17744   ——a-w-  c:\windows\system32\drivers\aswFsBlk.sys
2010-08-08 10:37 . 2010-06-28 20:33   23376   ——a-w-  c:\windows\system32\drivers\aswRdr.sys
2010-08-08 10:37 . 2010-06-28 20:37   46672   ——a-w-  c:\windows\system32\drivers\aswTdi.sys
2010-08-08 10:37 . 2010-06-28 20:32   100176   ——a-w-  c:\windows\system32\drivers\aswmon2.sys
2010-08-08 10:37 . 2010-06-28 20:32   94544   ——a-w-  c:\windows\system32\drivers\aswmon.sys
2010-08-08 10:37 . 2010-06-28 20:32   28880   ——a-w-  c:\windows\system32\drivers\aavmker4.sys
2010-08-08 10:37 . 2010-06-28 20:57   38848   ——a-w-  c:\windows\avastSS.scr
2010-08-08 10:37 . 2010-06-28 20:57   165032   ——a-w-  c:\windows\system32\aswBoot.exe
2010-08-08 10:36 . 2010-08-08 10:36   ————  d——-w-  c:\program files\Alwil Software
2010-08-08 10:36 . 2010-08-08 10:36   ————  d——-w-  c:\documents and settings\All Users\Application Data\Alwil Software
2010-08-07 20:25 . 2010-08-07 20:25   ————  d-sh—w-  c:\windows\system32\config\systemprofile\PrivacIE
2010-08-04 08:37 . 2010-08-04 08:37   ————  d-sh—w-  c:\documents and settings\LocalService\PrivacIE
2010-08-02 10:54 . 2010-08-02 10:54   ————  d——-w-  c:\documents and settings\LocalService\Local Settings\Application Data\Google
2010-07-30 13:25 . 2010-07-30 13:25   ————  d-sh—w-  c:\documents and settings\NetworkService\IETldCache
2010-07-30 13:23 . 2010-08-02 13:25   ————  d——-w-  c:\documents and settings\NetworkService\Local Settings\Application Data\Google
2010-07-30 13:23 . 2010-07-30 13:23   ————  d-sh—w-  c:\documents and settings\NetworkService\PrivacIE
2010-07-30 03:30 . 2010-07-30 03:30   ————  d——-w-  c:\documents and settings\All Users\Application Data\Youdagames
2010-07-27 20:22 . 2010-07-27 20:22   ————  d——-w-  c:\program files\AWS
2010-07-27 20:22 . 2010-07-27 20:22   ————  d——-w-  c:\program files\GameSpy Arcade

.
((((((((((((((((((((((((((((((((((((((((  Find3M Rapport   ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-08-18 16:29 . 2007-05-21 11:28   ————  d——-w-  c:\program files\SkoleKom
2010-08-13 13:47 . 2010-06-26 18:22   ————  d——-w-  c:\documents and settings\All Users\Application Data\TrackMania
2010-08-10 16:39 . 2010-07-11 02:46   412976   ——a-w-  c:\documents and settings\LocalService\Local Settings\Application Data\FontCache3.0.0.0.dat
2010-08-10 15:43 . 2007-05-14 19:06   ————  d——-w-  c:\program files\Common Files\Wise Installation Wizard
2010-08-10 15:43 . 2008-01-29 15:30   ————  d——-w-  c:\program files\SUPERAntiSpyware
2010-08-10 15:37 . 2007-06-22 17:34   ————  d——-w-  c:\program files\Apple Software Update
2010-08-10 15:37 . 2008-02-28 00:15   ————  d——-w-  c:\documents and settings\All Users\Application Data\Lavasoft
2010-08-10 15:37 . 2007-05-14 19:07   ————  d——-w-  c:\program files\Lavasoft
2010-08-02 01:38 . 2007-11-12 14:09   ————  d——-w-  c:\program files\Google
2010-07-29 18:52 . 2007-05-27 14:02   44   ——a-w-  c:\windows\popcinfo.dat
2010-07-29 09:44 . 2008-01-10 19:44   ————  d——-w-  c:\program files\EzGenerator3
2010-07-17 02:17 . 2009-10-03 13:30   ————  d——-w-  c:\program files\VS Revo Group
2010-07-17 02:10 . 2010-07-08 10:04   ————  d——-w-  c:\program files\GamersFirst
2010-07-17 02:10 . 2009-12-03 15:03   ————  d——-w-  c:\documents and settings\All Users\Application Data\Electronic Arts
2010-07-17 02:10 . 2009-12-03 14:47   ————  d——-w-  c:\program files\Electronic Arts
2010-07-17 02:10 . 2009-05-23 10:04   ————  d——-w-  c:\program files\Duplicate Music Files Finder
2010-07-14 18:02 . 2009-07-29 15:42   ————  d——-w-  c:\program files\DOSBox-0.73
2010-07-12 12:59 . 2010-07-10 12:11   ————  d——-w-  c:\program files\GameTap Web Player
2010-07-11 10:41 . 2010-06-17 17:48   ————  d——-w-  c:\documents and settings\All Users\Application Data\DivX
2010-07-11 10:40 . 2007-05-15 19:28   ————  d——-w-  c:\program files\DivX
2010-07-11 00:16 . 2010-07-11 00:13   ————  d——-w-  c:\program files\Yummy Games
2010-07-07 16:50 . 2010-07-07 16:50   ————  d——-w-  c:\documents and settings\All Users\Application Data\Cateia Games
2010-07-07 14:05 . 2010-07-07 14:05   14904   ——a-w-  c:\windows\system32\drivers\psi_mf.sys
2010-07-06 11:41 . 2009-07-15 10:59   ————  d——-w-  c:\program files\RealArcade
2010-07-03 21:46 . 2007-08-20 20:22   ————  d——-w-  c:\documents and settings\All Users\Application Data\Intenium
2010-06-30 20:07 . 2010-07-10 12:11   292208   ——a-w-  c:\windows\system32\YSys.dll
2010-06-30 12:31 . 2003-03-31 12:00   149504   ——a-w-  c:\windows\system32\schannel.dll
2010-06-24 12:22 . 2006-06-23 09:33   916480   ——a-w-  c:\windows\system32\wininet.dll
2010-06-23 13:44 . 2003-03-31 12:00   1851904   ——a-w-  c:\windows\system32\win32k.sys
2010-06-21 15:27 . 2003-03-31 12:00   354304   ——a-w-  c:\windows\system32\drivers\srv.sys
2010-06-17 14:03 . 2003-03-31 12:00   80384   ——a-w-  c:\windows\system32\iccvid.dll
2010-06-14 07:41 . 2006-09-13 05:09   1172480   ——a-w-  c:\windows\system32\msxml3.dll
2010-06-03 15:59 . 2010-06-03 15:59   16400   ——a-w-  c:\windows\system32\drivers\LNonPnP.sys
2010-05-29 23:42 . 2009-10-05 19:36   44   ——a-w-  c:\windows\popcinfot.dat
2008-03-27 15:28 . 2008-03-27 15:28   14290   ——a-w-  c:\program files\settings.dat
2008-03-24 23:31 . 2008-03-24 23:31   0   ——a-w-  c:\program files\temp01
.

(((((((((((((((((((((((((((((((((((  Start steder i reg.basen   ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Bemærk* tomme linier & lovlige standard linier vises ikke
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
“NVIDIA nTune”=“c:\program files\NVIDIA Corporation\nTune\nTuneCmd.exe” [2007-04-04 81920]
“swg”=“c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe” [2007-11-19 68856]
“Google Update”=“c:\documents and settings\Torbjørn\Local Settings\Application Data\Google\Update\GoogleUpdate.exe” [2010-08-02 135664]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
“nwiz”=“nwiz.exe” [2009-01-30 1657376]
“NvCplDaemon”=“c:\windows\system32\NvCpl.dll” [2009-01-30 13594624]
“KTPWare”=“c:\program files\Elantech\ktp.exe” [2006-03-28 512000]
“IntelWireless”=“c:\program files\Intel\Wireless\Bin\ifrmewrk.exe” [2006-04-14 602182]
“IntelliPoint”=“c:\program files\Microsoft IntelliPoint\ipoint.exe” [2007-02-05 849280]
“EOUApp”=“c:\program files\Intel\Wireless\Bin\EOUWiz.exe” [2006-04-14 569413]
“NvMediaCenter”=“c:\windows\system32\NvMcTray.dll” [2009-01-30 86016]
“RTHDCPL”=“RTHDCPL.EXE” [2007-12-20 16860672]
“Adobe Reader Speed Launcher”=“c:\program files\Adobe\Reader 8.0\Reader\Reader_sl.exe” [2010-06-17 40368]
“Adobe ARM”=“c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe” [2010-06-09 976832]
“EvtMgr6”=“c:\program files\Logitech\SetPointP\SetPoint.exe” [2010-01-27 1312848]
“avast5”=“c:\progra~1\ALWILS~1\Avast5\avastUI.exe” [2010-06-28 2837864]
“QuickTime Task”=“c:\program files\QuickTime\qttask.exe” [2009-01-05 413696]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
“CTFMON.EXE”=“c:\windows\System32\CTFMON.EXE” [2008-04-14 15360]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce]
“FlashPlayerUpdate”=“c:\windows\system32\Macromed\Flash\FlashUtil10h_ActiveX.exe” [2010-07-06 231888]

c:\documents and settings\Torbj›rn\Start Menu\Programs\Startup\
Secunia PSI.lnk - c:\program files\Secunia\PSI\psi.exe [2010-7-21 965176]

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer]
“NoSMHelp”= 01000000
“NoLogoff”= 01000000
“NoSMMyDocs”= 01000000
“NoSMMyPictures”= 01000000

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon]
“UIHost”=hex(2):25,53,79,73,74,65,6d,52,6f,6f,74,25,5c,73,79,73,74,65,6d,33,32,\

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\LBTWlgn]
2010-01-29 21:17   64592   ——a-w-  c:\program files\Common Files\Logishrd\Bluetooth\LBTWLgn.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\OPXPGina]
2006-04-19 10:08   49152   ——a-w-  c:\program files\Softex\OmniPass\OPXPGina.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WdfLoadGroup]
@=”“

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^GamersFirst LIVE!.lnk]
path=c:\documents and settings\All Users\Start Menu\Programs\Startup\GamersFirst LIVE!.lnk
backup=c:\windows\pss\GamersFirst LIVE!.lnkCommon Startup

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Microsoft Office.lnk]
backup=c:\windows\pss\Microsoft Office.lnkCommon Startup

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^RICOH Gate La.lnk]
path=c:\documents and settings\All Users\Start Menu\Programs\Startup\RICOH Gate La.lnk
backup=c:\windows\pss\RICOH Gate La.lnkCommon Startup

[HKLM\~\startupfolder\C:^Documents and Settings^Torbjørn^Start Menu^Programs^Startup^Trillian.lnk]
backup=c:\windows\pss\Trillian.lnkStartup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NokiaMServer]
c:\program files\Common Files\Nokia\MPlatform\NokiaMServer [X]
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\OrderReminder
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Sidewalker
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Turbine Download Manager Tray Icon

