Avatar billede ceciliemathias Nybegynder
19. august 2008 - 22:28 Der er 14 kommentarer og
1 løsning

min baggrund på skrivebordet er ændret

Hej eksperter

Min baggrund på skrivebordet på min xp dk er ændret til et billede med en security-warning boks hvor der står bla. spyware detected , men min baggrundsindstilling når jeg højreklikker på skrivebordet er væk så jeg kan ikke ændre det ??
Samtidig kommer der hele tiden en lille pop-up med You have a security problem op på den nederste højre værktøjslinie , kan nogen hjælpe med hvordan jeg får den tilbage til normal stand igen ?
20. august 2008 - 06:46 #1
... for en go' ordens skyld; stik os/mig en HiJackThis ->
http://www.spywareinfo.dk/index.htm#/manualer/hijackthis.htm

Bemærk at HiJackThis.exe programmet skal gemmes i en dertil oprettet mappe og IKKE køres direkte fra nettet...

PS: Brug denne version af HJT -> http://www.trendsecure.com/portal/en-US/_download/HiJackThis.exe

(Jooo - jeg har 'virus' på hjernen...)
20. august 2008 - 06:46 #2
Hent og instalér CCleaner http://www.ccleaner.com/ + http://www.spywarefri.dk/manualer/ccleaner-manual.htm
Under installationen får du tilbudt [Yahoo Toolbar]. Du kan sige ja eller *NEJ* til den.
Lad programmet foretage en oprydning...

--------

Hent Malwarebytes Anti-Malware herfra:
http://www.besttechie.net/tools/mbam-setup.exe
Eller herfra ->
http://www.majorgeeks.com/Malwarebytes_Anti-Malware_d5756.html

Installer programmet - når det er gjort skal du lade programmet opdatere sig. Herefter åbner et vindue, hvor du skal flytte prikken til "Kør et fuldstændigt systemscan" - klik på Skan Knappen - lad programmet arbejde. Når det er færdig (det tager lidt tid afhængig af hvor meget du har på computeren).
Derefter - Tryk på "Vis resultater" knappen efter scanningen - og herefter tryk på "Fjern det valgte" - nu åbnes log'en og du skal gemme den et sted, hvor du kan finde den igen.
Kopier indholdet herind sammen med en frisk log fra HiJackThis...
Avatar billede ceciliemathias Nybegynder
20. august 2008 - 08:07 #3
Hej igen
Her er så min Hijack..håber nogen kan hjælpe !

Logfile of HijackThis v1.99.1
Scan saved at 08:05:38, on 20-08-2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16705)

Running processes:
F:\WINDOWS\System32\smss.exe
F:\WINDOWS\system32\winlogon.exe
F:\WINDOWS\system32\services.exe
F:\WINDOWS\system32\lsass.exe
F:\WINDOWS\system32\svchost.exe
F:\WINDOWS\System32\svchost.exe
F:\WINDOWS\system32\spoolsv.exe
F:\WINDOWS\Explorer.EXE
F:\WINDOWS\system32\RUNDLL32.EXE
F:\Programmer\D-Link\AirPlus G\AirGCFG.exe
F:\Programmer\ANI\ANIWZCS2 Service\WZCSLDR2.exe
F:\Programmer\Java\jre1.6.0_07\bin\jusched.exe
F:\Programmer\Adobe\Acrobat 8.0\Acrobat\Acrotray.exe
F:\Programmer\Microsoft Office\Office12\GrooveMonitor.exe
F:\Programmer\iTunes\iTunesHelper.exe
F:\WINDOWS\system32\lphc7uoj0eg97.exe
F:\Programmer\Fighters\spywarefighter\SpywarefighterUser.exe
F:\WINDOWS\system32\Rundll32.exe
F:\WINDOWS\system32\rundll32.exe
F:\WINDOWS\system32\ctfmon.exe
F:\Programmer\Windows Live\Messenger\MsnMsgr.Exe
F:\Programmer\Fælles filer\Nero\Lib\NMBgMonitor.exe
F:\Programmer\Octoshape Streaming Services\Michael\OctoshapeClient.exe
F:\Programmer\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe
F:\DOCUME~1\Michael\LOKALE~1\Temp\13.tmp.exe
F:\Programmer\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
F:\Programmer\Windows Desktop Search\WindowsSearch.exe
F:\Programmer\Fælles filer\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
F:\Programmer\Bonjour\mDNSResponder.exe
F:\Programmer\Nero\Nero8\Nero BackItUp\NBService.exe
F:\WINDOWS\System32\nvsvc32.exe
F:\Programmer\Fighters\configservice.exe
F:\Programmer\Cyberlink\Shared files\RichVideo.exe
F:\Programmer\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
F:\WINDOWS\System32\svchost.exe
F:\WINDOWS\system32\SearchIndexer.exe
F:\WINDOWS\system32\wscntfy.exe
F:\Programmer\Fighters\licenseservice.exe
F:\Programmer\Fighters\updateservice.exe
F:\Programmer\Fighters\ScannerService.exe
F:\Programmer\Fælles filer\Nero\Lib\NMIndexingService.exe
F:\Programmer\Fælles filer\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
F:\Programmer\Fælles filer\Nero\Lib\NMIndexStoreSvr.exe
F:\Programmer\iPod\bin\iPodService.exe
F:\WINDOWS\system32\SearchProtocolHost.exe
F:\DOCUME~1\Michael\LOKALE~1\Temp\1A.tmp
f:\programmer\fighters\spywarefighter\SPYWAREfighterTray.exe
F:\Programmer\Outlook Express\msimn.exe
F:\Programmer\Windows Live\Messenger\usnsvc.exe
F:\Programmer\Fælles filer\Microsoft Shared\Windows Live\WLLoginProxy.exe
F:\Programmer\Internet Explorer\IEXPLORE.EXE
F:\Documents and Settings\Michael\Skrivebord\hijack\alternativ.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.dk/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Hyperlinks
O1 - Hosts: AmsServer
O2 - BHO: (no name) - {474C31C5-578B-4192-8562-2E474578DC27} - F:\WINDOWS\system32\jkkJcCtq.dll
O2 - BHO: XML module - {500BCA15-57A7-4eaf-8143-8C619470B13D} - F:\WINDOWS\system32\msxml71.dll
O2 - BHO: {89991d5e-a87d-2049-8754-c6ba5acf6c86} - {68c6fca5-ab6c-4578-9402-d78ae5d19998} - F:\WINDOWS\system32\hyewvv.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - F:\Programmer\Java\jre1.6.0_07\bin\ssv.dll
O2 - BHO: Hjælp til tilmelding til Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - F:\Programmer\Fælles filer\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: (no name) - {9767C1BF-CA05-4E3B-9436-88F0804C06E5} - F:\WINDOWS\system32\xxyyywVN.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - f:\programmer\google\googletoolbar1.dll
O3 - Toolbar: Easy-WebPrint - {327C2873-E90D-4c37-AA9D-10AC9BABA46C} - F:\Programmer\Canon\Easy-WebPrint\Toolband.dll
O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - F:\Programmer\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll
O3 - Toolbar: Contribute Toolbar - {517BDDE4-E3A7-4570-B21E-2B52B6139FC7} - F:\Programmer\Adobe\/Adobe Contribute CS3/contributeieplugin.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - f:\programmer\google\googletoolbar1.dll
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE F:\WINDOWS\System32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE F:\WINDOWS\System32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [D-Link AirPlus G] F:\Programmer\D-Link\AirPlus G\AirGCFG.exe
O4 - HKLM\..\Run: [ANIWZCS2Service] F:\Programmer\ANI\ANIWZCS2 Service\WZCSLDR2.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "F:\Programmer\Java\jre1.6.0_07\bin\jusched.exe"
O4 - HKLM\..\Run: [Easy-PrintToolBox] F:\Programmer\Canon\Easy-PrintToolBox\BJPSMAIN.EXE /logon
O4 - HKLM\..\Run: [Acrobat Assistant 8.0] "F:\Programmer\Adobe\Acrobat 8.0\Acrobat\Acrotray.exe"
O4 - HKLM\..\Run: [Adobe_ID0EYTHM] F:\PROGRA~1\FLLESF~1\Adobe\ADOBEV~1\Server\bin\VERSIO~2.EXE
O4 - HKLM\..\Run: [GrooveMonitor] "F:\Programmer\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [NeroFilterCheck] F:\Programmer\Fælles filer\Nero\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [NBKeyScan] "F:\Programmer\Nero\Nero8\Nero BackItUp\NBKeyScan.exe"
O4 - HKLM\..\Run: [AppleSyncNotifier] F:\Programmer\Fælles filer\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe
O4 - HKLM\..\Run: [QuickTime Task] "F:\Programmer\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "F:\Programmer\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [³] e
O4 - HKLM\..\Run: [ž] exe
O4 - HKLM\..\Run: [lphc7uoj0eg97] F:\WINDOWS\system32\lphc7uoj0eg97.exe
O4 - HKLM\..\Run: [spywarefighterguard] F:\Programmer\Fighters\spywarefighter\SpywarefighterUser.exe
O4 - HKLM\..\Run: [000000af] rundll32.exe "F:\WINDOWS\system32\oiopcyhj.dll",b
O4 - HKLM\..\Run: [BM4fbb1ce1] Rundll32.exe "F:\WINDOWS\system32\ebgjsmhe.dll",s
O4 - HKCU\..\Run: [CTFMON.EXE] F:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MsnMsgr] "F:\Programmer\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "F:\Programmer\Fælles filer\Nero\Lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [Octoshape Streaming Services] "F:\Programmer\Octoshape Streaming Services\Michael\OctoshapeClient.exe" -inv:bootrun
O4 - HKCU\..\Run: [swg] F:\Programmer\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [mpt] c:\WINDOWS\system32\mpt.exe
O4 - HKCU\..\Run: [kek] c:\WINDOWS\system32\kek.exe
O4 - HKCU\..\Run: [³] e
O4 - HKCU\..\Run: [ž] exe
O4 - HKCU\..\Run: [Somefox] F:\DOCUME~1\Michael\LOKALE~1\Temp\13.tmp.exe
O4 - HKCU\..\Run: [AlcoholAutomount] "F:\Programmer\Alcohol Soft\Alcohol 120\axcmd.exe" /automount
O4 - Global Startup: Logitech Desktop Messenger.lnk = F:\Programmer\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O4 - Global Startup: Windows-pc-søgning.lnk = F:\Programmer\Windows Desktop Search\WindowsSearch.exe
O8 - Extra context menu item: Append to existing PDF - res://F:\Programmer\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convert link target to Adobe PDF - res://F:\Programmer\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convert link target to existing PDF - res://F:\Programmer\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convert selected links to Adobe PDF - res://F:\Programmer\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
O8 - Extra context menu item: Convert selected links to existing PDF - res://F:\Programmer\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
O8 - Extra context menu item: Convert selection to Adobe PDF - res://F:\Programmer\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convert selection to existing PDF - res://F:\Programmer\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convert to Adobe PDF - res://F:\Programmer\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: E&xport to Microsoft Excel - res://F:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - F:\Programmer\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - F:\Programmer\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - F:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - F:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - F:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - F:\Programmer\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - F:\Programmer\Messenger\msmsgs.exe
O10 - Unknown file in Winsock LSP: f:\programmer\bonjour\mdnsnsp.dll
O11 - Options group: [INTERNATIONAL] International*
O16 - DPF: {029FDBA6-3547-11D7-AA4C-0050BF051A00} (Rawflow ICD Client) - http://downol.dr.dk/download/netradio/Rawflow.cab
O16 - DPF: {5BEB08D4-5421-446C-B329-10377FC45736} (Croom3_50 Object) - http://launcher.room-3.com/room3_40/room3_50.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1203686013030
O16 - DPF: {D8575CE3-3432-4540-88A9-85A1325D3375} (e-Safekey) - https://netbank.danskebank.dk/html/activex/e-Safekey/DB/e-Safekey.cab
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - F:\Programmer\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - F:\Programmer\Microsoft Office\Office12\GrooveSystemServices.dll
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - F:\PROGRA~1\WINDOW~4\MESSEN~1\MSGRAP~1.DLL
O18 - Protocol: ms-help - {314111C7-A502-11D2-BBCA-00C04F8EC294} - F:\Programmer\Fælles filer\Microsoft Shared\Help\hxds.dll
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - F:\PROGRA~1\WINDOW~4\MESSEN~1\MSGRAP~1.DLL
O18 - Filter hijack: text/xml - {807563E5-5146-11D5-A672-00B0D022E945} - F:\PROGRA~1\FLLESF~1\MICROS~1\OFFICE12\MSOXMLMF.DLL
O20 - Winlogon Notify: jkkJcCtq - F:\WINDOWS\SYSTEM32\jkkJcCtq.dll
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - F:\WINDOWS\system32\WPDShServiceObj.dll
O23 - Service: Adobe Version Cue CS3 - Unknown owner - F:\Programmer\Fælles filer\Adobe\Adobe Version Cue CS3\Server\bin\VersionCueCS3.exe" -win32service (file missing)
O23 - Service: ANIWZCSd Service (ANIWZCSdService) - Unknown owner - F:\Programmer\ANI\ANIWZCS2 Service\ANIWZCSdS.exe (file missing)
O23 - Service: Apple Mobile Device - Apple Inc. - F:\Programmer\Fælles filer\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Bonjour-tjeneste (Bonjour Service) - Apple Inc. - F:\Programmer\Bonjour\mDNSResponder.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - F:\Programmer\Fælles filer\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Google Updater Service (gusvc) - Google - F:\Programmer\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: iPod-tjeneste (iPod Service) - Apple Inc. - F:\Programmer\iPod\bin\iPodService.exe
O23 - Service: Nero BackItUp Scheduler 3 - Nero AG - F:\Programmer\Nero\Nero8\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - F:\Programmer\Fælles filer\Nero\Lib\NMIndexingService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - F:\WINDOWS\System32\nvsvc32.exe
O23 - Service: PTK License-FIGHTERS-34712163 - SPAMfighter - F:\Programmer\Fighters\licenseservice.exe
O23 - Service: PTK Live Update-FIGHTERS-34712163 - SPAMfighter - F:\Programmer\Fighters\updateservice.exe
O23 - Service: PTK Scanner-FIGHTERS-34712163 - SPAMfighter - F:\Programmer\Fighters\ScannerService.exe
O23 - Service: PTK SharedAccess-FIGHTERS-34712163 - SPAMfighter - F:\Programmer\Fighters\configservice.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - F:\Programmer\Cyberlink\Shared files\RichVideo.exe
O23 - Service: StarWind AE Service (StarWindServiceAE) - Rocket Division Software - F:\Programmer\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
20. august 2008 - 20:39 #4
YFFER PYFFER - der er tihvertifald et sikkerhedsproblem!!! Synes ikke at kunne spore noget aktivt sikkerheds/antivirus program ???