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DivXUpdate]
2010-06-03 00:50   1144104   ——a-w-  c:\program files\DivX\DivX Update\DivXUpdate.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NokiaMusic FastStart]
2009-11-06 15:00   2090272   ——a-w-  c:\program files\Nokia\Ovi Player\NokiaOviPlayer.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\OmniPass]
2006-04-19 10:12   2084864   ——a-w-  c:\program files\Softex\OmniPass\scureapp.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PC Suite Tray]
2009-06-25 13:12   1414144   ——a-w-  c:\program files\Nokia\Nokia PC Suite 7\PCSuite.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
2009-01-05 14:18   413696   ——a-w-  c:\program files\QuickTime\QTTask.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]
“IFXTCS”=2 (0x2)
“IFXSpMgtSrv”=2 (0x2)
“LiveTurbineNetworkService”=3 (0x3)
“LiveTurbineMessageService”=2 (0x2)
“iPod Service”=3 (0x3)
“Bonjour Service”=2 (0x2)
“Lavasoft Ad-Aware Service”=3 (0x3)
“Boonty Games”=3 (0x3)
“Apple Mobile Device”=2 (0x2)

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run-]
“PC Suite Tray”=“c:\program files\Nokia\Nokia PC Suite 7\PCSuite.exe” -onlytray
“Nokia.PCSync”=“c:\program files\Nokia\Nokia PC Suite 7\PCSync2.exe” /NoDialog
“swg”=c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
“Google Update”=“c:\documents and settings\Torbjørn\Local Settings\Application Data\Google\Update\GoogleUpdate.exe” /c
“IDMan”=c:\program files\Internet Download Manager\IDMan.exe /onboot

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-]
“Kernel and Hardware Abstraction Layer”=KHALMNPR.EXE
“Logitech Hardware Abstraction Layer”=KHALMNPR.EXE
“Alcmtr”=ALCMTR.EXE
“iTunesHelper”=“c:\program files\iTunes\iTunesHelper.exe”
“Adobe Reader Speed Launcher”=“c:\program files\Adobe\Reader 8.0\Reader\Reader_sl.exe”
“IntelZeroConfig”=“c:\program files\Intel\Wireless\bin\ZCfgSvc.exe”
“SoundMan”=SOUNDMAN.EXE
“snp2std”=c:\windows\vsnp2std.exe
“AppleSyncNotifier”=c:\program files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe
“DTVRemote”=“c:\program files\LifeView MVP\RemoteControl.exe”
“tsnp2std”=c:\windows\System32\tsnp2std.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-disabled]
“QuickTime Task”=“c:\program files\QuickTime\qttask.exe” -atboottime

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
“%windir%\\system32\\sessmgr.exe”=
“c:\\games\\poker\\Full Tilt Poker\\FullTiltPoker.exe”=
“c:\\games\\poker\\UnibetpokerMPP\\MPPoker.exe”=
“c:\\Program Files\\Caplio Software\\RGateLXP.exe”=
“c:\\Program Files\\Common Files\\Nokia\\Service Layer\\A\\nsl_host_process.exe”=
“c:\\Program Files\\Nokia\\Nokia Software Updater\\nsu_ui_client.exe”=
“c:\\games\\TmNationsForever\\TmForever.exe”=
“c:\\WINDOWS\\system32\\dpnsvr.exe”=
“c:\\games\\magicg\\Magic\\ManaLink.exe”=
“%windir%\\Network Diagnostic\\xpnetdiag.exe”=
“c:\\Program Files\\Java\\jre6\\bin\\java.exe”=
“c:\\games\\Firaxis Games\\Sid Meier’s Civilization 4\\Civilization4.exe”=
“c:\\games\\Firaxis Games\\Sid Meier’s Civilization 4\\Beyond the Sword\\Civ4BeyondSword.exe”=
“c:\\games\\Firaxis Games\\Sid Meier’s Civilization 4\\Beyond the Sword\\Civ4BeyondSword_PitBoss.exe”=
“c:\\WINDOWS\\system32\\dplaysvr.exe”=
“c:\\Nexon\\NEXON_EU_Downloader\\NEXON_EU_Downloader_Engine.exe”=
“c:\\Documents and Settings\\All Users\\Application Data\\NexonEU\\NGM\\NGM.exe”=
“c:\\Program Files\\Pando Networks\\Media Booster\\PMB.exe”=
“c:\\games\\MiniRacingOnline\\MiniRacingOnLine.exe”=
“c:\\games\\poc\\poc2008\\Poc3D2008.exe”=
“c:\\Program Files\\Veoh Networks\\VeohWebPlayer\\veohwebplayer.exe”=
“c:\\Program Files\\Windows Live\\Messenger\\wlcsdk.exe”=
“c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe”=
“c:\\WINDOWS\\system32\\dpvsetup.exe”=
“c:\\Program Files\\GameTap Web Player\\bin\\release\\GameTapPlayer.exe”=

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
“13448:TCP”= 13448:TCP:BitComet 13448 TCP
“13448:UDP”= 13448:UDP:BitComet 13448 UDP
“2100:TCP”= 2100:TCP:poker
“6112:TCP”= 6112:TCP:Blizzard Downloader
“3724:TCP”= 3724:TCP:Blizzard Downloader: 3724
“1119:TCP”= 1119:TCP:wow
“6881:TCP”= 6881:TCP:wow2
“6999:TCP”= 6999:TCP:wow3

R0 Lbd;Lbd;c:\windows\system32\DRIVERS\Lbd.sys [x]
R2 gupdate;Tjenesten Google Update (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [2010-08-02 135664]
R3 CamFilter;CamFilter;c:\windows\system32\Drivers\CamFilter.sys [2007-05-14 16640]
R3 Mkd2kfNt;Mkd2kfNt;c:\windows\system32\drivers\Mkd2kfNt.sys [2008-10-17 131072]
R3 Mkd2Nadr;Mkd2Nadr;c:\windows\system32\drivers\Mkd2Nadr.sys [2008-10-17 79104]
R3 nmwcdnsu;Nokia USB Flashing Phone Parent;c:\windows\system32\drivers\nmwcdnsu.sys [2009-03-19 136704]
R3 nmwcdnsuc;Nokia USB Flashing Generic;c:\windows\system32\drivers\nmwcdnsuc.sys [2009-03-19 8320]
R3 npggsvc;nProtect GameGuard Service;c:\windows\system32\GameMon.des [2009-09-17 3397716]
R3 USBAAPL;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl.sys [2008-01-15 30464]
R3 WPRO_40_1340;WinPcap Packet Driver (WPRO_40_1340);c:\windows\system32\drivers\WPRO_40_1340.sys [x]
R3 XDva281;XDva281;c:\windows\system32\XDva281.sys [x]
R4 sptd;sptd;c:\windows\system32\Drivers\sptd.sys [2007-10-14 685816]
S1 aswSP;aswSP; [x]
S1 CPEb;CPEb;c:\windows\system32\drivers\CPEb.sys [2006-02-23 8192]
S1 sp_rsdrv2;Spyware Terminator Driver 2;c:\windows\system32\drivers\sp_rsdrv2.sys [2010-08-09 142592]
S2 aswFsBlk;aswFsBlk; [x]
S3 IFXTPM;IFXTPM;c:\windows\system32\DRIVERS\IFXTPM.SYS [2005-10-21 36352]
S3 PSI;PSI;c:\windows\system32\DRIVERS\psi_mf.sys [2010-07-07 14904]


[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{8D8BB7AA-34B8-4058-85C7-5F750A62BE2D}]
2008-04-14 00:12   78848   ——a-w-  c:\windows\system32\msiexec.exe
.
Indhold af mappen ‘Planlagte Opgaver’

2009-09-24 c:\windows\Tasks\1-Click Maintenance.job
- c:\program files\TuneUp Utilities 2009\OneClickStarter.exe [2008-12-11 20:36]

2010-08-02 c:\windows\Tasks\GoogleUpdateTaskMachineCore1cb323110bcba02.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-08-02 01:38]

2010-02-25 c:\windows\Tasks\Install_NSS.job
- c:\program files\DivX\Symantec\scstubinstaller.exe [2009-11-14 00:49]

2010-03-13 c:\windows\Tasks\User_Feed_Synchronization-{0E6DA7FE-331B-4EE4-BE37-B4B9DE8F29D9}.job
- c:\windows\system32\msfeedssync.exe [2007-08-13 02:31]

2009-09-24 c:\windows\Tasks\WGASetup.job
- c:\windows\system32\KB905474\wgasetup.exe [2009-03-31 20:18]
.omboFix 10-08-19.02 - Torbjørn 21-08-2010   0:08.1.1 - x86
Microsoft Windows XP Professional 5.1.2600.3.1252.45.1033.18.1022.671 [GMT 2:00]
Kører fra: c:\documents and settings\Torbjørn\Desktop\ComboFix.exe
AV: avast! Antivirus *On-access scanning disabled* (Updated) {7591DB91-41F0-48A3-B128-1A293FD8233D}

advarsel -DENNE MASKINE HAR IKKE GENOPRETTELSESKONSOL INSTALLERET !!
.

(((((((((((((((((((((((((((((((((((((((  Andet, der er slettet   )))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\documents and settings\Torbjørn\Recent\Thumbs.db
C:\Thumbs.db
c:\windows\server.txt
c:\windows\system32\srcr.dat
c:\windows\system32\Temp

.
\\.\PhysicalDrive0 - Bootkit Whistler was found and disinfected
.
\\.\PhysicalDrive0 - Bootkit Whistler was found and disinfected
.
(((((((((((((((((((((((((((((((((((((((  Drivers/Tjenester   )))))))))))))))))))))))))))))))))))))))))))))))))
.

———-\Legacy_BOONTY_GAMES
———-\Service_Boonty Games


(((((((((((((((((((((((((((((  Filer skabt fra 2010-07-20 til 2010-08-20 )))))))))))))))))))))))))))))))))))
.

2010-08-15 18:18 . 2010-08-15 18:18   ————  d——-w-  c:\program files\hijack
2010-08-15 17:00 . 2010-04-29 13:39   38224   ——a-w-  c:\windows\system32\drivers\mbamswissarmy.sys
2010-08-15 17:00 . 2010-08-15 17:00   ————  d——-w-  c:\documents and settings\All Users\Application Data\Malwarebytes
2010-08-15 17:00 . 2010-08-15 17:00   ————  d——-w-  c:\program files\Malwarebytes’ Anti-Malware
2010-08-15 17:00 . 2010-04-29 13:39   20952   ——a-w-  c:\windows\system32\drivers\mbam.sys
2010-08-15 16:44 . 2010-08-15 16:44   ————  d——-w-  c:\program files\Secunia
2010-08-09 13:58 . 2010-08-09 13:58   142592   ——a-w-  c:\windows\system32\drivers\sp_rsdrv2.sys
2010-08-09 13:57 . 2010-08-13 13:41   ————  d——-w-  c:\documents and settings\All Users\Application Data\Spyware Terminator
2010-08-09 13:57 . 2010-08-09 14:18   ————  d——-w-  c:\program files\Spyware Terminator
2010-08-08 10:37 . 2010-06-28 20:37   165456   ——a-w-  c:\windows\system32\drivers\aswSP.sys
2010-08-08 10:37 . 2010-06-28 20:32   17744   ——a-w-  c:\windows\system32\drivers\aswFsBlk.sys
2010-08-08 10:37 . 2010-06-28 20:33   23376   ——a-w-  c:\windows\system32\drivers\aswRdr.sys
2010-08-08 10:37 . 2010-06-28 20:37   46672   ——a-w-  c:\windows\system32\drivers\aswTdi.sys
2010-08-08 10:37 . 2010-06-28 20:32   100176   ——a-w-  c:\windows\system32\drivers\aswmon2.sys
2010-08-08 10:37 . 2010-06-28 20:32   94544   ——a-w-  c:\windows\system32\drivers\aswmon.sys
2010-08-08 10:37 . 2010-06-28 20:32   28880   ——a-w-  c:\windows\system32\drivers\aavmker4.sys
2010-08-08 10:37 . 2010-06-28 20:57   38848   ——a-w-  c:\windows\avastSS.scr
2010-08-08 10:37 . 2010-06-28 20:57   165032   ——a-w-  c:\windows\system32\aswBoot.exe
2010-08-08 10:36 . 2010-08-08 10:36   ————  d——-w-  c:\program files\Alwil Software
2010-08-08 10:36 . 2010-08-08 10:36   ————  d——-w-  c:\documents and settings\All Users\Application Data\Alwil Software
2010-08-07 20:25 . 2010-08-07 20:25   ————  d-sh—w-  c:\windows\system32\config\systemprofile\PrivacIE
2010-08-04 08:37 . 2010-08-04 08:37   ————  d-sh—w-  c:\documents and settings\LocalService\PrivacIE
2010-08-02 10:54 . 2010-08-02 10:54   ————  d——-w-  c:\documents and settings\LocalService\Local Settings\Application Data\Google
2010-07-30 13:25 . 2010-07-30 13:25   ————  d-sh—w-  c:\documents and settings\NetworkService\IETldCache
2010-07-30 13:23 . 2010-08-02 13:25   ————  d——-w-  c:\documents and settings\NetworkService\Local Settings\Application Data\Google
2010-07-30 13:23 . 2010-07-30 13:23   ————  d-sh—w-  c:\documents and settings\NetworkService\PrivacIE
2010-07-30 03:30 . 2010-07-30 03:30   ————  d——-w-  c:\documents and settings\All Users\Application Data\Youdagames
2010-07-27 20:22 . 2010-07-27 20:22   ————  d——-w-  c:\program files\AWS
2010-07-27 20:22 . 2010-07-27 20:22   ————  d——-w-  c:\program files\GameSpy Arcade

.
((((((((((((((((((((((((((((((((((((((((  Find3M Rapport   ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-08-18 16:29 . 2007-05-21 11:28   ————  d——-w-  c:\program files\SkoleKom
2010-08-13 13:47 . 2010-06-26 18:22   ————  d——-w-  c:\documents and settings\All Users\Application Data\TrackMania
2010-08-10 16:39 . 2010-07-11 02:46   412976   ——a-w-  c:\documents and settings\LocalService\Local Settings\Application Data\FontCache3.0.0.0.dat
2010-08-10 15:43 . 2007-05-14 19:06   ————  d——-w-  c:\program files\Common Files\Wise Installation Wizard
2010-08-10 15:43 . 2008-01-29 15:30   ————  d——-w-  c:\program files\SUPERAntiSpyware
2010-08-10 15:37 . 2007-06-22 17:34   ————  d——-w-  c:\program files\Apple Software Update
2010-08-10 15:37 . 2008-02-28 00:15   ————  d——-w-  c:\documents and settings\All Users\Application Data\Lavasoft
2010-08-10 15:37 . 2007-05-14 19:07   ————  d——-w-  c:\program files\Lavasoft
2010-08-02 01:38 . 2007-11-12 14:09   ————  d——-w-  c:\program files\Google
2010-07-29 18:52 . 2007-05-27 14:02   44   ——a-w-  c:\windows\popcinfo.dat
2010-07-29 09:44 . 2008-01-10 19:44   ————  d——-w-  c:\program files\EzGenerator3
2010-07-17 02:17 . 2009-10-03 13:30   ————  d——-w-  c:\program files\VS Revo Group
2010-07-17 02:10 . 2010-07-08 10:04   ————  d——-w-  c:\program files\GamersFirst
2010-07-17 02:10 . 2009-12-03 15:03   ————  d——-w-  c:\documents and settings\All Users\Application Data\Electronic Arts
2010-07-17 02:10 . 2009-12-03 14:47   ————  d——-w-  c:\program files\Electronic Arts
2010-07-17 02:10 . 2009-05-23 10:04   ————  d——-w-  c:\program files\Duplicate Music Files Finder
2010-07-14 18:02 . 2009-07-29 15:42   ————  d——-w-  c:\program files\DOSBox-0.73
2010-07-12 12:59 . 2010-07-10 12:11   ————  d——-w-  c:\program files\GameTap Web Player
2010-07-11 10:41 . 2010-06-17 17:48   ————  d——-w-  c:\documents and settings\All Users\Application Data\DivX
2010-07-11 10:40 . 2007-05-15 19:28   ————  d——-w-  c:\program files\DivX
2010-07-11 00:16 . 2010-07-11 00:13   ————  d——-w-  c:\program files\Yummy Games
2010-07-07 16:50 . 2010-07-07 16:50   ————  d——-w-  c:\documents and settings\All Users\Application Data\Cateia Games
2010-07-07 14:05 . 2010-07-07 14:05   14904   ——a-w-  c:\windows\system32\drivers\psi_mf.sys
2010-07-06 11:41 . 2009-07-15 10:59   ————  d——-w-  c:\program files\RealArcade
2010-07-03 21:46 . 2007-08-20 20:22   ————  d——-w-  c:\documents and settings\All Users\Application Data\Intenium
2010-06-30 20:07 . 2010-07-10 12:11   292208   ——a-w-  c:\windows\system32\YSys.dll
2010-06-30 12:31 . 2003-03-31 12:00   149504   ——a-w-  c:\windows\system32\schannel.dll
2010-06-24 12:22 . 2006-06-23 09:33   916480   ——a-w-  c:\windows\system32\wininet.dll
2010-06-23 13:44 . 2003-03-31 12:00   1851904   ——a-w-  c:\windows\system32\win32k.sys
2010-06-21 15:27 . 2003-03-31 12:00   354304   ——a-w-  c:\windows\system32\drivers\srv.sys
2010-06-17 14:03 . 2003-03-31 12:00   80384   ——a-w-  c:\windows\system32\iccvid.dll
2010-06-14 07:41 . 2006-09-13 05:09   1172480   ——a-w-  c:\windows\system32\msxml3.dll
2010-06-03 15:59 . 2010-06-03 15:59   16400   ——a-w-  c:\windows\system32\drivers\LNonPnP.sys
2010-05-29 23:42 . 2009-10-05 19:36   44   ——a-w-  c:\windows\popcinfot.dat
2008-03-27 15:28 . 2008-03-27 15:28   14290   ——a-w-  c:\program files\settings.dat
2008-03-24 23:31 . 2008-03-24 23:31   0   ——a-w-  c:\program files\temp01
.

(((((((((((((((((((((((((((((((((((  Start steder i reg.basen   ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Bemærk* tomme linier & lovlige standard linier vises ikke
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
“NVIDIA nTune”=“c:\program files\NVIDIA Corporation\nTune\nTuneCmd.exe” [2007-04-04 81920]
“swg”=“c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe” [2007-11-19 68856]
“Google Update”=“c:\documents and settings\Torbjørn\Local Settings\Application Data\Google\Update\GoogleUpdate.exe” [2010-08-02 135664]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
“nwiz”=“nwiz.exe” [2009-01-30 1657376]
“NvCplDaemon”=“c:\windows\system32\NvCpl.dll” [2009-01-30 13594624]
“KTPWare”=“c:\program files\Elantech\ktp.exe” [2006-03-28 512000]
“IntelWireless”=“c:\program files\Intel\Wireless\Bin\ifrmewrk.exe” [2006-04-14 602182]
“IntelliPoint”=“c:\program files\Microsoft IntelliPoint\ipoint.exe” [2007-02-05 849280]
“EOUApp”=“c:\program files\Intel\Wireless\Bin\EOUWiz.exe” [2006-04-14 569413]
“NvMediaCenter”=“c:\windows\system32\NvMcTray.dll” [2009-01-30 86016]
“RTHDCPL”=“RTHDCPL.EXE” [2007-12-20 16860672]
“Adobe Reader Speed Launcher”=“c:\program files\Adobe\Reader 8.0\Reader\Reader_sl.exe” [2010-06-17 40368]
“Adobe ARM”=“c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe” [2010-06-09 976832]
“EvtMgr6”=“c:\program files\Logitech\SetPointP\SetPoint.exe” [2010-01-27 1312848]
“avast5”=“c:\progra~1\ALWILS~1\Avast5\avastUI.exe” [2010-06-28 2837864]
“QuickTime Task”=“c:\program files\QuickTime\qttask.exe” [2009-01-05 413696]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
“CTFMON.EXE”=“c:\windows\System32\CTFMON.EXE” [2008-04-14 15360]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce]
“FlashPlayerUpdate”=“c:\windows\system32\Macromed\Flash\FlashUtil10h_ActiveX.exe” [2010-07-06 231888]

c:\documents and settings\Torbj›rn\Start Menu\Programs\Startup\
Secunia PSI.lnk - c:\program files\Secunia\PSI\psi.exe [2010-7-21 965176]

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer]
“NoSMHelp”= 01000000
“NoLogoff”= 01000000
“NoSMMyDocs”= 01000000
“NoSMMyPictures”= 01000000

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon]
“UIHost”=hex(2):25,53,79,73,74,65,6d,52,6f,6f,74,25,5c,73,79,73,74,65,6d,33,32,\

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\LBTWlgn]
2010-01-29 21:17   64592   ——a-w-  c:\program files\Common Files\Logishrd\Bluetooth\LBTWLgn.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\OPXPGina]
2006-04-19 10:08   49152   ——a-w-  c:\program files\Softex\OmniPass\OPXPGina.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WdfLoadGroup]
@=”“

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^GamersFirst LIVE!.lnk]
path=c:\documents and settings\All Users\Start Menu\Programs\Startup\GamersFirst LIVE!.lnk
backup=c:\windows\pss\GamersFirst LIVE!.lnkCommon Startup

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Microsoft Office.lnk]
backup=c:\windows\pss\Microsoft Office.lnkCommon Startup

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^RICOH Gate La.lnk]
path=c:\documents and settings\All Users\Start Menu\Programs\Startup\RICOH Gate La.lnk
backup=c:\windows\pss\RICOH Gate La.lnkCommon Startup

[HKLM\~\startupfolder\C:^Documents and Settings^Torbjørn^Start Menu^Programs^Startup^Trillian.lnk]
backup=c:\windows\pss\Trillian.lnkStartup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NokiaMServer]
c:\program files\Common Files\Nokia\MPlatform\NokiaMServer [X]
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\OrderReminder
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Sidewalker
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Turbine Download Manager Tray Icon