--------

Du SKAL køre [20/08-2008 06:46:32] proceduren !!!
Avatar billede ceciliemathias Nybegynder
21. august 2008 - 09:05 #5
Hej igen
Jeg har lige kørt AVG og Spywarefighter, og de fandt en del , så her er lige en hijack efter jeg har kørt disse, fordi jeg kan stadig ikke ændre mit skrivebord , og der kommer stadig-up med at jeg skal scanne for div. men kan se at noget af skidtet de 2 programmer fjernet desuden kan jeg ikke køre windows update..Håber i kan hjælpe

Logfile of HijackThis v1.99.1
Scan saved at 09:01:02, on 21-08-2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16705)

Running processes:
F:\WINDOWS\System32\smss.exe
F:\WINDOWS\system32\winlogon.exe
F:\WINDOWS\system32\services.exe
F:\WINDOWS\system32\lsass.exe
F:\WINDOWS\system32\svchost.exe
F:\WINDOWS\System32\svchost.exe
F:\WINDOWS\system32\spoolsv.exe
F:\Programmer\Fælles filer\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
F:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
F:\Programmer\Bonjour\mDNSResponder.exe
F:\WINDOWS\Explorer.EXE
F:\Programmer\Nero\Nero8\Nero BackItUp\NBService.exe
F:\WINDOWS\System32\nvsvc32.exe
F:\Programmer\Fighters\configservice.exe
F:\Programmer\Cyberlink\Shared files\RichVideo.exe
F:\WINDOWS\System32\svchost.exe
F:\WINDOWS\system32\SearchIndexer.exe
F:\Programmer\Fighters\licenseservice.exe
F:\PROGRA~1\AVG\AVG8\avgam.exe
F:\Programmer\Fighters\updateservice.exe
F:\Programmer\Fighters\ScannerService.exe
F:\PROGRA~1\AVG\AVG8\avgrsx.exe
F:\PROGRA~1\AVG\AVG8\avgnsx.exe
F:\WINDOWS\system32\wscntfy.exe
F:\WINDOWS\system32\RUNDLL32.EXE
F:\Programmer\D-Link\AirPlus G\AirGCFG.exe
F:\Programmer\ANI\ANIWZCS2 Service\WZCSLDR2.exe
F:\Programmer\Java\jre1.6.0_07\bin\jusched.exe
F:\Programmer\Adobe\Acrobat 8.0\Acrobat\Acrotray.exe
F:\Programmer\Microsoft Office\Office12\GrooveMonitor.exe
F:\Programmer\iTunes\iTunesHelper.exe
F:\Programmer\Fighters\spywarefighter\SpywarefighterUser.exe
F:\PROGRA~1\AVG\AVG8\avgtray.exe
F:\WINDOWS\system32\ctfmon.exe
F:\Programmer\Windows Live\Messenger\MsnMsgr.Exe
F:\Programmer\Fælles filer\Nero\Lib\NMBgMonitor.exe
F:\Programmer\Octoshape Streaming Services\Michael\OctoshapeClient.exe
F:\Programmer\iPod\bin\iPodService.exe
f:\programmer\fighters\spywarefighter\SPYWAREfighterTray.exe
F:\Programmer\Fælles filer\Nero\Lib\NMIndexingService.exe
F:\Programmer\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe
F:\Programmer\Fælles filer\Nero\Lib\NMIndexStoreSvr.exe
F:\Programmer\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
F:\Programmer\Windows Desktop Search\WindowsSearch.exe
F:\Programmer\Fælles filer\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
F:\WINDOWS\system32\rundll32.exe
F:\WINDOWS\system32\rundll32.exe
F:\WINDOWS\system32\rundll32.exe
F:\Programmer\Outlook Express\msimn.exe
F:\Programmer\Internet Explorer\IEXPLORE.EXE
F:\Programmer\Fælles filer\Microsoft Shared\Windows Live\WLLoginProxy.exe
F:\Programmer\Internet Explorer\iexplore.exe
F:\WINDOWS\system32\SearchProtocolHost.exe
F:\Documents and Settings\Michael\Skrivebord\hijack\alternativ.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.dk/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Hyperlinks
O1 - Hosts: AmsServer
O2 - BHO: (no name) - {474C31C5-578B-4192-8562-2E474578DC27} - F:\WINDOWS\system32\jkkJcCtq.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - F:\Programmer\Java\jre1.6.0_07\bin\ssv.dll
O2 - BHO: Hjælp til tilmelding til Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - F:\Programmer\Fælles filer\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: (no name) - {9767C1BF-CA05-4E3B-9436-88F0804C06E5} - F:\WINDOWS\system32\xxyyywVN.dll (file missing)
O2 - BHO: AVG Security Toolbar - {A057A204-BACC-4D26-9990-79A187E2698E} - F:\Programmer\AVG\AVG8\avgtoolbar.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - f:\programmer\google\googletoolbar1.dll
O2 - BHO: {16963ae7-fd9b-ca2b-7b64-0b7e563b8a1d} - {d1a8b365-e7b0-46b7-b2ac-b9df7ea36961} - F:\WINDOWS\system32\eudonq.dll
O2 - BHO: (no name) - {F57F46E2-4C38-4004-BCB1-651E1EF7E6C9} - F:\WINDOWS\system32\byXPGXRj.dll
O3 - Toolbar: Easy-WebPrint - {327C2873-E90D-4c37-AA9D-10AC9BABA46C} - F:\Programmer\Canon\Easy-WebPrint\Toolband.dll
O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - F:\Programmer\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll
O3 - Toolbar: Contribute Toolbar - {517BDDE4-E3A7-4570-B21E-2B52B6139FC7} - F:\Programmer\Adobe\/Adobe Contribute CS3/contributeieplugin.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - f:\programmer\google\googletoolbar1.dll
O3 - Toolbar: AVG Security Toolbar - {A057A204-BACC-4D26-9990-79A187E2698E} - F:\Programmer\AVG\AVG8\avgtoolbar.dll
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE F:\WINDOWS\System32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE F:\WINDOWS\System32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [D-Link AirPlus G] F:\Programmer\D-Link\AirPlus G\AirGCFG.exe
O4 - HKLM\..\Run: [ANIWZCS2Service] F:\Programmer\ANI\ANIWZCS2 Service\WZCSLDR2.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "F:\Programmer\Java\jre1.6.0_07\bin\jusched.exe"
O4 - HKLM\..\Run: [Easy-PrintToolBox] F:\Programmer\Canon\Easy-PrintToolBox\BJPSMAIN.EXE /logon
O4 - HKLM\..\Run: [Acrobat Assistant 8.0] "F:\Programmer\Adobe\Acrobat 8.0\Acrobat\Acrotray.exe"
O4 - HKLM\..\Run: [Adobe_ID0EYTHM] F:\PROGRA~1\FLLESF~1\Adobe\ADOBEV~1\Server\bin\VERSIO~2.EXE
O4 - HKLM\..\Run: [GrooveMonitor] "F:\Programmer\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [NeroFilterCheck] F:\Programmer\Fælles filer\Nero\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [NBKeyScan] "F:\Programmer\Nero\Nero8\Nero BackItUp\NBKeyScan.exe"
O4 - HKLM\..\Run: [AppleSyncNotifier] F:\Programmer\Fælles filer\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe
O4 - HKLM\..\Run: [QuickTime Task] "F:\Programmer\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "F:\Programmer\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [³] e
O4 - HKLM\..\Run: [ž] exe
O4 - HKLM\..\Run: [spywarefighterguard] F:\Programmer\Fighters\spywarefighter\SpywarefighterUser.exe
O4 - HKLM\..\Run: [000000af] rundll32.exe "F:\WINDOWS\system32\hiotasnm.dll",b
O4 - HKLM\..\Run: [AVG8_TRAY] F:\PROGRA~1\AVG\AVG8\avgtray.exe
O4 - HKLM\..\Run: [BM4fbb1ce1] Rundll32.exe "F:\WINDOWS\system32\bcqnjrqq.dll",s
O4 - HKCU\..\Run: [CTFMON.EXE] F:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MsnMsgr] "F:\Programmer\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "F:\Programmer\Fælles filer\Nero\Lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [Octoshape Streaming Services] "F:\Programmer\Octoshape Streaming Services\Michael\OctoshapeClient.exe" -inv:bootrun
O4 - HKCU\..\Run: [swg] F:\Programmer\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [mpt] c:\WINDOWS\system32\mpt.exe
O4 - HKCU\..\Run: [kek] c:\WINDOWS\system32\kek.exe
O4 - HKCU\..\Run: [³] e
O4 - HKCU\..\Run: [ž] exe
O4 - Global Startup: Logitech Desktop Messenger.lnk = F:\Programmer\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O4 - Global Startup: Windows-pc-søgning.lnk = F:\Programmer\Windows Desktop Search\WindowsSearch.exe
O8 - Extra context menu item: Append to existing PDF - res://F:\Programmer\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convert link target to Adobe PDF - res://F:\Programmer\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convert link target to existing PDF - res://F:\Programmer\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convert selected links to Adobe PDF - res://F:\Programmer\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
O8 - Extra context menu item: Convert selected links to existing PDF - res://F:\Programmer\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
O8 - Extra context menu item: Convert selection to Adobe PDF - res://F:\Programmer\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convert selection to existing PDF - res://F:\Programmer\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convert to Adobe PDF - res://F:\Programmer\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: E&xport to Microsoft Excel - res://F:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - F:\Programmer\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - F:\Programmer\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - F:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - F:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - F:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - F:\Programmer\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - F:\Programmer\Messenger\msmsgs.exe
O10 - Unknown file in Winsock LSP: f:\programmer\bonjour\mdnsnsp.dll
O11 - Options group: [INTERNATIONAL] International*
O16 - DPF: {029FDBA6-3547-11D7-AA4C-0050BF051A00} (Rawflow ICD Client) - http://downol.dr.dk/download/netradio/Rawflow.cab
O16 - DPF: {5AE58FCF-6F6A-49B2-B064-02492C66E3F4} (MUCatalogWebControl Class) - http://catalog.update.microsoft.com/v7/site/ClientControl/en/x86/MuCatalogWebControl.cab?1219232637203
O16 - DPF: {5BEB08D4-5421-446C-B329-10377FC45736} (Croom3_50 Object) - http://launcher.room-3.com/room3_40/room3_50.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1203686013030
O16 - DPF: {D8575CE3-3432-4540-88A9-85A1325D3375} (e-Safekey) - https://netbank.danskebank.dk/html/activex/e-Safekey/DB/e-Safekey.cab
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - F:\Programmer\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - F:\Programmer\Microsoft Office\Office12\GrooveSystemServices.dll
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - F:\Programmer\AVG\AVG8\avgpp.dll
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - F:\PROGRA~1\WINDOW~4\MESSEN~1\MSGRAP~1.DLL
O18 - Protocol: ms-help - {314111C7-A502-11D2-BBCA-00C04F8EC294} - F:\Programmer\Fælles filer\Microsoft Shared\Help\hxds.dll
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - F:\PROGRA~1\WINDOW~4\MESSEN~1\MSGRAP~1.DLL
O18 - Filter hijack: text/xml - {807563E5-5146-11D5-A672-00B0D022E945} - F:\PROGRA~1\FLLESF~1\MICROS~1\OFFICE12\MSOXMLMF.DLL
O20 - AppInit_DLLs: avgrsstx.dll eudonq.dll
O20 - Winlogon Notify: jkkJcCtq - F:\WINDOWS\SYSTEM32\jkkJcCtq.dll
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - F:\WINDOWS\system32\WPDShServiceObj.dll
O23 - Service: Adobe Version Cue CS3 - Unknown owner - F:\Programmer\Fælles filer\Adobe\Adobe Version Cue CS3\Server\bin\VersionCueCS3.exe" -win32service (file missing)
O23 - Service: ANIWZCSd Service (ANIWZCSdService) - Unknown owner - F:\Programmer\ANI\ANIWZCS2 Service\ANIWZCSdS.exe (file missing)
O23 - Service: Apple Mobile Device - Apple Inc. - F:\Programmer\Fælles filer\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: AVG8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - F:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
O23 - Service: Bonjour-tjeneste (Bonjour Service) - Apple Inc. - F:\Programmer\Bonjour\mDNSResponder.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - F:\Programmer\Fælles filer\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Google Updater Service (gusvc) - Google - F:\Programmer\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: iPod-tjeneste (iPod Service) - Apple Inc. - F:\Programmer\iPod\bin\iPodService.exe
O23 - Service: Nero BackItUp Scheduler 3 - Nero AG - F:\Programmer\Nero\Nero8\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - F:\Programmer\Fælles filer\Nero\Lib\NMIndexingService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - F:\WINDOWS\System32\nvsvc32.exe
O23 - Service: PTK License-FIGHTERS-34712163 - SPAMfighter - F:\Programmer\Fighters\licenseservice.exe
O23 - Service: PTK Live Update-FIGHTERS-34712163 - SPAMfighter - F:\Programmer\Fighters\updateservice.exe
O23 - Service: PTK Scanner-FIGHTERS-34712163 - SPAMfighter - F:\Programmer\Fighters\ScannerService.exe
O23 - Service: PTK SharedAccess-FIGHTERS-34712163 - SPAMfighter - F:\Programmer\Fighters\configservice.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - F:\Programmer\Cyberlink\Shared files\RichVideo.exe
Avatar billede ceciliemathias Nybegynder
21. august 2008 - 15:05 #6
Hvad mener du med denne ?

Du SKAL køre [20/08-2008 06:46:32] proceduren !!!
21. august 2008 - 17:55 #7
Citat fra [20/08-2008 06:46:32] ->


Hent og instalér CCleaner http://www.ccleaner.com/ + http://www.spywarefri.dk/manualer/ccleaner-manual.htm
Under installationen får du tilbudt [Yahoo Toolbar]. Du kan sige ja eller *NEJ* til den.
Lad programmet foretage en oprydning...

--------

Hent Malwarebytes Anti-Malware herfra:
http://www.besttechie.net/tools/mbam-setup.exe
Eller herfra ->
http://www.majorgeeks.com/Malwarebytes_Anti-Malware_d5756.html

Installer programmet - når det er gjort skal du lade programmet opdatere sig. Herefter åbner et vindue, hvor du skal flytte prikken til "Kør et fuldstændigt systemscan" - klik på Skan Knappen - lad programmet arbejde. Når det er færdig (det tager lidt tid afhængig af hvor meget du har på computeren).
Derefter - Tryk på "Vis resultater" knappen efter scanningen - og herefter tryk på "Fjern det valgte" - nu åbnes log'en og du skal gemme den et sted, hvor du kan finde den igen.
Kopier indholdet herind sammen med en frisk log fra HiJackThis...
Avatar billede ceciliemathias Nybegynder
21. august 2008 - 21:57 #8
Så skulle den være klaret ;0)....Håber jeg !
Først Malware....
Malwarebytes' Anti-Malware 1.25
Database version: 1062
Windows 5.1.2600 Service Pack 2

21:55:04 21-08-2008
mbam-log-08-21-2008 (21-55-04).txt

Skan type: Fuldstændig skanning (F:\|)
Objekter skannet: 220662
Tid tilbagelagt: 1 hour(s), 17 minute(s), 16 second(s)

Inficerede Hukommelses Processer: 0
Inficerede Hukommelses Moduler: 2
Inficerede Registeringsdatabase Nøgler: 44
Inficerede Registeringsdatabase Værdier: 6
Inficerede Registeringsdatabase Filer: 4
Inficerede Mapper: 4
Inficerede Filer: 37

Inficerede Hukommelses Processer:
(Ingen mistænkelige filer fundet)

Inficerede Hukommelses Moduler:
F:\WINDOWS\system32\byXPGXRj.dll (Trojan.Vundo.H) -> Delete on reboot.
F:\WINDOWS\system32\hiotasnm.dll (Trojan.Vundo.H) -> Delete on reboot.