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DivXUpdate]
2010-06-03 00:50   1144104   ——a-w-  c:\program files\DivX\DivX Update\DivXUpdate.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NokiaMusic FastStart]
2009-11-06 15:00   2090272   ——a-w-  c:\program files\Nokia\Ovi Player\NokiaOviPlayer.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\OmniPass]
2006-04-19 10:12   2084864   ——a-w-  c:\program files\Softex\OmniPass\scureapp.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PC Suite Tray]
2009-06-25 13:12   1414144   ——a-w-  c:\program files\Nokia\Nokia PC Suite 7\PCSuite.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
2009-01-05 14:18   413696   ——a-w-  c:\program files\QuickTime\QTTask.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]
“IFXTCS”=2 (0x2)
“IFXSpMgtSrv”=2 (0x2)
“LiveTurbineNetworkService”=3 (0x3)
“LiveTurbineMessageService”=2 (0x2)
“iPod Service”=3 (0x3)
“Bonjour Service”=2 (0x2)
“Lavasoft Ad-Aware Service”=3 (0x3)
“Boonty Games”=3 (0x3)
“Apple Mobile Device”=2 (0x2)

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run-]
“PC Suite Tray”=“c:\program files\Nokia\Nokia PC Suite 7\PCSuite.exe” -onlytray
“Nokia.PCSync”=“c:\program files\Nokia\Nokia PC Suite 7\PCSync2.exe” /NoDialog
“swg”=c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
“Google Update”=“c:\documents and settings\Torbjørn\Local Settings\Application Data\Google\Update\GoogleUpdate.exe” /c
“IDMan”=c:\program files\Internet Download Manager\IDMan.exe /onboot

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-]
“Kernel and Hardware Abstraction Layer”=KHALMNPR.EXE
“Logitech Hardware Abstraction Layer”=KHALMNPR.EXE
“Alcmtr”=ALCMTR.EXE
“iTunesHelper”=“c:\program files\iTunes\iTunesHelper.exe”
“Adobe Reader Speed Launcher”=“c:\program files\Adobe\Reader 8.0\Reader\Reader_sl.exe”
“IntelZeroConfig”=“c:\program files\Intel\Wireless\bin\ZCfgSvc.exe”
“SoundMan”=SOUNDMAN.EXE
“snp2std”=c:\windows\vsnp2std.exe
“AppleSyncNotifier”=c:\program files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe
“DTVRemote”=“c:\program files\LifeView MVP\RemoteControl.exe”
“tsnp2std”=c:\windows\System32\tsnp2std.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-disabled]
“QuickTime Task”=“c:\program files\QuickTime\qttask.exe” -atboottime

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
“%windir%\\system32\\sessmgr.exe”=
“c:\\games\\poker\\Full Tilt Poker\\FullTiltPoker.exe”=
“c:\\games\\poker\\UnibetpokerMPP\\MPPoker.exe”=
“c:\\Program Files\\Caplio Software\\RGateLXP.exe”=
“c:\\Program Files\\Common Files\\Nokia\\Service Layer\\A\\nsl_host_process.exe”=
“c:\\Program Files\\Nokia\\Nokia Software Updater\\nsu_ui_client.exe”=
“c:\\games\\TmNationsForever\\TmForever.exe”=
“c:\\WINDOWS\\system32\\dpnsvr.exe”=
“c:\\games\\magicg\\Magic\\ManaLink.exe”=
“%windir%\\Network Diagnostic\\xpnetdiag.exe”=
“c:\\Program Files\\Java\\jre6\\bin\\java.exe”=
“c:\\games\\Firaxis Games\\Sid Meier’s Civilization 4\\Civilization4.exe”=
“c:\\games\\Firaxis Games\\Sid Meier’s Civilization 4\\Beyond the Sword\\Civ4BeyondSword.exe”=
“c:\\games\\Firaxis Games\\Sid Meier’s Civilization 4\\Beyond the Sword\\Civ4BeyondSword_PitBoss.exe”=
“c:\\WINDOWS\\system32\\dplaysvr.exe”=
“c:\\Nexon\\NEXON_EU_Downloader\\NEXON_EU_Downloader_Engine.exe”=
“c:\\Documents and Settings\\All Users\\Application Data\\NexonEU\\NGM\\NGM.exe”=
“c:\\Program Files\\Pando Networks\\Media Booster\\PMB.exe”=
“c:\\games\\MiniRacingOnline\\MiniRacingOnLine.exe”=
“c:\\games\\poc\\poc2008\\Poc3D2008.exe”=
“c:\\Program Files\\Veoh Networks\\VeohWebPlayer\\veohwebplayer.exe”=
“c:\\Program Files\\Windows Live\\Messenger\\wlcsdk.exe”=
“c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe”=
“c:\\WINDOWS\\system32\\dpvsetup.exe”=
“c:\\Program Files\\GameTap Web Player\\bin\\release\\GameTapPlayer.exe”=

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
“13448:TCP”= 13448:TCP:BitComet 13448 TCP
“13448:UDP”= 13448:UDP:BitComet 13448 UDP
“2100:TCP”= 2100:TCP:poker
“6112:TCP”= 6112:TCP:Blizzard Downloader
“3724:TCP”= 3724:TCP:Blizzard Downloader: 3724
“1119:TCP”= 1119:TCP:wow
“6881:TCP”= 6881:TCP:wow2
“6999:TCP”= 6999:TCP:wow3

R0 Lbd;Lbd;c:\windows\system32\DRIVERS\Lbd.sys [x]
R2 gupdate;Tjenesten Google Update (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [2010-08-02 135664]
R3 CamFilter;CamFilter;c:\windows\system32\Drivers\CamFilter.sys [2007-05-14 16640]
R3 Mkd2kfNt;Mkd2kfNt;c:\windows\system32\drivers\Mkd2kfNt.sys [2008-10-17 131072]
R3 Mkd2Nadr;Mkd2Nadr;c:\windows\system32\drivers\Mkd2Nadr.sys [2008-10-17 79104]
R3 nmwcdnsu;Nokia USB Flashing Phone Parent;c:\windows\system32\drivers\nmwcdnsu.sys [2009-03-19 136704]
R3 nmwcdnsuc;Nokia USB Flashing Generic;c:\windows\system32\drivers\nmwcdnsuc.sys [2009-03-19 8320]
R3 npggsvc;nProtect GameGuard Service;c:\windows\system32\GameMon.des [2009-09-17 3397716]
R3 USBAAPL;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl.sys [2008-01-15 30464]
R3 WPRO_40_1340;WinPcap Packet Driver (WPRO_40_1340);c:\windows\system32\drivers\WPRO_40_1340.sys [x]
R3 XDva281;XDva281;c:\windows\system32\XDva281.sys [x]
R4 sptd;sptd;c:\windows\system32\Drivers\sptd.sys [2007-10-14 685816]
S1 aswSP;aswSP; [x]
S1 CPEb;CPEb;c:\windows\system32\drivers\CPEb.sys [2006-02-23 8192]
S1 sp_rsdrv2;Spyware Terminator Driver 2;c:\windows\system32\drivers\sp_rsdrv2.sys [2010-08-09 142592]
S2 aswFsBlk;aswFsBlk; [x]
S3 IFXTPM;IFXTPM;c:\windows\system32\DRIVERS\IFXTPM.SYS [2005-10-21 36352]
S3 PSI;PSI;c:\windows\system32\DRIVERS\psi_mf.sys [2010-07-07 14904]


[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{8D8BB7AA-34B8-4058-85C7-5F750A62BE2D}]
2008-04-14 00:12   78848   ——a-w-  c:\windows\system32\msiexec.exe
.
Indhold af mappen ‘Planlagte Opgaver’

2009-09-24 c:\windows\Tasks\1-Click Maintenance.job
- c:\program files\TuneUp Utilities 2009\OneClickStarter.exe [2008-12-11 20:36]

2010-08-02 c:\windows\Tasks\GoogleUpdateTaskMachineCore1cb323110bcba02.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-08-02 01:38]

2010-02-25 c:\windows\Tasks\Install_NSS.job
- c:\program files\DivX\Symantec\scstubinstaller.exe [2009-11-14 00:49]

2010-03-13 c:\windows\Tasks\User_Feed_Synchronization-{0E6DA7FE-331B-4EE4-BE37-B4B9DE8F29D9}.job
- c:\windows\system32\msfeedssync.exe [2007-08-13 02:31]

2009-09-24 c:\windows\Tasks\WGASetup.job
- c:\windows\system32\KB905474\wgasetup.exe [2009-03-31 20:18]
.

  GunnerG
Antal indlæg: 62

del 2


.
———- Yderligere scanning———-
.
uStart Page = hxxp://www.google.dk/
uSearchMigratedDefaultURL = hxxp://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8
uSearchAssistant = hxxp://www.google.com/ie
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
IE: E&ksporter; til Microsoft Excel - c:\progra~1\MICROS~3\Office10\EXCEL.EXE/3000
IE: Google Sidewiki ... - c:\program files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_89D8574934B26AC4.dll/cmsidewiki.html
Trusted Zone: mousebreaker.com\www
DPF: {0067DBFC-A752-458C-AE6E-B9C7E63D4824} - hxxp://www.logitech.com/devicedetector/plugins/LogitechDeviceDetection32.cab
DPF: {4F29DE54-5EB7-4D76-B610-A86B5CD2A234} - hxxp://archives.gametap.com/static/cab_headless/GameTapWebPlayer.cab
DPF: {784797A8-342D-4072-9486-03C8D0F2F0A1} - hxxps://www.battlefieldheroes.com/static/updater/BFHUpdater_5.0.18.0.cab
DPF: {9C196458-4145-46AF-8A77-1506878DFECA} - ftp://ftp.sektornet.dk/sektornet/skolekom/fcplugin.cab
DPF: {F6A56D95-A3A3-11D2-AC26-400000058481} - hxxps://netbank.danskebank.dk/html/activex/danskesikker/DB/DanskeSikker.cab
.
- - - - TOMME GENVEJE FJERNET - - - -

SafeBoot-AVG Anti-Spyware Driver
SafeBoot-Wdf01000.sys
SafeBoot-AVG Anti-Spyware Guard
MSConfigStartUp-iTunesHelper - c:\program files\iTunes\iTunesHelper.exe
AddRemove-Kings Bounty Armored Princess_is1 - c:\program files\1C Company\Kings Bounty Armored Princess\unins000.exe
AddRemove-WT050976 - c:\games\FATE Undiscovered Realms\Uninstall.exe

**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2010-08-21 00:54
Windows 5.1.2600 Service Pack 3 NTFS

scanner skjulte processer ... 

scanner skjulte autostarter ...

scanner skjulte filer ... 

scanning gennemført med succes
skjulte filer: 0

**************************************************************************

[HKEY_LOCAL_MACHINE\System\ControlSet002\Services\npggsvc]
“ImagePath”=“c:\windows\system32\GameMon.des -service”
.
——————————- LÅSTE REGISTRERINGS NØGLER——————————-