Inficerede Registeringsdatabase Nøgler:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{474c31c5-578b-4192-8562-2e474578dc27} (Trojan.Vundo.H) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\jkkjcctq (Trojan.Vundo.H) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{474c31c5-578b-4192-8562-2e474578dc27} (Trojan.Vundo.H) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{660bc9a1-c4fa-4ae8-9a57-1fef79068e63} (Trojan.Vundo.H) -> Delete on reboot.
HKEY_CLASSES_ROOT\CLSID\{660bc9a1-c4fa-4ae8-9a57-1fef79068e63} (Trojan.Vundo.H) -> Delete on reboot.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{d1a8b365-e7b0-46b7-b2ac-b9df7ea36961} (Trojan.Vundo.H) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{d1a8b365-e7b0-46b7-b2ac-b9df7ea36961} (Trojan.Vundo.H) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\browsingenhancer.browserwatcher (Adware.BHO) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\browsingenhancer.browserwatcher.1 (Adware.BHO) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\browsingenhancer.pornpro_bho (Adware.BHO) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\browsingenhancer.pornpro_bho.1 (Adware.BHO) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\browsingenhancer.precachebrowserhost (Adware.BHO) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\browsingenhancer.precachebrowserhost.1 (Adware.BHO) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\xml.xml (Trojan.FakeAlert) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\xml.xml.1 (Trojan.FakeAlert) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{125e9d24-2428-38d2-8e23-804e3275209c} (Adware.BHO) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{3f2579e9-ec37-3112-9bde-d2db14e95c32} (Adware.BHO) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{e12688ce-9384-28e3-a041-4e1a9ce14506} (Adware.BHO) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{5abbd91b-0215-2fe1-7a7e-753f05b40cb8} (Adware.BHO) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{96fdc0f6-929e-e96c-597f-386cd3c7d7aa} (Adware.BHO) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{b056fd59-0c72-3878-da81-4c5239908200} (Adware.BHO) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Typelib\{98d555cc-a569-43fb-2f43-3a98ccda4b50} (Adware.BHO) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Typelib\{9233c3c0-1472-4091-a505-5580a23bb4ac} (Trojan.FakeAlert) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\AppID\{40b2127e-cc18-37d0-43ca-afa158c64001} (Adware.BHO) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\banneradsgalore (Adware.Agent) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\playmp3 (Adware.PlayMP3Z) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\AppID\BrowsingEnhancer.DLL (Adware.Agent) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\BrowsingEnhancer (Adware.Agent) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\VAV (Rogue.VistaAntivirus2008) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\MediaHoldings (Adware.PlayMP3Z) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Mirar (Adware.Mirar) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\PlayMP3 (Adware.PlayMP3Z) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\FBrowsingAdvisor (Trojan.FBrowsingAdvisor) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\fbrowsingadvisor_is1 (Trojan.FBrowsingAdvisor) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\rdfa (Trojan.Vundo) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Software Notifier (Rogue.Multiple) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MS Juan (Malware.Trace) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\contim (Trojan.Vundo) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\dslcnnct (Trojan.Vundo) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\IProxyProvider (Trojan.Vundo) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MS Track System (Trojan.Vundo) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\FCOVM (Trojan.Vundo) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\RemoveRP (Trojan.Vundo) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\aoprndtws (Trojan.Vundo) -> Quarantined and deleted successfully.

Inficerede Registeringsdatabase Værdier:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\000000af (Trojan.Vundo.H) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\bm4fbb1ce1 (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\Control Panel\Desktop\wallpaper (Hijack.Wallpaper) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\Control Panel\Desktop\originalwallpaper (Hijack.Wallpaper) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\Control Panel\Desktop\convertedwallpaper (Hijack.Wallpaper) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\Control Panel\Desktop\scrnsave.exe (Hijack.Wallpaper) -> Quarantined and deleted successfully.

Inficerede Registeringsdatabase Filer:
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\LSA\Notification Packages (Trojan.Vundo.H) -> Data: f:\windows\system32\byxpgxrj -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\LSA\Authentication Packages (Trojan.Vundo.H) -> Data: f:\windows\system32\byxpgxrj  -> Delete on reboot.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\NoDispBackgroundPage (Hijack.DisplayProperties) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\NoDispScrSavPage (Hijack.DisplayProperties) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.

Inficerede Mapper:
F:\Programmer\PCHealthCenter (Trojan.Fakealert) -> Quarantined and deleted successfully.
F:\Programmer\FBrowsingAdvisor (Trojan.FBrowsingAdvisor) -> Quarantined and deleted successfully.
F:\Programmer\FBrowserAdvisor (Trojan.FBrowsingAdvisor) -> Quarantined and deleted successfully.
F:\Programmer\PlayMP3z (Adware.PlayMP3Z) -> Quarantined and deleted successfully.

Inficerede Filer:
F:\WINDOWS\system32\jkkJcCtq.dll (Trojan.Vundo.H) -> Quarantined and deleted successfully.
F:\WINDOWS\system32\byXPGXRj.dll (Trojan.Vundo.H) -> Delete on reboot.
F:\WINDOWS\system32\jRXGPXyb.ini (Trojan.Vundo.H) -> Quarantined and deleted successfully.
F:\WINDOWS\system32\jRXGPXyb.ini2 (Trojan.Vundo.H) -> Quarantined and deleted successfully.
F:\WINDOWS\system32\eudonq.dll (Trojan.Vundo.H) -> Quarantined and deleted successfully.
F:\WINDOWS\system32\hiotasnm.dll (Trojan.Vundo.H) -> Delete on reboot.
F:\WINDOWS\system32\mnsatoih.ini (Trojan.Vundo.H) -> Quarantined and deleted successfully.
F:\WINDOWS\system32\msxml71.dll (Trojan.FakeAlert) -> Quarantined and deleted successfully.
F:\regxpcom.exe (Trojan.FBrowsingAdvisor) -> Quarantined and deleted successfully.
F:\Documents and Settings\Michael\Lokale indstillinger\Temp\tem632.tmp.exe (Adware.Agent) -> Quarantined and deleted successfully.
F:\Documents and Settings\Michael\Lokale indstillinger\Temp\tem1C.tmp.exe (Adware.Agent) -> Quarantined and deleted successfully.
F:\Programmer\PCHealthCenter\5.exe (Trojan.FakeAlert) -> Quarantined and deleted successfully.
F:\Programmer\PCHealthCenter\7.exe (Trojan.FakeAlert) -> Quarantined and deleted successfully.
F:\Programmer\FBrowsingAdvisor\XPCOMEvents.dll (Trojan.FBrowsingAdvisor) -> Quarantined and deleted successfully.
F:\System Volume Information\_restore{815B814E-50BC-4A95-A280-39E647463DAF}\RP253\A0045335.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
F:\WINDOWS\system32\qoMeDTkI.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
F:\WINDOWS\system32\{56c779a5-1f17-ed15-c75e-a64882fc8577}.dll-uninst.exe (Adware.Agent) -> Quarantined and deleted successfully.
F:\Programmer\PCHealthCenter\0.gif (Trojan.Fakealert) -> Quarantined and deleted successfully.
F:\Programmer\PCHealthCenter\2.gif (Trojan.Fakealert) -> Quarantined and deleted successfully.
F:\Programmer\PCHealthCenter\3.gif (Trojan.Fakealert) -> Quarantined and deleted successfully.
F:\Programmer\PCHealthCenter\sc.html (Trojan.Fakealert) -> Quarantined and deleted successfully.
F:\Programmer\FBrowsingAdvisor\IXPCOMEvents.xpt (Trojan.FBrowsingAdvisor) -> Quarantined and deleted successfully.
F:\Programmer\FBrowsingAdvisor\Logo.png (Trojan.FBrowsingAdvisor) -> Quarantined and deleted successfully.
F:\Programmer\FBrowsingAdvisor\main.db (Trojan.FBrowsingAdvisor) -> Quarantined and deleted successfully.
F:\Programmer\FBrowsingAdvisor\unins000.dat (Trojan.FBrowsingAdvisor) -> Quarantined and deleted successfully.
F:\Programmer\FBrowsingAdvisor\unins000.exe (Trojan.FBrowsingAdvisor) -> Quarantined and deleted successfully.
F:\Programmer\PlayMP3z\uninstall.exe (Adware.PlayMP3Z) -> Quarantined and deleted successfully.
F:\WINDOWS\system32\mcrh.tmp (Malware.Trace) -> Quarantined and deleted successfully.
F:\WINDOWS\cookies.ini (Malware.Trace) -> Quarantined and deleted successfully.
F:\WINDOWS\pskt.ini (Trojan.Vundo) -> Quarantined and deleted successfully.
F:\WINDOWS\BM4fbb1ce1.xml (Trojan.Vundo) -> Quarantined and deleted successfully.
F:\WINDOWS\BM4fbb1ce1.txt (Trojan.Vundo) -> Quarantined and deleted successfully.
F:\Documents and Settings\Michael\Lokale indstillinger\Temp\.tt1.tmp (Trojan.Downloader) -> Quarantined and deleted successfully.
F:\Documents and Settings\Michael\Lokale indstillinger\Temp\.tt2.tmp (Trojan.Downloader) -> Quarantined and deleted successfully.
F:\Documents and Settings\Michael\Lokale indstillinger\Temp\.tt7.tmp (Trojan.Downloader) -> Quarantined and deleted successfully.
F:\Documents and Settings\Michael\Lokale indstillinger\Temp\.tt8.tmp (Trojan.Downloader) -> Quarantined and deleted successfully.
F:\Documents and Settings\Michael\Lokale indstillinger\Temp\.ttF.tmp (Trojan.Downloader) -> Quarantined and deleted successfully.

OG HER SÅ HIJACK::::::
Logfile of HijackThis v1.99.1
Scan saved at 21:56:54, on 21-08-2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16705)

Running processes:
F:\WINDOWS\System32\smss.exe
F:\WINDOWS\system32\winlogon.exe
F:\WINDOWS\system32\services.exe
F:\WINDOWS\system32\lsass.exe
F:\WINDOWS\system32\svchost.exe
F:\WINDOWS\System32\svchost.exe
F:\WINDOWS\system32\spoolsv.exe
F:\Programmer\Fælles filer\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
F:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
F:\Programmer\Bonjour\mDNSResponder.exe
F:\Programmer\Nero\Nero8\Nero BackItUp\NBService.exe
F:\WINDOWS\System32\nvsvc32.exe
F:\Programmer\Fighters\configservice.exe
F:\Programmer\Cyberlink\Shared files\RichVideo.exe
F:\Programmer\Trend Micro\Internet Security\SfCtlCom.exe
F:\WINDOWS\System32\svchost.exe
F:\WINDOWS\system32\SearchIndexer.exe
F:\Programmer\Fighters\licenseservice.exe
F:\Programmer\Fighters\updateservice.exe
F:\Programmer\Fighters\ScannerService.exe
F:\PROGRA~1\AVG\AVG8\avgam.exe
F:\Programmer\Trend Micro\BM\TMBMSRV.exe
F:\PROGRA~1\AVG\AVG8\avgrsx.exe
F:\PROGRA~1\AVG\AVG8\avgnsx.exe
F:\WINDOWS\system32\RUNDLL32.EXE
F:\Programmer\D-Link\AirPlus G\AirGCFG.exe
F:\Programmer\ANI\ANIWZCS2 Service\WZCSLDR2.exe
F:\Programmer\Trend Micro\Internet Security\UfSeAgnt.exe
F:\Programmer\Java\jre1.6.0_07\bin\jusched.exe
F:\Programmer\Adobe\Acrobat 8.0\Acrobat\Acrotray.exe
F:\Programmer\Microsoft Office\Office12\GrooveMonitor.exe
F:\Programmer\iTunes\iTunesHelper.exe
F:\Programmer\Fighters\spywarefighter\SpywarefighterUser.exe
F:\WINDOWS\system32\rundll32.exe
F:\WINDOWS\system32\ctfmon.exe
F:\Programmer\Fælles filer\Nero\Lib\NMBgMonitor.exe
F:\Programmer\Fælles filer\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
F:\Programmer\iPod\bin\iPodService.exe
F:\Programmer\Octoshape Streaming Services\Michael\OctoshapeClient.exe
F:\Programmer\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe
F:\Programmer\Fælles filer\Nero\Lib\NMIndexingService.exe
F:\Programmer\Fælles filer\Nero\Lib\NMIndexStoreSvr.exe
F:\Programmer\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
F:\Programmer\Windows Desktop Search\WindowsSearch.exe
F:\Programmer\Windows Live\Messenger\usnsvc.exe
F:\PROGRA~1\TRENDM~1\INTERN~1\TmPfw.exe
F:\Programmer\Trend Micro\Internet Security\TmProxy.exe
F:\Programmer\Internet Explorer\iexplore.exe
F:\Programmer\Fælles filer\Microsoft Shared\Windows Live\WLLoginProxy.exe
F:\Programmer\Internet Explorer\iexplore.exe
F:\WINDOWS\explorer.exe
F:\Programmer\Malwarebytes' Anti-Malware\mbam.exe
F:\WINDOWS\System32\wiaacmgr.exe
F:\WINDOWS\system32\NOTEPAD.EXE
F:\Documents and Settings\Michael\Skrivebord\hijack\alternativ.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.dk/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Hyperlinks
O1 - Hosts: AmsServer
O2 - BHO: (no name) - {660BC9A1-C4FA-4AE8-9A57-1FEF79068E63} - F:\WINDOWS\system32\byXPGXRj.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - F:\Programmer\Java\jre1.6.0_07\bin\ssv.dll
O2 - BHO: Hjælp til tilmelding til Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - F:\Programmer\Fælles filer\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: (no name) - {9767C1BF-CA05-4E3B-9436-88F0804C06E5} - F:\WINDOWS\system32\xxyyywVN.dll (file missing)
O2 - BHO: AVG Security Toolbar - {A057A204-BACC-4D26-9990-79A187E2698E} - F:\Programmer\AVG\AVG8\avgtoolbar.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - f:\programmer\google\googletoolbar1.dll
O3 - Toolbar: Easy-WebPrint - {327C2873-E90D-4c37-AA9D-10AC9BABA46C} - F:\Programmer\Canon\Easy-WebPrint\Toolband.dll
O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - F:\Programmer\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll
O3 - Toolbar: Contribute Toolbar - {517BDDE4-E3A7-4570-B21E-2B52B6139FC7} - F:\Programmer\Adobe\/Adobe Contribute CS3/contributeieplugin.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - f:\programmer\google\googletoolbar1.dll
O3 - Toolbar: AVG Security Toolbar - {A057A204-BACC-4D26-9990-79A187E2698E} - F:\Programmer\AVG\AVG8\avgtoolbar.dll
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE F:\WINDOWS\System32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE F:\WINDOWS\System32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [D-Link AirPlus G] F:\Programmer\D-Link\AirPlus G\AirGCFG.exe
O4 - HKLM\..\Run: [ANIWZCS2Service] F:\Programmer\ANI\ANIWZCS2 Service\WZCSLDR2.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "F:\Programmer\Java\jre1.6.0_07\bin\jusched.exe"
O4 - HKLM\..\Run: [Easy-PrintToolBox] F:\Programmer\Canon\Easy-PrintToolBox\BJPSMAIN.EXE /logon
O4 - HKLM\..\Run: [Acrobat Assistant 8.0] "F:\Programmer\Adobe\Acrobat 8.0\Acrobat\Acrotray.exe"
O4 - HKLM\..\Run: [Adobe_ID0EYTHM] F:\PROGRA~1\FLLESF~1\Adobe\ADOBEV~1\Server\bin\VERSIO~2.EXE
O4 - HKLM\..\Run: [GrooveMonitor] "F:\Programmer\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [NeroFilterCheck] F:\Programmer\Fælles filer\Nero\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [NBKeyScan] "F:\Programmer\Nero\Nero8\Nero BackItUp\NBKeyScan.exe"
O4 - HKLM\..\Run: [AppleSyncNotifier] F:\Programmer\Fælles filer\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe
O4 - HKLM\..\Run: [QuickTime Task] "F:\Programmer\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "F:\Programmer\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [³] e
O4 - HKLM\..\Run: [ž] exe
O4 - HKLM\..\Run: [spywarefighterguard] F:\Programmer\Fighters\spywarefighter\SpywarefighterUser.exe
O4 - HKLM\..\Run: [AVG8_TRAY] F:\PROGRA~1\AVG\AVG8\avgtray.exe
O4 - HKLM\..\Run: [UfSeAgnt.exe] "F:\Programmer\Trend Micro\Internet Security\UfSeAgnt.exe"
O4 - HKCU\..\Run: [CTFMON.EXE] F:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MsnMsgr] "F:\Programmer\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "F:\Programmer\Fælles filer\Nero\Lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [Octoshape Streaming Services] "F:\Programmer\Octoshape Streaming Services\Michael\OctoshapeClient.exe" -inv:bootrun
O4 - HKCU\..\Run: [swg] F:\Programmer\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [mpt] c:\WINDOWS\system32\mpt.exe
O4 - HKCU\..\Run: [kek] c:\WINDOWS\system32\kek.exe
O4 - HKCU\..\Run: [³] e
O4 - HKCU\..\Run: [ž] exe
O4 - Global Startup: Logitech Desktop Messenger.lnk = F:\Programmer\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O4 - Global Startup: Windows-pc-søgning.lnk = F:\Programmer\Windows Desktop Search\WindowsSearch.exe
O8 - Extra context menu item: Append to existing PDF - res://F:\Programmer\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convert link target to Adobe PDF - res://F:\Programmer\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convert link target to existing PDF - res://F:\Programmer\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convert selected links to Adobe PDF - res://F:\Programmer\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
O8 - Extra context menu item: Convert selected links to existing PDF - res://F:\Programmer\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
O8 - Extra context menu item: Convert selection to Adobe PDF - res://F:\Programmer\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convert selection to existing PDF - res://F:\Programmer\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convert to Adobe PDF - res://F:\Programmer\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: E&xport to Microsoft Excel - res://F:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - F:\Programmer\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - F:\Programmer\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - F:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - F:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - F:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - F:\Programmer\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - F:\Programmer\Messenger\msmsgs.exe
O10 - Unknown file in Winsock LSP: f:\programmer\bonjour\mdnsnsp.dll
O11 - Options group: [INTERNATIONAL] International*
O16 - DPF: {029FDBA6-3547-11D7-AA4C-0050BF051A00} (Rawflow ICD Client) - http://downol.dr.dk/download/netradio/Rawflow.cab
O16 - DPF: {5AE58FCF-6F6A-49B2-B064-02492C66E3F4} (MUCatalogWebControl Class) - http://catalog.update.microsoft.com/v7/site/ClientControl/en/x86/MuCatalogWebControl.cab?1219232637203
O16 - DPF: {5BEB08D4-5421-446C-B329-10377FC45736} (Croom3_50 Object) - http://launcher.room-3.com/room3_40/room3_50.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1203686013030
O16 - DPF: {B7D07999-2ADB-4AEB-997E-F61CB7B2E2CD} (TSEasyInstallX Control) - http://www.trendsecure.com/easy_install/_activex/da/TSEasyInstallX.CAB
O16 - DPF: {D8575CE3-3432-4540-88A9-85A1325D3375} (e-Safekey) - https://netbank.danskebank.dk/html/activex/e-Safekey/DB/e-Safekey.cab
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - F:\Programmer\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - F:\Programmer\Microsoft Office\Office12\GrooveSystemServices.dll
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - F:\Programmer\AVG\AVG8\avgpp.dll
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - F:\PROGRA~1\WINDOW~4\MESSEN~1\MSGRAP~1.DLL
O18 - Protocol: ms-help - {314111C7-A502-11D2-BBCA-00C04F8EC294} - F:\Programmer\Fælles filer\Microsoft Shared\Help\hxds.dll
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - F:\PROGRA~1\WINDOW~4\MESSEN~1\MSGRAP~1.DLL
O18 - Filter hijack: text/xml - {807563E5-5146-11D5-A672-00B0D022E945} - F:\PROGRA~1\FLLESF~1\MICROS~1\OFFICE12\MSOXMLMF.DLL
O20 - AppInit_DLLs: avgrsstx.dll eudonq.dll
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - F:\WINDOWS\system32\WPDShServiceObj.dll
O23 - Service: Adobe Version Cue CS3 - Unknown owner - F:\Programmer\Fælles filer\Adobe\Adobe Version Cue CS3\Server\bin\VersionCueCS3.exe" -win32service (file missing)
O23 - Service: ANIWZCSd Service (ANIWZCSdService) - Unknown owner - F:\Programmer\ANI\ANIWZCS2 Service\ANIWZCSdS.exe (file missing)
O23 - Service: Apple Mobile Device - Apple Inc. - F:\Programmer\Fælles filer\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: AVG8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - F:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
O23 - Service: Bonjour-tjeneste (Bonjour Service) - Apple Inc. - F:\Programmer\Bonjour\mDNSResponder.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - F:\Programmer\Fælles filer\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Google Updater Service (gusvc) - Google - F:\Programmer\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: iPod-tjeneste (iPod Service) - Apple Inc. - F:\Programmer\iPod\bin\iPodService.exe
O23 - Service: Nero BackItUp Scheduler 3 - Nero AG - F:\Programmer\Nero\Nero8\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - F:\Programmer\Fælles filer\Nero\Lib\NMIndexingService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - F:\WINDOWS\System32\nvsvc32.exe
O23 - Service: PTK License-FIGHTERS-34712163 - SPAMfighter - F:\Programmer\Fighters\licenseservice.exe
O23 - Service: PTK Live Update-FIGHTERS-34712163 - SPAMfighter - F:\Programmer\Fighters\updateservice.exe
O23 - Service: PTK Scanner-FIGHTERS-34712163 - SPAMfighter - F:\Programmer\Fighters\ScannerService.exe
O23 - Service: PTK SharedAccess-FIGHTERS-34712163 - SPAMfighter - F:\Programmer\Fighters\configservice.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - F:\Programmer\Cyberlink\Shared files\RichVideo.exe
O23 - Service: Trend Micros centrale kontrolkomponent (SfCtlCom) - Trend Micro Inc. - F:\Programmer\Trend Micro\Internet Security\SfCtlCom.exe
O23 - Service: Trend Micro Unauthorized Change Prevention Service (TMBMServer) - Unknown owner - F:\Programmer\Trend Micro\BM\TMBMSRV.exe" /service (file missing)
O23 - Service: Trend Micro Personal Firewall (TmPfw) - Trend Micro Inc. - F:\PROGRA~1\TRENDM~1\INTERN~1\TmPfw.exe
O23 - Service: Trend Micro Proxy Service (tmproxy) - Trend Micro Inc. - F:\Programmer\Trend Micro\Internet Security\TmProxy.exe
22. august 2008 - 04:27 #9
[Malwarebytes' Anti-Malware] har nappet en hel del; men noget 'snavs' + oprydning tilbage ->