[HKEY_USERS\.Default\Software\Microsoft\Internet Explorer\User Preferences]
@Denied: (2) (LocalSystem)
“88D7D0879DAB32E14DE5B3A805A34F98AFF34F5977”=hex:01,00,00,00,d0,8c,9d,df,01,15,
  d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,58,fb,6b,0b,d3,91,90,4b,a7,33,0e,\
“2D53CFFC5C1A3DD2E97B7979AC2A92BD59BC839E81”=hex:01,00,00,00,d0,8c,9d,df,01,15,
  d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,58,fb,6b,0b,d3,91,90,4b,a7,33,0e,\

[HKEY_USERS\S-1-5-21-515967899-1960408961-682003330-1004\Software\SecuROM\!CAUTION! NEVER A OR CHANGE ANY KEY*]
“??”=hex:bc,73,08,9b,a5,5f,be,a2,26,08,a8,4e,e8,32,c6,92,bd,78,57,9f,c6,46,cd,
  e5,0d,b1,60,c8,7e,00,64,b9,ad,2c,27,2f,5b,2e,23,5a,76,00,c0,63,79,e1,4e,9b,\
“??”=hex:cc,57,ea,47,e1,30,5d,39,6a,bb,93,59,0b,16,ff,da

[HKEY_USERS\S-1-5-21-515967899-1960408961-682003330-1004\Software\SecuROM\License information*]
“datasecu”=hex:ae,89,c5,5e,b5,19,1b,a3,9e,b8,54,5e,66,8e,85,1f,09,f3,88,8c,43,
  7b,58,aa,0d,ab,2b,6c,dc,98,8a,08,43,8d,51,f0,d5,e3,05,32,df,a1,8b,6f,4b,c9,\
“rkeysecu”=hex:2c,be,21,5f,64,4a,26,98,22,0f,1a,39,0c,2e,67,90

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{305b5a56-4ae6-4d48-8063-89cb62aa1099}]
@Denied: (Full) (Everyone)
“Model”=dword:0000011c
“Therad”=dword:0000001e
“MData”=hex(0):2b,8f,78,29,5a,0c,ce,ec,48,d4,68,e5,9f,6a,96,3e,ab,de,c5,81,26,
  38,95,44,85,b1,12,f9,90,dd,23,a1,49,8c,bf,1a,9d,fe,41,71,cb,3f,46,a4,7c,ab,\

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{5ED60779-4DE2-4E07-B862-974CA4FF2E9C}]
@Denied: (Full) (Everyone)
“scansk”=hex(0):fd,2e,8b,3b,7d,59,3f,96,d5,28,37,48,8a,ec,0c,ee,fa,4c,33,cd,3f,
  a0,4f,2d,51,26,2e,6d,de,ad,28,b6,00,64,6c,92,e7,b4,73,c2,00,00,00,00,00,00,\

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{7B8E9164-324D-4A2E-A46D-0165FB2000EC}]
@Denied: (Full) (Everyone)
“scansk”=hex(0):7a,d1,d4,64,be,0e,cc,7b,ec,3c,bb,25,ca,41,c6,8c,82,f5,94,2c,fe,
  d5,6c,ef,81,4f,1e,10,60,31,c3,9d,6a,34,94,73,00,18,8c,7a,00,00,00,00,00,00,\

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{8582fa12-0145-44e5-8f03-97bb943e4f98}]
@Denied: (Full) (Everyone)
“Model”=dword:0000015f
“Therad”=dword:00000015
“MData”=hex(0):2b,8f,78,29,5a,0c,ce,ec,48,d4,68,e5,9f,6a,96,3e,ab,de,c5,81,26,
  38,95,44,ab,9e,50,1b,eb,77,d1,ab,7d,1b,7f,27,45,28,a1,52,83,e0,8b,c5,07,bb,\

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
@Denied: (A 2) (Everyone)
@=“FlashBroker”
“LocalizedString”=”@c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil10h_ActiveX.exe,-101”

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
“Enabled”=dword:00000001

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
@=“c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil10h_ActiveX.exe”

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
@=”{FAB3E735-69C7-453B-A446-B6823C6DF1C9}”

[HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
@Denied: (A 2) (Everyone)
@=“IFlashBroker4”

[HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
@=”{00020424-0000-0000-C000-000000000046}”

[HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
@=”{FAB3E735-69C7-453B-A446-B6823C6DF1C9}”
“Version”=“1.0”
.
——————————- DLLs startet under kørende Processer——————————-

- - - - - - - > ‘winlogon.exe’(1876)
c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll
c:\program files\Softex\OmniPass\opxpgina.dll

- - - - - - - > ‘explorer.exe’(2896)
c:\windows\system32\WININET.dll
c:\windows\system32\nview.dll
c:\windows\system32\NVWRSDA.DLL
c:\windows\system32\ieframe.dll
c:\windows\system32\webcheck.dll
c:\windows\system32\WPDShServiceObj.dll
c:\windows\System32\btncopy.dll
c:\program files\Nokia\Nokia PC Suite 7\PhoneBrowser.dll
c:\program files\Nokia\Nokia PC Suite 7\NGSCM.DLL
c:\windows\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.4053_x-ww_e6967989\MSVCR80.dll
c:\program files\Nokia\Nokia PC Suite 7\Lang\PhoneBrowser_eng.nlr
c:\program files\Nokia\Nokia PC Suite 7\Resource\PhoneBrowser_Nokia.ngr
c:\program files\WinSCP\DragExt.dll
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
.
————————————Andre kørende processer————————————
.
c:\program files\Intel\Wireless\Bin\EvtEng.exe
c:\program files\Intel\Wireless\Bin\S24EvMon.exe
c:\program files\Alwil Software\Avast5\AvastSvc.exe
c:\windows\system32\acs.exe
c:\windows\system32\agrsmsvc.exe
c:\program files\BlueTooth-WIDCOMM\Bluetooth Software\bin\btwdins.exe
c:\program files\Java\jre6\bin\jqs.exe
c:\program files\Common Files\Microsoft Shared\VS7Debug\mdm.exe
c:\program files\NVIDIA Corporation\nTune\nTuneService.exe
c:\windows\system32\nvsvc32.exe
c:\program files\Softex\OmniPass\Omniserv.exe
c:\program files\Intel\Wireless\Bin\RegSrvc.exe
c:\program files\Spyware Terminator\sp_rsser.exe
c:\windows\System32\TUProgSt.exe
c:\program files\Softex\OmniPass\OPXPApp.exe
c:\windows\system32\wscntfy.exe
c:\windows\system32\dwwin.exe
c:\windows\system32\RUNDLL32.EXE
c:\windows\RTHDCPL.EXE
c:\windows\system32\rundll32.exe
c:\program files\Common Files\LogiShrd\KHAL3\KHALMNPR.EXE
.
**************************************************************************
.
Gennemført tid: 2010-08-21 00:59:08 - maskinen blev genstartet
ComboFix-quarantined-files.txt 2010-08-20 22:58

Pre-Kørsel: 49.179.205.632 bytes free
Post-Kørsel: 51.713.200.128 bytes free

Current=2 Default=2 Failed=1 LastKnownGood=4 Sets=1,2,3,4
- - End Of File - - 9EF7896F5F30BF92221B1951FBF099DD

  GunnerG
Antal indlæg: 62

Nu virker Chorme igen og IE er holdt op med fejlmeddelser - det er dejligt…
Men der er vel stadig lidt mere der skal fikses - eller har combifix klaret det?
vh GunnerG

  GunnerG
Antal indlæg: 62

Jeg har kørt et par online skannere - afinstalleret de antivirus og antispyware programmer jeg har. Installeret Avira og kørt det samt SuperAntiSpyware. Har opdateret en række programmer gennem PSI og den ser ud til at virke fint.
Tror i der er mere?