Kør en scanning med Hijackthis,
Du får herunder nogle filer, som du skal fixe. Det, du skal gøre, er at sætte et flueben ud for disse filer. Når du har gjort det, så lukker du alle andre vinduer ned. Det er meget vigtigt at det eneste vindue, som er åbent er HijackThis vinduet. Husk også at lukke dette vindue, når du har markeret filerne. Nu må du fixe. Klik på Fix checked.

Det er disse, som skal fixes:

O2 - BHO: (no name) - {660BC9A1-C4FA-4AE8-9A57-1FEF79068E63} - F:\WINDOWS\system32\byXPGXRj.dll
O2 - BHO: (no name) - {9767C1BF-CA05-4E3B-9436-88F0804C06E5} - F:\WINDOWS\system32\xxyyywVN.dll (file missing)
O2 - BHO: AVG Security Toolbar - {A057A204-BACC-4D26-9990-79A187E2698E} - F:\Programmer\AVG\AVG8\avgtoolbar.dll
O3 - Toolbar: Easy-WebPrint - {327C2873-E90D-4c37-AA9D-10AC9BABA46C} - F:\Programmer\Canon\Easy-WebPrint\Toolband.dll
O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - F:\Programmer\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll
O3 - Toolbar: Contribute Toolbar - {517BDDE4-E3A7-4570-B21E-2B52B6139FC7} - F:\Programmer\Adobe\/Adobe Contribute CS3/contributeieplugin.dll
O3 - Toolbar: AVG Security Toolbar - {A057A204-BACC-4D26-9990-79A187E2698E} - F:\Programmer\AVG\AVG8\avgtoolbar.dll
O4 - HKLM\..\Run: [NeroFilterCheck] F:\Programmer\Fælles filer\Nero\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [NBKeyScan] "F:\Programmer\Nero\Nero8\Nero BackItUp\NBKeyScan.exe"
O4 - HKLM\..\Run: [AppleSyncNotifier] F:\Programmer\Fælles filer\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe
O4 - HKLM\..\Run: [QuickTime Task] "F:\Programmer\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "F:\Programmer\iTunes\iTunesHelper.exe"

O4 - HKLM\..\Run: [³] e
O4 - HKLM\..\Run: [ž] exe

O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "F:\Programmer\Fælles filer\Nero\Lib\NMBgMonitor.exe"

O4 - HKCU\..\Run: [mpt] c:\WINDOWS\system32\mpt.exe
O4 - HKCU\..\Run: [kek] c:\WINDOWS\system32\kek.exe
O4 - HKCU\..\Run: [³] e
O4 - HKCU\..\Run: [ž] exe

O4 - Global Startup: Logitech Desktop Messenger.lnk = F:\Programmer\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - F:\Programmer\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll

O23 - Service: Adobe Version Cue CS3 - Unknown owner - F:\Programmer\Fælles filer\Adobe\Adobe Version Cue CS3\Server\bin\VersionCueCS3.exe" -win32service (file missing)
O23 - Service: ANIWZCSd Service (ANIWZCSdService) - Unknown owner - F:\Programmer\ANI\ANIWZCS2 Service\ANIWZCSdS.exe (file missing)
O23 - Service: iPod-tjeneste (iPod Service) - Apple Inc. - F:\Programmer\iPod\bin\iPodService.exe
O23 - Service: Nero BackItUp Scheduler 3 - Nero AG - F:\Programmer\Nero\Nero8\Nero BackItUp\NBService.exe

Genstart normalt... og en frisk Log fra HiJackThis ...

------------------------------------------------------------------------
Avatar billede ceciliemathias Nybegynder
22. august 2008 - 08:17 #10
Så er odren udført ;0) og her er Hijack log !

Logfile of HijackThis v1.99.1
Scan saved at 08:16:22, on 22-08-2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16705)

Running processes:
F:\WINDOWS\System32\smss.exe
F:\WINDOWS\system32\winlogon.exe
F:\WINDOWS\system32\services.exe
F:\WINDOWS\system32\lsass.exe
F:\WINDOWS\system32\svchost.exe
F:\WINDOWS\System32\svchost.exe
F:\WINDOWS\system32\spoolsv.exe
F:\Programmer\Fælles filer\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
F:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
F:\WINDOWS\Explorer.EXE
F:\Programmer\Bonjour\mDNSResponder.exe
F:\WINDOWS\System32\nvsvc32.exe
F:\Programmer\Fighters\configservice.exe
F:\Programmer\Cyberlink\Shared files\RichVideo.exe
F:\Programmer\Trend Micro\Internet Security\SfCtlCom.exe
F:\WINDOWS\System32\svchost.exe
F:\WINDOWS\system32\SearchIndexer.exe
F:\Programmer\Trend Micro\BM\TMBMSRV.exe
F:\Programmer\Trend Micro\Internet Security\UfSeAgnt.exe
F:\Programmer\Fighters\licenseservice.exe
F:\Programmer\Fighters\updateservice.exe
F:\Programmer\Fighters\ScannerService.exe
F:\WINDOWS\system32\wscntfy.exe
F:\PROGRA~1\AVG\AVG8\avgam.exe
F:\PROGRA~1\AVG\AVG8\avgrsx.exe
F:\PROGRA~1\AVG\AVG8\avgnsx.exe
F:\WINDOWS\system32\RUNDLL32.EXE
F:\Programmer\D-Link\AirPlus G\AirGCFG.exe
F:\Programmer\ANI\ANIWZCS2 Service\WZCSLDR2.exe
F:\Programmer\Java\jre1.6.0_07\bin\jusched.exe
F:\Programmer\Adobe\Acrobat 8.0\Acrobat\Acrotray.exe
F:\Programmer\Microsoft Office\Office12\GrooveMonitor.exe
F:\Programmer\Fighters\spywarefighter\SpywarefighterUser.exe
F:\PROGRA~1\AVG\AVG8\avgtray.exe
F:\WINDOWS\system32\ctfmon.exe
F:\Programmer\Windows Live\Messenger\MsnMsgr.Exe
F:\Programmer\Octoshape Streaming Services\Michael\OctoshapeClient.exe
F:\Programmer\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe
F:\Programmer\Windows Desktop Search\WindowsSearch.exe
F:\Programmer\Fælles filer\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
f:\programmer\fighters\spywarefighter\SPYWAREfighterTray.exe
F:\PROGRA~1\TRENDM~1\INTERN~1\TmPfw.exe
F:\Programmer\Windows Live\Messenger\usnsvc.exe
F:\Programmer\Trend Micro\Internet Security\TmProxy.exe
F:\Programmer\Outlook Express\msimn.exe
F:\Programmer\Internet Explorer\IEXPLORE.EXE
F:\Programmer\Fælles filer\Microsoft Shared\Windows Live\WLLoginProxy.exe
F:\WINDOWS\system32\SearchProtocolHost.exe
F:\WINDOWS\system32\SearchProtocolHost.exe
F:\Documents and Settings\Michael\Skrivebord\hijack\alternativ.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.dk/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Hyperlinks
O1 - Hosts: AmsServer
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - F:\Programmer\Java\jre1.6.0_07\bin\ssv.dll
O2 - BHO: Hjælp til tilmelding til Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - F:\Programmer\Fælles filer\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - f:\programmer\google\googletoolbar1.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - f:\programmer\google\googletoolbar1.dll
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE F:\WINDOWS\System32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE F:\WINDOWS\System32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [D-Link AirPlus G] F:\Programmer\D-Link\AirPlus G\AirGCFG.exe
O4 - HKLM\..\Run: [ANIWZCS2Service] F:\Programmer\ANI\ANIWZCS2 Service\WZCSLDR2.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "F:\Programmer\Java\jre1.6.0_07\bin\jusched.exe"
O4 - HKLM\..\Run: [Easy-PrintToolBox] F:\Programmer\Canon\Easy-PrintToolBox\BJPSMAIN.EXE /logon
O4 - HKLM\..\Run: [Acrobat Assistant 8.0] "F:\Programmer\Adobe\Acrobat 8.0\Acrobat\Acrotray.exe"
O4 - HKLM\..\Run: [Adobe_ID0EYTHM] F:\PROGRA~1\FLLESF~1\Adobe\ADOBEV~1\Server\bin\VERSIO~2.EXE
O4 - HKLM\..\Run: [GrooveMonitor] "F:\Programmer\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [spywarefighterguard] F:\Programmer\Fighters\spywarefighter\SpywarefighterUser.exe
O4 - HKLM\..\Run: [AVG8_TRAY] F:\PROGRA~1\AVG\AVG8\avgtray.exe
O4 - HKLM\..\Run: [UfSeAgnt.exe] "F:\Programmer\Trend Micro\Internet Security\UfSeAgnt.exe"
O4 - HKCU\..\Run: [CTFMON.EXE] F:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MsnMsgr] "F:\Programmer\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [Octoshape Streaming Services] "F:\Programmer\Octoshape Streaming Services\Michael\OctoshapeClient.exe" -inv:bootrun
O4 - HKCU\..\Run: [swg] F:\Programmer\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe
O4 - Global Startup: Windows-pc-søgning.lnk = F:\Programmer\Windows Desktop Search\WindowsSearch.exe
O8 - Extra context menu item: Append to existing PDF - res://F:\Programmer\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convert link target to Adobe PDF - res://F:\Programmer\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convert link target to existing PDF - res://F:\Programmer\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convert selected links to Adobe PDF - res://F:\Programmer\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
O8 - Extra context menu item: Convert selected links to existing PDF - res://F:\Programmer\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
O8 - Extra context menu item: Convert selection to Adobe PDF - res://F:\Programmer\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convert selection to existing PDF - res://F:\Programmer\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convert to Adobe PDF - res://F:\Programmer\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: E&xport to Microsoft Excel - res://F:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - F:\Programmer\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - F:\Programmer\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - F:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - F:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - F:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - F:\Programmer\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - F:\Programmer\Messenger\msmsgs.exe
O10 - Unknown file in Winsock LSP: f:\programmer\bonjour\mdnsnsp.dll
O11 - Options group: [INTERNATIONAL] International*
O16 - DPF: {029FDBA6-3547-11D7-AA4C-0050BF051A00} (Rawflow ICD Client) - http://downol.dr.dk/download/netradio/Rawflow.cab
O16 - DPF: {5AE58FCF-6F6A-49B2-B064-02492C66E3F4} (MUCatalogWebControl Class) - http://catalog.update.microsoft.com/v7/site/ClientControl/en/x86/MuCatalogWebControl.cab?1219232637203
O16 - DPF: {5BEB08D4-5421-446C-B329-10377FC45736} (Croom3_50 Object) - http://launcher.room-3.com/room3_40/room3_50.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1203686013030
O16 - DPF: {B7D07999-2ADB-4AEB-997E-F61CB7B2E2CD} (TSEasyInstallX Control) - http://www.trendsecure.com/easy_install/_activex/da/TSEasyInstallX.CAB
O16 - DPF: {D8575CE3-3432-4540-88A9-85A1325D3375} (e-Safekey) - https://netbank.danskebank.dk/html/activex/e-Safekey/DB/e-Safekey.cab
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - F:\Programmer\Microsoft Office\Office12\GrooveSystemServices.dll
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - F:\Programmer\AVG\AVG8\avgpp.dll
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - F:\PROGRA~1\WINDOW~4\MESSEN~1\MSGRAP~1.DLL
O18 - Protocol: ms-help - {314111C7-A502-11D2-BBCA-00C04F8EC294} - F:\Programmer\Fælles filer\Microsoft Shared\Help\hxds.dll
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - F:\PROGRA~1\WINDOW~4\MESSEN~1\MSGRAP~1.DLL
O18 - Filter hijack: text/xml - {807563E5-5146-11D5-A672-00B0D022E945} - F:\PROGRA~1\FLLESF~1\MICROS~1\OFFICE12\MSOXMLMF.DLL
O20 - AppInit_DLLs: avgrsstx.dll eudonq.dll
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - F:\WINDOWS\system32\WPDShServiceObj.dll
O23 - Service: ANIWZCSd Service (ANIWZCSdService) - Unknown owner - F:\Programmer\ANI\ANIWZCS2 Service\ANIWZCSdS.exe (file missing)
O23 - Service: Apple Mobile Device - Apple Inc. - F:\Programmer\Fælles filer\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: AVG8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - F:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
O23 - Service: Bonjour-tjeneste (Bonjour Service) - Apple Inc. - F:\Programmer\Bonjour\mDNSResponder.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - F:\Programmer\Fælles filer\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Google Updater Service (gusvc) - Google - F:\Programmer\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: iPod-tjeneste (iPod Service) - Apple Inc. - F:\Programmer\iPod\bin\iPodService.exe
O23 - Service: NMIndexingService - Nero AG - F:\Programmer\Fælles filer\Nero\Lib\NMIndexingService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - F:\WINDOWS\System32\nvsvc32.exe
O23 - Service: PTK License-FIGHTERS-34712163 - SPAMfighter - F:\Programmer\Fighters\licenseservice.exe
O23 - Service: PTK Live Update-FIGHTERS-34712163 - SPAMfighter - F:\Programmer\Fighters\updateservice.exe
O23 - Service: PTK Scanner-FIGHTERS-34712163 - SPAMfighter - F:\Programmer\Fighters\ScannerService.exe
O23 - Service: PTK SharedAccess-FIGHTERS-34712163 - SPAMfighter - F:\Programmer\Fighters\configservice.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - F:\Programmer\Cyberlink\Shared files\RichVideo.exe
O23 - Service: Trend Micros centrale kontrolkomponent (SfCtlCom) - Trend Micro Inc. - F:\Programmer\Trend Micro\Internet Security\SfCtlCom.exe
O23 - Service: Trend Micro Unauthorized Change Prevention Service (TMBMServer) - Unknown owner - F:\Programmer\Trend Micro\BM\TMBMSRV.exe" /service (file missing)
O23 - Service: Trend Micro Personal Firewall (TmPfw) - Trend Micro Inc. - F:\PROGRA~1\TRENDM~1\INTERN~1\TmPfw.exe
O23 - Service: Trend Micro Proxy Service (tmproxy) - Trend Micro Inc. - F:\Programmer\Trend Micro\Internet Security\TmProxy.exe
Avatar billede ceciliemathias Nybegynder
22. august 2008 - 08:23 #11
Hej igen : Vil lige sige mine baggrunde kan jeg igen vælge på skrivebordet yuppieee , men kan stadig ikke opdatere Windows ævvv ;0)
22. august 2008 - 11:15 #12
Hent Dial-a-fix på dette link, og gem det på skrivebordet.
http://djlizard.net/Dial-a-fix-2006-09-19.exe


1. Dobbeltklik det blå tandhjul.
2. Klik på knappen "Flush Softwaredistribution"
3. Sæt flueben i "Fix Windows update"
4. Klik på knappen GO i nederste venstre hjørne.
5. Lad den køre færdig.
6. Genstart maskinen.

Forklaring på fixet her:  http://wiki.djlizard.net/Dial-a-fix

---------

Der er stadig lige spøjse 'rester' ->
Ta' lige en tur mere med HiJackThis; brug denne version af HJT -> http://www.trendsecure.com/portal/en-US/_download/HiJackThis.exe

---------
Avatar billede ceciliemathias Nybegynder
22. august 2008 - 11:56 #13
Du er min helt ;0)...Nu virker update også :

Her lige Hijack fra trendsecure....og tusind tak foreløbig ;0)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 11:55:56, on 22-08-2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16705)
Boot mode: Normal