  GunnerG
Antal indlæg: 62

Nå men den nye hijack log ser således ud


Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 10:43:10, on 22-08-2010
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Windows Defender\MsMpEng.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Avira\AntiVir Desktop\sched.exe
C:\WINDOWS\system32\acs.exe
C:\WINDOWS\system32\agrsmsvc.exe
C:\Program Files\Avira\AntiVir Desktop\avguard.exe
C:\Program Files\BlueTooth-WIDCOMM\Bluetooth Software\bin\btwdins.exe
C:\Program Files\Avira\AntiVir Desktop\avshadow.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe
C:\Program Files\Google\Update\GoogleUpdate.exe
C:\Program Files\NVIDIA Corporation\nTune\nTuneService.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\Softex\OmniPass\Omniserv.exe
C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\TUProgSt.exe
C:\Program Files\Softex\OmniPass\OPXPApp.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe
C:\Program Files\Microsoft IntelliPoint\ipoint.exe
C:\Program Files\Intel\Wireless\Bin\EOUWiz.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\Logitech\SetPointP\SetPoint.exe
C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
C:\Program Files\Windows Defender\MSASCui.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Documents and Settings\Torbjørn\Local Settings\Application Data\Google\Update\GoogleUpdate.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
C:\Program Files\Common Files\LogiShrd\KHAL3\KHALMNPR.EXE
C:\Documents and Settings\Torbjørn\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Torbjørn\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Torbjørn\My Documents\Downloads\HiJackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.dk/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.5.5126.1836\swg.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [KTPWare] C:\Program Files\Elantech\ktp.exe
O4 - HKLM\..\Run: [IntelWireless] “C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe” /tf Intel PROSet/Wireless
O4 - HKLM\..\Run: [IntelliPoint] “c:\Program Files\Microsoft IntelliPoint\ipoint.exe”
O4 - HKLM\..\Run: [EOUApp] “C:\Program Files\Intel\Wireless\Bin\EOUWiz.exe”
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] “C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe”
O4 - HKLM\..\Run: [Adobe ARM] “C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe”
O4 - HKLM\..\Run: [EvtMgr6] C:\Program Files\Logitech\SetPointP\SetPoint.exe /launchGaming
O4 - HKLM\..\Run: [QuickTime Task] “C:\Program Files\QuickTime\QTTask.exe” -atboottime
O4 - HKLM\..\Run: [avgnt] “C:\Program Files\Avira\AntiVir Desktop\avgnt.exe” /min
O4 - HKLM\..\Run: [Windows Defender] “C:\Program Files\Windows Defender\MSASCui.exe” -hide
O4 - HKLM\..\Run: [SunJavaUpdateSched] “C:\Program Files\Common Files\Java\Java Update\jusched.exe”
O4 - HKCU\..\Run: [NVIDIA nTune] “C:\Program Files\NVIDIA Corporation\nTune\nTuneCmd.exe” clear
O4 - HKCU\..\Run: [swg] “C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe”
O4 - HKCU\..\Run: [Google Update] “C:\Documents and Settings\Torbjørn\Local Settings\Application Data\Google\Update\GoogleUpdate.exe” /c
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User ‘SYSTEM’)
O4 - HKUS\S-1-5-18\..\RunOnce: [FlashPlayerUpdate] C:\WINDOWS\system32\Macromed\Flash\FlashUtil10h_ActiveX.exe -update activex (User ‘SYSTEM’)
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User ‘Default user’)
O4 - HKUS\.DEFAULT\..\RunOnce: [FlashPlayerUpdate] C:\WINDOWS\system32\Macromed\Flash\FlashUtil10h_ActiveX.exe -update activex (User ‘Default user’)
O8 - Extra context menu item: E&ksporter; til Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office10\EXCEL.EXE/3000
O8 - Extra context menu item: Google Sidewiki ... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_89D8574934B26AC4.dll/cmsidewiki.html
O9 - Extra button: FirstClass® - {02011FE3-C22B-451d-9A25-BF4DBB38B8E7} - C:\WINDOWS\Downloaded Program Files\fcplugin.dll
O9 - Extra button: PartyGammon.com - {59A861EE-32B3-42cd-8CCA-FC130EDF3A44} - C:\games\poker\PartyGaming\PartyGammon\RunBackGammon.exe (file missing)
O9 - Extra ‘Tools’ menuitem: PartyGammon.com - {59A861EE-32B3-42cd-8CCA-FC130EDF3A44} - C:\games\poker\PartyGaming\PartyGammon\RunBackGammon.exe (file missing)
O9 - Extra button: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\games\poker\PartyGaming\PartyPoker\RunApp.exe
O9 - Extra ‘Tools’ menuitem: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\games\poker\PartyGaming\PartyPoker\RunApp.exe
O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\BlueTooth-WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra ‘Tools’ menuitem: @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\BlueTooth-WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra ‘Tools’ menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O16 - DPF: {0067DBFC-A752-458C-AE6E-B9C7E63D4824} (Device Detection) - http://www.logitech.com/devicedetector/plugins/LogitechDeviceDetection32.cab
O16 - DPF: {029FDBA6-3547-11D7-AA4C-0050BF051A00} (Rawflow ICD Client) - http://downol.dr.dk/download/netradio/Rawflow.cab
O16 - DPF: {05CA9FB0-3E3E-4B36-BF41-0E3A5CAA8CD8} (Office Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=58813
O16 - DPF: {0835BC90-6ABC-4F52-A103-4FC3A61F2C33} (A18X Control) - http://www.albatross18.com/season2/cabs/A18X.ocx
O16 - DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} (Facebook Photo Uploader 5 Control) - http://upload.facebook.com/controls/2008.10.10_v5.5.8/FacebookPhotoUploader5.cab
O16 - DPF: {149E45D8-163E-4189-86FC-45022AB2B6C9} (SpinTop DRM Control) -
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {18C3FD15-74F6-4280-9C98-3590C966B7B8} (SkillGam Control) - http://www.worldwinner.com/games/v47/skillgam/skillgam.cab
O16 - DPF: {1E54D648-B804-468d-BC78-4AFFED8E262F} (System Requirements Lab) - http://www.nvidia.com/content/DriverDownload/srl/3.0.0.4/srl_bin/sysreqlab_nvd.cab
O16 - DPF: {2019DC25-D1C0-11D6-97B3-0008A124F542} (StreamPlug Class) - http://www.streamplug.com/StreamPlug/SP.cab
O16 - DPF: {215B8138-A3CF-44C5-803F-8226143CFC0A} (Trend Micro ActiveX Scan Agent 6.6) - http://housecall65.trendmicro.com/housecall/applet/html/native/x86/win32/activex/hcImpl.cab
O16 - DPF: {39B0684F-D7BF-4743-B050-FDC3F48F7E3B} - http://www.fileplanet.com/fpdlmgr/cabs/FPDC_2.3.7.109.cab
O16 - DPF: {4AB16005-E995-4A60-89DE-8B8A3E6EB5B0} (TrivialPursuit Control) - http://www.worldwinner.com/games/v56/trivialpursuit/trivialpursuit.cab
O16 - DPF: {4F29DE54-5EB7-4D76-B610-A86B5CD2A234} (GameTap Player) - http://archives.gametap.com/static/cab_headless/GameTapWebPlayer.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1179151264062
O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI Utility Class) - http://security.symantec.com/sscv6/SharedContent/common/bin/cabsa.cab
O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} (DivXBrowserPlugin Object) - http://go.divx.com/plugin/DivXBrowserPlugin.cab
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1181232373484
O16 - DPF: {784797A8-342D-4072-9486-03C8D0F2F0A1} (Battlefield Heroes Updater) - https://www.battlefieldheroes.com/static/updater/BFHUpdater_5.0.18.0.cab
O16 - DPF: {8A94C905-FF9D-43B6-8708-F0F22D22B1CB} (Wwlaunch Control) - http://www.worldwinner.com/games/shared/wwlaunch.cab
O16 - DPF: {8F6E7FB2-E56B-4F66-A4E1-9765D2565280} (WorldWinner ActiveX Launcher Control) - http://www.worldwinner.com/games/launcher/ie/v2.22.01.0/iewwload.cab
O16 - DPF: {95A311CD-EC8E-452A-BCEC-B844EB616D03} (BejeweledTwist Control) - http://www.worldwinner.com/games/v51/bejeweledtwist/bejeweledtwist.cab
O16 - DPF: {9C196458-4145-46AF-8A77-1506878DFECA} (FirstClass® Control) - ftp://ftp.sektornet.dk/sektornet/skolekom/fcplugin.cab
O16 - DPF: {B516CA4E-A5BA-405C-AFCF-A97F08CC7429} (GoBit Games Player) - http://aolsvc.aol.com/onlinegames/free-trial-burger-shop/GoBitGamesPlayer_v4.cab
O16 - DPF: {BB21F850-63F4-4EC9-BF9D-565BD30C9AE9} (a-squared Scanner) - http://ax.emsisoft.com/asquared.cab
O16 - DPF: {CC450D71-CC90-424C-8638-1F2DBAC87A54} (ArmHelper Control) -
O16 - DPF: {D8089245-3211-40F6-819B-9E5E92CD61A2} (FlashXControl Object) - https://signin9.valueactive.com/Register/Branding/olr3313/OCX/v1018/flashax.cab
O16 - DPF: {D821DC4A-0814-435E-9820-661C543A4679} (CRLDownloadWrapper Class) - http://drmlicense.one.microsoft.com/crlupdate/en/crlocx.ocx
O16 - DPF: {E87F6C8E-16C0-11D3-BEF7-009027438003} (Persits Software XUpload) - http://www.skolenvedsoerne.dk/Li/_includes/XUpload.ocx
O16 - DPF: {E8F628B5-259A-4734-97EE-BA914D7BE941} (Driver Agent ActiveX Control) - http://driveragent.com/files/driveragent.cab
O16 - DPF: {F6A56D95-A3A3-11D2-AC26-400000058481} (Danske e-Sec) - https://netbank.danskebank.dk/html/activex/danskesikker/DB/DanskeSikker.cab
O16 - DPF: {F7EDBBEA-1AD2-4EBF-AA07-D453CC29EE65} (Flash Casino Helper Object) - https://bellerock.microgaming.com/freeplay/FlashAX2.cab
O18 - Protocol: fcp - {B3133379-8789-4D3C-9593-C205D7297501} - C:\WINDOWS\Downloaded Program Files\fcplugin.dll
O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\System32\browseui.dll
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\System32\browseui.dll
O23 - Service: Atheros Configuration Service (acs) - Atheros - C:\WINDOWS\system32\acs.exe
O23 - Service: Agere Modem Call Progress Audio (AgereModemAudio) - Agere Systems - C:\WINDOWS\system32\agrsmsvc.exe
O23 - Service: Avira AntiVir Scheduler (AntiVirSchedulerService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\sched.exe
O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\avguard.exe
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\BlueTooth-WIDCOMM\Bluetooth Software\bin\btwdins.exe
O23 - Service: Intel(R) PROSet/Wireless Event Log (EvtEng) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
O23 - Service: Tjenesten Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: Logitech Bluetooth Service (LBTServ) - Logitech, Inc. - C:\Program Files\Common Files\LogiShrd\Bluetooth\lbtserv.exe
O23 - Service: nProtect GameGuard Service (npggsvc) - Unknown owner - C:\WINDOWS\system32\GameMon.des.exe (file missing)
O23 - Service: nTune Service (nTuneService) - NVIDIA - C:\Program Files\NVIDIA Corporation\nTune\nTuneService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Softex OmniPass Service (omniserv) - Softex Inc. - C:\Program Files\Softex\OmniPass\Omniserv.exe
O23 - Service: Intel(R) PROSet/Wireless Registry Service (RegSrvc) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
O23 - Service: Intel(R) PROSet/Wireless Service (S24EventMonitor) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
O23 - Service: ServiceLayer - Nokia - C:\Program Files\Nokia\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: TuneUp Program Statistics Service (TuneUp.ProgramStatisticsSvc) - TuneUp Software - C:\WINDOWS\System32\TUProgSt.exe


End of file - 15145 bytes


Hvad siger I til det?
vh GunnerG

Administrator
Avatar
Antal indlæg: 36034

Kør en scanning med Hijackthis, så du kan se alle filer.
Du får herunder nogle filer, som du skal fixe. Det, du skal gøre, er at sætte et flueben ud for disse filer. Når du har gjort det, så lukker du alle andre vinduer ned. Det er meget vigtigt at det eneste vindue, som er åbent er HijackThis vinduet. Klik så på Fix checked.

Det er disse, som skal fixes:
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] “C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe”
O4 - HKLM\..\Run: [SunJavaUpdateSched] “C:\Program Files\Common Files\Java\Java Update\jusched.exe”
O16 - DPF: {0067DBFC-A752-458C-AE6E-B9C7E63D4824} (Device Detection) - http://www.logitech.com/devicedetector/plugins/LogitechDeviceDetection32.cab
O16 - DPF: {029FDBA6-3547-11D7-AA4C-0050BF051A00} (Rawflow ICD Client) - http://downol.dr.dk/download/netradio/Rawflow.cab
O16 - DPF: {05CA9FB0-3E3E-4B36-BF41-0E3A5CAA8CD8} (Office Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=58813
O16 - DPF: {0835BC90-6ABC-4F52-A103-4FC3A61F2C33} (A18X Control) - http://www.albatross18.com/season2/cabs/A18X.ocx
O16 - DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} (Facebook Photo Uploader 5 Control) - http://upload.facebook.com/controls/2008.10.10_v5.5.8/FacebookPhotoUploader5.cab
O16 - DPF: {149E45D8-163E-4189-86FC-45022AB2B6C9} (SpinTop DRM Control) -
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {18C3FD15-74F6-4280-9C98-3590C966B7B8} (SkillGam Control) - http://www.worldwinner.com/games/v47/skillgam/skillgam.cab
O16 - DPF: {1E54D648-B804-468d-BC78-4AFFED8E262F} (System Requirements Lab) - http://www.nvidia.com/content/DriverDownload/srl/3.0.0.4/srl_bin/sysreqlab_nvd.cab
O16 - DPF: {2019DC25-D1C0-11D6-97B3-0008A124F542} (StreamPlug Class) - http://www.streamplug.com/StreamPlug/SP.cab
O16 - DPF: {215B8138-A3CF-44C5-803F-8226143CFC0A} (Trend Micro ActiveX Scan Agent 6.6) - http://housecall65.trendmicro.com/housecall/applet/html/native/x86/win32/activex/hcImpl.cab
O16 - DPF: {39B0684F-D7BF-4743-B050-FDC3F48F7E3B} - http://www.fileplanet.com/fpdlmgr/cabs/FPDC_2.3.7.109.cab
O16 - DPF: {4AB16005-E995-4A60-89DE-8B8A3E6EB5B0} (TrivialPursuit Control) - http://www.worldwinner.com/games/v56/trivialpursuit/trivialpursuit.cab
O16 - DPF: {4F29DE54-5EB7-4D76-B610-A86B5CD2A234} (GameTap Player) - http://archives.gametap.com/static/cab_headless/GameTapWebPlayer.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1179151264062
O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI Utility Class) - http://security.symantec.com/sscv6/SharedContent/common/bin/cabsa.cab
O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} (DivXBrowserPlugin Object) - http://go.divx.com/plugin/DivXBrowserPlugin.cab
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1181232373484
O16 - DPF: {784797A8-342D-4072-9486-03C8D0F2F0A1} (Battlefield Heroes Updater) - https://www.battlefieldheroes.com/static/updater/BFHUpdater_5.0.18.0.cab
O16 - DPF: {8A94C905-FF9D-43B6-8708-F0F22D22B1CB} (Wwlaunch Control) - http://www.worldwinner.com/games/shared/wwlaunch.cab
O16 - DPF: {8F6E7FB2-E56B-4F66-A4E1-9765D2565280} (WorldWinner ActiveX Launcher Control) - http://www.worldwinner.com/games/launcher/ie/v2.22.01.0/iewwload.cab
O16 - DPF: {95A311CD-EC8E-452A-BCEC-B844EB616D03} (BejeweledTwist Control) - http://www.worldwinner.com/games/v51/bejeweledtwist/bejeweledtwist.cab
O16 - DPF: {9C196458-4145-46AF-8A77-1506878DFECA} (FirstClass® Control) - ftp://ftp.sektornet.dk/sektornet/skolekom/fcplugin.cab
O16 - DPF: {B516CA4E-A5BA-405C-AFCF-A97F08CC7429} (GoBit Games Player) - http://aolsvc.aol.com/onlinegames/free-trial-burger-shop/GoBitGamesPlayer_v4.cab
O16 - DPF: {BB21F850-63F4-4EC9-BF9D-565BD30C9AE9} (a-squared Scanner) - http://ax.emsisoft.com/asquared.cab
O16 - DPF: {CC450D71-CC90-424C-8638-1F2DBAC87A54} (ArmHelper Control) -
O16 - DPF: {D8089245-3211-40F6-819B-9E5E92CD61A2} (FlashXControl Object) - https://signin9.valueactive.com/Register/Branding/olr3313/OCX/v1018/flashax.cab
O16 - DPF: {D821DC4A-0814-435E-9820-661C543A4679} (CRLDownloadWrapper Class) - http://drmlicense.one.microsoft.com/crlupdate/en/crlocx.ocx
O16 - DPF: {E87F6C8E-16C0-11D3-BEF7-009027438003} (Persits Software XUpload) - http://www.skolenvedsoerne.dk/Li/_includes/XUpload.ocx
O16 - DPF: {E8F628B5-259A-4734-97EE-BA914D7BE941} (Driver Agent ActiveX Control) - http://driveragent.com/files/driveragent.cab
O16 - DPF: {F6A56D95-A3A3-11D2-AC26-400000058481} (Danske e-Sec) - https://netbank.danskebank.dk/html/activex/danskesikker/DB/DanskeSikker.cab
O16 - DPF: {F7EDBBEA-1AD2-4EBF-AA07-D453CC29EE65} (Flash Casino Helper Object) - https://bellerock.microgaming.com/freeplay/FlashAX2.cab


Genstart, så er der ikke mere at komme efter     grin

  GunnerG
Antal indlæg: 62

Tusinde tak for hjælpen.
Da jeg beder hijack om at fixe selected, går den i gang - samtidig opstår der fejl i alle de programmer jeg har kørende. dvs. Avira, Superantisypware, Realtek osv. så ved ikke om det gik som det skulle. Nu ser loggen således ud

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 11:25:12, on 22-08-2010
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Windows Defender\MsMpEng.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Avira\AntiVir Desktop\sched.exe
C:\WINDOWS\system32\acs.exe
C:\WINDOWS\system32\agrsmsvc.exe
C:\Program Files\Avira\AntiVir Desktop\avguard.exe
C:\Program Files\BlueTooth-WIDCOMM\Bluetooth Software\bin\btwdins.exe
C:\Program Files\Avira\AntiVir Desktop\avshadow.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe
C:\Program Files\Google\Update\GoogleUpdate.exe
C:\Program Files\NVIDIA Corporation\nTune\nTuneService.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\Softex\OmniPass\Omniserv.exe
C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\TUProgSt.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Softex\OmniPass\OPXPApp.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe
C:\Program Files\Microsoft IntelliPoint\ipoint.exe
C:\Program Files\Intel\Wireless\Bin\EOUWiz.exe
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe
C:\Program Files\Logitech\SetPointP\SetPoint.exe
C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
C:\Program Files\Windows Defender\MSASCui.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Documents and Settings\Torbjørn\Local Settings\Application Data\Google\Update\GoogleUpdate.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
C:\Program Files\Common Files\LogiShrd\KHAL3\KHALMNPR.EXE
C:\Documents and Settings\Torbjørn\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Torbjørn\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Torbjørn\My Documents\Downloads\HiJackThis (2).exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.dk/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.5.5126.1836\swg.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [KTPWare] C:\Program Files\Elantech\ktp.exe
O4 - HKLM\..\Run: [IntelWireless] “C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe” /tf Intel PROSet/Wireless
O4 - HKLM\..\Run: [IntelliPoint] “c:\Program Files\Microsoft IntelliPoint\ipoint.exe”
O4 - HKLM\..\Run: [EOUApp] “C:\Program Files\Intel\Wireless\Bin\EOUWiz.exe”
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] “C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe”
O4 - HKLM\..\Run: [Adobe ARM] “C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe”
O4 - HKLM\..\Run: [EvtMgr6] C:\Program Files\Logitech\SetPointP\SetPoint.exe /launchGaming
O4 - HKLM\..\Run: [QuickTime Task] “C:\Program Files\QuickTime\QTTask.exe” -atboottime
O4 - HKLM\..\Run: [avgnt] “C:\Program Files\Avira\AntiVir Desktop\avgnt.exe” /min
O4 - HKLM\..\Run: [Windows Defender] “C:\Program Files\Windows Defender\MSASCui.exe” -hide
O4 - HKLM\..\Run: [SunJavaUpdateSched] “C:\Program Files\Common Files\Java\Java Update\jusched.exe”
O4 - HKCU\..\Run: [NVIDIA nTune] “C:\Program Files\NVIDIA Corporation\nTune\nTuneCmd.exe” clear
O4 - HKCU\..\Run: [swg] “C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe”
O4 - HKCU\..\Run: [Google Update] “C:\Documents and Settings\Torbjørn\Local Settings\Application Data\Google\Update\GoogleUpdate.exe” /c
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User ‘SYSTEM’)
O4 - HKUS\S-1-5-18\..\RunOnce: [FlashPlayerUpdate] C:\WINDOWS\system32\Macromed\Flash\FlashUtil10h_ActiveX.exe -update activex (User ‘SYSTEM’)
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User ‘Default user’)
O4 - HKUS\.DEFAULT\..\RunOnce: [FlashPlayerUpdate] C:\WINDOWS\system32\Macromed\Flash\FlashUtil10h_ActiveX.exe -update activex (User ‘Default user’)
O8 - Extra context menu item: E&ksporter; til Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office10\EXCEL.EXE/3000
O8 - Extra context menu item: Google Sidewiki ... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_89D8574934B26AC4.dll/cmsidewiki.html
O9 - Extra button: FirstClass® - {02011FE3-C22B-451d-9A25-BF4DBB38B8E7} - C:\WINDOWS\Downloaded Program Files\fcplugin.dll
O9 - Extra button: PartyGammon.com - {59A861EE-32B3-42cd-8CCA-FC130EDF3A44} - C:\games\poker\PartyGaming\PartyGammon\RunBackGammon.exe (file missing)
O9 - Extra ‘Tools’ menuitem: PartyGammon.com - {59A861EE-32B3-42cd-8CCA-FC130EDF3A44} - C:\games\poker\PartyGaming\PartyGammon\RunBackGammon.exe (file missing)
O9 - Extra button: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\games\poker\PartyGaming\PartyPoker\RunApp.exe
O9 - Extra ‘Tools’ menuitem: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\games\poker\PartyGaming\PartyPoker\RunApp.exe
O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\BlueTooth-WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra ‘Tools’ menuitem: @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\BlueTooth-WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra ‘Tools’ menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O16 - DPF: {0067DBFC-A752-458C-AE6E-B9C7E63D4824} (Device Detection) - http://www.logitech.com/devicedetector/plugins/LogitechDeviceDetection32.cab
O16 - DPF: {029FDBA6-3547-11D7-AA4C-0050BF051A00} (Rawflow ICD Client) - http://downol.dr.dk/download/netradio/Rawflow.cab
O16 - DPF: {05CA9FB0-3E3E-4B36-BF41-0E3A5CAA8CD8} (Office Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=58813
O16 - DPF: {0835BC90-6ABC-4F52-A103-4FC3A61F2C33} (A18X Control) - http://www.albatross18.com/season2/cabs/A18X.ocx
O16 - DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} (Facebook Photo Uploader 5 Control) - http://upload.facebook.com/controls/2008.10.10_v5.5.8/FacebookPhotoUploader5.cab
O16 - DPF: {149E45D8-163E-4189-86FC-45022AB2B6C9} (SpinTop DRM Control) -
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {18C3FD15-74F6-4280-9C98-3590C966B7B8} (SkillGam Control) - http://www.worldwinner.com/games/v47/skillgam/skillgam.cab
O16 - DPF: {1E54D648-B804-468d-BC78-4AFFED8E262F} (System Requirements Lab) - http://www.nvidia.com/content/DriverDownload/srl/3.0.0.4/srl_bin/sysreqlab_nvd.cab
O16 - DPF: {2019DC25-D1C0-11D6-97B3-0008A124F542} (StreamPlug Class) - http://www.streamplug.com/StreamPlug/SP.cab
O16 - DPF: {215B8138-A3CF-44C5-803F-8226143CFC0A} (Trend Micro ActiveX Scan Agent 6.6) - http://housecall65.trendmicro.com/housecall/applet/html/native/x86/win32/activex/hcImpl.cab
O16 - DPF: {39B0684F-D7BF-4743-B050-FDC3F48F7E3B} - http://www.fileplanet.com/fpdlmgr/cabs/FPDC_2.3.7.109.cab
O16 - DPF: {4AB16005-E995-4A60-89DE-8B8A3E6EB5B0} (TrivialPursuit Control) - http://www.worldwinner.com/games/v56/trivialpursuit/trivialpursuit.cab
O16 - DPF: {4F29DE54-5EB7-4D76-B610-A86B5CD2A234} (GameTap Player) - http://archives.gametap.com/static/cab_headless/GameTapWebPlayer.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1179151264062
O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI Utility Class) - http://security.symantec.com/sscv6/SharedContent/common/bin/cabsa.cab
O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} (DivXBrowserPlugin Object) - http://go.divx.com/plugin/DivXBrowserPlugin.cab
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1181232373484
O16 - DPF: {784797A8-342D-4072-9486-03C8D0F2F0A1} (Battlefield Heroes Updater) - https://www.battlefieldheroes.com/static/updater/BFHUpdater_5.0.18.0.cab
O16 - DPF: {8A94C905-FF9D-43B6-8708-F0F22D22B1CB} (Wwlaunch Control) - http://www.worldwinner.com/games/shared/wwlaunch.cab
O16 - DPF: {8F6E7FB2-E56B-4F66-A4E1-9765D2565280} (WorldWinner ActiveX Launcher Control) - http://www.worldwinner.com/games/launcher/ie/v2.22.01.0/iewwload.cab
O16 - DPF: {95A311CD-EC8E-452A-BCEC-B844EB616D03} (BejeweledTwist Control) - http://www.worldwinner.com/games/v51/bejeweledtwist/bejeweledtwist.cab
O16 - DPF: {9C196458-4145-46AF-8A77-1506878DFECA} (FirstClass® Control) - ftp://ftp.sektornet.dk/sektornet/skolekom/fcplugin.cab
O16 - DPF: {B516CA4E-A5BA-405C-AFCF-A97F08CC7429} (GoBit Games Player) - http://aolsvc.aol.com/onlinegames/free-trial-burger-shop/GoBitGamesPlayer_v4.cab
O16 - DPF: {BB21F850-63F4-4EC9-BF9D-565BD30C9AE9} (a-squared Scanner) - http://ax.emsisoft.com/asquared.cab
O16 - DPF: {CC450D71-CC90-424C-8638-1F2DBAC87A54} (ArmHelper Control) -
O16 - DPF: {D8089245-3211-40F6-819B-9E5E92CD61A2} (FlashXControl Object) - https://signin9.valueactive.com/Register/Branding/olr3313/OCX/v1018/flashax.cab
O16 - DPF: {D821DC4A-0814-435E-9820-661C543A4679} (CRLDownloadWrapper Class) - http://drmlicense.one.microsoft.com/crlupdate/en/crlocx.ocx
O16 - DPF: {E87F6C8E-16C0-11D3-BEF7-009027438003} (Persits Software XUpload) - http://www.skolenvedsoerne.dk/Li/_includes/XUpload.ocx
O16 - DPF: {E8F628B5-259A-4734-97EE-BA914D7BE941} (Driver Agent ActiveX Control) - http://driveragent.com/files/driveragent.cab
O16 - DPF: {F6A56D95-A3A3-11D2-AC26-400000058481} (Danske e-Sec) - https://netbank.danskebank.dk/html/activex/danskesikker/DB/DanskeSikker.cab
O16 - DPF: {F7EDBBEA-1AD2-4EBF-AA07-D453CC29EE65} (Flash Casino Helper Object) - https://bellerock.microgaming.com/freeplay/FlashAX2.cab
O18 - Protocol: fcp - {B3133379-8789-4D3C-9593-C205D7297501} - C:\WINDOWS\Downloaded Program Files\fcplugin.dll
O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\System32\browseui.dll
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\System32\browseui.dll
O23 - Service: Atheros Configuration Service (acs) - Atheros - C:\WINDOWS\system32\acs.exe
O23 - Service: Agere Modem Call Progress Audio (AgereModemAudio) - Agere Systems - C:\WINDOWS\system32\agrsmsvc.exe
O23 - Service: Avira AntiVir Scheduler (AntiVirSchedulerService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\sched.exe
O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\avguard.exe
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\BlueTooth-WIDCOMM\Bluetooth Software\bin\btwdins.exe
O23 - Service: Intel(R) PROSet/Wireless Event Log (EvtEng) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
O23 - Service: Tjenesten Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: Logitech Bluetooth Service (LBTServ) - Logitech, Inc. - C:\Program Files\Common Files\LogiShrd\Bluetooth\lbtserv.exe
O23 - Service: nProtect GameGuard Service (npggsvc) - Unknown owner - C:\WINDOWS\system32\GameMon.des.exe (file missing)
O23 - Service: nTune Service (nTuneService) - NVIDIA - C:\Program Files\NVIDIA Corporation\nTune\nTuneService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Softex OmniPass Service (omniserv) - Softex Inc. - C:\Program Files\Softex\OmniPass\Omniserv.exe
O23 - Service: Intel(R) PROSet/Wireless Registry Service (RegSrvc) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
O23 - Service: Intel(R) PROSet/Wireless Service (S24EventMonitor) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
O23 - Service: ServiceLayer - Nokia - C:\Program Files\Nokia\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: TuneUp Program Statistics Service (TuneUp.ProgramStatisticsSvc) - TuneUp Software - C:\WINDOWS\System32\TUProgSt.exe