Running processes:
F:\WINDOWS\System32\smss.exe
F:\WINDOWS\system32\winlogon.exe
F:\WINDOWS\system32\services.exe
F:\WINDOWS\system32\lsass.exe
F:\WINDOWS\system32\svchost.exe
F:\WINDOWS\System32\svchost.exe
F:\WINDOWS\system32\spoolsv.exe
F:\Programmer\Fælles filer\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
F:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
F:\WINDOWS\Explorer.EXE
F:\Programmer\Bonjour\mDNSResponder.exe
F:\WINDOWS\System32\nvsvc32.exe
F:\Programmer\Fighters\configservice.exe
F:\Programmer\Cyberlink\Shared files\RichVideo.exe
F:\Programmer\Trend Micro\Internet Security\SfCtlCom.exe
F:\WINDOWS\System32\svchost.exe
F:\WINDOWS\system32\SearchIndexer.exe
F:\Programmer\Fighters\licenseservice.exe
F:\Programmer\Trend Micro\Internet Security\UfSeAgnt.exe
F:\Programmer\Fighters\updateservice.exe
F:\Programmer\Fighters\ScannerService.exe
F:\Programmer\Trend Micro\BM\TMBMSRV.exe
F:\PROGRA~1\AVG\AVG8\avgam.exe
F:\PROGRA~1\AVG\AVG8\avgrsx.exe
F:\WINDOWS\system32\RUNDLL32.EXE
F:\PROGRA~1\AVG\AVG8\avgnsx.exe
F:\Programmer\D-Link\AirPlus G\AirGCFG.exe
F:\Programmer\ANI\ANIWZCS2 Service\WZCSLDR2.exe
F:\Programmer\Java\jre1.6.0_07\bin\jusched.exe
F:\Programmer\Adobe\Acrobat 8.0\Acrobat\Acrotray.exe
F:\Programmer\Microsoft Office\Office12\GrooveMonitor.exe
F:\Programmer\Fighters\spywarefighter\SpywarefighterUser.exe
F:\PROGRA~1\AVG\AVG8\avgtray.exe
F:\WINDOWS\system32\ctfmon.exe
F:\Programmer\Octoshape Streaming Services\Michael\OctoshapeClient.exe
F:\Programmer\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe
F:\Programmer\Windows Desktop Search\WindowsSearch.exe
F:\WINDOWS\system32\wuauclt.exe
F:\Programmer\Fælles filer\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
f:\programmer\fighters\spywarefighter\SPYWAREfighterTray.exe
F:\PROGRA~1\TRENDM~1\INTERN~1\TmPfw.exe
F:\Programmer\Windows Live\Messenger\usnsvc.exe
F:\Programmer\Trend Micro\Internet Security\TmProxy.exe
F:\WINDOWS\system32\SearchProtocolHost.exe
F:\Programmer\Internet Explorer\iexplore.exe
F:\Programmer\Fælles filer\Microsoft Shared\Windows Live\WLLoginProxy.exe
F:\Programmer\Outlook Express\msimn.exe
F:\WINDOWS\SoftwareDistribution\Download\9cf4041a6e07dcb76f7adee5b8ec6201\update\update.exe
F:\WINDOWS\system32\wuauclt.exe
F:\Documents and Settings\Michael\Lokale indstillinger\Temporary Internet Files\Content.IE5\TFW4EYON\HiJackThis[1].exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.dk/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Hyperlinks
O1 - Hosts: AmsServer
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - F:\Programmer\Java\jre1.6.0_07\bin\ssv.dll
O2 - BHO: Hjælp til tilmelding til Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - F:\Programmer\Fælles filer\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - f:\programmer\google\googletoolbar1.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - f:\programmer\google\googletoolbar1.dll
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE F:\WINDOWS\System32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE F:\WINDOWS\System32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [D-Link AirPlus G] F:\Programmer\D-Link\AirPlus G\AirGCFG.exe
O4 - HKLM\..\Run: [ANIWZCS2Service] F:\Programmer\ANI\ANIWZCS2 Service\WZCSLDR2.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "F:\Programmer\Java\jre1.6.0_07\bin\jusched.exe"
O4 - HKLM\..\Run: [Easy-PrintToolBox] F:\Programmer\Canon\Easy-PrintToolBox\BJPSMAIN.EXE /logon
O4 - HKLM\..\Run: [Acrobat Assistant 8.0] "F:\Programmer\Adobe\Acrobat 8.0\Acrobat\Acrotray.exe"
O4 - HKLM\..\Run: [Adobe_ID0EYTHM] F:\PROGRA~1\FLLESF~1\Adobe\ADOBEV~1\Server\bin\VERSIO~2.EXE
O4 - HKLM\..\Run: [GrooveMonitor] "F:\Programmer\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [spywarefighterguard] F:\Programmer\Fighters\spywarefighter\SpywarefighterUser.exe
O4 - HKLM\..\Run: [AVG8_TRAY] F:\PROGRA~1\AVG\AVG8\avgtray.exe
O4 - HKLM\..\Run: [UfSeAgnt.exe] "F:\Programmer\Trend Micro\Internet Security\UfSeAgnt.exe"
O4 - HKCU\..\Run: [CTFMON.EXE] F:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MsnMsgr] "F:\Programmer\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [Octoshape Streaming Services] "F:\Programmer\Octoshape Streaming Services\Michael\OctoshapeClient.exe" -inv:bootrun
O4 - HKCU\..\Run: [swg] F:\Programmer\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] F:\WINDOWS\System32\CTFMON.EXE (User 'LOKAL TJENESTE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] F:\WINDOWS\System32\CTFMON.EXE (User 'NETVÆRKSTJENESTE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] F:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] F:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: Windows-pc-søgning.lnk = F:\Programmer\Windows Desktop Search\WindowsSearch.exe
O8 - Extra context menu item: Append to existing PDF - res://F:\Programmer\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convert link target to Adobe PDF - res://F:\Programmer\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convert link target to existing PDF - res://F:\Programmer\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convert selected links to Adobe PDF - res://F:\Programmer\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
O8 - Extra context menu item: Convert selected links to existing PDF - res://F:\Programmer\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
O8 - Extra context menu item: Convert selection to Adobe PDF - res://F:\Programmer\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convert selection to existing PDF - res://F:\Programmer\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convert to Adobe PDF - res://F:\Programmer\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: E&xport to Microsoft Excel - res://F:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - F:\Programmer\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - F:\Programmer\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - F:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - F:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - F:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - F:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - F:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - F:\Programmer\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - F:\Programmer\Messenger\msmsgs.exe
O16 - DPF: {029FDBA6-3547-11D7-AA4C-0050BF051A00} (Rawflow ICD Client) - http://downol.dr.dk/download/netradio/Rawflow.cab
O16 - DPF: {5AE58FCF-6F6A-49B2-B064-02492C66E3F4} (MUCatalogWebControl Class) - http://catalog.update.microsoft.com/v7/site/ClientControl/en/x86/MuCatalogWebControl.cab?1219232637203
O16 - DPF: {5BEB08D4-5421-446C-B329-10377FC45736} (Croom3_50 Object) - http://launcher.room-3.com/room3_40/room3_50.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1203686013030
O16 - DPF: {B7D07999-2ADB-4AEB-997E-F61CB7B2E2CD} (TSEasyInstallX Control) - http://www.trendsecure.com/easy_install/_activex/da/TSEasyInstallX.CAB
O16 - DPF: {D8575CE3-3432-4540-88A9-85A1325D3375} (e-Safekey) - https://netbank.danskebank.dk/html/activex/e-Safekey/DB/e-Safekey.cab
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - F:\Programmer\Microsoft Office\Office12\GrooveSystemServices.dll
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - F:\Programmer\AVG\AVG8\avgpp.dll
O20 - AppInit_DLLs: avgrsstx.dll eudonq.dll
O23 - Service: ANIWZCSd Service (ANIWZCSdService) - Unknown owner - F:\Programmer\ANI\ANIWZCS2 Service\ANIWZCSdS.exe (file missing)
O23 - Service: Apple Mobile Device - Apple Inc. - F:\Programmer\Fælles filer\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: AVG8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - F:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
O23 - Service: Bonjour-tjeneste (Bonjour Service) - Apple Inc. - F:\Programmer\Bonjour\mDNSResponder.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - F:\Programmer\Fælles filer\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Google Updater Service (gusvc) - Google - F:\Programmer\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: iPod-tjeneste (iPod Service) - Apple Inc. - F:\Programmer\iPod\bin\iPodService.exe
O23 - Service: NMIndexingService - Nero AG - F:\Programmer\Fælles filer\Nero\Lib\NMIndexingService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - F:\WINDOWS\System32\nvsvc32.exe
O23 - Service: PTK License-FIGHTERS-34712163 - SPAMfighter - F:\Programmer\Fighters\licenseservice.exe
O23 - Service: PTK Live Update-FIGHTERS-34712163 - SPAMfighter - F:\Programmer\Fighters\updateservice.exe
O23 - Service: PTK Scanner-FIGHTERS-34712163 - SPAMfighter - F:\Programmer\Fighters\ScannerService.exe
O23 - Service: PTK SharedAccess-FIGHTERS-34712163 - SPAMfighter - F:\Programmer\Fighters\configservice.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - F:\Programmer\Cyberlink\Shared files\RichVideo.exe
O23 - Service: Trend Micros centrale kontrolkomponent (SfCtlCom) - Trend Micro Inc. - F:\Programmer\Trend Micro\Internet Security\SfCtlCom.exe
O23 - Service: Trend Micro Unauthorized Change Prevention Service (TMBMServer) - Trend Micro Inc. - F:\Programmer\Trend Micro\BM\TMBMSRV.exe
O23 - Service: Trend Micro Personal Firewall (TmPfw) - Trend Micro Inc. - F:\PROGRA~1\TRENDM~1\INTERN~1\TmPfw.exe
O23 - Service: Trend Micro Proxy Service (tmproxy) - Trend Micro Inc. - F:\Programmer\Trend Micro\Internet Security\TmProxy.exe

--
End of file - 11688 bytes
23. august 2008 - 00:32 #14
Der er ikke mere 'snavs' ifølge din Log...

Du er velkommen en anden gang...

Du bør rense temp med denne fil, det tager kun få sek.
http://www.spywareinfo.dk/download/cleantempxp2k.bat

Efter sådan en tur er det altid en god ide og rydde op i systemgendannelsesfilerne.
Deaktiver systemgendannelse -> http://www.spywareinfo.dk/#/tip-og-tricks/deaktiver_systemgendannelse.htm
Genstart din computer - aktiver systemgendannelse. Dette gøres samme sted, hvor du deaktiverede, denne gang skal du blot aktivere.
Det vil også være en god idé manuelt at oprette et nyt punkt, som du kan navngive, og vende tilbage til, hvis du skulle få problemer af nogen art.

Et par artikler om sikker surfing finder du her:
http://www.spywarefri.dk/forum/topic.asp?TOPIC_ID=14414

Safe Surfing...

--------------

Registreringsdatabase oprydning kan anbefales ->
RegCleaner http://www.ccleaner.com/ + http://www.spywarefri.dk/manualer/ccleaner-manual.htm (Specielt punktet [Register]...)
Under installationen får du tilbudt [Yahoo Toolbar]. Du kan sige ja eller NEJ til den.

--------------

Husk M$ ServicePack3 til XP -> http://www.microsoft.com/downloads/details.aspx?FamilyID=5b33b5a8-5e76-401f-be08-1e1555d4f3d4&displaylang=da
Avatar billede ceciliemathias Nybegynder
23. august 2008 - 11:57 #15
Jeg bukker og nejer , tusind tak for din kompetente indsats !
Avatar billede Ny bruger Nybegynder

Din løsning...

Tilladte BB-code-tags: [b]fed[/b] [i]kursiv[/i] [u]understreget[/u] Web- og emailadresser omdannes automatisk til links. Der sættes "nofollow" på alle links.

Loading billede Opret Preview
Kategori
IT-kurser om Microsoft 365, sikkerhed, personlig vækst, udvikling, digital markedsføring, grafisk design, SAP og forretningsanalyse.

Log ind eller opret profil

Hov!

For at kunne deltage på Computerworld Eksperten skal du være logget ind.

Det er heldigvis nemt at oprette en bruger: Det tager to minutter og du kan vælge at bruge enten e-mail, Facebook eller Google som login.

Du kan også logge ind via nedenstående tjenester



Seneste spørgsmål Seneste aktivitet
I dag 06:10 Excel åbner fil i kæmpe format Af Aske i Excel
I går 22:00 Datafordeler Af Lsk i PHP
I går 12:37 Summere beløb pr. dato Af TTA i Excel
31/1022:44 Tilslutte chassic fans Af viking69 i PC
31/1020:28 LED lysstofrør Af ErikHg i Fri debat