End of file - 15035 bytes

  GunnerG
Antal indlæg: 62

Jeg prøvede lige igen - men lukkede avira, SuperAntiSpywarefri og hvad jeg ellers kunne. Det hjalp på det.
Nu tror jeg den er fin, men i får lige en sidste log


Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 11:44:30, on 22-08-2010
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Windows Defender\MsMpEng.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Avira\AntiVir Desktop\sched.exe
C:\WINDOWS\system32\acs.exe
C:\WINDOWS\system32\agrsmsvc.exe
C:\Program Files\Avira\AntiVir Desktop\avguard.exe
C:\Program Files\BlueTooth-WIDCOMM\Bluetooth Software\bin\btwdins.exe
C:\Program Files\Avira\AntiVir Desktop\avshadow.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe
C:\Program Files\Google\Update\GoogleUpdate.exe
C:\Program Files\NVIDIA Corporation\nTune\nTuneService.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\Softex\OmniPass\Omniserv.exe
C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\TUProgSt.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Softex\OmniPass\OPXPApp.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe
C:\Program Files\Microsoft IntelliPoint\ipoint.exe
C:\Program Files\Intel\Wireless\Bin\EOUWiz.exe
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\Logitech\SetPointP\SetPoint.exe
C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
C:\Program Files\Windows Defender\MSASCui.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Documents and Settings\Torbjørn\Local Settings\Application Data\Google\Update\GoogleUpdate.exe
C:\Documents and Settings\Torbjørn\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
C:\Program Files\Common Files\LogiShrd\KHAL3\KHALMNPR.EXE
C:\Documents and Settings\Torbjørn\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Torbjørn\My Documents\Downloads\HiJackThis (3).exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.dk/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.5.5126.1836\swg.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [KTPWare] C:\Program Files\Elantech\ktp.exe
O4 - HKLM\..\Run: [IntelWireless] “C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe” /tf Intel PROSet/Wireless
O4 - HKLM\..\Run: [IntelliPoint] “c:\Program Files\Microsoft IntelliPoint\ipoint.exe”
O4 - HKLM\..\Run: [EOUApp] “C:\Program Files\Intel\Wireless\Bin\EOUWiz.exe”
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [Adobe ARM] “C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe”
O4 - HKLM\..\Run: [EvtMgr6] C:\Program Files\Logitech\SetPointP\SetPoint.exe /launchGaming
O4 - HKLM\..\Run: [QuickTime Task] “C:\Program Files\QuickTime\QTTask.exe” -atboottime
O4 - HKLM\..\Run: [avgnt] “C:\Program Files\Avira\AntiVir Desktop\avgnt.exe” /min
O4 - HKLM\..\Run: [Windows Defender] “C:\Program Files\Windows Defender\MSASCui.exe” -hide
O4 - HKCU\..\Run: [NVIDIA nTune] “C:\Program Files\NVIDIA Corporation\nTune\nTuneCmd.exe” clear
O4 - HKCU\..\Run: [swg] “C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe”
O4 - HKCU\..\Run: [Google Update] “C:\Documents and Settings\Torbjørn\Local Settings\Application Data\Google\Update\GoogleUpdate.exe” /c
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User ‘SYSTEM’)
O4 - HKUS\S-1-5-18\..\RunOnce: [FlashPlayerUpdate] C:\WINDOWS\system32\Macromed\Flash\FlashUtil10h_ActiveX.exe -update activex (User ‘SYSTEM’)
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User ‘Default user’)
O4 - HKUS\.DEFAULT\..\RunOnce: [FlashPlayerUpdate] C:\WINDOWS\system32\Macromed\Flash\FlashUtil10h_ActiveX.exe -update activex (User ‘Default user’)
O8 - Extra context menu item: E&ksporter; til Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office10\EXCEL.EXE/3000
O8 - Extra context menu item: Google Sidewiki ... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_89D8574934B26AC4.dll/cmsidewiki.html
O9 - Extra button: PartyGammon.com - {59A861EE-32B3-42cd-8CCA-FC130EDF3A44} - C:\games\poker\PartyGaming\PartyGammon\RunBackGammon.exe (file missing)
O9 - Extra ‘Tools’ menuitem: PartyGammon.com - {59A861EE-32B3-42cd-8CCA-FC130EDF3A44} - C:\games\poker\PartyGaming\PartyGammon\RunBackGammon.exe (file missing)
O9 - Extra button: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\games\poker\PartyGaming\PartyPoker\RunApp.exe
O9 - Extra ‘Tools’ menuitem: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\games\poker\PartyGaming\PartyPoker\RunApp.exe
O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\BlueTooth-WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra ‘Tools’ menuitem: @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\BlueTooth-WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra ‘Tools’ menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\System32\browseui.dll
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\System32\browseui.dll
O23 - Service: Atheros Configuration Service (acs) - Atheros - C:\WINDOWS\system32\acs.exe
O23 - Service: Agere Modem Call Progress Audio (AgereModemAudio) - Agere Systems - C:\WINDOWS\system32\agrsmsvc.exe
O23 - Service: Avira AntiVir Scheduler (AntiVirSchedulerService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\sched.exe
O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\avguard.exe
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\BlueTooth-WIDCOMM\Bluetooth Software\bin\btwdins.exe
O23 - Service: Intel(R) PROSet/Wireless Event Log (EvtEng) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
O23 - Service: Tjenesten Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: Logitech Bluetooth Service (LBTServ) - Logitech, Inc. - C:\Program Files\Common Files\LogiShrd\Bluetooth\lbtserv.exe
O23 - Service: nProtect GameGuard Service (npggsvc) - Unknown owner - C:\WINDOWS\system32\GameMon.des.exe (file missing)
O23 - Service: nTune Service (nTuneService) - NVIDIA - C:\Program Files\NVIDIA Corporation\nTune\nTuneService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Softex OmniPass Service (omniserv) - Softex Inc. - C:\Program Files\Softex\OmniPass\Omniserv.exe
O23 - Service: Intel(R) PROSet/Wireless Registry Service (RegSrvc) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
O23 - Service: Intel(R) PROSet/Wireless Service (S24EventMonitor) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
O23 - Service: ServiceLayer - Nokia - C:\Program Files\Nokia\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: TuneUp Program Statistics Service (TuneUp.ProgramStatisticsSvc) - TuneUp Software - C:\WINDOWS\System32\TUProgSt.exe


End of file - 10036 bytes


Så må jeg heller se på den kaffekasse - efter at have brugt jer en del år er det vist på tide.
Venlig hilsen GunnerG